Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Probleme mit SMART HDD

Probleme mit SMART HDD


Plagegeister aller Art und deren Bekämpfung: Probleme mit SMART HDD

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 15.04.2012, 19:53   #1
lanas
 
Probleme mit SMART HDD - Standard

Probleme mit SMART HDD


Hallo,
bin neu hier und kenne mich so gut wie gar nicht mit dem Thema aus.
Toll das es so ein Forum gibt!
Brauche bitte eure Hilfe.
Mein Desktop ist komplett schwarz, ich sehe nur meinen Papierkorb, es sind mehrere Sicherheitsfenster offen.
Sorry das anhängen der Dateien hier hat auch nicht geklappt..
Habe bereits OTL runtergeladen, und das sind die Ergebnisse die von OTL rausgekommen sind.
Hoffe ihr könnt mir helfen!
Vielen Dank!

OTL.Txt:

OTL logfile created on: 15.04.2012 19:08:27 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Sweta\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 51,80% Memory free
6,21 Gb Paging File | 4,58 Gb Available in Paging File | 73,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 583,19 Gb Total Space | 454,95 Gb Free Space | 78,01% Space Free | Partition Type: NTFS
Drive D: | 12,98 Gb Total Space | 1,78 Gb Free Space | 13,69% Space Free | Partition Type: NTFS

Computer Name: SWETA-PC | User Name: Sweta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.04.15 19:07:56 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Sweta\Downloads\OTL.exe
PRC - [2012.04.15 17:51:32 | 000,221,696 | -H-- | M] () -- C:\ProgramData\VOcdQnqbv4L708.exe
PRC - [2012.04.15 17:43:10 | 000,301,568 | -H-- | M] () -- C:\ProgramData\AlSnqDidGxPete.exe
PRC - [2012.03.13 11:26:29 | 000,250,528 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11g_ActiveX.exe
PRC - [2012.02.28 13:33:51 | 000,638,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2011.10.11 15:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.23 21:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2009.10.14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Programme\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009.10.14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.10.17 17:57:18 | 000,189,736 | ---- | M] (CyberLink) -- C:\Programme\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008.10.17 17:56:54 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008.10.03 16:41:20 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2008.09.26 03:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008.09.23 12:03:38 | 000,912,688 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.04.18 17:01:34 | 000,065,536 | -H-- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2012.04.15 17:51:32 | 000,221,696 | -H-- | M] () -- C:\ProgramData\VOcdQnqbv4L708.exe
MOD - [2012.04.15 17:43:10 | 000,301,568 | -H-- | M] () -- C:\ProgramData\AlSnqDidGxPete.exe
MOD - [2012.04.13 00:58:31 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll
MOD - [2012.04.13 00:58:21 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll
MOD - [2012.04.13 00:58:06 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a8100864c7dd9ecf5d9f07fdaf5ba246\PresentationFramework.ni.dll
MOD - [2012.04.13 00:57:24 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\89b3b18de5d2cc945c24c0333d78f665\PresentationCore.ni.dll
MOD - [2012.02.16 17:10:16 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012.02.16 17:07:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll
MOD - [2012.02.16 17:07:34 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a333ad288c1a4bbbba8f61249202bc1a\System.EnterpriseServices.ni.dll
MOD - [2012.02.16 17:07:34 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\0ef893bbf33d38a1f7a63b9cee2dabfe\System.Transactions.ni.dll
MOD - [2012.02.16 17:07:34 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a333ad288c1a4bbbba8f61249202bc1a\System.EnterpriseServices.Wrapper.dll
MOD - [2012.02.16 17:07:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012.02.16 16:57:05 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012.02.16 16:56:21 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\029217106fa24787ff7a61b754f8ebf7\System.Data.ni.dll
MOD - [2012.02.16 16:56:05 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d48e106e015d0f8cb2d5295015cee508\PresentationFramework.Aero.ni.dll
MOD - [2012.02.16 16:55:31 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1e258a951222c818540b33880ca45f2e\WindowsBase.ni.dll
MOD - [2012.02.16 16:55:26 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011.10.14 10:32:08 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.10.14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Programme\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009.10.14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2009.04.11 08:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009.04.11 04:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009.03.30 06:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009.03.30 06:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009.03.30 06:42:13 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MOD - [2009.03.30 06:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.30 06:42:11 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
MOD - [2009.02.25 03:16:56 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009.02.25 03:16:56 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2008.11.10 00:33:28 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.10.17 17:57:20 | 000,881,960 | ---- | M] () -- C:\Programme\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.10.17 10:39:18 | 000,032,768 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008.10.17 10:32:58 | 000,007,168 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008.10.17 10:32:54 | 000,057,344 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008.10.17 10:32:48 | 000,118,784 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008.10.17 10:32:46 | 000,010,240 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008.10.17 10:32:26 | 000,040,960 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008.10.17 10:32:26 | 000,028,672 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008.10.17 10:32:26 | 000,005,632 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2006.12.10 21:51:08 | 000,077,824 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006.12.10 21:51:08 | 000,065,536 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmlparse.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 -- (Norton Internet Security)
SRV - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.02.03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.02.15 20:06:45 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 15:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.04.30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2008.11.10 04:08:24 | 004,017,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.09.26 03:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Programme\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008.09.10 02:58:08 | 000,020,640 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Programme\PC-Doctor for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2008.08.01 14:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008.07.21 18:12:50 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008.07.21 18:12:50 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008.05.22 11:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.07.19 02:44:00 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.07.19 02:39:15 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005.12.12 19:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{4D14827A-DABF-4680-AE44-F46DDFE0E614}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{99D31906-4B07-4CA5-9B7E-2032E112F800}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\..\SearchScopes\{AAF799E4-D65C-49E1-838D-12A435C677FF}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {99D31906-4B07-4CA5-9B7E-2032E112F800}
IE - HKCU\..\SearchScopes\{128D3E0A-3F1A-48D1-ADFD-59991F7A7CDF}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{4D14827A-DABF-4680-AE44-F46DDFE0E614}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_de
IE - HKCU\..\SearchScopes\{83A34CBC-E79C-41B7-A0F1-C22B7046A60D}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=B5BC9946-237B-4616-95B3-78C82F760E26&apn_sauid=9333CBDF-4E3E-464E-8637-A207B1EAB65D&
IE - HKCU\..\SearchScopes\{99D31906-4B07-4CA5-9B7E-2032E112F800}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKCU\..\SearchScopes\{9D04F553-D9B9-42D0-B204-A6492677F5FC}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{AAF799E4-D65C-49E1-838D-12A435C677FF}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{AC28C4EA-82C3-4BB2-857D-37856D737068}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKCU\..\SearchScopes\{EB19C0FF-7226-4154-8E32-42BEE64A61F1}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



