Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Bundestrojaner heute eingefangen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.12.2011, 21:51   #1
shinobi78
 
Bundestrojaner heute eingefangen - Standard

Bundestrojaner heute eingefangen



hallo

mein erster post und gleich sowas....habe mir durch nen link diesen virus/trojaner eingefangen, nun meine frage bekomme ich ihn entfernt ohne mein system neu aufzusetzen (wäre echtblöde)?

habe mal HijackThis drüberlaufen lassen, da wa nichts verdächtiges, nun würde ich gerne otl.exe nutzen, weiss aber nicht welche einstellungen da richtig sind.

hier mal ein scan mit otl.exe (safelist)

color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011.12.07 22:46:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Pierre\Desktop\OTL.exe
PRC - [2011.11.27 08:51:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Pierre\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.10.05 22:25:36 | 000,653,128 | ---- | M] (Stardock Corporation) -- C:\Programme\Stardock\CursorFX\CursorFx.exe
PRC - [2011.09.18 16:54:38 | 000,100,864 | ---- | M] () -- C:\Programme\Rainmeter\Rainmeter.exe
PRC - [2011.09.02 14:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011.08.15 14:49:50 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011.08.15 14:49:45 | 001,896,192 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\Ad-Aware.exe
PRC - [2011.08.03 12:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.08.03 12:50:00 | 000,812,648 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.07.12 19:51:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\ViakaraokeSrv.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.13 15:51:34 | 000,092,024 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Mail\wlmail.exe
PRC - [2011.05.13 13:49:42 | 000,025,456 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Contacts\wlcomm.exe
PRC - [2011.05.10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.05.10 14:10:56 | 000,121,000 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\afwServ.exe
PRC - [2011.03.28 19:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.03.17 09:15:46 | 000,382,272 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011.02.25 06:30:54 | 002,133,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 22:29:49 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
PRC - [2010.11.20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.01.21 00:52:14 | 000,167,528 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010.01.21 00:52:12 | 000,370,792 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009.07.14 02:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SystemPropertiesAdvanced.exe
PRC - [2009.07.13 00:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) -- C:\Windows\UnsignedThemesSvc.exe
PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Programme\RocketDock\RocketDock.exe


========== Modules (No Company Name) ==========

MOD - [2011.11.27 08:51:05 | 001,989,592 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.10.22 06:50:59 | 008,522,400 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.09.18 16:55:10 | 000,143,360 | ---- | M] () -- C:\Programme\Rainmeter\Plugins\WebParser.dll
MOD - [2011.09.18 16:54:56 | 000,025,600 | ---- | M] () -- C:\Programme\Rainmeter\Plugins\SysInfo.dll
MOD - [2011.09.18 16:54:50 | 000,020,992 | ---- | M] () -- C:\Programme\Rainmeter\Plugins\PowerPlugin.dll
MOD - [2011.09.18 16:54:46 | 000,018,944 | ---- | M] () -- C:\Programme\Rainmeter\Plugins\PerfMon.dll
MOD - [2011.09.18 16:54:38 | 000,100,864 | ---- | M] () -- C:\Programme\Rainmeter\Rainmeter.exe
MOD - [2011.09.18 16:54:36 | 000,625,152 | ---- | M] () -- C:\Programme\Rainmeter\Rainmeter.dll
MOD - [2011.08.28 22:19:12 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2011.08.19 19:29:02 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2011.08.19 19:28:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2011.08.19 19:28:33 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a81a3835a5415f299c3b790ecbed8d18\System.Xml.ni.dll
MOD - [2011.08.19 19:28:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2011.08.19 19:28:15 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2011.08.19 19:28:11 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2011.08.19 19:28:11 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9859a6e0562f64eacfb8ad76f260a2d6\Accessibility.ni.dll
MOD - [2011.06.28 12:19:48 | 000,794,640 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\PrivacyClean.dll
MOD - [2011.03.16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.09 01:56:38 | 000,296,448 | ---- | M] () -- C:\Programme\Notepad++\NppShell_04.dll
MOD - [2010.07.04 22:32:38 | 000,010,752 | R--- | M] () -- C:\Programme\Unlocker\UnlockerCOM.dll
MOD - [2010.03.15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.02.01 19:46:20 | 000,059,904 | ---- | M] () -- C:\Programme\Stardock\CursorFX\zlib1.dll
MOD - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Programme\RocketDock\RocketDock.exe
MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Programme\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.11.18 02:01:38 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.09.02 14:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.08.03 12:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.07.12 19:51:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\System32\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2011.06.13 17:07:00 | 004,121,080 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011.06.12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.05.10 14:10:56 | 000,121,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2010.10.02 18:39:06 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.21 00:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010.01.21 00:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.13 00:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2006.12.14 16:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)


