Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ständige IE Popupfenster :(

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 05.01.2011, 00:42   #1
3vilSadness
 
Ständige IE Popupfenster  :( - Icon34

Ständige IE Popupfenster :(



Hallo erstmal ,

ich bekomme seit ein paar Tagen ständig Popupfenster vom IE
Ich hab mir schon ein paar Foren durchgelesen, was mir aber bis jetzt irgendwie nicht so wirklich weitergeholfen hat trotz antispyware programmen usw.
Diese tragen gleichzeitig glaub ich auch dazu bei das ich ingame auf den Desktop geworfen werde oder? Obwohl manchmal kommen keine fenster und ich werde so auf den Desktop geswitcht.
Auch normal beim surfen im Internet, werde ich z.B einfach beim schreiben unterbrochen und muss erst wieder reinklicken -.- woran kann das liegen?
Bitte helft mir Ich glaub an euch

Hier mal mein Hijack This log :


Running processes:
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe
C:\Users\Enzo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Enzo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Enzo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Enzo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Enzo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Enzo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Enzo\Downloads\HiJackThis204.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKCU\..\Run: [JP595IR86O] C:\Users\Enzo\AppData\Local\Temp\Zgy.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BCL easyPDF SDK PixelPlanet 6 Loader (bepldr6PixelPlanetService) - Unknown owner - C:\Program Files (x86)\Common Files\BCL Technologies\PixelPlanet6\bepldr.exe (file missing)
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player-Netzwerkfreigabedienst (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


Hoffe ihr könnt mir damit weiterhelfen.

Alt 05.01.2011, 11:35   #2
markusg
/// Malware-holic
 
Ständige IE Popupfenster  :( - Standard

Ständige IE Popupfenster :(



1. nimm keinerlei reinigung selbstständig vor, sonst ist das nur störend.
2. reiche alle evtl vorhandenen scan logs mit funden nach
3.
Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten
__________________

__________________

Alt 06.01.2011, 15:24   #3
3vilSadness
 
Ständige IE Popupfenster  :( - Standard

Ständige IE Popupfenster :(



Danke erstmal das du dir Zeit für meine Probleme nimmst

Aus irgendeinem Grund sind die IE Werbepopups jetzt weg, aber ich werde immer noch ingame nach ein paar minuten auf den desktop geworfen

Den Scan hab ich jetzt mal durchgeführt:

OTLtxt.

========== Processes (SafeList) ==========

PRC - C:\Users\Enzo\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Enzo\AppData\Local\Temp\Zgz.exe (Windows (R) Codename Longhorn DDK provider)
PRC - C:\Users\Enzo\AppData\Local\Temp\Zgy.exe (Windows (R) Codename Longhorn DDK provider)
PRC - C:\Windows\Zhimoa.exe (Windows (R) Codename Longhorn DDK provider)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Programme\Logitech Gaming Software\plugins\LCDAppletsMono-1.00.027\Applets\x86\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\Enzo\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)


========== Modules (SafeList) ==========

MOD - C:\Users\Enzo\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (EagleX64) -- C:\Windows\SysNative\drivers\EagleX64.sys File not found
DRV:64bit: - (lgbusenum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (LgBttPort) -- C:\Windows\SysNative\drivers\lgbtpt64.sys (LG Electronics Inc.)
DRV:64bit: - (LGVMODEM) -- C:\Windows\SysNative\drivers\lgvmdm64.sys (LG Electronics Inc.)
DRV:64bit: - (ZTEusbnet) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV:64bit: - (ZTEusbvoice) -- C:\Windows\SysNative\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (ZTE Incorporated)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV - (a2acc) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys (Emsi Software GmbH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-466204157-1304596504-3131422904-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-466204157-1304596504-3131422904-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-466204157-1304596504-3131422904-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-466204157-1304596504-3131422904-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\ [2010.12.04 11:49:06 | 000,000,000 | ---D | M]

[2010.12.28 00:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Enzo\AppData\Roaming\mozilla\Extensions
[2010.12.28 00:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Enzo\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com