========== Chrome ==========


O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Sweta\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Sweta\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AlSnqDidGxPete.exe] C:\ProgramData\AlSnqDidGxPete.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED515004-0C4A-4397-857C-CCB44C77AC01}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sweta\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Sweta\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.04.15 17:51:45 | 000,000,000 | -H-D | C] -- C:\Users\Sweta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SMART HDD
[2012.04.12 17:31:35 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.12 17:31:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.12 17:31:33 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.12 17:31:33 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.04.12 17:31:33 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.04.12 17:31:33 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.04.12 17:31:33 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.04.12 17:31:33 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.04.12 17:31:33 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.12 17:31:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.04.12 17:31:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.04.12 17:31:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.04.12 17:31:32 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.12 17:31:32 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.04.12 17:31:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.04.12 17:31:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.04.12 17:31:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.04.12 17:31:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

========== Files - Modified Within 30 Days ==========

[2012.04.15 18:27:16 | 011,400,724 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.15 18:27:16 | 003,856,622 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.15 18:27:16 | 003,595,128 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.15 18:27:16 | 003,236,102 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.15 18:20:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.15 18:20:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.15 18:20:28 | 000,000,680 | -H-- | M] () -- C:\Users\Sweta\AppData\Local\d3d9caps.dat
[2012.04.15 18:20:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.15 18:20:19 | 3220,332,544 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.15 17:51:45 | 000,000,601 | -H-- | M] () -- C:\Users\Sweta\Desktop\SMART_HDD.lnk
[2012.04.15 17:51:45 | 000,000,168 | -H-- | M] () -- C:\ProgramData\-VOcdQnqbv4L708r
[2012.04.15 17:51:45 | 000,000,000 | -H-- | M] () -- C:\ProgramData\-VOcdQnqbv4L708
[2012.04.15 17:51:32 | 000,221,696 | -H-- | M] () -- C:\ProgramData\VOcdQnqbv4L708.exe
[2012.04.15 17:51:32 | 000,000,256 | -H-- | M] () -- C:\ProgramData\VOcdQnqbv4L708
[2012.04.15 17:43:10 | 000,301,568 | -H-- | M] () -- C:\ProgramData\AlSnqDidGxPete.exe
[2012.04.10 12:06:30 | 000,026,538 | -H-- | M] () -- C:\Users\Sweta\AppData\Roaming\wklnhst.dat

========== Files Created - No Company Name ==========

[2012.04.15 17:51:45 | 000,000,601 | -H-- | C] () -- C:\Users\Sweta\Desktop\SMART_HDD.lnk
[2012.04.15 17:51:45 | 000,000,168 | -H-- | C] () -- C:\ProgramData\-VOcdQnqbv4L708r
[2012.04.15 17:51:45 | 000,000,000 | -H-- | C] () -- C:\ProgramData\-VOcdQnqbv4L708
[2012.04.15 17:51:32 | 000,221,696 | -H-- | C] () -- C:\ProgramData\VOcdQnqbv4L708.exe
[2012.04.15 17:51:32 | 000,000,256 | -H-- | C] () -- C:\ProgramData\VOcdQnqbv4L708
[2012.04.15 17:45:17 | 000,301,568 | -H-- | C] () -- C:\ProgramData\AlSnqDidGxPete.exe
[2012.03.03 00:22:56 | 000,000,680 | -H-- | C] () -- C:\Users\Sweta\AppData\Local\d3d9caps.dat
[2010.11.29 12:48:02 | 000,000,462 | ---- | C] () -- C:\Windows\{A67C4EF9-725D-4C83-A67A-BB7B7DE96CF4}_WiseFW.ini
[2010.07.02 07:49:11 | 000,009,728 | -H-- | C] () -- C:\Users\Sweta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.19 21:33:13 | 000,000,760 | -H-- | C] () -- C:\Users\Sweta\AppData\Roaming\setup_ldm.iss
[2010.05.11 16:55:00 | 000,058,163 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