========== Driver Services (SafeList) ==========

DRV - [2011.12.07 22:17:46 | 000,083,064 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SMR210.SYS -- (SMR210)
DRV - [2011.12.04 11:30:25 | 000,233,024 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.09.24 20:19:36 | 000,012,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2011.08.03 12:50:00 | 010,304,104 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.07.12 19:51:38 | 001,810,032 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2011.05.10 14:04:46 | 000,102,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:03:31 | 000,192,984 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.05.10 13:40:58 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2011.05.10 10:41:28 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.04.29 11:11:58 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010.11.20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010.04.09 01:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2010.01.29 10:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Programme\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.13 00:07:46 | 000,025,448 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\uxpatch.sys -- (uxpatch)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=102875&gct=hp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=102875&gct=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 69 61 41 21 BA 3C CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Avanquest App'-Anwendungsleiste Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2529008&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pierre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.08.08 20:14:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.03 12:50:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.27 08:51:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.11 10:47:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.08.08 20:14:42 | 000,000,000 | ---D | M]

[2011.07.07 16:28:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pierre\AppData\Roaming\mozilla\Extensions
[2011.12.03 17:33:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pierre\AppData\Roaming\mozilla\Firefox\Profiles\jt5lg4pt.default\extensions
[2011.09.28 09:17:04 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Pierre\AppData\Roaming\mozilla\Firefox\Profiles\jt5lg4pt.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2011.10.27 15:33:17 | 000,000,000 | ---D | M] (Portalarium Player) -- C:\Users\Pierre\AppData\Roaming\mozilla\Firefox\Profiles\jt5lg4pt.default\extensions\player@portalarium.com
[2011.11.17 19:25:44 | 000,002,333 | ---- | M] () -- C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\jt5lg4pt.default\searchplugins\askcom.xml
[2011.08.31 12:17:20 | 000,000,965 | ---- | M] () -- C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\jt5lg4pt.default\searchplugins\conduit.xml
[2011.10.17 19:45:01 | 000,003,915 | ---- | M] () -- C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\jt5lg4pt.default\searchplugins\sweetim.xml
[2011.11.27 08:51:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\PIERRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JT5LG4PT.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\PIERRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JT5LG4PT.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\PIERRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JT5LG4PT.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\USERS\PIERRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JT5LG4PT.DEFAULT\EXTENSIONS\AUTOFILLFORMS@BLUEIMP.NET.XPI
() (No name found) -- C:\USERS\PIERRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JT5LG4PT.DEFAULT\EXTENSIONS\FASTERFOX_LITE@BIGREDBRENT.XPI
() (No name found) -- C:\USERS\PIERRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JT5LG4PT.DEFAULT\EXTENSIONS\SUPPORT@REAL-HIDE-IP.COM.XPI
[2011.11.27 08:51:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.10.04 10:34:56 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.04 10:34:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.04 10:34:56 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.04 10:34:56 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.04 10:34:56 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.04 10:34:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2011.07.21 11:01:11 | 000,000,863 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts:
O1 - Hosts: 127.0.0.1 activation.nero.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Pierre\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCABattery = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7998675E-3AD6-43C2-BA7A-820517873468}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Programme\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O27 - HKLM IFEO\notepad.exe: Debugger - "C:\Program Files\Notepad2\Notepad2.exe" /z File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.12.07 22:45:48 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Pierre\Desktop\OTL.exe
