Code:
OTL logfile created on: 6/26/2011 1:15:34 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows 7 Ultimate (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,022.00 Mb Total Physical Memory | 771.00 Mb Available Physical Memory | 75.00% Memory free
906.00 Mb Paging File | 847.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
Drive C: | 100.00 Mb Total Space | 35.48 Mb Free Space | 35.49% Space Free | Partition Type: NTFS
Drive D: | 1.96 Gb Total Space | 1.71 Gb Free Space | 87.41% Space Free | Partition Type: FAT32
Drive E: | 931.41 Gb Total Space | 30.54 Gb Free Space | 3.28% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2011/03/31 08:27:34 | 002,084,848 | ---- | M] (BitDefender S.R.L.) [Auto] -- E:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2011/03/24 13:46:02 | 000,043,936 | ---- | M] (BitDefender S.R.L.) [Auto] -- E:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2010/11/30 01:19:06 | 000,307,544 | ---- | M] (BitDefender) [On_Demand] -- E:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010/07/02 16:41:29 | 000,316,888 | ---- | M] (Protection Technology) [Auto] -- E:\Windows\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2010/03/23 07:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto] -- E:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- E:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/20 14:17:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto] -- E:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/09/16 17:30:50 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/26 01:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand] -- E:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/08/14 23:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- E:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/06/20 11:53:56 | 000,129,144 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe -- (niLXIDiscovery)
SRV - [2008/06/20 10:46:24 | 000,607,848 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe -- (NITaggerService)
SRV - [2008/06/18 11:57:40 | 000,192,112 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe -- (nimDNSResponder)
SRV - [2008/06/17 12:38:28 | 000,213,552 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Program Files\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2008/06/17 12:38:16 | 000,050,736 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Windows\System32\lktsrv.exe -- (lkTimeSync)
SRV - [2008/06/17 12:38:08 | 000,040,488 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Windows\System32\lkads.exe -- (lkClassAds)
SRV - [2008/06/17 11:21:50 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto] -- E:\Windows\System32\lkcitdl.exe -- (LkCitadelServer)
SRV - [2008/06/12 13:12:40 | 001,007,616 | ---- | M] (Macrovision Corporation) [Disabled] -- E:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2008/04/02 11:29:48 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Program Files\National Instruments\MAX\nimxs.exe -- (mxssvr)
SRV - [2007/11/06 10:07:32 | 000,008,656 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Windows\System32\nisvcloc.exe -- (niSvcLoc)
SRV - [2007/05/31 04:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 04:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/09 10:34:34 | 000,098,304 | ---- | M] (OPC Foundation) [On_Demand] -- E:\Windows\System32\Opcenum.exe -- (OpcEnum)
SRV - [2007/03/09 11:29:44 | 002,232,296 | ---- | M] () [Auto] -- E:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe -- (AcronisOSSReinstallSvc)
SRV - [2007/02/16 06:21:20 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Windows\System32\nipalsm.exe -- (nipxirmu)
SRV - [2007/02/16 06:21:20 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Windows\System32\nipalsm.exe -- (nidevldu)
SRV - [2007/02/16 06:21:20 | 000,012,696 | ---- | M] (National Instruments Corporation) [Auto] -- E:\Windows\System32\nipalsm.exe -- (ni488enumsvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (usb6xxxk)
DRV - File not found [Kernel | On_Demand] -- -- (nimsrlk)
DRV - File not found [Kernel | On_Demand] -- -- (nimslk)
DRV - [2011/06/25 07:01:35 | 000,105,152 | ---- | M] (BitDefender LLC) [Kernel | On_Demand] -- E:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - [2011/06/20 16:14:47 | 000,041,472 | ---- | M] () [Kernel | Unavailable] -- E:\Windows\Temp\2C6A.tmp -- (86a9f85c)
DRV - [2011/03/24 09:36:18 | 000,353,096 | ---- | M] (BitDefender) [File_System | Boot] -- E:\Windows\System32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2011/03/11 13:45:34 | 000,308,296 | ---- | M] (BitDefender S.R.L.) [File_System | Auto] -- E:\Windows\System32\drivers\Trufos.sys -- (Trufos)
DRV - [2010/12/21 01:55:02 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/12/21 01:55:02 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2010/12/21 01:55:02 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010/12/21 01:55:02 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2010/11/29 08:12:20 | 001,066,232 | ---- | M] (BitDefender) [File_System | On_Demand] -- E:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2010/11/29 08:12:14 | 000,535,824 | ---- | M] (BitDefender) [File_System | On_Demand] -- E:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2010/08/20 12:41:54 | 000,088,144 | ---- | M] (BitDefender) [Kernel | System] -- E:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2010/07/04 15:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable] -- E:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/07/02 16:41:29 | 003,333,808 | ---- | M] (Protection Technology) [Kernel | System] -- E:\Windows\System32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2010/07/01 07:10:13 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- E:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/05/13 10:52:04 | 000,152,528 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand] -- E:\Windows\System32\drivers\bdfm.sys -- (bdfm)
