Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojan.Win32.AutoRun.sc löschen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.10.2010, 17:41   #1
daigend
 
Trojan.Win32.AutoRun.sc löschen - Ausrufezeichen

Trojan.Win32.AutoRun.sc löschen



Hallo,
ich habe denn Trojan.Win32.AutoRun.sc auf meinem rechner gefunden wie bekomme ich ihn weg.
Mein Kaspersky CBE 2010 sagt mir das löschen unmöglich wäre und unter Quarantäne setzten auch nicht ginge.

02.10.2010 15:37:41 Gefunden: Trojan.Win32.AutoRun.sc Host Process for Windows Services F:\AUTORUN.INF

02.10.2010 15:37:55 Löschen unmöglich: Trojan.Win32.AutoRun.sc Host Process for Windows Services F:\AUTORUN.INF Objekt nicht gefunden

Alt 03.10.2010, 14:39   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.AutoRun.sc löschen - Standard

Trojan.Win32.AutoRun.sc löschen



Hallo und

Zitat:
F:\AUTORUN.INF
Was ist bei Dir Laufwerk F? Ein CD/DVD-Laufwerk? CDs und DVDs sind immer schreibgeschützt, davon kann nichts über Dateisystemebene gelöscht werden!

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 03.10.2010, 19:36   #3
daigend
 
Trojan.Win32.AutoRun.sc löschen - Standard

Trojan.Win32.AutoRun.sc löschen



Hier:


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4736

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

03.10.2010 16:59:55
mbam-log-2010-10-03 (16-59-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 324686
Laufzeit: 1 Stunde(n), 11 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
__________________

Alt 04.10.2010, 07:40   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.AutoRun.sc löschen - Standard

Trojan.Win32.AutoRun.sc löschen



Zitat:
Was ist bei Dir Laufwerk F? Ein CD/DVD-Laufwerk? CDs und DVDs sind immer schreibgeschützt, davon kann nichts über Dateisystemebene gelöscht werden!
Frage übersehen?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.10.2010, 18:53   #5
daigend
 
Trojan.Win32.AutoRun.sc löschen - Standard

Trojan.Win32.AutoRun.sc löschen



MHh das ist bei mir ein USB laufwerk


Alt 04.10.2010, 19:05   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.AutoRun.sc löschen - Standard

Trojan.Win32.AutoRun.sc löschen



Und was ist mit den anderen Logfiles?
__________________
--> Trojan.Win32.AutoRun.sc löschen