Hosts file not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-466204157-1304596504-3131422904-1000\..\Toolbar\WebBrowser: (no name) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - No CLSID value found.
O3 - HKU\S-1-5-21-466204157-1304596504-3131422904-1000\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-466204157-1304596504-3131422904-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-466204157-1304596504-3131422904-1000..\Run: [JP595IR86O] C:\Users\Enzo\AppData\Local\Temp\Zgy.exe (Windows (R) Codename Longhorn DDK provider)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.04.23 07:04:22 | 000,000,055 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7a9f6896-edb3-11df-b866-00242118117f}\Shell - "" = AutoRun
O33 - MountPoints2\{7a9f6896-edb3-11df-b866-00242118117f}\Shell\AutoRun\command - "" = J:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{ae1e3352-ecf1-11df-afb9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ae1e3352-ecf1-11df-afb9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CdAutoRun.exe -- [2008.04.23 07:04:28 | 000,049,152 | R--- | M] ()
O33 - MountPoints2\{dfa0994f-fef3-11df-86d2-00242118117f}\Shell - "" = AutoRun
O33 - MountPoints2\{dfa0994f-fef3-11df-86d2-00242118117f}\Shell\AutoRun\command - "" = J:\LGAutoRun.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LGAutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpFolder: C:^Users^Enzo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip - C:\Users\Enzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip - File not found
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: avgnt - hkey= - key= - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: EvtMgr6 - hkey= - key= - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
MsConfig:64bit - StartUpReg: MobileConnect - hkey= - key= - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: XboxStat - hkey= - key= - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.CSCD - camcodec.dll File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.IPJ2 - jp2avi.dll File not found
Drivers32: vidc.LAGS - lagarith.dll File not found
Drivers32: vidc.VP40 - vp4vfw.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP70 - vp7vfw.dll File not found
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.01.05 22:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2011.01.05 22:57:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.2
[2011.01.05 22:56:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2011.01.05 22:56:38 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\ICQ
[2011.01.05 22:56:37 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Local\AOL
[2011.01.05 22:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2011.01.04 19:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2011.01.04 19:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2011.01.04 19:47:23 | 000,000,000 | ---D | C] -- C:\Users\Enzo\Documents\Anti-Malware
[2011.01.03 23:01:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.01.03 23:01:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.01.03 23:01:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.01.03 20:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.01.03 20:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.01.03 20:08:05 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.01.03 18:44:29 | 000,000,000 | ---D | C] -- C:\Programme\Webzen
[2011.01.03 18:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soul of the Ultimate Nation
[2011.01.03 10:26:56 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.01.03 09:50:29 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2011.01.03 09:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2011.01.03 09:42:13 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2011.01.03 09:39:14 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unicows.dll
[2011.01.02 23:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2011.01.02 23:11:52 | 000,000,000 | ---D | C] -- C:\Users\Enzo\Documents\TrackMania
[2011.01.02 23:08:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmUnitedForever
[2011.01.02 23:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TmUnitedForever
[2011.01.02 13:25:52 | 000,208,896 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\Zhimoa.exe
[2011.01.02 01:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011.01.02 01:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2011.01.02 01:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011.01.02 01:10:23 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2011.01.02 01:08:26 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2011.01.02 01:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011.01.01 19:47:52 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\Need for Speed World
[2011.01.01 18:50:02 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Local\Electronic_Arts_Inc
[2011.01.01 18:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.01.01 18:11:28 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\gamigoGr
[2010.12.31 16:22:39 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Local\wanted
[2010.12.31 16:22:39 | 000,000,000 | ---D | C] -- C:\ProgramData\wanted
[2010.12.31 16:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WarnerBros
[2010.12.31 14:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2010.12.28 20:10:31 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
[2010.12.28 20:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRE
[2010.12.28 20:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2010.12.28 01:06:05 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\Vivox
[2010.12.28 00:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Babylon
[2010.12.28 00:05:13 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\Mozilla
[2010.12.28 00:05:11 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\IMVU
[2010.12.28 00:04:51 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU
[2010.12.28 00:04:24 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\IMVUClient
[2010.12.26 13:53:02 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\Avira