DRV - [2010/03/23 07:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- E:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2010/02/24 06:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- E:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2010/02/13 06:18:53 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot] -- E:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2009/11/20 22:34:54 | 011,515,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/07 11:33:06 | 000,281,760 | ---- | M] () [Kernel | Auto] -- E:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/09/07 11:33:05 | 000,025,888 | ---- | M] () [Kernel | Auto] -- E:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/07/22 17:54:19 | 000,293,904 | ---- | M] (Microsoft Corporation) [Kernel | System] -- E:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2009/07/22 17:54:19 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System] -- E:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2009/07/22 17:53:23 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009/07/22 17:53:19 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- E:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand] -- E:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2008/11/16 12:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008/06/20 12:54:16 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | Auto] -- E:\Windows\System32\drivers\NiViPxiKl.sys -- (NiViPxiK)
DRV - [2008/06/20 12:54:16 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\NiViPciKl.sys -- (NiViPciK)
DRV - [2008/06/20 11:04:48 | 000,011,384 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\NiViFWKl.sys -- (NiViFWK)
DRV - [2008/06/13 10:51:40 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nimru2kl.sys -- (nimru2k)
DRV - [2008/06/13 10:51:06 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nidimkl.sys -- (nidimk)
DRV - [2008/06/13 10:50:38 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nimxdfkl.sys -- (nimxdfk)
DRV - [2008/06/13 10:49:04 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nimdbgkl.sys -- (nimdbgk)
DRV - [2008/06/13 10:48:32 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\niorbkl.sys -- (niorbk)
DRV - [2008/06/13 04:27:46 | 000,586,328 | ---- | M] (National Instruments Corporation) [Kernel | Boot] -- E:\Windows\System32\drivers\nipalk.sys -- (NIPALK)
DRV - [2008/06/13 04:27:46 | 000,011,896 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nipalusbedl.sys -- (nipalusbedl)
DRV - [2008/06/13 04:27:44 | 000,011,904 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nipalfwedl.sys -- (nipalfwedl)
DRV - [2008/04/07 05:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto] -- E:\Windows\System32\drivers\cvintdrv.sys -- (cvintdrv)
DRV - [2008/02/29 10:02:34 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nidsarkl.sys -- (nidsark)
DRV - [2008/02/22 06:25:42 | 000,011,336 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nixsrkl.sys -- (nixsrk)
DRV - [2008/02/22 06:25:38 | 000,011,368 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\niufurkl.sys -- (niufurk)
DRV - [2008/02/22 06:25:38 | 000,011,336 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\niwfrkl.sys -- (niwfrk)
DRV - [2008/02/22 06:25:38 | 000,011,336 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nissrkl.sys -- (nissrk)
DRV - [2008/02/22 06:25:36 | 000,011,336 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\niesrkl.sys -- (niesrk)
DRV - [2008/02/22 06:25:34 | 000,011,336 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\niemrkl.sys -- (niemrk)
DRV - [2008/02/22 06:25:34 | 000,011,336 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nicsrkl.sys -- (nicsrk)
DRV - [2008/02/19 18:56:40 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nitiorkl.sys -- (nitiork)
DRV - [2008/02/14 15:58:44 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nistcrkl.sys -- (nistcrk)
DRV - [2008/01/11 12:08:42 | 000,011,392 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nimsdrkl.sys -- (nimsdrk)
DRV - [2008/01/07 19:38:06 | 000,011,376 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nispdkl.sys -- (nispdk)
DRV - [2008/01/07 19:38:04 | 000,011,376 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\niscdkl.sys -- (niscdk)
DRV - [2008/01/07 19:35:24 | 000,011,312 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nistc2kl.sys -- (nistc2k)
DRV - [2008/01/07 19:21:02 | 000,011,352 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nisdigkl.sys -- (nisdigk)
DRV - [2008/01/02 08:14:42 | 000,011,336 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\niswdkl.sys -- (niswdk)
DRV - [2007/12/27 04:45:14 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ninshsdkl.sys -- (ninshsdk)
DRV - [2007/12/26 06:53:24 | 000,011,352 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nicdrkl.sys -- (nicdrk)
DRV - [2007/12/26 06:18:58 | 000,011,352 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nifslkl.sys -- (nifslk)
DRV - [2007/12/20 10:54:10 | 000,011,344 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nisftkl.sys -- (nisftk)
DRV - [2007/12/20 04:37:04 | 000,020,056 | R--- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\lvalarmk.sys -- (lvalarmk)
DRV - [2007/12/18 14:20:10 | 000,011,336 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nidmxfkl.sys -- (nidmxfk)
DRV - [2007/12/18 14:14:52 | 000,011,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nimstskl.sys -- (nimstsk)
DRV - [2007/12/18 13:14:26 | 000,011,368 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nimxpkl.sys -- (nimxpk)
DRV - [2007/11/26 12:22:12 | 000,020,768 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nipxigpk.sys -- (nipxigpk)
DRV - [2007/10/08 09:10:30 | 000,022,360 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ni1065k.sys -- (ni1065k)
DRV - [2007/10/08 09:10:28 | 000,011,552 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ni1045kl.sys -- (ni1045k)
DRV - [2007/10/08 09:10:24 | 000,025,888 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ni1006k.sys -- (ni1006k)