Alt 05.10.2010, 08:14   #7
daigend
 
Trojan.Win32.AutoRun.sc löschen - Standard

Trojan.Win32.AutoRun.sc löschen



Hier:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 03.10.2010 17:15:29 - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\Julian\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 144,64 Gb Total Space | 105,67 Gb Free Space | 73,06% Space Free | Partition Type: NTFS
Drive D: | 137,84 Gb Total Space | 77,35 Gb Free Space | 56,12% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DAIGEND
Current User Name: Julian
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - [2010.10.03 16:01:18 | 001,487,360 | ---- | M] (Vertigo Games) -- D:\Spiele\BlackShot\eFusion\BlackShot\system\blackshot.exe
PRC - [2010.10.03 15:48:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Julian\Downloads\OTL.exe
PRC - [2010.08.20 21:45:26 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.07.17 18:59:14 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010.05.06 09:10:22 | 000,361,120 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe
PRC - [2009.11.26 22:23:34 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.10.29 03:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009.10.22 19:34:56 | 000,200,488 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009.10.21 18:53:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009.10.07 09:49:50 | 001,157,640 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.24 04:37:56 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.09.24 04:37:44 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009.09.10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009.09.05 10:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2009.09.05 10:17:52 | 003,567,616 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
PRC - [2009.09.05 10:17:40 | 003,358,720 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009.08.07 15:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.08.07 15:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009.08.04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009.07.26 16:44:14 | 003,883,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009.07.11 01:18:18 | 000,708,608 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2009.07.10 22:03:24 | 006,201,344 | ---- | M] (Acer Incoporated) -- C:\Program Files (x86)\Acer\Acer VCM\Vc.exe
PRC - [2009.07.10 12:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2009.06.18 03:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2009.02.06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.10.03 15:48:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Julian\Downloads\OTL.exe
MOD - [2010.04.22 00:55:00 | 000,100,955 | ---- | M] (INCA Internet Co., Ltd.) -- D:\Spiele\BlackShot\eFusion\BlackShot\system\GameGuard\npggNT.des
MOD - [2009.07.14 03:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2009.07.14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009.07.14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:64bit: - [2009.11.11 16:33:44 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.09.22 16:32:38 | 002,950,744 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_062a651.dll -- (Akamai)
SRV - [2010.09.19 17:14:19 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.05.06 09:10:22 | 000,361,120 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe -- (AVP)
SRV - [2010.03.30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.03.18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.13 02:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009.10.30 02:54:02 | 000,788,000 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.09.24 04:37:56 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.09.10 15:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.09.05 10:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.08.07 15:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2009.07.10 12:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.18 03:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2009.06.18 03:31:46 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2)
DRV:64bit: - [2010.07.17 20:46:00 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010.07.17 19:13:22 | 000,036,400 | ---- | M] (EgisTec) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV:64bit: - [2010.02.03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.11.11 18:31:44 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.10.14 21:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.10.05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.10.02 19:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.09.23 04:25:22 | 000,144,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009.09.21 04:20:48 | 000,020,392 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.09.14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009.09.03 12:15:26 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.01 15:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009.08.21 11:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.08.07 15:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.08.05 14:15:00 | 000,694,272 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stk7770P.sys -- (Ltn_stk7770P)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.29 04:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009.06.24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.07 10:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.06.02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.19 15:59:00 | 000,014,848 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\enecirhid.sys -- (enecirhid)
DRV:64bit: - [2009.05.05 10:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.05 10:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008.04.24 12:16:00 | 000,006,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\enecirhidma.sys -- (enecirhidma)
DRV:64bit: - [2007.07.26 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009.03.26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)
DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/|hxxp://www.youtube.com/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.747
FF - prefs.js..extensions.enabledItems: corexplayer@l39studios.de:1.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.16 23:40:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.27 16:45:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\THBExt [2010.07.17 20:46:35 | 000,000,000 | ---D | M]
 