[2010.12.24 22:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2010.12.24 22:13:01 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2010.12.24 22:13:01 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010.12.24 22:13:01 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010.12.24 22:13:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.12.24 22:12:55 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.12.24 21:00:03 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Local\Apple Computer
[2010.12.24 21:00:02 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\Apple Computer
[2010.12.24 20:58:40 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.12.24 20:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.12.24 20:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010.12.24 20:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2010.12.24 20:57:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.12.24 20:57:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.12.24 20:57:12 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Local\Apple
[2010.12.24 20:57:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010.12.24 20:56:51 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2010.12.24 20:56:31 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.12.24 20:56:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.12.24 20:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.12.24 20:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010.12.20 16:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2010.12.20 16:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2010.12.20 15:55:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010.12.17 15:45:58 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\FileZilla
[2010.12.17 15:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2010.12.17 15:45:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2010.12.16 19:05:20 | 000,000,000 | ---D | C] -- C:\PFiles
[2010.12.15 16:39:18 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2010.12.15 16:39:18 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2010.12.15 16:39:18 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2010.12.15 16:39:17 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2010.12.15 16:39:17 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2010.12.15 16:39:17 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010.12.15 16:39:17 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2010.12.15 16:39:17 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2010.12.15 16:39:14 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.12.15 16:39:14 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.12.15 16:39:13 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.12.15 16:39:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.12.15 16:39:10 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2010.12.15 16:39:09 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2010.12.15 16:39:06 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2010.12.15 16:38:50 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.12.15 16:38:49 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.12.15 16:38:49 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.12.15 16:38:49 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.12.15 16:38:49 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.12.15 16:38:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.12.15 16:38:49 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.12.15 16:38:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.12.15 16:38:48 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.12.15 16:38:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.12.15 16:38:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.12.15 16:38:47 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.12.15 16:38:47 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.12.15 16:38:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.12.12 17:15:56 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\TS3Client
[2010.12.12 17:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2010.12.12 17:15:45 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2010.12.12 14:29:33 | 000,438,272 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2010.12.12 12:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.12.12 11:13:46 | 000,362,656 | ---- | C] (WEBZEN) -- C:\Windows\SysWow64\CMStarterCore.exe
[2010.12.12 11:13:46 | 000,051,360 | ---- | C] (WEBZEN) -- C:\Windows\SysWow64\CMStarter_Kor.dll
[2010.12.12 11:13:46 | 000,051,360 | ---- | C] (WEBZEN) -- C:\Windows\SysWow64\CMStarter_Eng.dll
[2010.12.12 11:13:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WEBZEN
[2010.12.11 21:12:16 | 000,000,000 | ---D | C] -- C:\gPotato.eu
[2010.12.11 20:20:43 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Local\PMB Files
[2010.12.11 20:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010.12.11 20:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010.12.11 14:44:28 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Local\Logitech
[2010.12.11 14:42:29 | 000,022,408 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGBusEnum.sys
[2010.12.11 14:42:29 | 000,016,008 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGVirHid.sys
[2010.12.11 14:42:15 | 000,000,000 | ---D | C] -- C:\Programme\Logitech Gaming Software
[2010.12.11 14:34:57 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCsoft
[2010.12.10 17:57:09 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Local\DNA
[2010.12.10 17:57:01 | 000,000,000 | ---D | C] -- C:\Users\Enzo\Program Files (x86)
[2010.12.10 17:57:01 | 000,000,000 | ---D | C] -- C:\Users\Enzo\AppData\Roaming\DNA
[2010.12.10 16:48:02 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.12.10 14:37:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.12.10 14:37:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.12.10 14:37:11 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.12.10 14:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.12.09 19:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
[2010.12.09 19:03:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DsNET Corp
[2010.12.07 20:47:26 | 000,000,000 | ---D | C] -- C:\Users\Enzo\Documents\restore