DRV - [2007/09/18 02:24:32 | 000,011,552 | ---- | M] (National Instruments Corporation) [Kernel | Auto] -- E:\Windows\System32\drivers\nipxirmkl.sys -- (nipxirmk)
DRV - [2007/09/11 11:43:16 | 000,048,296 | ---- | M] (Aladdin Knowledge Systems, Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\aksifdh.sys -- (AKSIFDH)
DRV - [2007/09/11 11:43:16 | 000,034,472 | ---- | M] (Aladdin Knowledge Systems, Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\aksup.sys -- (AKSUP)
DRV - [2007/09/11 11:43:16 | 000,012,456 | ---- | M] (Aladdin Knowledge Systems, Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\eTSCFLT.sys -- (eTSCFLT)
DRV - [2007/07/10 15:08:14 | 000,015,448 | ---- | M] (National Instruments Corporation) [Kernel | Boot] -- E:\Windows\System32\drivers\nipbcfk.sys -- (nipbcfk)
DRV - [2007/06/28 05:44:58 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007/02/26 07:40:24 | 000,016,672 | ---- | M] (National Instruments Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ni488lock.sys -- (ni488lock)
DRV - [2007/01/18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Fabian_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Fabian_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Fabian_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Fabian_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 DB FA F2 F1 2A CC 01 [binary data]
IE - HKU\Fabian_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Fabian_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
IE - HKU\Frederic_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Frederic_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Frederic_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E8 93 B5 C8 98 AC CA 01 [binary data]
IE - HKU\Frederic_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.7
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=TRL&o=101823&locale=en_US&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011/06/25 07:04:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/23 19:40:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/06 06:14:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010/12/26 05:53:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins [2010/12/29 06:21:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/06/23 19:37:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/12/29 06:21:27 | 000,000,000 | ---D | M]
[2010/02/13 10:24:28 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Fabian\AppData\Roaming\Mozilla\Extensions
[2010/02/13 10:24:28 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Fabian\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/06/23 19:40:39 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\febp99bd.default\extensions
[2010/09/14 14:49:10 | 000,000,000 | ---D | M] (TVU Web Player) -- E:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\febp99bd.default\extensions\firefox@tvunetworks.com
[2011/03/31 06:54:08 | 000,000,000 | ---D | M] (Personas) -- E:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\febp99bd.default\extensions\personas@christopher.beard
[2009/11/08 07:18:54 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Fabian\AppData\Roaming\Mozilla\Sunbird\Profiles\ih2uwcfq.default\extensions
[2011/02/09 07:12:00 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions
[2010/06/23 09:57:14 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/23 09:50:21 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/09 07:12:02 | 000,000,000 | ---D | M] (Java Console) -- E:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\FABIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FEBP99BD.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
File not found (No name found) -- C:\USERS\FABIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FEBP99BD.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\FABIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FEBP99BD.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
File not found (No name found) -- C:\USERS\FABIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FEBP99BD.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD
[2011/06/23 19:40:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- E:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2009/02/06 19:12:01 | 000,535,840 | ---- | M] (iLinc Communications, Inc.) -- E:\Program Files\Mozilla Firefox\plugins\NPCltInstall.dll
[2010/11/12 13:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/01/23 05:32:04 | 000,020,992 | ---- | M] (National Instruments) -- E:\Program Files\Mozilla Firefox\plugins\NPLV80Win32.dll
[2007/02/08 05:48:16 | 000,028,448 | ---- | M] (National Instruments) -- E:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll
[2007/07/24 13:03:42 | 000,023,040 | ---- | M] (National Instruments) -- E:\Program Files\Mozilla Firefox\plugins\nplv85win32.dll
[2008/06/25 17:51:02 | 000,023,040 | ---- | M] (National Instruments) -- E:\Program Files\Mozilla Firefox\plugins\nplv86win32.dll
[2011/05/06 06:14:15 | 000,001,392 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011/05/06 06:14:15 | 000,002,252 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/05/06 06:14:15 | 000,001,153 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2011/05/06 06:14:15 | 000,006,805 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011/05/06 06:14:15 | 000,001,178 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011/05/06 06:14:15 | 000,001,105 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
Hosts file not found
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - E:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - E:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe_ID0ENQBO] E:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDAgent] E:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] E:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [eTMonitor] E:\Program Files\Common Files\Aladdin Shared\eToken\PKIClient\x32\PKIMonitor.exe (Aladdin Knowledge Systems, Ltd.)