========== Files - Unicode (All) ==========
[2010.03.25 16:19:53 | 000,016,384 | -H-- | M] ()(C:\Users\Sweta\Documents\?? ???????, ????? ???.wps) -- C:\Users\Sweta\Documents\Об отпуске, часть два.wps
[2010.03.25 16:19:53 | 000,016,384 | -H-- | C] ()(C:\Users\Sweta\Documents\?? ???????, ????? ???.wps) -- C:\Users\Sweta\Documents\Об отпуске, часть два.wps
[2010.03.25 16:19:21 | 000,017,408 | -H-- | M] ()(C:\Users\Sweta\Documents\????.wps) -- C:\Users\Sweta\Documents\Сука.wps
[2010.03.25 16:19:21 | 000,017,408 | -H-- | C] ()(C:\Users\Sweta\Documents\????.wps) -- C:\Users\Sweta\Documents\Сука.wps
[2009.12.13 19:51:26 | 000,080,896 | -H-- | M] ()(C:\Users\Sweta\Documents\???????????.wps) -- C:\Users\Sweta\Documents\Афродизиаки.wps
[2009.12.13 19:51:26 | 000,080,896 | -H-- | C] ()(C:\Users\Sweta\Documents\???????????.wps) -- C:\Users\Sweta\Documents\Афродизиаки.wps
[2009.11.17 23:26:42 | 000,027,136 | -H-- | M] ()(C:\Users\Sweta\Documents\????????? ? ???????.wps) -- C:\Users\Sweta\Documents\Подрулила к бордюру.wps
[2009.11.17 23:26:42 | 000,027,136 | -H-- | C] ()(C:\Users\Sweta\Documents\????????? ? ???????.wps) -- C:\Users\Sweta\Documents\Подрулила к бордюру.wps
[2009.11.05 19:36:51 | 000,019,968 | -H-- | M] ()(C:\Users\Sweta\Documents\??? ???????? ??? ????.wps) -- C:\Users\Sweta\Documents\Мне остаться или уйти.wps
[2009.11.05 19:36:51 | 000,019,968 | -H-- | C] ()(C:\Users\Sweta\Documents\??? ???????? ??? ????.wps) -- C:\Users\Sweta\Documents\Мне остаться или уйти.wps
[2009.11.05 19:34:16 | 000,016,384 | -H-- | M] ()(C:\Users\Sweta\Documents\? ??? ?????..wps) -- C:\Users\Sweta\Documents\А что стихи..wps
[2009.11.05 19:34:16 | 000,016,384 | -H-- | C] ()(C:\Users\Sweta\Documents\? ??? ?????..wps) -- C:\Users\Sweta\Documents\А что стихи..wps
[2009.11.05 19:33:06 | 000,017,920 | -H-- | M] ()(C:\Users\Sweta\Documents\????????? ???????? ???.wps) -- C:\Users\Sweta\Documents\Ароматами терпкого коф.wps
[2009.11.05 19:33:06 | 000,017,920 | -H-- | C] ()(C:\Users\Sweta\Documents\????????? ???????? ???.wps) -- C:\Users\Sweta\Documents\Ароматами терпкого коф.wps
[2009.11.05 19:28:54 | 000,016,896 | -H-- | M] ()(C:\Users\Sweta\Documents\?? ??????????.wps) -- C:\Users\Sweta\Documents\не Аэрофлотом.wps
[2009.11.05 19:28:54 | 000,016,896 | -H-- | C] ()(C:\Users\Sweta\Documents\?? ??????????.wps) -- C:\Users\Sweta\Documents\не Аэрофлотом.wps
[2009.11.05 19:25:07 | 000,017,408 | -H-- | M] ()(C:\Users\Sweta\Documents\? ???????? ? ?????.wps) -- C:\Users\Sweta\Documents\И коленкой в живот.wps
[2009.11.05 19:25:07 | 000,017,408 | -H-- | C] ()(C:\Users\Sweta\Documents\? ???????? ? ?????.wps) -- C:\Users\Sweta\Documents\И коленкой в живот.wps
[2009.11.05 19:18:20 | 000,016,384 | -H-- | M] ()(C:\Users\Sweta\Documents\??? ????? ??? ???????.wps) -- C:\Users\Sweta\Documents\Вот такая вот суббота.wps
[2009.11.05 19:18:20 | 000,016,384 | -H-- | C] ()(C:\Users\Sweta\Documents\??? ????? ??? ???????.wps) -- C:\Users\Sweta\Documents\Вот такая вот суббота.wps
[2009.11.05 01:10:33 | 000,017,408 | -H-- | M] ()(C:\Users\Sweta\Documents\? ???? ?????.wps) -- C:\Users\Sweta\Documents\Я тебя очень.wps
[2009.11.01 15:02:19 | 000,017,408 | -H-- | C] ()(C:\Users\Sweta\Documents\? ???? ?????.wps) -- C:\Users\Sweta\Documents\Я тебя очень.wps
[2009.10.26 15:55:38 | 000,025,600 | -H-- | M] ()(C:\Users\Sweta\Documents\? ??????? ??? ????.wps) -- C:\Users\Sweta\Documents\я сегодня всю ночь.wps
[2009.10.13 10:06:44 | 000,025,600 | -H-- | C] ()(C:\Users\Sweta\Documents\? ??????? ??? ????.wps) -- C:\Users\Sweta\Documents\я сегодня всю ночь.wps
[2009.10.12 22:06:39 | 000,015,872 | -H-- | M] ()(C:\Users\Sweta\Documents\????.wps) -- C:\Users\Sweta\Documents\Стеб.wps
[2009.10.12 22:06:39 | 000,015,872 | -H-- | C] ()(C:\Users\Sweta\Documents\????.wps) -- C:\Users\Sweta\Documents\Стеб.wps
[2009.10.10 21:24:37 | 000,015,872 | -H-- | M] ()(C:\Users\Sweta\Documents\? ????? ????.wps) -- C:\Users\Sweta\Documents\В нутри моей.wps
[2009.10.10 21:24:37 | 000,015,872 | -H-- | C] ()(C:\Users\Sweta\Documents\? ????? ????.wps) -- C:\Users\Sweta\Documents\В нутри моей.wps
[2009.10.10 19:18:29 | 000,017,920 | -H-- | M] ()(C:\Users\Sweta\Documents\?????-?????? ?? ????????? ??? ???,.wps) -- C:\Users\Sweta\Documents\Когда-нибудь ты вспомнишь обо мне,.wps
[2009.10.10 19:18:28 | 000,017,920 | -H-- | C] ()(C:\Users\Sweta\Documents\?????-?????? ?? ????????? ??? ???,.wps) -- C:\Users\Sweta\Documents\Когда-нибудь ты вспомнишь обо мне,.wps
[2009.10.04 13:00:20 | 000,017,408 | -H-- | M] ()(C:\Users\Sweta\Documents\??????? ??????.wps) -- C:\Users\Sweta\Documents\Немного интима.wps
[2009.10.04 13:00:20 | 000,017,408 | -H-- | C] ()(C:\Users\Sweta\Documents\??????? ??????.wps) -- C:\Users\Sweta\Documents\Немного интима.wps
[2009.09.17 23:08:26 | 000,017,920 | -H-- | M] ()(C:\Users\Sweta\Documents\?????- ??????????? ????????.wps) -- C:\Users\Sweta\Documents\Осень- потихонечку холодает.wps
[2009.09.17 23:08:26 | 000,017,920 | -H-- | C] ()(C:\Users\Sweta\Documents\?????- ??????????? ????????.wps) -- C:\Users\Sweta\Documents\Осень- потихонечку холодает.wps
[2009.09.15 23:21:27 | 000,016,896 | -H-- | M] ()(C:\Users\Sweta\Documents\??????????? ?????.wps) -- C:\Users\Sweta\Documents\Вялотекущая осень.wps
[2009.09.15 23:21:27 | 000,016,896 | -H-- | C] ()(C:\Users\Sweta\Documents\??????????? ?????.wps) -- C:\Users\Sweta\Documents\Вялотекущая осень.wps
[2009.09.15 22:34:29 | 000,021,504 | -H-- | M] ()(C:\Users\Sweta\Documents\?? ?? ????. ?? ?? ???.wps) -- C:\Users\Sweta\Documents\то ли дыбр. то ли хбз.wps
[2009.09.15 22:34:29 | 000,021,504 | -H-- | C] ()(C:\Users\Sweta\Documents\?? ?? ????. ?? ?? ???.wps) -- C:\Users\Sweta\Documents\то ли дыбр. то ли хбз.wps