[2011.12.07 22:45:41 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{981FDA26-57EC-401D-90F9-F81282ED4542}
[2011.12.07 22:45:26 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{13F7E774-6FAA-4F9B-9873-83092CB18198}
[2011.12.07 22:17:46 | 000,083,064 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR210.SYS
[2011.12.07 22:17:19 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\Temp
[2011.12.07 21:25:32 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\NPE
[2011.12.07 21:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011.12.07 21:25:31 | 002,562,040 | ---- | C] (Symantec Corporation) -- C:\Users\Pierre\Desktop\NPE.exe
[2011.12.07 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{CD83F8FA-5BBE-4320-B5F0-0740D54702D9}
[2011.12.07 13:47:21 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{92ABC9D5-DE39-4280-A71A-2046E0CEB8E8}
[2011.12.07 10:01:27 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{FF6776CA-6DF2-4E5E-800B-834533929068}
[2011.12.07 10:01:14 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{7F45FC50-475B-40D3-B86A-48B6F89FA62F}
[2011.12.06 13:23:48 | 001,114,624 | ---- | C] (The Windows Club) -- C:\Windows\memorb.exe
[2011.12.06 13:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ultimate Windows Customizer
[2011.12.06 11:32:52 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{EBBE2D8A-E98C-4FD7-9152-10E753842B0C}
[2011.12.06 11:32:41 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{B909038C-837D-4EC8-B166-5D4EE0113EDF}
[2011.12.06 08:58:02 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\InstallShield
[2011.12.05 20:00:35 | 000,000,000 | ---D | C] -- C:\Users\Pierre\Documents\Wii Tools
[2011.12.05 12:41:54 | 000,000,000 | ---D | C] -- C:\Users\Pierre\Documents\Eigene Scans
[2011.12.05 09:49:36 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{36997A1E-FF57-4BC2-8803-9AC2E8D450F9}
[2011.12.05 09:49:24 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{E97DF2E8-09F1-425D-90E3-537190380E74}
[2011.12.04 19:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2011.12.04 19:46:51 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\Stardock
[2011.12.04 19:44:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CEC42AA7-80BC-42B4-B5F3-8E754D04A118}
[2011.12.04 19:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
[2011.12.04 12:08:47 | 000,000,000 | ---D | C] -- C:\Program Files\XdN Software
[2011.12.04 11:54:50 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\SeriousBit
[2011.12.04 11:53:20 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\DeviceDoctorSoftware
[2011.12.04 11:30:25 | 000,233,024 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.12.04 11:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Pro
[2011.12.04 09:59:27 | 000,000,000 | ---D | C] -- C:\Users\Pierre\Documents\Ubisoft
[2011.12.03 23:12:03 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{833ABF23-9437-478B-8DAE-CE9E8EF63A13}
[2011.12.03 23:11:48 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{FC49BBB7-9FE6-47CC-8510-1211107CF50E}
[2011.12.03 17:33:37 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\RealHideIP
[2011.12.03 17:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\RealHideIP
[2011.12.03 17:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\RealHideIP
[2011.12.03 13:06:46 | 000,000,000 | ---D | C] -- C:\Users\Pierre\Documents\Rainmeter
[2011.12.03 13:06:46 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\Rainmeter
[2011.12.03 13:05:48 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2011.12.03 12:52:13 | 000,307,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011.12.03 12:51:56 | 000,102,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011.12.03 12:51:10 | 000,192,984 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011.12.03 12:51:10 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011.12.03 12:51:09 | 000,049,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011.12.03 12:51:08 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011.12.03 12:51:07 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011.12.03 12:50:38 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.12.03 12:50:38 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011.12.03 12:50:36 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011.12.03 09:40:06 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{6C328E26-9752-489B-A4FD-001A9637A1B7}
[2011.12.03 09:39:54 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{79564287-CCC2-422A-893F-721F856B86A1}
[2011.12.02 20:52:19 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{A3BB2DE8-47B1-4EA4-A712-780AF4FB371A}
[2011.12.02 20:52:08 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{247CE92F-236D-4A65-8C65-5459F48185B9}
[2011.12.02 09:09:37 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\assembly
[2011.12.02 08:42:54 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{CC25934D-F726-4414-91D9-D1B7BB29C626}