O4 - HKLM..\Run: [niDevMon] E:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (National Instruments Corporation)
O4 - HKU\Fabian_ON_E..\Run: [AdobeBridge] File not found
O4 - HKU\Fabian_ON_E..\Run: [avupdate] E:\Users\Fabian\AppData\Roaming\jashla.exe (Fontaine)
O4 - HKU\Fabian_ON_E..\Run: [DAEMON Tools Lite] E:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\Fabian_ON_E..\Run: [KiesHelper] E:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\Fabian_ON_E..\Run: [KiesTrayAgent] E:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\Frederic_ON_E..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: E:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ()
O4 - Startup: E:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - E:\Program Files\Xilisoft\YouTube Video Converter\upod_link.HTM ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3981d5db-85b6-11df-b9ef-0016e6842539}\Shell - "" = AutoRun
O33 - MountPoints2\{3981d5db-85b6-11df-b9ef-0016e6842539}\Shell\AutoRun\command - "" = E:\Launcher.exe
O33 - MountPoints2\{7a928fdd-9a2c-11df-94eb-0016e6842539}\Shell - "" = AutoRun
O33 - MountPoints2\{7a928fdd-9a2c-11df-94eb-0016e6842539}\Shell\AutoRun\command - "" = E:\sources\sperr32.exe x64
O33 - MountPoints2\{d18ea2af-98d4-11de-a723-0016e6842539}\Shell - "" = AutoRun
O33 - MountPoints2\{d18ea2af-98d4-11de-a723-0016e6842539}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{f75e8a00-986b-11de-977a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f75e8a00-986b-11de-977a-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/25 23:20:47 | 000,000,000 | ---D | C] -- E:\Kaspersky Rescue Disk 10.0
[2011/06/25 11:20:14 | 000,000,000 | ---D | C] -- E:\Users\Frederic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2011/06/25 11:20:13 | 000,000,000 | ---D | C] -- E:\Program Files\Unlocker
[2011/06/25 11:03:16 | 000,000,000 | ---D | C] -- E:\Users\Frederic\AppData\Roaming\BitDefender
[2011/06/25 10:47:20 | 000,000,000 | ---D | C] -- E:\Users\Fabian\Desktop\Windows Loader 2.0.3 DAZ
[2011/06/25 07:04:54 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2011
[2011/06/25 07:04:51 | 000,000,000 | ---D | C] -- E:\Users\Fabian\AppData\Roaming\BitDefender
[2011/06/25 07:04:14 | 000,000,000 | ---D | C] -- E:\Program Files\BitDefender
[2011/06/24 20:30:03 | 000,000,000 | ---D | C] -- E:\Users\Fabian\AppData\Roaming\QuickScan
[2011/06/24 20:29:17 | 000,000,000 | ---D | C] -- E:\ProgramData\BitDefender
[2011/06/24 20:29:17 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\BitDefender
[2011/06/24 20:29:00 | 000,308,296 | ---- | C] (BitDefender S.R.L.) -- E:\Windows\System32\drivers\Trufos.sys
[2011/06/24 20:28:59 | 000,353,096 | ---- | C] (BitDefender) -- E:\Windows\System32\drivers\bdfsfltr.sys
[2011/06/24 19:51:01 | 000,138,752 | ---- | C] (Fontaine) -- E:\Users\Fabian\AppData\Roaming\jashla.exe
[2011/06/23 19:30:15 | 000,000,000 | -HSD | C] -- E:\found.000
[2011/06/23 14:04:32 | 000,000,000 | ---D | C] -- E:\Windows\Sun
[2011/06/23 12:43:26 | 000,000,000 | ---D | C] -- E:\Windows\Minidump
[2011/06/20 16:09:18 | 000,012,288 | ---- | C] (Sikandar's Lab) -- E:\Users\Fabian\AppData\Roaming\ctfmon.exe
[2011/06/20 16:01:18 | 000,000,000 | ---D | C] -- E:\Users\Fabian\Desktop\illuminatenboard_org_ID_1307001422_True_Grit_HDRiP_AC3_2010_German_XViD_SNACK
[2011/06/20 15:38:50 | 000,000,000 | ---D | C] -- E:\Users\Fabian\AppData\Roaming\NewsLeecher
[2011/06/20 15:37:01 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewsLeecher
[2011/06/20 15:36:57 | 000,000,000 | ---D | C] -- E:\Program Files\NewsLeecher
[2011/06/20 14:55:24 | 000,000,000 | ---D | C] -- E:\Users\Fabian\Desktop\Stronghold_FLT_Stronghold_FLT
[2011/06/20 14:35:34 | 000,000,000 | ---D | C] -- E:\Users\Fabian\AppData\Local\Alt.Binz
[2011/06/20 14:34:49 | 000,000,000 | ---D | C] -- E:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alt.Binz
[2011/06/20 14:34:49 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alt.Binz
[2011/06/20 14:34:48 | 000,000,000 | ---D | C] -- E:\Program Files\AltBinz
[2011/06/04 06:18:12 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/06/03 13:39:05 | 000,000,000 | ---D | C] -- E:\Users\Fabian\Desktop\Bachelorkram