< End of report >



Und hier Extras.Txt:

OTL logfile created on: 15.04.2012 19:08:27 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Sweta\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 51,80% Memory free
6,21 Gb Paging File | 4,58 Gb Available in Paging File | 73,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 583,19 Gb Total Space | 454,95 Gb Free Space | 78,01% Space Free | Partition Type: NTFS
Drive D: | 12,98 Gb Total Space | 1,78 Gb Free Space | 13,69% Space Free | Partition Type: NTFS

Computer Name: SWETA-PC | User Name: Sweta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.04.15 19:07:56 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Sweta\Downloads\OTL.exe
PRC - [2012.04.15 17:51:32 | 000,221,696 | -H-- | M] () -- C:\ProgramData\VOcdQnqbv4L708.exe
PRC - [2012.04.15 17:43:10 | 000,301,568 | -H-- | M] () -- C:\ProgramData\AlSnqDidGxPete.exe
PRC - [2012.03.13 11:26:29 | 000,250,528 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11g_ActiveX.exe
PRC - [2012.02.28 13:33:51 | 000,638,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2011.10.11 15:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.23 21:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2009.10.14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Programme\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009.10.14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.10.17 17:57:18 | 000,189,736 | ---- | M] (CyberLink) -- C:\Programme\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008.10.17 17:56:54 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008.10.03 16:41:20 | 000,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2008.09.26 03:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Programme\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008.09.23 12:03:38 | 000,912,688 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.04.18 17:01:34 | 000,065,536 | -H-- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2012.04.15 17:51:32 | 000,221,696 | -H-- | M] () -- C:\ProgramData\VOcdQnqbv4L708.exe
MOD - [2012.04.15 17:43:10 | 000,301,568 | -H-- | M] () -- C:\ProgramData\AlSnqDidGxPete.exe
MOD - [2012.04.13 00:58:31 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll
MOD - [2012.04.13 00:58:21 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll
MOD - [2012.04.13 00:58:06 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a8100864c7dd9ecf5d9f07fdaf5ba246\PresentationFramework.ni.dll
MOD - [2012.04.13 00:57:24 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\89b3b18de5d2cc945c24c0333d78f665\PresentationCore.ni.dll
MOD - [2012.02.16 17:10:16 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012.02.16 17:07:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll
MOD - [2012.02.16 17:07:34 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a333ad288c1a4bbbba8f61249202bc1a\System.EnterpriseServices.ni.dll
MOD - [2012.02.16 17:07:34 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\0ef893bbf33d38a1f7a63b9cee2dabfe\System.Transactions.ni.dll
MOD - [2012.02.16 17:07:34 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a333ad288c1a4bbbba8f61249202bc1a\System.EnterpriseServices.Wrapper.dll
MOD - [2012.02.16 17:07:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012.02.16 16:57:05 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012.02.16 16:56:21 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\029217106fa24787ff7a61b754f8ebf7\System.Data.ni.dll
MOD - [2012.02.16 16:56:05 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d48e106e015d0f8cb2d5295015cee508\PresentationFramework.Aero.ni.dll
MOD - [2012.02.16 16:55:31 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1e258a951222c818540b33880ca45f2e\WindowsBase.ni.dll
MOD - [2012.02.16 16:55:26 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011.10.14 10:32:08 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.10.14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Programme\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009.10.14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2009.04.11 08:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009.04.11 04:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009.03.30 06:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009.03.30 06:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009.03.30 06:42:13 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MOD - [2009.03.30 06:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.30 06:42:11 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
MOD - [2009.02.25 03:16:56 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009.02.25 03:16:56 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2008.11.10 00:33:28 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.10.17 17:57:20 | 000,881,960 | ---- | M] () -- C:\Programme\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.10.17 10:39:18 | 000,032,768 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008.10.17 10:32:58 | 000,007,168 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008.10.17 10:32:54 | 000,057,344 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008.10.17 10:32:48 | 000,118,784 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008.10.17 10:32:46 | 000,010,240 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008.10.17 10:32:26 | 000,040,960 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008.10.17 10:32:26 | 000,028,672 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008.10.17 10:32:26 | 000,005,632 | ---- | M] () -- C:\Programme\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2006.12.10 21:51:08 | 000,077,824 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006.12.10 21:51:08 | 000,065,536 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmlparse.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 -- (Norton Internet Security)
SRV - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.02.03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.02.15 20:06:45 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 15:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.04.30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2008.11.10 04:08:24 | 004,017,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.09.26 03:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Programme\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008.09.10 02:58:08 | 000,020,640 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Programme\PC-Doctor for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2008.08.01 14:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008.07.21 18:12:50 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008.07.21 18:12:50 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008.05.22 11:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.07.19 02:44:00 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.07.19 02:39:15 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005.12.12 19:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{4D14827A-DABF-4680-AE44-F46DDFE0E614}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{99D31906-4B07-4CA5-9B7E-2032E112F800}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\..\SearchScopes\{AAF799E4-D65C-49E1-838D-12A435C677FF}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {99D31906-4B07-4CA5-9B7E-2032E112F800}
IE - HKCU\..\SearchScopes\{128D3E0A-3F1A-48D1-ADFD-59991F7A7CDF}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{4D14827A-DABF-4680-AE44-F46DDFE0E614}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_de
IE - HKCU\..\SearchScopes\{83A34CBC-E79C-41B7-A0F1-C22B7046A60D}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=B5BC9946-237B-4616-95B3-78C82F760E26&apn_sauid=9333CBDF-4E3E-464E-8637-A207B1EAB65D&
IE - HKCU\..\SearchScopes\{99D31906-4B07-4CA5-9B7E-2032E112F800}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKCU\..\SearchScopes\{9D04F553-D9B9-42D0-B204-A6492677F5FC}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{AAF799E4-D65C-49E1-838D-12A435C677FF}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{AC28C4EA-82C3-4BB2-857D-37856D737068}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
IE - HKCU\..\SearchScopes\{EB19C0FF-7226-4154-8E32-42BEE64A61F1}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