[2010.07.17 19:35:54 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\mozilla\Extensions
[2010.10.03 13:26:24 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\xk548yab.default\extensions
[2010.09.07 23:59:14 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\xk548yab.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.02 11:28:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\xk548yab.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.01 16:47:23 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\xk548yab.default\extensions\corexplayer@l39studios.de
[2010.09.05 16:14:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.17 19:45:29 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.08.21 18:04:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.07.17 20:47:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2008.12.19 00:30:20 | 000,106,128 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npstrlnk.dll
[2010.07.28 21:57:51 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.28 21:57:51 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.28 21:57:51 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.28 21:57:51 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.28 21:57:51 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files (x86)\Napster\napster.exe (Napster)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] D:\Spiele\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk = C:\Users\Julian\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {A21769F8-CEC5-4AFA-A6A4-CC921A15DF40} hxxp://62.146.151.157/atlas_activex.dll (ActiveXControl Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{eae8a929-91c1-11df-99b6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{eae8a929-91c1-11df-99b6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.10.03 17:15:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Te_mp_B_S!!
[2010.10.03 15:47:33 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Malwarebytes
[2010.10.03 15:47:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.03 15:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.03 15:47:23 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.03 15:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.14 21:38:23 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\LogMeIn Hamachi
[2010.09.14 21:38:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2010.09.09 20:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Neffy
[2010.09.01 20:32:32 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Roxio
[2010.08.30 17:52:01 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoft
[2010.08.29 16:02:58 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010.08.29 15:43:07 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2010.08.29 11:57:11 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\vlc
[2010.08.29 11:45:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.08.28 18:03:04 | 000,000,000 | ---D | C] -- C:\Python27
[2010.08.28 15:42:51 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Roaming\.#
[2010.08.27 19:19:30 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\iuwavdjdk
[2010.08.22 01:53:41 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Garena
[2010.08.21 23:44:23 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.08.21 18:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.08.21 18:00:01 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\kikin
[2010.08.21 18:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\kikin
[2010.08.21 17:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2010.08.16 16:32:42 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.08.15 20:32:40 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\GameRanger
[2010.08.15 19:49:51 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Diagnostics
[2010.08.02 11:28:55 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.02 11:28:44 | 000,000,000 | ---D | C] -- C:\Users\Julian\Documents\DVDVideoSoft
[2010.08.02 11:28:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.08.02 11:28:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.08.01 22:11:18 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\WinRAR
[2010.08.01 22:11:08 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.07.25 00:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.07.25 00:17:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.07.25 00:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.07.24 20:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010.07.24 20:17:04 | 000,000,000 | ---D | C] -- C:\Users\Julian\Documents\My Games
[2010.07.24 20:17:04 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Fallout3
[2010.07.24 19:55:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010.07.19 18:54:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.07.19 16:41:18 | 000,000,000 | R--D | C] -- C:\Users\Julian\Desktop\Bilder
[2010.07.18 23:15:59 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\gtk-2.0
[2010.07.18 23:15:57 | 000,000,000 | ---D | C] -- C:\Users\Julian\.thumbnails
[2010.07.18 23:12:18 | 000,000,000 | ---D | C] -- C:\Users\Julian\Documents\gegl-0.0
[2010.07.18 23:12:18 | 000,000,000 | ---D | C] -- C:\Users\Julian\.gimp-2.6
[2010.07.18 23:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2010.07.18 23:02:27 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\CyberLink
[2010.07.18 23:02:25 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\PowerCinema
[2010.07.18 23:02:21 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\PowerCinema
[2010.07.18 20:57:49 | 003,403,420 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2010.07.18 20:57:23 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2010.07.18 20:57:21 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\INCA Shared
[2010.07.18 20:47:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2010.07.18 20:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2010.07.18 20:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2010.07.18 20:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.07.18 20:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Napster Shared
[2010.07.18 20:13:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Napster
[2010.07.18 20:13:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Napster
[2010.07.18 19:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010.07.18 19:38:26 | 000,000,000 | ---D | C] -- C:\Julian
[2010.07.18 04:33:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2010.07.18 04:33:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2010.07.18 04:33:30 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2010.07.18 04:33:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2010.07.18 04:33:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2010.07.18 04:33:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2010.07.18 04:33:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2010.07.18 04:33:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2010.07.18 04:32:27 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2010.07.18 04:32:27 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2010.07.18 04:32:25 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2010.07.18 04:32:25 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2010.07.18 04:26:59 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log