[2011.12.02 08:42:44 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{6D1C2DFC-183E-4D27-9034-A254026188BB}
[2011.12.01 12:49:15 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011.12.01 12:33:52 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{528C1683-74F5-4122-85D8-46DC7E338785}
[2011.12.01 12:33:41 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{531CBD52-B432-40E4-B616-F39A3088B09A}
[2011.11.30 09:38:07 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{B88703A7-72DA-4D60-96DA-2F8972AC1C5E}
[2011.11.30 09:37:56 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{316A48CE-F188-4069-B0DC-C8EDE797D86E}
[2011.11.29 13:24:51 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{FA2B700D-EA64-4101-B255-6AD089A9062E}
[2011.11.29 13:24:40 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{37CF05FB-E6CA-484C-BBB9-0B5CF6B63D64}
[2011.11.28 20:15:55 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011.11.28 18:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\Theme Resource Changer
[2011.11.28 18:09:13 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\replacer
[2011.11.28 13:14:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2011.11.28 13:05:38 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\DAEMON Tools Pro
[2011.11.28 13:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2011.11.28 12:56:20 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\Downloaded Installations
[2011.11.28 08:47:57 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{7342FB70-1902-4C06-B70B-3AC925FF9E9F}
[2011.11.28 08:47:38 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{64B7C634-38E8-456F-B2DD-2741AD7814C9}
[2011.11.27 08:55:30 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{F78A58E5-6989-43F5-B7DF-F2989663AEDE}
[2011.11.27 08:55:19 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{08C40A49-1CDA-4BB3-AD8A-2554E1CA2D9B}
[2011.11.26 13:59:49 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{B76C6D9C-451E-46C1-955D-BF076A864D31}
[2011.11.26 13:59:37 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{1707E454-B44C-458B-8FE7-A35EB3A4AC93}
[2011.11.25 09:11:17 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{E78407C1-A199-472A-B750-191B1DB0E537}
[2011.11.25 09:11:04 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{3ED1D01C-1CEB-4EE1-A68E-C3124534F437}
[2011.11.24 12:38:54 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{CFAFC0B6-6BE6-4130-BCC5-B0F7D32A86A0}
[2011.11.24 12:38:41 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{5F24B679-2418-42EC-9067-38EB480A74B1}
[2011.11.23 13:01:31 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{4D0C8F94-771A-408F-801C-475035081698}
[2011.11.23 13:01:19 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{B9655301-A8E9-4A23-9FDC-FEF219DB132F}
[2011.11.22 15:02:57 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{CAC68322-9146-4707-8075-E85C48F7A55D}
[2011.11.22 15:02:39 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{A47F71E3-B36F-4F71-9A64-0A005B02EC12}
[2011.11.22 08:37:32 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{C07E504E-A289-4844-AE28-CB3B76723AEA}
[2011.11.21 16:05:49 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{EAB0D10C-B627-41E1-99AA-235AB9883730}
[2011.11.21 16:05:37 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{A27DCC1A-7AC4-4577-A31F-17A464CD8BBF}
[2011.11.20 22:44:48 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{B2FEA519-DE76-473A-9C04-ADA4ACBA59EE}
[2011.11.20 22:44:36 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{00C41848-97CD-46E2-A7AC-A8CA1CC8A97F}
[2011.11.20 08:08:51 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{E06E4401-4DF2-42AB-B1BD-BE0D9F60C85A}
[2011.11.20 08:08:40 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{9632E7B2-2736-4486-97DC-5C3F7E486A39}
[2011.11.19 19:22:14 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\Overwolf
[2011.11.19 10:33:59 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{0BECAB78-B95E-4379-BA65-B58DBD46A24F}
[2011.11.19 10:33:49 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{445680D9-B78B-41D7-B931-154E51A9FA0F}
[2011.11.19 10:33:14 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{DFB5D508-128A-4118-BFF7-21D717CC2E88}
[2011.11.19 10:32:59 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{9B3A3563-6F0E-4B81-807A-8C0C0C11BC5E}
[2011.11.18 23:04:39 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Roaming\dvdcss
[2011.11.18 15:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PWD
[2011.11.18 15:56:16 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{664D08C9-FE56-4C99-958E-DA5AAAEB535C}
[2011.11.18 15:56:00 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{9986405C-F144-402F-8480-496F7C8279EE}
[2011.11.17 14:48:45 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{1B4E4904-9BBC-4172-BD86-E7C1B8D7C608}
[2011.11.17 14:48:33 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{C1464C53-EB0C-4843-9DB3-AAD4824AFB6A}
[2011.11.16 12:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011.11.16 09:19:26 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{F00CC629-9B2B-4ED9-9013-EE8C1E0DFF79}