========== Files - Modified Within 30 Days ==========

[2011.01.06 16:07:54 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.01.06 15:12:35 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.06 15:12:35 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.06 15:12:02 | 000,000,244 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011.01.06 15:10:02 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.01.06 15:07:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.06 15:06:54 | 2409,689,088 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.04 19:47:43 | 000,001,053 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2011.01.04 14:36:34 | 000,001,631 | ---- | M] () -- C:\Users\Enzo\Desktop\avcenter - Verknüpfung.lnk
[2011.01.03 21:33:25 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.01.03 20:08:07 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.01.03 18:44:29 | 000,000,180 | ---- | M] () -- C:\Users\Public\Desktop\Soul of the Ultimate Nation.url
[2011.01.03 09:50:35 | 000,001,062 | ---- | M] () -- C:\Users\Enzo\Desktop\Jade Dynasty.lnk
[2011.01.03 01:20:27 | 000,258,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\unicows.dll
[2011.01.02 23:08:29 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\TmUnitedForever.lnk
[2011.01.02 18:27:50 | 009,214,400 | ---- | M] () -- C:\Users\Enzo\Documents\Line Animation.mov
[2011.01.02 14:37:42 | 000,138,296 | ---- | M] () -- C:\Users\Enzo\Documents\3vilSadness Intro.aep
[2011.01.02 13:35:45 | 007,037,811 | ---- | M] () -- C:\Users\Enzo\Desktop\Adobe.AE.Keygen.rar
[2011.01.02 13:25:41 | 000,208,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\Zhimoa.exe
[2011.01.02 10:44:02 | 004,855,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.01.02 01:17:32 | 000,001,196 | ---- | M] () -- C:\Users\Enzo\Desktop\Adobe After Effects CS5.lnk
[2010.12.29 17:51:47 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.12.29 17:51:47 | 000,654,372 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.12.29 17:51:47 | 000,616,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.12.29 17:51:47 | 000,129,986 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.12.29 17:51:47 | 000,106,376 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.12.24 22:13:04 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.12.24 13:30:54 | 000,002,644 | ---- | M] () -- C:\Users\Enzo\Documents\Vegas Pro registrieren.htm
[2010.12.21 20:01:53 | 018,797,771 | ---- | M] () -- C:\Users\Enzo\Documents\Bleach Pendulum.wmv
[2010.12.17 23:51:28 | 000,231,591 | ---- | M] () -- C:\Users\Enzo\Documents\ts3_clientui-win64-12815-2010-12-17 23_51_25.712122.dmp
[2010.12.17 16:00:51 | 000,101,040 | ---- | M] () -- C:\Users\Enzo\Documents\Bleach Pendulum.veg
[2010.12.17 15:53:02 | 000,000,600 | ---- | M] () -- C:\Users\Enzo\AppData\Local\PUTTY.RND
[2010.12.17 15:44:08 | 000,098,336 | ---- | M] () -- C:\Users\Enzo\Documents\Bleach Pendulum.veg.bak
[2010.12.16 16:29:00 | 012,408,624 | ---- | M] () -- C:\Users\Enzo\Documents\Bleach Pendulum.wav
[2010.12.12 17:15:49 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.12.11 14:44:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2010.12.11 14:43:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2010.12.11 14:42:34 | 000,022,408 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGBusEnum.sys
[2010.12.11 14:42:34 | 000,016,008 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGVirHid.sys
[2010.12.11 14:42:33 | 000,374,792 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\UMDF\lgSSQVGA.dll
[2010.12.11 14:42:32 | 000,157,704 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\UMDF\lgSSBW.dll
[2010.12.10 16:47:50 | 334,168,139 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.12.08 15:45:12 | 000,048,710 | ---- | M] () -- C:\Users\Enzo\.recently-used.xbel

========== Files Created - No Company Name ==========

[2011.01.04 23:35:07 | 000,000,282 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.01.04 19:47:43 | 000,001,053 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2011.01.04 14:36:34 | 000,001,631 | ---- | C] () -- C:\Users\Enzo\Desktop\avcenter - Verknüpfung.lnk
[2011.01.03 20:06:05 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.01.03 18:44:29 | 000,000,180 | ---- | C] () -- C:\Users\Public\Desktop\Soul of the Ultimate Nation.url
[2011.01.03 09:50:35 | 000,001,062 | ---- | C] () -- C:\Users\Enzo\Desktop\Jade Dynasty.lnk
[2011.01.02 23:08:29 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\TmUnitedForever.lnk
[2011.01.02 18:24:12 | 009,214,400 | ---- | C] () -- C:\Users\Enzo\Documents\Line Animation.mov
[2011.01.02 13:53:36 | 000,138,296 | ---- | C] () -- C:\Users\Enzo\Documents\3vilSadness Intro.aep
[2011.01.02 13:35:19 | 007,037,811 | ---- | C] () -- C:\Users\Enzo\Desktop\Adobe.AE.Keygen.rar
[2011.01.02 13:25:45 | 000,000,282 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.01.02 13:25:43 | 000,000,244 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011.01.02 01:17:32 | 000,001,196 | ---- | C] () -- C:\Users\Enzo\Desktop\Adobe After Effects CS5.lnk
[2010.12.24 22:13:04 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.12.24 13:30:54 | 000,002,644 | ---- | C] () -- C:\Users\Enzo\Documents\Vegas Pro registrieren.htm
[2010.12.17 23:51:25 | 000,231,591 | ---- | C] () -- C:\Users\Enzo\Documents\ts3_clientui-win64-12815-2010-12-17 23_51_25.712122.dmp
[2010.12.17 15:53:02 | 000,000,600 | ---- | C] () -- C:\Users\Enzo\AppData\Local\PUTTY.RND
[2010.12.16 18:21:55 | 018,797,771 | ---- | C] () -- C:\Users\Enzo\Documents\Bleach Pendulum.wmv
[2010.12.16 16:27:50 | 012,408,624 | ---- | C] () -- C:\Users\Enzo\Documents\Bleach Pendulum.wav
[2010.12.12 17:15:49 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.12.12 15:59:12 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010.12.12 14:29:44 | 000,000,038 | -HS- | C] () -- C:\Windows\camcodec100.ini
[2010.12.12 14:29:44 | 000,000,028 | -HS- | C] () -- C:\Windows\lagarith.ini
[2010.12.11 14:44:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2010.12.11 14:43:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2010.12.10 16:47:50 | 334,168,139 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.12.08 15:45:12 | 000,048,710 | ---- | C] () -- C:\Users\Enzo\.recently-used.xbel
[2010.12.07 20:31:23 | 000,101,040 | ---- | C] () -- C:\Users\Enzo\Documents\Bleach Pendulum.veg
[2010.12.07 20:31:23 | 000,098,336 | ---- | C] () -- C:\Users\Enzo\Documents\Bleach Pendulum.veg.bak
[2010.11.23 18:27:56 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.11.16 15:41:58 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.14 21:02:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.06.15 02:29:18 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\StarOpen.sys
[2009.10.15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.07 12:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll

========== LOP Check ==========

[2010.11.24 17:22:29 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\AnvSoft
[2011.01.03 23:11:08 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\DNA
[2010.11.18 21:03:01 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\DVDVideoSoft
[2010.11.18 21:03:40 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.18 19:55:09 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\FileZilla
[2011.01.01 18:12:07 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\gamigoGr
[2010.12.08 15:45:12 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\gtk-2.0
[2011.01.06 15:10:26 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\ICQ
[2011.01.01 23:23:47 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\IMVU
[2010.12.28 00:04:51 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\IMVUClient
[2010.11.13 18:51:57 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\launcher
[2010.11.16 15:48:17 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Leadertech
[2010.11.13 18:51:57 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Martial Empires Luancher OBT
[2010.12.11 13:03:13 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\NCH Swift Sound
[2011.01.01 19:47:52 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Need for Speed World
[2010.12.04 14:20:35 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Propellerhead Software
[2010.11.23 18:21:35 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Publish Providers
[2010.12.29 00:36:04 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\SoftGrid Client
[2010.12.16 18:21:55 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Sony
[2010.11.15 21:23:40 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\TeamViewer
[2010.11.16 15:43:49 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\TP
[2010.12.12 17:17:16 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\TS3Client
[2010.12.07 15:16:12 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\UDC Profiles
[2010.12.31 14:17:21 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Uniblue
[2010.12.28 01:06:05 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Vivox
[2010.11.11 19:06:01 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Vodafone
[2010.11.17 12:06:05 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\WordToPDF
[2009.07.14 06:08:49 | 000,025,326 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.01.06 16:07:54 | 000,000,282 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.01.06 15:12:02 | 000,000,244 | -H-- | M] () -- C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011.01.06 15:10:02 | 000,000,282 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

========== Purity Check ==========



========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.01.02 01:30:10 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Adobe
[2010.11.24 17:22:29 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\AnvSoft
[2010.12.24 21:06:48 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Apple Computer
[2010.12.26 13:53:02 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Avira
[2010.11.22 21:35:20 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\DivX
[2011.01.03 23:11:08 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\DNA
[2010.11.18 21:03:01 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\DVDVideoSoft
[2010.11.18 21:03:40 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.18 19:55:09 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\FileZilla
[2010.11.11 19:14:36 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\FLEXnet
[2011.01.01 18:12:07 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\gamigoGr
[2010.12.08 15:45:12 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\gtk-2.0
[2011.01.06 15:10:26 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\ICQ
[2010.11.10 19:31:09 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Identities
[2011.01.01 23:23:47 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\IMVU
[2010.12.28 00:04:51 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\IMVUClient
[2010.11.13 18:51:57 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\launcher
[2010.11.16 15:48:17 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Leadertech
[2010.11.16 15:46:01 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Logishrd
[2010.11.16 15:50:51 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Logitech
[2010.11.14 19:48:59 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Macromedia
[2010.11.13 18:51:57 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Martial Empires Luancher OBT
[2009.07.14 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Media Center Programs
[2010.12.04 12:04:04 | 000,000,000 | --SD | M] -- C:\Users\Enzo\AppData\Roaming\Microsoft
[2011.01.05 22:56:57 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Mozilla
[2010.12.04 14:48:11 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\NCH Software
[2010.12.11 13:03:13 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\NCH Swift Sound
[2011.01.01 19:47:52 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Need for Speed World
[2010.12.04 14:20:35 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Propellerhead Software
[2010.11.23 18:21:35 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Publish Providers
[2011.01.06 00:06:48 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Skype
[2011.01.06 00:05:23 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\skypePM
[2010.12.29 00:36:04 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\SoftGrid Client
[2010.12.16 18:21:55 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Sony
[2010.11.15 21:23:40 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\TeamViewer
[2010.11.16 15:43:49 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\TP
[2010.12.12 17:17:16 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\TS3Client
[2010.12.07 15:16:12 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\UDC Profiles
[2010.12.31 14:17:21 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Uniblue
[2010.12.28 01:06:05 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Vivox
[2010.11.11 19:06:01 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\Vodafone
[2010.11.17 11:22:52 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\WinRAR
[2010.11.17 12:06:05 | 000,000,000 | ---D | M] -- C:\Users\Enzo\AppData\Roaming\WordToPDF