[2011/05/30 18:36:25 | 000,000,000 | ---D | C] -- E:\Users\Fabian\Desktop\Stick-Sicherung
[2 E:\Windows\System32\*.tmp files -> E:\Windows\System32\*.tmp -> ]
[2 E:\Windows\*.tmp files -> E:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/26 04:25:48 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2011/06/26 04:25:40 | 000,017,136 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/26 04:25:40 | 000,017,136 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/26 04:23:33 | 000,000,069 | ---- | M] () -- E:\Windows\pxisys.ini
[2011/06/26 04:23:33 | 000,000,030 | ---- | M] () -- E:\Windows\pxiesys.ini
[2011/06/26 04:23:14 | 804,118,528 | -HS- | M] () -- E:\hiberfil.sys
[2011/06/25 21:31:14 | 000,001,094 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/25 21:31:14 | 000,000,290 | -H-- | M] () -- E:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/25 12:35:00 | 000,001,098 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/25 11:56:28 | 000,000,376 | ---- | M] () -- E:\Users\Frederic\AppData\Roamingprivacy.xml
[2011/06/25 11:45:40 | 000,616,348 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2011/06/25 11:45:40 | 000,106,728 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2011/06/25 11:45:39 | 000,655,802 | ---- | M] () -- E:\Windows\System32\perfh007.dat
[2011/06/25 11:45:39 | 000,130,434 | ---- | M] () -- E:\Windows\System32\perfc007.dat
[2011/06/25 11:10:50 | 000,802,113 | ---- | M] () -- E:\Users\Frederic\Desktop\Unlocker1.9.1.exe
[2011/06/25 10:56:02 | 000,000,376 | ---- | M] () -- E:\Users\Fabian\AppData\Roamingprivacy.xml
[2011/06/25 09:25:04 | 000,000,000 | ---- | M] () -- E:\Windows\System32\imblacklist.dat
[2011/06/25 07:06:20 | 000,524,883 | ---- | M] () -- E:\ProgramData\bdinstall.bin
[2011/06/25 07:05:59 | 000,000,415 | ---- | M] () -- E:\Windows\System32\user_gensett.xml
[2011/06/25 07:05:59 | 000,000,415 | ---- | M] () -- E:\Users\Fabian\AppData\Roaminguser_gensett.xml
[2011/06/25 07:04:54 | 000,002,096 | ---- | M] () -- E:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011/06/25 07:04:54 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2011
[2011/06/24 20:46:00 | 000,001,124 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2515852320-1197906202-49457908-1000UA.job
[2011/06/24 19:51:01 | 000,138,752 | ---- | M] (Fontaine) -- E:\Users\Fabian\AppData\Roaming\jashla.exe
[2011/06/24 14:44:32 | 000,000,560 | -H-- | M] () -- E:\Windows\tasks\Norton Security Scan for Fabian.job
[2011/06/24 09:46:00 | 000,001,072 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2515852320-1197906202-49457908-1000Core.job
[2011/06/23 19:40:51 | 000,001,994 | ---- | M] () -- E:\Users\Fabian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/23 15:39:41 | 000,112,677 | ---- | M] () -- E:\Users\Fabian\Desktop\Zeitplan4.pdf
[2011/06/20 16:16:47 | 000,012,288 | ---- | M] (Sikandar's Lab) -- E:\Users\Fabian\AppData\Roaming\ctfmon.exe
[2011/06/20 16:14:30 | 000,000,290 | -H-- | M] () -- E:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/06/20 16:13:39 | 000,233,472 | ---- | M] () -- E:\Windows\Vwihea.exe
[2011/06/20 15:37:03 | 000,000,967 | ---- | M] () -- E:\Users\Fabian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NewsLeecher.lnk
[2011/06/20 15:37:03 | 000,000,943 | ---- | M] () -- E:\Users\Fabian\Desktop\NewsLeecher.lnk
[2011/06/20 15:37:03 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewsLeecher
[2011/06/20 14:34:49 | 000,000,959 | ---- | M] () -- E:\Users\Frederic\Desktop\Alt.Binz.lnk
[2011/06/20 14:34:49 | 000,000,959 | ---- | M] () -- E:\Users\Fabian\Desktop\Alt.Binz.lnk
[2011/06/20 14:34:49 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alt.Binz
[2011/06/20 13:09:00 | 000,000,474 | ---- | M] () -- E:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/06/07 02:33:49 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/04 06:18:12 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/05/30 04:21:57 | 000,001,018 | ---- | M] () -- E:\Users\Fabian\Desktop\Dropbox.lnk