========== Chrome ==========


O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Sweta\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Sweta\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AlSnqDidGxPete.exe] C:\ProgramData\AlSnqDidGxPete.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED515004-0C4A-4397-857C-CCB44C77AC01}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sweta\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Sweta\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.04.15 17:51:45 | 000,000,000 | -H-D | C] -- C:\Users\Sweta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SMART HDD
[2012.04.12 17:31:35 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.12 17:31:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.12 17:31:33 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.12 17:31:33 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.04.12 17:31:33 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.04.12 17:31:33 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.04.12 17:31:33 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.04.12 17:31:33 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.04.12 17:31:33 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.12 17:31:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.04.12 17:31:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.04.12 17:31:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.04.12 17:31:32 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.12 17:31:32 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.04.12 17:31:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.04.12 17:31:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.04.12 17:31:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.04.12 17:31:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

========== Files - Modified Within 30 Days ==========

[2012.04.15 18:27:16 | 011,400,724 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.15 18:27:16 | 003,856,622 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.15 18:27:16 | 003,595,128 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.15 18:27:16 | 003,236,102 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.15 18:20:31 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.15 18:20:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.15 18:20:28 | 000,000,680 | -H-- | M] () -- C:\Users\Sweta\AppData\Local\d3d9caps.dat
[2012.04.15 18:20:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.15 18:20:19 | 3220,332,544 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.15 17:51:45 | 000,000,601 | -H-- | M] () -- C:\Users\Sweta\Desktop\SMART_HDD.lnk
[2012.04.15 17:51:45 | 000,000,168 | -H-- | M] () -- C:\ProgramData\-VOcdQnqbv4L708r
[2012.04.15 17:51:45 | 000,000,000 | -H-- | M] () -- C:\ProgramData\-VOcdQnqbv4L708
[2012.04.15 17:51:32 | 000,221,696 | -H-- | M] () -- C:\ProgramData\VOcdQnqbv4L708.exe
[2012.04.15 17:51:32 | 000,000,256 | -H-- | M] () -- C:\ProgramData\VOcdQnqbv4L708
[2012.04.15 17:43:10 | 000,301,568 | -H-- | M] () -- C:\ProgramData\AlSnqDidGxPete.exe
[2012.04.10 12:06:30 | 000,026,538 | -H-- | M] () -- C:\Users\Sweta\AppData\Roaming\wklnhst.dat

========== Files Created - No Company Name ==========

[2012.04.15 17:51:45 | 000,000,601 | -H-- | C] () -- C:\Users\Sweta\Desktop\SMART_HDD.lnk
[2012.04.15 17:51:45 | 000,000,168 | -H-- | C] () -- C:\ProgramData\-VOcdQnqbv4L708r
[2012.04.15 17:51:45 | 000,000,000 | -H-- | C] () -- C:\ProgramData\-VOcdQnqbv4L708
[2012.04.15 17:51:32 | 000,221,696 | -H-- | C] () -- C:\ProgramData\VOcdQnqbv4L708.exe
[2012.04.15 17:51:32 | 000,000,256 | -H-- | C] () -- C:\ProgramData\VOcdQnqbv4L708
[2012.04.15 17:45:17 | 000,301,568 | -H-- | C] () -- C:\ProgramData\AlSnqDidGxPete.exe
[2012.03.03 00:22:56 | 000,000,680 | -H-- | C] () -- C:\Users\Sweta\AppData\Local\d3d9caps.dat
[2010.11.29 12:48:02 | 000,000,462 | ---- | C] () -- C:\Windows\{A67C4EF9-725D-4C83-A67A-BB7B7DE96CF4}_WiseFW.ini
[2010.07.02 07:49:11 | 000,009,728 | -H-- | C] () -- C:\Users\Sweta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.19 21:33:13 | 000,000,760 | -H-- | C] () -- C:\Users\Sweta\AppData\Roaming\setup_ldm.iss
[2010.05.11 16:55:00 | 000,058,163 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