< %APPDATA%\*.exe /s >
[2010.12.16 20:08:58 | 007,509,008 | ---- | M] (Vivox, Inc.) -- C:\Users\Enzo\AppData\Roaming\IMVUClient\1VivoxVoice.exe
[2010.12.21 20:25:52 | 000,052,992 | ---- | M] () -- C:\Users\Enzo\AppData\Roaming\IMVUClient\IMVUClient.exe
[2010.12.21 20:25:52 | 000,021,760 | ---- | M] () -- C:\Users\Enzo\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
[2010.12.21 20:25:52 | 000,097,200 | ---- | M] () -- C:\Users\Enzo\AppData\Roaming\IMVUClient\IMVUupdater.exe
[2010.12.28 00:04:51 | 000,077,978 | ---- | M] () -- C:\Users\Enzo\AppData\Roaming\IMVUClient\Uninstall.exe
[2010.05.27 19:37:54 | 000,049,664 | ---- | M] () -- C:\Users\Enzo\AppData\Roaming\IMVUClient\w9xpopen.exe
[2010.12.21 20:16:28 | 000,121,856 | ---- | M] () -- C:\Users\Enzo\AppData\Roaming\IMVUClient\WriteMiniDump.exe
[2010.11.16 15:48:16 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Enzo\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe


< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: AHCIX86S.SYS >
[2008.10.03 13:08:52 | 000,183,312 | ---- | M] (Advanced Micro Devices, Inc) MD5=03081E98C515CB838434D252F407F6E8 -- C:\hp\DRIVERS\AMD_RAID\ahcix86s.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USER32.DLL >
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.01 05:29:28 | 011,406,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP06A4C76

< End of report >



und Extras txt.

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-466204157-1304596504-3131422904-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Enzo\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software 7.00
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{903029FE-FA82-427B-916C-AD08185DA3C2}" = Microsoft Xbox 360 Accessories 1.1
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SP6" = Logitech SetPoint 6.15
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0049D352-1D20-4FFB-8EF6-81CFBDF3ADE5}" = Soul of the Ultimate Nation
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C8CDDCF-D09A-11DF-8BB6-0013D3D69929}" = Vegas Pro 10.0
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C85747A-91B6-4233-AAF8-063506D0FF4F}" = LG United Mobile Drivers
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{90140011-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - Deutsch
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9312191B-30A5-44E1-8D8D-6936FE06CDE8}" = Wanted: Weapons of Fate
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA1B174B-4297-467C-9EF8-0AB8D4D5171E}" = Adobe After Effects CS5
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{FFB768E4-E427-4553-BC36-A11F5E62A94D}" = Adobe Flash Player 10 ActiveX
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any Video Converter_is1" = Any Video Converter 3.1.0
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup.divx.com" = DivX-Setup
"Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.1
"FileZilla Client" = FileZilla Client 3.3.5.1
"Free Studio_is1" = Free Studio version 4.9.13
"Free YouTube Download_is1" = Free YouTube Download 2.10
"ICQToolbar" = ICQ Toolbar
"LG PC Suite IV" = LG PC Suite IV
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SUPER ©" = SUPER © Version 2010.bld.42 (Nov 7, 2010)
"TeamViewer 5" = TeamViewer 5
"TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15
"Uninstall_is1" = Uninstall 1.0.0.1
"WinGimp-2.0_is1" = GIMP 2.6.11
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.8.7
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-466204157-1304596504-3131422904-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04.01.2011 10:57:47 | Computer Name = Enzo-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22730

Error - 04.01.2011 14:29:43 | Computer Name = Enzo-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 04.01.2011 15:47:36 | Computer Name = Enzo-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 04.01.2011 15:47:36 | Computer Name = Enzo-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12199

Error - 04.01.2011 15:47:36 | Computer Name = Enzo-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12199

Error - 04.01.2011 17:26:00 | Computer Name = Enzo-PC | Source = Application Hang | ID = 1002
Description = Programm TmForever.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 15fc Startzeit:
01cbac55808e4b44 Endzeit: 265 Anwendungspfad: C:\Program Files (x86)\TmUnitedForever\TmForever.exe