[2011/05/30 04:21:57 | 000,000,998 | ---- | M] () -- E:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2 E:\Windows\System32\*.tmp files -> E:\Windows\System32\*.tmp -> ]
[2 E:\Windows\*.tmp files -> E:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/25 11:10:49 | 000,802,113 | ---- | C] () -- E:\Users\Frederic\Desktop\Unlocker1.9.1.exe
[2011/06/25 11:03:16 | 000,000,376 | ---- | C] () -- E:\Users\Frederic\AppData\Roamingprivacy.xml
[2011/06/25 10:56:02 | 000,000,376 | ---- | C] () -- E:\Users\Fabian\AppData\Roamingprivacy.xml
[2011/06/25 09:25:04 | 000,000,000 | ---- | C] () -- E:\Windows\System32\imblacklist.dat
[2011/06/25 07:05:59 | 000,000,415 | ---- | C] () -- E:\Windows\System32\user_gensett.xml
[2011/06/25 07:05:59 | 000,000,415 | ---- | C] () -- E:\Users\Fabian\AppData\Roaminguser_gensett.xml
[2011/06/25 07:04:54 | 000,002,096 | ---- | C] () -- E:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011/06/24 20:28:58 | 000,524,883 | ---- | C] () -- E:\ProgramData\bdinstall.bin
[2011/06/23 15:39:37 | 000,112,677 | ---- | C] () -- E:\Users\Fabian\Desktop\Zeitplan4.pdf
[2011/06/20 16:14:21 | 000,233,472 | ---- | C] () -- E:\Windows\Vwihea.exe
[2011/06/20 16:13:47 | 000,000,290 | -H-- | C] () -- E:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/06/20 16:13:46 | 000,000,290 | -H-- | C] () -- E:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/20 15:37:03 | 000,000,967 | ---- | C] () -- E:\Users\Fabian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NewsLeecher.lnk
[2011/06/20 15:37:03 | 000,000,943 | ---- | C] () -- E:\Users\Fabian\Desktop\NewsLeecher.lnk
[2011/06/20 14:34:49 | 000,000,959 | ---- | C] () -- E:\Users\Frederic\Desktop\Alt.Binz.lnk
[2011/06/20 14:34:49 | 000,000,959 | ---- | C] () -- E:\Users\Fabian\Desktop\Alt.Binz.lnk
[2011/04/09 12:55:28 | 000,179,261 | ---- | C] () -- E:\Windows\System32\xlive.dll.cat
[2011/01/29 12:00:24 | 000,030,568 | ---- | C] () -- E:\Windows\MusiccityDownload.exe
[2011/01/29 12:00:22 | 000,974,848 | ---- | C] () -- E:\Windows\System32\cis-2.4.dll
[2011/01/29 12:00:22 | 000,081,920 | ---- | C] () -- E:\Windows\System32\issacapi_bs-2.3.dll
[2011/01/29 12:00:22 | 000,065,536 | ---- | C] () -- E:\Windows\System32\issacapi_pe-2.3.dll
[2011/01/29 12:00:22 | 000,057,344 | ---- | C] () -- E:\Windows\System32\issacapi_se-2.3.dll
[2011/01/16 19:37:26 | 000,004,191 | ---- | C] () -- E:\Windows\jtpv-n.ini
[2011/01/16 19:37:26 | 000,001,441 | ---- | C] () -- E:\Windows\cdbtgdb24.ini
[2010/12/31 09:20:39 | 000,139,128 | ---- | C] () -- E:\Windows\System32\drivers\PnkBstrK.sys
[2010/12/31 09:20:39 | 000,138,056 | ---- | C] () -- E:\Users\Fabian\AppData\Roaming\PnkBstrK.sys
[2010/12/31 09:20:08 | 000,189,248 | ---- | C] () -- E:\Windows\System32\PnkBstrB.exe
[2010/12/31 09:20:05 | 002,434,856 | ---- | C] () -- E:\Windows\System32\pbsvc_bc2.exe
[2010/12/31 09:20:05 | 000,075,136 | ---- | C] () -- E:\Windows\System32\PnkBstrA.exe
[2010/12/26 14:08:26 | 000,000,000 | ---- | C] () -- E:\Users\Fabian\AppData\Roaming\chrtmp
[2010/07/25 07:55:07 | 000,335,872 | ---- | C] () -- E:\Windows\System32\m4atag.dll
[2010/07/08 04:37:14 | 000,101,544 | ---- | C] () -- E:\Program Files\Common Files\LinkInstaller.exe
[2010/06/29 16:17:51 | 000,640,512 | ---- | C] () -- E:\Windows\System32\nvidia32c.exe
[2010/06/29 16:17:33 | 000,640,512 | -HS- | C] () -- E:\Users\Fabian\AppData\Roaming\nvidia32c.exe
[2010/03/23 07:26:48 | 000,201,512 | ---- | C] () -- E:\Windows\System32\vpnapi.dll
[2010/02/14 06:14:42 | 000,003,019 | ---- | C] () -- E:\Windows\EaseAudioConverter.ini
[2010/02/14 06:14:42 | 000,000,031 | ---- | C] () -- E:\Windows\aceg.ini
[2009/11/25 19:21:29 | 000,000,337 | ---- | C] () -- E:\Users\Fabian\AppData\Local\Perfmon.PerfmonCfg
[2009/11/18 03:23:49 | 000,000,069 | ---- | C] () -- E:\Windows\pxisys.ini
[2009/11/18 03:23:49 | 000,000,030 | ---- | C] () -- E:\Windows\pxiesys.ini
[2009/09/07 11:33:06 | 000,281,760 | ---- | C] () -- E:\Windows\System32\drivers\atksgt.sys
[2009/09/07 11:33:05 | 000,025,888 | ---- | C] () -- E:\Windows\System32\drivers\lirsgt.sys
[2009/09/06 10:48:22 | 000,000,319 | ---- | C] () -- E:\Windows\game.ini
[2009/09/03 16:41:35 | 000,000,000 | ---- | C] () -- E:\Windows\nsreg.dat