========== Files - Unicode (All) ==========
[2010.03.25 16:19:53 | 000,016,384 | -H-- | M] ()(C:\Users\Sweta\Documents\?? ???????, ????? ???.wps) -- C:\Users\Sweta\Documents\Об отпуске, часть два.wps
[2010.03.25 16:19:53 | 000,016,384 | -H-- | C] ()(C:\Users\Sweta\Documents\?? ???????, ????? ???.wps) -- C:\Users\Sweta\Documents\Об отпуске, часть два.wps
[2010.03.25 16:19:21 | 000,017,408 | -H-- | M] ()(C:\Users\Sweta\Documents\????.wps) -- C:\Users\Sweta\Documents\Сука.wps
[2010.03.25 16:19:21 | 000,017,408 | -H-- | C] ()(C:\Users\Sweta\Documents\????.wps) -- C:\Users\Sweta\Documents\Сука.wps
[2009.12.13 19:51:26 | 000,080,896 | -H-- | M] ()(C:\Users\Sweta\Documents\???????????.wps) -- C:\Users\Sweta\Documents\Афродизиаки.wps
[2009.12.13 19:51:26 | 000,080,896 | -H-- | C] ()(C:\Users\Sweta\Documents\???????????.wps) -- C:\Users\Sweta\Documents\Афродизиаки.wps
[2009.11.17 23:26:42 | 000,027,136 | -H-- | M] ()(C:\Users\Sweta\Documents\????????? ? ???????.wps) -- C:\Users\Sweta\Documents\Подрулила к бордюру.wps
[2009.11.17 23:26:42 | 000,027,136 | -H-- | C] ()(C:\Users\Sweta\Documents\????????? ? ???????.wps) -- C:\Users\Sweta\Documents\Подрулила к бордюру.wps
[2009.11.05 19:36:51 | 000,019,968 | -H-- | M] ()(C:\Users\Sweta\Documents\??? ???????? ??? ????.wps) -- C:\Users\Sweta\Documents\Мне остаться или уйти.wps
[2009.11.05 19:36:51 | 000,019,968 | -H-- | C] ()(C:\Users\Sweta\Documents\??? ???????? ??? ????.wps) -- C:\Users\Sweta\Documents\Мне остаться или уйти.wps
[2009.11.05 19:34:16 | 000,016,384 | -H-- | M] ()(C:\Users\Sweta\Documents\? ??? ?????..wps) -- C:\Users\Sweta\Documents\А что стихи..wps
[2009.11.05 19:34:16 | 000,016,384 | -H-- | C] ()(C:\Users\Sweta\Documents\? ??? ?????..wps) -- C:\Users\Sweta\Documents\А что стихи..wps
[2009.11.05 19:33:06 | 000,017,920 | -H-- | M] ()(C:\Users\Sweta\Documents\????????? ???????? ???.wps) -- C:\Users\Sweta\Documents\Ароматами терпкого коф.wps
[2009.11.05 19:33:06 | 000,017,920 | -H-- | C] ()(C:\Users\Sweta\Documents\????????? ???????? ???.wps) -- C:\Users\Sweta\Documents\Ароматами терпкого коф.wps
[2009.11.05 19:28:54 | 000,016,896 | -H-- | M] ()(C:\Users\Sweta\Documents\?? ??????????.wps) -- C:\Users\Sweta\Documents\не Аэрофлотом.wps
[2009.11.05 19:28:54 | 000,016,896 | -H-- | C] ()(C:\Users\Sweta\Documents\?? ??????????.wps) -- C:\Users\Sweta\Documents\не Аэрофлотом.wps
[2009.11.05 19:25:07 | 000,017,408 | -H-- | M] ()(C:\Users\Sweta\Documents\? ???????? ? ?????.wps) -- C:\Users\Sweta\Documents\И коленкой в живот.wps
[2009.11.05 19:25:07 | 000,017,408 | -H-- | C] ()(C:\Users\Sweta\Documents\? ???????? ? ?????.wps) -- C:\Users\Sweta\Documents\И коленкой в живот.wps
[2009.11.05 19:18:20 | 000,016,384 | -H-- | M] ()(C:\Users\Sweta\Documents\??? ????? ??? ???????.wps) -- C:\Users\Sweta\Documents\Вот такая вот суббота.wps