[2010.07.18 03:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.07.17 22:55:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.07.17 21:09:42 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010.07.17 20:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.07.17 20:46:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010.07.17 20:46:00 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010.07.17 20:32:59 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\LolClient
[2010.07.17 20:13:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.07.17 20:13:03 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\TS3Client
[2010.07.17 20:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2010.07.17 20:09:25 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Adobe
[2010.07.17 20:09:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.07.17 19:52:00 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\PMB Files
[2010.07.17 19:51:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010.07.17 19:51:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010.07.17 19:46:06 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\skypePM
[2010.07.17 19:45:38 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Skype
[2010.07.17 19:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.07.17 19:45:14 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.07.17 19:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.07.17 19:37:17 | 000,000,000 | R-SD | C] -- C:\Users\Julian\Documents\My Stationery
[2010.07.17 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Mozilla
[2010.07.17 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Mozilla
[2010.07.17 19:35:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.07.17 19:32:49 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\EgisTec IPS
[2010.07.17 19:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2010.07.17 19:17:39 | 000,000,000 | ---D | C] -- C:\Users\Julian\Tracing
[2010.07.17 19:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2010.07.17 19:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.07.17 19:14:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe
[2010.07.17 19:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010.07.17 19:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010.07.17 19:13:53 | 000,123,392 | ---- | C] (Egis Technology Inc.) -- C:\Windows\SysNative\VCryptAPI.dll
[2010.07.17 19:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Bio Protection
[2010.07.17 19:13:28 | 000,566,832 | ---- | C] (EgisTec) -- C:\Windows\SysNative\NBMatS1SDK.dll
[2010.07.17 19:13:28 | 000,469,552 | ---- | C] (EgisTec) -- C:\Windows\SysWow64\NBMatS1SDK.dll
[2010.07.17 19:13:22 | 000,036,400 | ---- | C] (EgisTec) -- C:\Windows\SysNative\drivers\FPSensor.sys
[2010.07.17 19:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\EgisTec IPS
[2010.07.17 19:11:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EgisTec IPS
[2010.07.17 19:06:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010.07.17 19:05:49 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Microsoft Help
[2010.07.17 19:03:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010.07.17 19:02:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010.07.17 19:02:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.07.17 19:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010.07.17 19:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010.07.17 19:00:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010.07.17 18:58:48 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics
[2010.07.17 18:58:36 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Adobe
[2010.07.17 18:57:29 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\InstallShield
[2010.07.17 18:57:23 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Google
[2010.07.17 18:57:23 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Google
[2010.07.17 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\ATI
[2010.07.17 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\ATI
[2010.07.17 18:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.07.17 18:56:38 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\EgisTec
[2010.07.17 18:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\McQcModifier-5c47-a7b0
[2010.07.17 18:56:26 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Macromedia
[2010.07.17 18:56:26 | 000,000,000 | ---D | C] -- C:\book
[2010.07.17 18:56:11 | 000,000,000 | R--D | C] -- C:\Users\Julian\Searches
[2010.07.17 18:56:02 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Identities
[2010.07.17 18:55:57 | 000,000,000 | R--D | C] -- C:\Users\Julian\Contacts
[2010.07.17 18:55:55 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\VirtualStore
[2010.07.17 18:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2010.07.17 18:53:50 | 000,000,000 | ---D | C] -- C:\Programme\Acer Accessory Store
[2010.07.17 18:53:33 | 000,000,000 | --SD | C] -- C:\Users\Julian\AppData\Roaming\Microsoft
[2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Videos
[2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Saved Games
[2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Pictures
[2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Music
[2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Links
[2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Favorites
[2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Downloads
[2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Documents
[2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Desktop
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Vorlagen
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Local\Verlauf
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Local\Temporary Internet Files
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Startmenü
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\SendTo
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Recent
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Netzwerkumgebung
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Lokale Einstellungen
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Documents\Eigene Videos
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Documents\Eigene Musik
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Eigene Dateien
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Documents\Eigene Bilder
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Druckumgebung
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Cookies
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Local\Anwendungsdaten
[2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Anwendungsdaten
[2010.07.17 18:53:33 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData
[2010.07.17 18:53:33 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Temp
[2010.07.17 18:53:33 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Microsoft
[2010.07.17 18:53:33 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Media Center Programs
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.07.17 18:43:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.07.17 18:43:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies
[2010.07.17 18:42:51 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2010.07.17 18:42:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010.07.17 18:39:59 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2009.11.26 22:08:52 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 90 Days ==========
 
