Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojaner beim Online-Banking (https://www.trojaner-board.de/89459-trojaner-beim-online-banking.html)

Alke_1981 14.08.2010 15:54
Hi Markus,

hast eine PN.

markusg 14.08.2010 16:10
jo hat geklappt, danke.

Alke_1981 14.08.2010 16:47
Hallo Daniel,

hier nun endlich Schritt 3.

GMER Logfile:
Code:
GMER 1.0.15.15281 - h**p://www.gmer.net
Rootkit scan 2010-08-14 17:43:29
Windows 6.0.6002 Service Pack 2
Running: pxyfv7if.exe; Driver: C:\Users\***AppData\Local\Temp\awtoauoc.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0  Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1  Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
--- --- ---


Warte dann auf weitere Anweisungen.

Lg Alke

Larusso 14.08.2010 23:51
Starte bitte OTL und drücke den Quickscan button. Poste mir bitte die Logfile

Alke_1981 15.08.2010 00:07
Hi,

hier der gewünschte Logfile.

OTL Logfile:
Code:
OTL logfile created on: 15.08.2010 00:55:28 - Run 2
OTL by OldTimer - Version 3.2.9.1    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109,88 Gb Total Space | 69,60 Gb Free Space | 63,34% Space Free | Partition Type: NTFS
Drive D: | 110,00 Gb Total Space | 21,33 Gb Free Space | 19,39% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***-PC
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - [2010.08.14 17:50:25 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.08.13 21:50:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2010.08.09 15:27:06 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.08.03 15:33:41 | 012,746,928 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2010.03.02 10:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 09:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.04.17 04:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.08.13 21:50:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - File not found [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2010.08.14 17:50:25 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.24 09:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wdcsam.sys -- (WDC_SAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMC326.sys -- (VMC326)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMC302.sys -- (VMC302)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010.03.01 09:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 13:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.12.17 16:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.11 06:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2008.08.05 05:02:22 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008.08.05 05:02:22 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2008.07.22 08:33:02 | 000,319,000 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.04.17 09:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.12.28 03:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007.10.26 07:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.05.23 10:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p:\\www.samsungcomputer.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://search.conduit.com?SearchSource=10&ctid=CT2431245
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy1.ewetel.net:8080
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.11 17:56:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.12 23:48:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird 3 Beta 2\components
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird 3 Beta 2\plugins [2010.08.11 17:50:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.08.11 17:18:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.08.12 17:07:02 | 000,000,000 | ---D | M]
 
[2010.08.12 18:20:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.08.12 18:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.08.12 17:28:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ag6sai08.default\extensions
[2010.02.12 22:32:35 | 000,000,261 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\ag6sai08.default\searchplugins\Search.xml
[2010.08.12 23:43:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.08.12 23:43:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.12 23:42:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [{ED0B4B8D-3966-B24A-F69A-984CA48C147A}] C:\Users\***\AppData\Roaming\Sium\opun.exe File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} h**p://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} h**p://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} h**p://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{60b801ca-a6d6-11df-bb07-001377985cdf}\Shell - "" = AutoRun
O33 - MountPoints2\{60b801ca-a6d6-11df-bb07-001377985cdf}\Shell\AutoRun\command - "" = H:\WD SmartWare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.08.14 17:48:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.08.14 17:48:24 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.08.14 17:48:24 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.08.14 17:48:24 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.08.14 17:48:24 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.08.14 17:48:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.08.14 17:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010.08.14 12:56:54 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.08.14 00:09:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.08.13 23:49:58 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner
[2010.08.13 23:02:10 | 000,072,704 | ---- | C] (GravityGripp) -- C:\Users\***\Desktop\ZipIt2.exe
[2010.08.13 21:50:36 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.08.13 20:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.08.13 20:18:15 | 000,000,000 | ---D | C] -- C:\rsit
[2010.08.13 19:55:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.08.13 19:54:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.13 19:54:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.13 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.08.13 19:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.13 19:17:16 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Simply Super Software
[2010.08.13 19:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010.08.13 19:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010.08.13 16:29:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Western Digital
[2010.08.13 16:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2010.08.13 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Western Digital
[2010.08.13 00:30:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Opera
[2010.08.13 00:30:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Opera
[2010.08.13 00:30:31 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.08.12 23:39:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010.08.12 23:24:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Uniblue
[2010.08.12 19:26:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\NetSpeedMonitor
[2010.08.12 01:00:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\QuickScan
[2010.08.11 22:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.08.11 20:10:49 | 016,299,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\ProgramData\jre-6u21-windows-i586-s.exe
[2010.08.11 19:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.08.11 19:53:52 | 000,875,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\ProgramData\jre-6u21-windows-i586-iftw-rv.exe
[2010.08.11 17:50:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010.08.11 17:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010.08.11 17:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010.08.11 17:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.08.11 17:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.08.11 17:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010.08.11 17:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010.08.11 17:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\readmes
[2010.08.11 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\redist
[2010.08.11 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\licenses
[2010.08.11 17:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2010.08.11 17:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\ElsterFormular
[2010.08.11 17:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.08.11 17:29:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird 3 Beta 2
[2010.08.11 17:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.08.11 17:29:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.08.11 17:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2010.08.11 16:54:16 | 000,000,000 | R--D | C] -- C:\Users\***\Documents\Notes
[2010.08.11 16:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.08.11 16:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\softonic-de3
[2010.08.11 16:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\VistaCodecs
[2010.08.08 15:45:47 | 000,241,664 | ---- | C] (TODO: <Company name>) -- C:\Windows\System32\TFTPClientAX.dll
[2010.06.05 12:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010.06.05 12:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.06.05 12:17:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
 