[2009.11.05 19:18:20 | 000,016,384 | -H-- | C] ()(C:\Users\Sweta\Documents\??? ????? ??? ???????.wps) -- C:\Users\Sweta\Documents\Вот такая вот суббота.wps
[2009.11.05 01:10:33 | 000,017,408 | -H-- | M] ()(C:\Users\Sweta\Documents\? ???? ?????.wps) -- C:\Users\Sweta\Documents\Я тебя очень.wps
[2009.11.01 15:02:19 | 000,017,408 | -H-- | C] ()(C:\Users\Sweta\Documents\? ???? ?????.wps) -- C:\Users\Sweta\Documents\Я тебя очень.wps
[2009.10.26 15:55:38 | 000,025,600 | -H-- | M] ()(C:\Users\Sweta\Documents\? ??????? ??? ????.wps) -- C:\Users\Sweta\Documents\я сегодня всю ночь.wps
[2009.10.13 10:06:44 | 000,025,600 | -H-- | C] ()(C:\Users\Sweta\Documents\? ??????? ??? ????.wps) -- C:\Users\Sweta\Documents\я сегодня всю ночь.wps
[2009.10.12 22:06:39 | 000,015,872 | -H-- | M] ()(C:\Users\Sweta\Documents\????.wps) -- C:\Users\Sweta\Documents\Стеб.wps
[2009.10.12 22:06:39 | 000,015,872 | -H-- | C] ()(C:\Users\Sweta\Documents\????.wps) -- C:\Users\Sweta\Documents\Стеб.wps
[2009.10.10 21:24:37 | 000,015,872 | -H-- | M] ()(C:\Users\Sweta\Documents\? ????? ????.wps) -- C:\Users\Sweta\Documents\В нутри моей.wps
[2009.10.10 21:24:37 | 000,015,872 | -H-- | C] ()(C:\Users\Sweta\Documents\? ????? ????.wps) -- C:\Users\Sweta\Documents\В нутри моей.wps
[2009.10.10 19:18:29 | 000,017,920 | -H-- | M] ()(C:\Users\Sweta\Documents\?????-?????? ?? ????????? ??? ???,.wps) -- C:\Users\Sweta\Documents\Когда-нибудь ты вспомнишь обо мне,.wps
[2009.10.10 19:18:28 | 000,017,920 | -H-- | C] ()(C:\Users\Sweta\Documents\?????-?????? ?? ????????? ??? ???,.wps) -- C:\Users\Sweta\Documents\Когда-нибудь ты вспомнишь обо мне,.wps
[2009.10.04 13:00:20 | 000,017,408 | -H-- | M] ()(C:\Users\Sweta\Documents\??????? ??????.wps) -- C:\Users\Sweta\Documents\Немного интима.wps
[2009.10.04 13:00:20 | 000,017,408 | -H-- | C] ()(C:\Users\Sweta\Documents\??????? ??????.wps) -- C:\Users\Sweta\Documents\Немного интима.wps
[2009.09.17 23:08:26 | 000,017,920 | -H-- | M] ()(C:\Users\Sweta\Documents\?????- ??????????? ????????.wps) -- C:\Users\Sweta\Documents\Осень- потихонечку холодает.wps
[2009.09.17 23:08:26 | 000,017,920 | -H-- | C] ()(C:\Users\Sweta\Documents\?????- ??????????? ????????.wps) -- C:\Users\Sweta\Documents\Осень- потихонечку холодает.wps
[2009.09.15 23:21:27 | 000,016,896 | -H-- | M] ()(C:\Users\Sweta\Documents\??????????? ?????.wps) -- C:\Users\Sweta\Documents\Вялотекущая осень.wps
[2009.09.15 23:21:27 | 000,016,896 | -H-- | C] ()(C:\Users\Sweta\Documents\??????????? ?????.wps) -- C:\Users\Sweta\Documents\Вялотекущая осень.wps
[2009.09.15 22:34:29 | 000,021,504 | -H-- | M] ()(C:\Users\Sweta\Documents\?? ?? ????. ?? ?? ???.wps) -- C:\Users\Sweta\Documents\то ли дыбр. то ли хбз.wps
[2009.09.15 22:34:29 | 000,021,504 | -H-- | C] ()(C:\Users\Sweta\Documents\?? ?? ????. ?? ?? ???.wps) -- C:\Users\Sweta\Documents\то ли дыбр. то ли хбз.wps