[2011.11.16 09:19:16 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{52A5CD4A-965F-4D2C-95DE-2595118FEE1C}
[2011.11.15 10:50:47 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{BFE1B9F7-60F9-4797-85B6-00FF0DC01C6A}
[2011.11.15 10:50:36 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{AC4CA7CC-9586-4A76-841B-6E2E8E98907B}
[2011.11.14 10:08:58 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{E82E0D86-C554-43BE-8F25-1C5C1892F547}
[2011.11.14 10:08:46 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{C9A0125D-ADF1-4BF3-8A46-4A70220FA374}
[2011.11.13 11:34:48 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{ABD6832B-DB3B-48B1-A9D8-A05EB9D1D4D9}
[2011.11.13 11:34:32 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{D10BBEFF-734A-4C95-8E12-F2FE20FF7E53}
[2011.11.12 08:57:39 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{06E7977B-3B8C-4E75-B734-6F3D085656BB}
[2011.11.12 08:57:28 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{ED026427-7511-48AE-A006-59E5A996D946}
[2011.11.09 20:46:57 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\Akamai
[2011.11.09 09:34:58 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{0E89F869-C96E-4438-A8E6-55E8E17BDF94}
[2011.11.09 09:34:48 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{7609AE03-90A7-480D-8284-AE1720691833}
[2011.11.09 07:16:45 | 002,341,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.11.08 09:33:47 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{AF729E2C-091A-49C9-B38D-7FD2C80227FA}
[2011.11.08 09:33:36 | 000,000,000 | ---D | C] -- C:\Users\Pierre\AppData\Local\{949DCB2D-2290-4E0E-9C90-76D99388734E}
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.12.07 22:51:36 | 000,023,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.07 22:51:36 | 000,023,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.07 22:46:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Pierre\Desktop\OTL.exe
[2011.12.07 22:36:51 | 249,427,968 | ---- | M] () -- C:\Users\Pierre\Desktop\rescue_system-common-en.iso
[2011.12.07 22:23:52 | 000,707,372 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.07 22:23:52 | 000,660,990 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.07 22:23:52 | 000,152,964 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.07 22:23:52 | 000,125,180 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.07 22:17:55 | 000,000,020 | ---- | M] () -- C:\Windows\System32\drivers\SMR210.dat
[2011.12.07 22:17:46 | 000,083,064 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR210.SYS
[2011.12.07 22:17:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.07 22:17:03 | 2146,934,783 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.07 21:23:12 | 002,562,040 | ---- | M] (Symantec Corporation) -- C:\Users\Pierre\Desktop\NPE.exe
[2011.12.07 20:48:49 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011.12.07 20:48:49 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011.12.07 19:25:55 | 000,000,132 | ---- | M] () -- C:\Users\Pierre\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.12.07 15:35:39 | 000,381,382 | ---- | M] () -- C:\Users\Pierre\Desktop\Unbenannt-1.psd
[2011.12.07 13:41:06 | 000,002,275 | ---- | M] () -- C:\Users\Pierre\Desktop\sports_mlc.sft
[2011.12.07 13:33:13 | 000,011,779 | ---- | M] () -- C:\Users\Pierre\Desktop\wwe.sft
[2011.12.07 11:28:16 | 004,455,759 | ---- | M] () -- C:\Users\Pierre\Desktop\luffy.psd
[2011.12.06 22:42:08 | 1427,427,328 | ---- | M] () -- C:\Users\Pierre\Desktop\ftick-shark3d.avi
[2011.12.06 13:19:41 | 000,000,132 | ---- | M] () -- C:\Users\Pierre\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011.12.06 12:55:21 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\udwm.dll
[2011.12.06 11:23:48 | 000,000,008 | RHS- | M] () -- C:\Users\Pierre\ntuser.pol
[2011.12.05 21:44:53 | 000,016,190 | ---- | M] () -- C:\Users\Pierre\Documents\bat_mlc.sft
[2011.12.05 14:54:10 | 020,619,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imageres.dll
[2011.12.04 11:42:39 | 004,381,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.12.04 11:30:25 | 000,233,024 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.12.03 13:05:49 | 000,001,865 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2011.12.03 12:51:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.11.28 09:06:12 | 000,660,990 | ---- | M] () -- C:\Windows\System32\perfh009(34).dat
[2011.11.28 09:06:12 | 000,152,964 | ---- | M] () -- C:\Windows\System32\perfc007(32).dat
[2011.11.28 09:06:12 | 000,125,180 | ---- | M] () -- C:\Windows\System32\perfc009(33).dat
[2011.11.21 14:13:06 | 001,114,624 | ---- | M] (The Windows Club) -- C:\Windows\memorb.exe
[2011.11.21 09:49:54 | 000,000,132 | ---- | M] () -- C:\Users\Pierre\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011.11.09 14:32:01 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.08 20:37:39 | 000,000,177 | ---- | M] () -- C:\Windows\${FILENAME_INI}