[2010.10.03 17:17:29 | 001,835,008 | -HS- | M] () -- C:\Users\Julian\NTUSER.DAT
[2010.10.03 16:22:02 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.03 15:47:27 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.02 19:22:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.02 18:30:47 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.02 18:30:47 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.02 18:30:02 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.02 18:30:02 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.10.02 18:30:02 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.02 18:30:02 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.10.02 18:30:02 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.02 18:22:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.10.02 18:22:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.02 18:22:24 | 3169,927,168 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.02 18:19:35 | 004,403,084 | -H-- | M] () -- C:\Users\Julian\AppData\Local\IconCache.db
[2010.09.27 17:20:24 | 000,129,551 | ---- | M] () -- C:\Users\Julian\Pflanzenöl Referat.docx
[2010.09.18 17:31:38 | 000,001,425 | ---- | M] () -- C:\Users\Julian\Desktop\FFE.lnk
[2010.09.14 21:56:54 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\Aufstieg des Hexenkönigs™.lnk
[2010.09.14 21:38:05 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010.09.09 21:13:00 | 000,000,619 | ---- | M] () -- C:\Users\Julian\Desktop\Flyff.lnk
[2010.09.04 14:00:44 | 000,003,945 | ---- | M] () -- C:\Users\Julian\.recently-used.xbel
[2010.08.29 15:22:24 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
[2010.08.29 11:46:25 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.08.28 18:10:49 | 000,000,220 | ---- | M] () -- C:\Windows\wininit.ini
[2010.08.21 17:51:28 | 004,098,176 | ---- | M] () -- C:\Users\Julian\Manian - Welcome To The Club.mp3
[2010.08.16 16:35:17 | 000,000,208 | ---- | M] () -- C:\Users\Julian\Desktop\Call of Duty Modern Warfare 2.url
[2010.08.16 16:35:17 | 000,000,208 | ---- | M] () -- C:\Users\Julian\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
[2010.08.16 16:32:42 | 000,000,566 | ---- | M] () -- C:\Users\Julian\Desktop\Fraps.lnk
[2010.08.16 12:34:10 | 000,002,951 | ---- | M] () -- C:\Users\Julian\Desktop\Dawn of War.lnk
[2010.08.16 12:34:10 | 000,002,945 | ---- | M] () -- C:\Users\Julian\Desktop\Winter Assault.lnk
[2010.08.15 20:32:49 | 000,001,088 | ---- | M] () -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk
[2010.08.15 20:32:49 | 000,001,074 | ---- | M] () -- C:\Users\Julian\Desktop\GameRanger.lnk
[2010.08.15 20:32:01 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\Dark Crusade.lnk
[2010.08.14 15:22:26 | 000,343,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.01 22:18:11 | 000,079,928 | ---- | M] () -- C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.30 12:21:26 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010.07.30 12:21:26 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010.07.24 20:17:34 | 000,001,092 | ---- | M] () -- C:\Users\Julian\Desktop\Fallout 3.lnk
[2010.07.19 18:54:45 | 550,576,578 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.07.18 23:12:15 | 000,000,207 | ---- | M] () -- C:\Users\Julian\Desktop\Killing Floor.url
[2010.07.18 23:12:14 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010.07.18 20:55:16 | 000,000,731 | ---- | M] () -- C:\Users\Julian\Desktop\WolfTeam.lnk
[2010.07.18 20:43:35 | 000,001,483 | ---- | M] () -- C:\Users\Julian\Desktop\Day of Defeat Source.lnk
[2010.07.18 20:43:35 | 000,001,481 | ---- | M] () -- C:\Users\Julian\Desktop\Half-Life 2 Deathmatch.lnk
[2010.07.18 20:43:34 | 000,001,481 | ---- | M] () -- C:\Users\Julian\Desktop\Counter-Strike Source.lnk
[2010.07.18 20:43:31 | 000,000,798 | ---- | M] () -- C:\Users\Julian\Desktop\League of Legends.lnk
[2010.07.18 20:36:47 | 000,000,459 | ---- | M] () -- C:\Users\Julian\Desktop\Steam.lnk
[2010.07.18 20:15:00 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.07.18 17:52:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.07.18 05:37:03 | 000,000,510 | ---- | M] () -- C:\Windows\win.ini