< End of report >

 

Themen zu Probleme mit SMART HDD
adobe, antivir, autorun, avg, avira, bho, bonjour, conduit, defender, desktop, error, explorer, firefox, format, home, hängen, intranet, logfile, nvidia, opera, origin, plug-in, programme, registry, scan, searchscopes, security, smart hdd entfernen, software, version=1.0, vista, wmp


« TR/ATRAPS.GEN entdeckt und erfolgreich entfernt – geht das? | PC stürzt nach erfolgreichem Virenscan ständig ab »


Ähnliche Themen: Probleme mit SMART HDD


  1. Smart 1.2 ?
    Plagegeister aller Art und deren Bekämpfung - 15.02.2014 (11)
  2. Smart HDD Virus
    Plagegeister aller Art und deren Bekämpfung - 20.05.2012 (3)
  3. Infektion mit SMART HDD
    Plagegeister aller Art und deren Bekämpfung - 17.05.2012 (24)
  4. Smart Fortress 2012/Probleme nach Bereinigung
    Log-Analyse und Auswertung - 16.05.2012 (44)
  5. Smart HDD Trojaner
    Plagegeister aller Art und deren Bekämpfung - 14.05.2012 (16)
  6. SMART HDD Virus
    Log-Analyse und Auswertung - 12.05.2012 (38)
  7. Smart HDD-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.05.2012 (25)
  8. SMART HDD entfernen
    Plagegeister aller Art und deren Bekämpfung - 30.04.2012 (3)
  9. Smart HDD-Trojaner
    Mülltonne - 22.04.2012 (3)
  10. Smart HDD Trojaner
    Plagegeister aller Art und deren Bekämpfung - 19.04.2012 (1)
  11. SMART HDD Trojaner
    Log-Analyse und Auswertung - 17.04.2012 (3)
  12. Smart hdd
    Plagegeister aller Art und deren Bekämpfung - 12.04.2012 (24)
  13. SMART HHD und OTL
    Log-Analyse und Auswertung - 11.04.2012 (9)
  14. SMART HDD Virus
    Log-Analyse und Auswertung - 08.04.2012 (1)
  15. Probleme mit Smart HDD
    Plagegeister aller Art und deren Bekämpfung - 06.04.2012 (1)
  16. Smart HDD entfernen
    Antiviren-, Firewall- und andere Schutzprogramme - 06.04.2012 (1)
  17. Große probleme nach Smart Defragmenter.
    Plagegeister aller Art und deren Bekämpfung - 28.01.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Probleme mit SMART HDD - Hallo, bin neu hier und kenne mich so gut wie gar nicht mit dem Thema aus. Toll das es so ein Forum gibt! Brauche bitte eure Hilfe. Mein Desktop ist - Probleme mit SMART HDD...
Archiv
Du betrachtest: Probleme mit SMART HDD auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131