Berichts-ID:


Error - 05.01.2011 05:02:14 | Computer Name = Enzo-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 05.01.2011 13:10:00 | Computer Name = Enzo-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

Error - 05.01.2011 18:00:09 | Computer Name = Enzo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16700,
Zeitstempel: 0x4cd23213 Name des fehlerhaften Moduls: ICQToolBar.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4c850f10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x100af4d3
ID
des fehlerhaften Prozesses: 0x10c0 Startzeit der fehlerhaften Anwendung: 0x01cbad047774c199
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Pfad
des fehlerhaften Moduls: ICQToolBar.dll Berichtskennung: 29193d54-1917-11e0-9cfb-00242118117f

Error - 06.01.2011 10:07:39 | Computer Name = Enzo-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue

[ System Events ]
Error - 05.01.2011 05:00:45 | Computer Name = Enzo-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 05.01.2011 05:01:03 | Computer Name = Enzo-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.

Error - 05.01.2011 13:09:22 | Computer Name = Enzo-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 05.01.2011 13:09:22 | Computer Name = Enzo-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 05.01.2011 13:09:37 | Computer Name = Enzo-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.

Error - 05.01.2011 17:59:39 | Computer Name = Enzo-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "ICQ Service" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error - 05.01.2011 17:59:39 | Computer Name = Enzo-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "ICQ Service" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error - 06.01.2011 10:07:00 | Computer Name = Enzo-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 06.01.2011 10:07:00 | Computer Name = Enzo-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 06.01.2011 10:07:14 | Computer Name = Enzo-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
__________________

Alt 06.01.2011, 15:51   #4
markusg
/// Malware-holic
 
Ständige IE Popupfenster  :( - Standard

Ständige IE Popupfenster :(



• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

:OTL
PRC - C:\Users\Enzo\AppData\Local\Temp\Zgz.exe (Windows (R) Codename Longhorn DDK provider)
PRC - C:\Users\Enzo\AppData\Local\Temp\Zgy.exe (Windows (R) Codename Longhorn DDK provider)
PRC - C:\Windows\Zhimoa.exe (Windows (R) Codename Longhorn DDK provider)
IE - HKU\S-1-5-21-466204157-1304596504-3131422904-1000\..\URLSearchHook: - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-466204157-1304596504-3131422904-1000\..\Toolbar\WebBrowser: (no name) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - No CLSID value found
O3 - HKU\S-1-5-21-466204157-1304596504-3131422904-1000\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found
O4 - HKU\S-1-5-21-466204157-1304596504-3131422904-1000..\Run: [JP595IR86O] C:\Users\Enzo\AppData\Local\Temp\Zgy.exe (Windows (R) Codename Longhorn DDK
[2011.01.02 13:25:52 | 000,208,896 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\Zhimoa.exe
[2011.01.06 16:07:54 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.01.06 15:12:02 | 000,000,244 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011.01.06 15:10:02 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.01.02 13:25:41 | 000,208,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\Zhimoa.exe
:Files
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort posten.

öffne mein computer, c: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
lade das archiv in unserem upload channel hoch.
http://www.trojaner-board.de/54791-a...ner-board.html
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.01.2011, 16:13   #5
3vilSadness
 
Ständige IE Popupfenster  :( - Standard

Ständige IE Popupfenster :(



So move files hab ich geuploadet.

Die OTL datei

All processes killed
========== OTL ==========
Process Zgz.exe killed successfully!
No active process named Zgy.exe was found!
No active process named Zhimoa.exe was found!
Registry key HKEY_USERS\S-1-5-21-466204157-1304596504-3131422904-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-466204157-1304596504-3131422904-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B49673-5506-483E-B92B-CA0265BD9CA8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B49673-5506-483E-B92B-CA0265BD9CA8}\ not found.
Registry value HKEY_USERS\S-1-5-21-466204157-1304596504-3131422904-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found.
Registry value HKEY_USERS\S-1-5-21-466204157-1304596504-3131422904-1000\Software\Microsoft\Windows\CurrentVersion\Run\\JP595IR86O deleted successfully.
C:\Users\Enzo\AppData\Local\Temp\Zgy.exe moved successfully.
C:\Windows\Zhimoa.exe moved successfully.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job moved successfully.
C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job moved successfully.
C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job moved successfully.
File C:\Windows\Zhimoa.exe not found.
========== FILES ==========
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 41620 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Enzo
->Flash cache emptied: 91975 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Enzo
->Temp folder emptied: 553930627 bytes
->Temporary Internet Files folder emptied: 47288892 bytes
->Java cache emptied: 7894 bytes
->Google Chrome cache emptied: 347653854 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18770275 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 923,00 mb