[2010.07.18 04:33:13 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2010.07.18 04:33:13 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2010.07.18 04:32:27 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2010.07.18 04:32:27 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2010.07.18 04:32:25 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2010.07.18 04:32:25 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2010.07.18 04:26:58 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag
[2010.07.17 21:37:26 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.17 20:46:00 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010.07.17 20:12:16 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.07.17 19:46:08 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.07.17 19:35:35 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010.07.17 19:29:53 | 000,524,288 | -HS- | M] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.07.17 19:29:53 | 000,524,288 | -HS- | M] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.07.17 19:29:53 | 000,065,536 | -HS- | M] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.07.17 19:13:28 | 000,566,832 | ---- | M] (EgisTec) -- C:\Windows\SysNative\NBMatS1SDK.dll
[2010.07.17 19:13:28 | 000,469,552 | ---- | M] (EgisTec) -- C:\Windows\SysWow64\NBMatS1SDK.dll
[2010.07.17 19:13:22 | 000,036,400 | ---- | M] (EgisTec) -- C:\Windows\SysNative\drivers\FPSensor.sys
[2010.07.17 19:03:27 | 000,000,020 | ---- | M] () -- C:\Windows\(úí
[2010.07.17 18:59:14 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
[2010.07.17 18:59:14 | 000,000,074 | ---- | M] () -- C:\Windows\PidList.ini
[2010.07.17 18:58:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.07.17 18:53:33 | 000,000,020 | -HS- | M] () -- C:\Users\Julian\ntuser.ini
[2010.07.17 18:47:39 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.07.17 18:47:39 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.07.17 18:44:46 | 000,000,006 | ---- | M] () -- C:\Windows\SysNative\PLD_Framework.cmd
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.10.03 15:47:27 | 000,001,017 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.27 17:21:23 | 000,129,551 | ---- | C] () -- C:\Users\Julian\Pflanzenöl Referat.docx
[2010.09.18 17:31:39 | 000,001,425 | ---- | C] () -- C:\Users\Julian\Desktop\FFE.lnk
[2010.09.14 21:56:54 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\Aufstieg des Hexenkönigs™.lnk
[2010.09.14 21:38:05 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010.09.09 21:13:00 | 000,000,619 | ---- | C] () -- C:\Users\Julian\Desktop\Flyff.lnk
[2010.09.04 14:00:44 | 000,003,945 | ---- | C] () -- C:\Users\Julian\.recently-used.xbel
[2010.08.29 15:22:24 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
[2010.08.29 11:46:25 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.08.21 18:20:45 | 000,000,220 | ---- | C] () -- C:\Windows\wininit.ini
[2010.08.21 18:03:07 | 000,008,704 | -HS- | C] () -- C:\Users\Julian\Thumbs.db
[2010.08.21 18:03:06 | 004,098,176 | ---- | C] () -- C:\Users\Julian\Manian - Welcome To The Club.mp3
[2010.08.16 16:32:42 | 000,000,566 | ---- | C] () -- C:\Users\Julian\Desktop\Fraps.lnk
[2010.08.16 15:42:40 | 000,000,208 | ---- | C] () -- C:\Users\Julian\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
[2010.08.16 15:33:59 | 000,000,208 | ---- | C] () -- C:\Users\Julian\Desktop\Call of Duty Modern Warfare 2.url
[2010.08.16 12:34:10 | 000,002,951 | ---- | C] () -- C:\Users\Julian\Desktop\Dawn of War.lnk
[2010.08.16 12:34:10 | 000,002,945 | ---- | C] () -- C:\Users\Julian\Desktop\Winter Assault.lnk
[2010.08.15 20:32:49 | 000,001,088 | ---- | C] () -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk
[2010.08.15 20:32:49 | 000,001,074 | ---- | C] () -- C:\Users\Julian\Desktop\GameRanger.lnk
[2010.08.15 20:32:01 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\Dark Crusade.lnk
[2010.07.24 20:17:36 | 000,001,092 | ---- | C] () -- C:\Users\Julian\Desktop\Fallout 3.lnk
[2010.07.19 18:54:45 | 550,576,578 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.07.18 23:12:14 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010.07.18 23:12:11 | 000,000,207 | ---- | C] () -- C:\Users\Julian\Desktop\Killing Floor.url