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.07 22:24:44 | 249,427,968 | ---- | C] () -- C:\Users\Pierre\Desktop\rescue_system-common-en.iso
[2011.12.07 22:17:52 | 000,000,020 | ---- | C] () -- C:\Windows\System32\drivers\SMR210.dat
[2011.12.07 18:33:38 | 1427,427,328 | ---- | C] () -- C:\Users\Pierre\Desktop\ftick-shark3d.avi
[2011.12.07 15:35:38 | 000,381,382 | ---- | C] () -- C:\Users\Pierre\Desktop\Unbenannt-1.psd
[2011.12.07 13:41:06 | 000,002,275 | ---- | C] () -- C:\Users\Pierre\Desktop\sports_mlc.sft
[2011.12.07 13:33:12 | 000,011,779 | ---- | C] () -- C:\Users\Pierre\Desktop\wwe.sft
[2011.12.07 11:28:14 | 004,455,759 | ---- | C] () -- C:\Users\Pierre\Desktop\luffy.psd
[2011.12.06 09:58:47 | 000,000,008 | RHS- | C] () -- C:\Users\Pierre\ntuser.pol
[2011.12.05 21:44:52 | 000,016,190 | ---- | C] () -- C:\Users\Pierre\Documents\bat_mlc.sft
[2011.12.03 13:05:49 | 000,001,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2011.11.11 10:47:41 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.11.08 20:37:39 | 000,000,177 | ---- | C] () -- C:\Windows\${FILENAME_INI}
[2011.10.18 22:53:30 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011.09.24 21:18:13 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011.09.21 18:14:50 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.09.14 17:11:46 | 000,000,431 | ---- | C] () -- C:\Windows\BeatBox.INI
[2011.09.14 16:51:22 | 000,049,152 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2011.09.14 16:49:42 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2011.09.14 16:45:20 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.08.23 10:48:58 | 000,000,108 | ---- | C] () -- C:\Users\Pierre\AppData\Roaming\a30ff380.dat
[2011.08.11 20:46:31 | 000,000,219 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2011.08.08 20:08:18 | 000,186,121 | ---- | C] () -- C:\Windows\hpoins14.dat
[2011.08.08 20:08:18 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2011.08.03 10:09:38 | 000,000,132 | ---- | C] () -- C:\Users\Pierre\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.07.30 12:36:07 | 000,034,308 | ---- | C] () -- C:\Windows\System32\bassmod.dll
[2011.07.26 12:25:02 | 000,000,132 | ---- | C] () -- C:\Users\Pierre\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011.07.26 12:03:33 | 000,000,132 | ---- | C] () -- C:\Users\Pierre\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2011.07.23 21:42:38 | 000,000,132 | ---- | C] () -- C:\Users\Pierre\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.07.13 15:29:20 | 000,000,454 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.07.12 19:00:48 | 000,000,614 | ---- | C] () -- C:\Windows\eReg.dat
[2011.07.10 16:48:54 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.07.10 16:48:54 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.07.08 16:01:31 | 000,000,094 | ---- | C] () -- C:\Users\Pierre\AppData\Local\fusioncache.dat
[2011.07.08 13:15:40 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.07.08 13:15:38 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.07.07 17:50:16 | 000,052,836 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2011.07.07 17:50:15 | 000,394,752 | ---- | C] () -- C:\Windows\System32\cygwinb19.dll
[2011.07.07 17:50:15 | 000,162,304 | ---- | C] () -- C:\Windows\System32\libpng13.dll
[2011.07.07 17:50:14 | 001,199,179 | ---- | C] () -- C:\Windows\unins001.exe
[2011.07.07 17:50:14 | 000,017,012 | ---- | C] () -- C:\Windows\unins001.dat
[2011.07.07 17:49:46 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe
[2011.07.07 17:49:46 | 000,012,125 | ---- | C] () -- C:\Windows\unins000.dat
[2011.07.07 17:44:45 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.07.07 16:53:00 | 000,012,984 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.11.21 01:30:51 | 000,707,372 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.11.21 01:30:51 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.11.21 01:30:51 | 000,152,964 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.11.21 01:30:51 | 000,152,964 | ---- | C] () -- C:\Windows\System32\perfc007(32).dat
[2010.11.21 01:30:51 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.11.20 22:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010.11.20 22:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010.11.20 22:29:12 | 000,109,056 | ---- | C] () -- C:\Windows\System32\t2embed.dll
[2010.10.02 18:39:06 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 004,381,616 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,660,990 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,660,990 | ---- | C] () -- C:\Windows\System32\perfh009(34).dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,125,180 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,125,180 | ---- | C] () -- C:\Windows\System32\perfc009(33).dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:09 | 000,587,776 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.13 00:07:46 | 000,025,448 | ---- | C] () -- C:\Windows\System32\drivers\uxpatch.sys
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