[2009/07/14 04:47:43 | 000,655,802 | ---- | C] () -- E:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- E:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,130,434 | ---- | C] () -- E:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- E:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 002,349,728 | ---- | C] () -- E:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,616,348 | ---- | C] () -- E:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- E:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,106,728 | ---- | C] () -- E:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- E:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- E:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- E:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- E:\Windows\System32\PrintBrmUi.exe
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- E:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- E:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\System32\mlang.dat
[2008/06/13 10:47:30 | 000,000,244 | ---- | C] () -- E:\Windows\System32\nirpc.ini
[2008/06/13 04:26:08 | 000,003,520 | ---- | C] () -- E:\Windows\System32\nipalpg.dll
[2008/04/07 05:00:00 | 000,004,096 | ---- | C] () -- E:\Windows\System32\drivers\cvintdrv.sys
[2008/02/22 06:05:42 | 000,023,187 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB72F30200.bin
[2008/02/22 06:05:42 | 000,023,187 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB72F3.bin
[2008/02/22 06:05:42 | 000,023,187 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB72CC0200.bin
[2008/02/22 06:05:42 | 000,023,187 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB72CC.bin
[2008/02/22 06:05:42 | 000,012,312 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB71D60200.bin
[2008/02/22 06:05:42 | 000,012,312 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB717A0200.bin
[2008/02/22 06:05:42 | 000,012,311 | R--- | C] () -- E:\Windows\System32\drivers\NIUSB71D7.bin
[2008/02/22 06:05:42 | 000,012,311 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB71D80200.bin
[2008/02/22 06:05:42 | 000,012,311 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB71D70200.bin
[2008/02/22 06:05:42 | 000,012,311 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB717B0200.bin
[2008/02/22 06:05:42 | 000,009,381 | R--- | C] () -- E:\Windows\System32\drivers\NIUSB717B.bin
[2008/02/22 06:05:42 | 000,009,381 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB717B0100.bin
[2008/02/22 06:05:42 | 000,009,295 | R--- | C] () -- E:\Windows\System32\drivers\NIUSB71D8.bin
[2008/02/22 06:05:42 | 000,009,295 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB71D80100.bin
[2008/02/22 06:05:42 | 000,009,158 | R--- | C] () -- E:\Windows\System32\drivers\NIUSB71D6.bin
[2008/02/22 06:05:42 | 000,009,158 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB71D60100.bin
[2008/02/22 06:05:42 | 000,009,146 | R--- | C] () -- E:\Windows\System32\drivers\NIUSB717A.bin
[2008/02/22 06:05:42 | 000,009,146 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB717A0100.bin
[2008/02/22 06:05:42 | 000,008,091 | R--- | C] () -- E:\Windows\System32\drivers\NIUSB718A.bin
[2008/02/22 06:05:42 | 000,008,091 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB718A0100.bin
[2008/02/22 06:05:42 | 000,007,887 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB718A0200.bin
[2008/02/22 06:05:42 | 000,007,687 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB71DF0200.bin
[2008/02/22 06:05:42 | 000,007,687 | ---- | C] () -- E:\Windows\System32\drivers\NIUSB71DF.bin
[2008/01/10 09:15:20 | 000,049,696 | ---- | C] () -- E:\Windows\System32\nispdu.dll
[2008/01/07 19:38:06 | 000,049,696 | ---- | C] () -- E:\Windows\System32\drivers\nispdk.dll
[2008/01/07 19:37:52 | 000,031,744 | ---- | C] () -- E:\Windows\System32\niscdrau.dll
[2007/01/31 08:50:32 | 000,913,408 | ---- | C] () -- E:\Windows\System32\xreglib.dll
========== LOP Check ==========
[2009/09/03 05:39:38 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2010/02/05 06:20:27 | 000,000,000 | ---D | M] -- E:\ProgramData\BioWare