[2010.07.18 20:57:23 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2010.07.18 20:55:16 | 000,000,731 | ---- | C] () -- C:\Users\Julian\Desktop\WolfTeam.lnk
[2010.07.18 20:43:35 | 000,001,483 | ---- | C] () -- C:\Users\Julian\Desktop\Day of Defeat Source.lnk
[2010.07.18 20:43:35 | 000,001,481 | ---- | C] () -- C:\Users\Julian\Desktop\Half-Life 2 Deathmatch.lnk
[2010.07.18 20:43:34 | 000,001,481 | ---- | C] () -- C:\Users\Julian\Desktop\Counter-Strike Source.lnk
[2010.07.18 20:43:31 | 000,000,798 | ---- | C] () -- C:\Users\Julian\Desktop\League of Legends.lnk
[2010.07.18 20:36:47 | 000,000,459 | ---- | C] () -- C:\Users\Julian\Desktop\Steam.lnk
[2010.07.18 20:15:00 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.07.18 17:52:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.07.18 04:37:55 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag
[2010.07.18 04:33:59 | 000,654,166 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2010.07.18 04:33:59 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2010.07.18 04:33:59 | 000,130,006 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2010.07.18 04:33:59 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2010.07.17 20:46:52 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2010.07.17 20:46:52 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2010.07.17 20:12:16 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.07.17 19:46:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.17 19:45:16 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.17 19:35:35 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.07.17 19:17:06 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.17 19:17:06 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.17 19:14:27 | 000,008,470 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log
[2010.07.17 19:13:53 | 000,952,683 | ---- | C] () -- C:\Windows\SysNative\VMC3KAPI.dll
[2010.07.17 19:03:27 | 000,000,020 | ---- | C] () -- C:\Windows\(úí
[2010.07.17 18:59:34 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.07.17 18:59:34 | 000,000,074 | ---- | C] () -- C:\Windows\PidList.ini
[2010.07.17 18:59:33 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe
[2010.07.17 18:58:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.07.17 18:53:33 | 001,835,008 | -HS- | C] () -- C:\Users\Julian\NTUSER.DAT
[2010.07.17 18:53:33 | 000,524,288 | -HS- | C] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.07.17 18:53:33 | 000,524,288 | -HS- | C] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.07.17 18:53:33 | 000,262,144 | -HS- | C] () -- C:\Users\Julian\ntuser.dat.LOG1
[2010.07.17 18:53:33 | 000,065,536 | -HS- | C] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.07.17 18:53:33 | 000,000,020 | -HS- | C] () -- C:\Users\Julian\ntuser.ini
[2010.07.17 18:53:33 | 000,000,000 | -HS- | C] () -- C:\Users\Julian\ntuser.dat.LOG2
[2010.07.17 18:40:00 | 3169,927,168 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.11.26 22:08:31 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2010.08.28 15:42:51 | 000,000,000 | -HSD | M] -- C:\Users\Julian\AppData\Roaming\.#
[2010.08.30 17:52:09 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoft
[2010.08.30 17:52:31 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.15 20:32:48 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\GameRanger
[2010.09.04 14:00:44 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\gtk-2.0
[2010.08.28 21:46:35 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\kikin
[2010.07.17 20:32:59 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\LolClient
[2010.09.17 19:58:33 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2010.08.29 16:02:58 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010.07.18 23:02:22 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\PowerCinema
[2010.09.12 13:01:47 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\TS3Client
[2009.07.14 07:08:49 | 000,028,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
         