OTL by OldTimer - Version 3.2.20.1 log created on 01062011_170110

Files\Folders moved on Reboot...
C:\Users\Enzo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Enzo\AppData\Local\Temp\~DF13D0B2A7F8F790BC.TMP not found!
File\Folder C:\Users\Enzo\AppData\Local\Temp\~DF56BB844250C1A8EC.TMP not found!
File\Folder C:\Users\Enzo\AppData\Local\Temp\~DF8F77DDD0C61D2684.TMP not found!
File\Folder C:\Users\Enzo\AppData\Local\Temp\~DFBA08647E32F1B8C6.TMP not found!


Alt 06.01.2011, 16:27   #6
markusg
/// Malware-holic
 
Ständige IE Popupfenster  :( - Standard

Ständige IE Popupfenster :(



[2011.01.02 13:35:45 | 007,037,811 | ---- | M] () -- C:\Users\Enzo\Desktop\Adobe.AE.Keygen.rar
keygens sind illegal, deswegen hier nur noch suport beim neu aufsetzen.
hatte ich beim ersten lesen übersehen.
__________________
--> Ständige IE Popupfenster :(

Alt 06.01.2011, 16:37   #7
3vilSadness
 
Ständige IE Popupfenster  :( - Standard

Ständige IE Popupfenster :(



Jo werde ich demnächst sofort machen

Hört sich jetzt bestimmt blöd an, aber ich hab ihn nie wirklich benutzt.

Also sorry nochmal.

Antwort

Themen zu Ständige IE Popupfenster :(
adobe, antispyware, antivir, antivir guard, avira, bho, bonjour, desktop, emsisoft, emsisoft anti-malware, explorer, foren, google, hijack, hijack this, hijackthis, internet, internet explorer, log, lsass.exe, microsoft, popup, programme, software, spyware, surfen, syswow64, temp, viren, vodafone, werbung, windows, windows media player



Ähnliche Themen: Ständige IE Popupfenster :(


  1. Ein popupfenster sagt mir ich hätte eine Virus
    Plagegeister aller Art und deren Bekämpfung - 24.01.2015 (17)
  2. Ständige Bluescreens
    Netzwerk und Hardware - 14.10.2013 (7)
  3. Werbe-Popupfenster machen "surfen" im Internet unmöglich
    Plagegeister aller Art und deren Bekämpfung - 19.08.2013 (9)
  4. Merkwürdiges Popupfenster geht auf!
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (4)
  5. Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank
    Log-Analyse und Auswertung - 17.05.2013 (11)
  6. Ständige Windowsfehlermeldungen
    Plagegeister aller Art und deren Bekämpfung - 03.03.2013 (3)
  7. Ständige Trojanerwarnung
    Log-Analyse und Auswertung - 26.01.2009 (6)
  8. Popupfenster beim IE und Notebook startet selbstständig aus dem Standbymodus
    Log-Analyse und Auswertung - 11.10.2008 (9)
  9. ständige Werbeeinblendungen
    Log-Analyse und Auswertung - 20.08.2008 (16)
  10. Ständige Weiterleitungen und Pop-Ups
    Log-Analyse und Auswertung - 14.05.2008 (13)
  11. Popupfenster geht permanent auf - Trojaner?
    Log-Analyse und Auswertung - 17.03.2008 (29)
  12. ständige Systemabstürtze
    Mülltonne - 18.01.2008 (6)
  13. Ständige Abstürze
    Plagegeister aller Art und deren Bekämpfung - 25.10.2007 (3)
  14. Popupfenster "Test", Meldung "Static", will Update
    Plagegeister aller Art und deren Bekämpfung - 12.10.2007 (10)
  15. ständige firewallmeldung
    Plagegeister aller Art und deren Bekämpfung - 01.06.2007 (3)
  16. Ständige Werbung im IE
    Log-Analyse und Auswertung - 08.02.2007 (2)
  17. POPUPFENSTER "Only the best" werde ich nicht los
    Log-Analyse und Auswertung - 13.02.2005 (2)

Zum Thema Ständige IE Popupfenster :( - Hallo erstmal , ich bekomme seit ein paar Tagen ständig Popupfenster vom IE Ich hab mir schon ein paar Foren durchgelesen, was mir aber bis jetzt irgendwie nicht so wirklich - Ständige IE Popupfenster :(...
Archiv
Du betrachtest: Ständige IE Popupfenster :( auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.