[2011/06/25 07:05:59 | 000,000,000 | ---D | M] -- E:\ProgramData\BitDefender
[2010/09/25 08:36:34 | 000,000,000 | ---D | M] -- E:\ProgramData\Codemasters
[2010/07/28 11:47:07 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite
[2009/09/03 18:00:13 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Pro
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2009/09/03 05:39:38 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2011/02/09 15:37:09 | 000,000,000 | ---D | M] -- E:\ProgramData\EA Core
[2011/02/09 15:37:09 | 000,000,000 | ---D | M] -- E:\ProgramData\Electronic Arts
[2009/09/03 05:39:38 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2011/03/20 15:05:56 | 000,000,000 | ---D | M] -- E:\ProgramData\Firefly Studios
[2010/07/25 07:48:01 | 000,000,000 | ---D | M] -- E:\ProgramData\ID3-TagIT 3
[2010/03/10 07:42:48 | 000,000,000 | ---D | M] -- E:\ProgramData\Islands
[2009/11/29 18:19:13 | 000,000,000 | ---D | M] -- E:\ProgramData\iTunesFolderWatch
[2009/10/07 15:55:25 | 000,000,000 | ---D | M] -- E:\ProgramData\IVI Foundation
[2009/09/03 13:10:24 | 000,000,000 | ---D | M] -- E:\ProgramData\Last.fm
[2009/11/17 18:40:18 | 000,000,000 | ---D | M] -- E:\ProgramData\National Instruments
[2011/03/16 17:55:16 | 000,000,000 | ---D | M] -- E:\ProgramData\Samsung
[2011/02/09 15:20:24 | 000,000,000 | ---D | M] -- E:\ProgramData\Solidshield
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2009/09/03 05:39:38 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2011/04/07 14:06:41 | 000,000,000 | ---D | M] -- E:\ProgramData\Ubisoft
[2009/09/03 05:39:38 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2009/09/13 09:15:22 | 000,000,000 | ---D | M] -- E:\ProgramData\WinZip
[2010/12/26 14:12:28 | 000,000,000 | ---D | M] -- E:\ProgramData\Xilisoft
[2010/06/24 15:55:30 | 000,000,000 | ---D | M] -- E:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/24 15:43:50 | 000,000,000 | ---D | M] -- E:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/03 12:35:43 | 000,000,000 | ---D | M] -- E:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/06/20 13:09:00 | 000,000,474 | ---- | M] () -- E:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/03/22 05:10:34 | 000,032,632 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/25 21:31:14 | 000,000,290 | -H-- | M] () -- E:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/20 16:14:30 | 000,000,290 | -H-- | M] () -- E:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2011/06/25 07:04:14 | 000,000,000 | ---- | M] ()(E:\Windows\System32\?????) -- E:\Windows\System32\獷楬汢捯污
[2011/06/25 07:04:14 | 000,000,000 | ---- | C] ()(E:\Windows\System32\?????) -- E:\Windows\System32\獷楬汢捯污
========== Alternate Data Streams ==========
@Alternate Data Stream - 640512 bytes -> E:\Windows\System32:nvidia32c.exe
< End of report >
Das ist also das Erebnis des Scans.
Ich habe mir auch eine fix.txt geschrieben, wie von Kompetenzlern bei diesem Virus öfters hier empfohlen wurde. Wenn ich nun mit OTLPE "Run Fix" starten möchte und dazu den Fix vom Stick auswähle kommt allerdings folgende Fehlermeldung:
"Adress violation at adress 7CA0C936 in module shell32.dll. Read of adress 00000006"
EDIT: Ich versuche es mal manuell.
EDIT2: Die Tastenbelegung ist VÖLLIG anders. Da brauch ich ja ewig, bis ich den Text zusammengebastelt habe...
EDIT3: Ok, habs per C&P hinbekommen. Muss der Laufwerksbuchstabe in meinem Fall C (normaler Buchstabe unter Windows für die HDD) oder E (wie hier im Scan Protokoll) sein? Habe mal beide Varianten durchlaufen lassen.
EDIT4: Hat nichts gebracht. :( Alledings ist er auch abgestürzt, als er nach dem Durchlauf des Fix meinte, dass ein Reboot zum Löschen der Dateien nötig sei.
EDIT5: Bei Überprüfung anderer fix.txts ist mir aufgefallen, dass es wohl kein Rezept gibt, sondern die Befehle von euch je nach Fall erstellt werden. Das erklärts natürlich. ;)
EDIT6: Liegt wohl daran, dass die Datei im Shell Eintrag immer anders heißt. Bei mir steht dort aber wie es auch soll "explorer.exe"! Seltsam.
Bei allen anderen threads hier zum Thema nistet der Virus sich dort ein (20er Einträge im Logfile). Bei mir ist da aber nichts. |