gruss

Geändert von Larusso (08.12.2011 um 05:14 Uhr)

Alt 08.12.2011, 12:57   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bundestrojaner heute eingefangen - Standard

Bundestrojaner heute eingefangen



Log ist unvollständig!!
Außerdem wäre es wirklich schön, wenn man die Logs in CODE-Tags posten könnte.
__________________

__________________

Antwort

Themen zu Bundestrojaner heute eingefangen
aufzusetzen, blöde, bundes, bundestrojaner, document, eingefangen, einstellungen, entfern, entfernt, excel.exe, frage, gefangen, gen, heute, hijack, hijackthis, langs, link, locker, neu, nichts, nutze, nutzen, nvlddmkm.sys, nvmf6232.sys, otl.exe, richtig, system, system neu, verdächtiges, version=1.0, virus/trojaner, webcheck, würde



Ähnliche Themen: Bundestrojaner heute eingefangen


  1. Worm:Win32/Ramnit.A heute auf dem Pc eingefangen. Windows 8
    Plagegeister aller Art und deren Bekämpfung - 08.01.2015 (7)
  2. Win 7: GVU heute eingefangen. Wie entfernen? Winunlocker geht nicht
    Log-Analyse und Auswertung - 12.11.2014 (27)
  3. Bundestrojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 09.09.2013 (10)
  4. Bundestrojaner eingefangen
    Log-Analyse und Auswertung - 21.06.2013 (11)
  5. "bundestrojaner" seit heute morgen auf pc
    Log-Analyse und Auswertung - 11.06.2013 (10)
  6. Bundestrojaner heute eingefangen
    Log-Analyse und Auswertung - 11.06.2013 (12)
  7. Bundestrojaner eingefangen?
    Plagegeister aller Art und deren Bekämpfung - 01.05.2013 (11)
  8. GVU Virus heute eingefangen und gleich entfernt - ist mein PC wirklich sauber? Wie checken?
    Log-Analyse und Auswertung - 19.01.2013 (11)
  9. Bundestrojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (21)
  10. Bundestrojaner eingefangen :-(
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (7)
  11. GVU Trojaner heute eingefangen - LOG Files
    Log-Analyse und Auswertung - 11.09.2012 (5)
  12. Bundestrojaner eingefangen
    Log-Analyse und Auswertung - 13.07.2012 (9)
  13. Bundestrojaner eingefangen
    Log-Analyse und Auswertung - 13.03.2012 (11)
  14. Bundestrojaner eingefangen
    Log-Analyse und Auswertung - 28.08.2011 (4)
  15. TR/Crypt.XPACK.Gen Heute eingefangen!
    Mülltonne - 05.11.2008 (0)
  16. Hab mir heute was eingefangen, brauch Hilfe :(
    Plagegeister aller Art und deren Bekämpfung - 31.12.2005 (10)
  17. Alles im Eimer?? Heute gleich FÜNF Würmer eingefangen!! *Help*
    Plagegeister aller Art und deren Bekämpfung - 29.10.2004 (13)

Zum Thema Bundestrojaner heute eingefangen - hallo mein erster post und gleich sowas....habe mir durch nen link diesen virus/trojaner eingefangen, nun meine frage bekomme ich ihn entfernt ohne mein system neu aufzusetzen (wäre echtblöde)? habe mal - Bundestrojaner heute eingefangen...
Archiv
Du betrachtest: Bundestrojaner heute eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.