--- --- ---

Alt 05.10.2010, 18:14   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.AutoRun.sc löschen - Standard

Trojan.Win32.AutoRun.sc löschen



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
[2010.08.28 15:42:51 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Roaming\.#
[2010.08.27 19:19:30 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\iuwavdjdk
[2010.10.03 17:15:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Te_mp_B_S!!
[2010.07.17 19:03:27 | 000,000,020 | ---- | C] () -- C:\Windows\(úí
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Trojan.Win32.AutoRun.sc löschen
gefunde, kaspersky, löschen, nicht gefunden, objekt, objekt nicht gefunden, process, quarantäne, rechner, troja, unmöglich, windows




Ähnliche Themen: Trojan.Win32.AutoRun.sc löschen


  1. Windows 8.1: Trojan:Win32/Meredrop, Trojan:Win32/Malagent, Trojan:Win32/Matsnu.L und Worm:Win32/Ainslot.A
    Log-Analyse und Auswertung - 19.01.2014 (5)
  2. Desinfizierung durch Kaspersky nicht möglich: Trojan.Win32.Bromngr.k, HEUR:Trojan.Win32.Generic, Trojan-Downloader.Win32.MultiDL.I
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (1)
  3. trojan: win32/mediyes.E löschen - wie?
    Plagegeister aller Art und deren Bekämpfung - 17.08.2013 (8)
  4. Wie Win32.trojan.agent löschen, und ist er der einzige Virus auf meinem Pc?
    Log-Analyse und Auswertung - 31.10.2012 (23)
  5. Trojan-Dropper.Win32.Agent.dw - Wie Löschen?
    Plagegeister aller Art und deren Bekämpfung - 14.01.2011 (1)
  6. Trojan.Win32.Autorun
    Plagegeister aller Art und deren Bekämpfung - 06.08.2010 (26)
  7. Trojan Spy.Win32.Ursnif ....kann ich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 05.03.2010 (35)
  8. Trojan.Win32.Shutdowner!IK lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 17.02.2010 (1)
  9. Win32.Trojan.Agent/Win32.Worm.Autorun mit Ad-Aware unschädlich gemacht?
    Plagegeister aller Art und deren Bekämpfung - 06.08.2009 (6)
  10. Trojan-Spy.Win32.Agent.amui wie löschen
    Plagegeister aller Art und deren Bekämpfung - 13.05.2009 (1)
  11. Trojan.Win32.Small.aarn lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 02.05.2009 (3)
  12. autorun.inf: Trojan.Autorun-271 FOUND - USB-Stick
    Log-Analyse und Auswertung - 11.03.2009 (1)
  13. 2 fette probleme: win32.trojan-gen other und AutoRun-1
    Plagegeister aller Art und deren Bekämpfung - 21.01.2009 (0)
  14. worm.win32.Autorun.cbm lässt sich nicht löschen
    Mülltonne - 14.12.2008 (0)
  15. Trojan.Win32.Monder.gen lässt sich nicht löschen
    Log-Analyse und Auswertung - 05.06.2008 (2)
  16. Trojan.Win32.Monder.gen lässt sich nicht löschen
    Mülltonne - 05.06.2008 (0)
  17. Trojan-Downloader.Win32.Swizzor.bo wie kann ich des von der festplatte löschen??
    Log-Analyse und Auswertung - 06.02.2006 (5)

Zum Thema Trojan.Win32.AutoRun.sc löschen - Hallo, ich habe denn Trojan.Win32.AutoRun.sc auf meinem rechner gefunden wie bekomme ich ihn weg. Mein Kaspersky CBE 2010 sagt mir das löschen unmöglich wäre und unter Quarantäne setzten auch nicht - Trojan.Win32.AutoRun.sc löschen...
Archiv
Du betrachtest: Trojan.Win32.AutoRun.sc löschen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.