========== Files - Modified Within 90 Days ==========
 
[2010.08.15 00:55:29 | 003,145,728 | -HS- | M] () -- C:\Users\***\NTUSER.DAT
[2010.08.15 00:50:22 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EDBA682A-4CCF-4440-A406-FC63B1CDC3AF}.job
[2010.08.15 00:33:15 | 000,000,438 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010.08.15 00:33:07 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\SupBackGroundTask.job
[2010.08.15 00:33:05 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.15 00:33:05 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.15 00:32:58 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.15 00:32:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.14 19:35:12 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.08.14 19:35:12 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.08.14 19:35:09 | 003,087,722 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.08.14 17:48:31 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.08.14 16:49:45 | 000,134,966 | ---- | M] () -- C:\Users\***\Desktop\MovedFiles.rar
[2010.08.14 16:20:09 | 000,000,022 | ---- | M] () -- C:\Users\***\Desktop\***.zip
[2010.08.14 13:39:08 | 000,293,376 | ---- | M] () -- C:\Users\***\Desktop\pxyfv7if.exe
[2010.08.14 13:19:51 | 001,602,126 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.14 13:19:51 | 000,689,604 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.14 13:19:51 | 000,645,990 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.14 13:19:51 | 000,151,372 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.14 13:19:51 | 000,122,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.14 12:40:15 | 000,293,376 | ---- | M] () -- C:\Users\***\Desktop\3g8jx9mx.exe
[2010.08.13 23:02:10 | 000,072,704 | ---- | M] (GravityGripp) -- C:\Users\***\Desktop\ZipIt2.exe
[2010.08.13 21:50:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.08.13 20:16:58 | 000,339,991 | ---- | M] () -- C:\Users\***\Desktop\RSIT.exe
[2010.08.13 19:54:43 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.13 18:19:17 | 000,085,504 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.13 17:38:05 | 000,307,122 | ---- | M] () -- C:\Users\***\Desktop\auftragsbestaetigung.pdf
[2010.08.13 00:30:37 | 000,000,674 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.08.12 02:12:13 | 000,105,816 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.12 02:11:54 | 000,394,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.12 02:08:15 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini
[2010.08.11 22:49:35 | 000,000,764 | ---- | M] () -- C:\Users\***\Desktop\CCleaner.lnk
[2010.08.11 17:56:57 | 000,001,684 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.11 17:52:52 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2010.08.11 17:42:32 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.11 17:38:32 | 000,000,736 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2010.08.11 17:18:07 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010.08.08 16:06:07 | 000,001,705 | ---- | M] () -- C:\Windows\ST6UNST.002
[2010.08.08 16:02:59 | 000,000,724 | ---- | M] () -- C:\Windows\ST6UNST.001
[2010.08.08 15:45:47 | 000,000,724 | ---- | M] () -- C:\Windows\ST6UNST.000
[2010.08.08 14:22:10 | 000,000,275 | ---- | M] () -- C:\WirelessDiagLog.csv
[2010.07.01 21:22:09 | 000,003,354 | ---- | M] () -- C:\Windows\System32\dmlg.dat
[2010.06.25 19:48:35 | 000,016,653 | ---- | M] () -- C:\Users\***\Desktop\WM 2010.odt
[2010.06.23 12:35:52 | 000,059,392 | ---- | M] () -- C:\Windows\System32\xvid.ax
[2010.06.12 14:44:41 | 167,555,440 | ---- | M] () -- C:\Users\***\Desktop\OOo_3.2.0_Win32Intel_install_wJRE_de.exe
 
========== Files Created - No Company Name ==========
 
[2010.08.14 17:48:31 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.08.14 16:50:07 | 000,134,966 | ---- | C] () -- C:\Users\***\Desktop\MovedFiles.rar
[2010.08.14 16:19:43 | 000,000,022 | ---- | C] () -- C:\Users\***\Desktop\***.zip
[2010.08.14 13:39:08 | 000,293,376 | ---- | C] () -- C:\Users\***\Desktop\pxyfv7if.exe
[2010.08.14 12:40:15 | 000,293,376 | ---- | C] () -- C:\Users\***\Desktop\3g8jx9mx.exe
[2010.08.13 20:16:58 | 000,339,991 | ---- | C] () -- C:\Users\***\Desktop\RSIT.exe
[2010.08.13 19:54:43 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.13 17:38:04 | 000,307,122 | ---- | C] () -- C:\Users\***\Desktop\auftragsbestaetigung.pdf
[2010.08.13 00:30:37 | 000,000,674 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.08.12 19:52:47 | 000,000,436 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{EDBA682A-4CCF-4440-A406-FC63B1CDC3AF}.job
[2010.08.11 22:49:35 | 000,000,764 | ---- | C] () -- C:\Users\***\Desktop\CCleaner.lnk
[2010.08.11 17:56:57 | 000,001,684 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.11 17:52:52 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2010.08.11 17:42:32 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.11 17:38:32 | 000,000,736 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2010.08.11 17:18:07 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010.08.11 16:45:37 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010.08.08 16:06:06 | 000,001,705 | ---- | C] () -- C:\Windows\ST6UNST.002
[2010.08.08 16:02:49 | 000,000,724 | ---- | C] () -- C:\Windows\ST6UNST.001
[2010.08.08 15:45:39 | 000,000,724 | ---- | C] () -- C:\Windows\ST6UNST.000
[2010.06.23 12:35:52 | 000,059,392 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2010.06.12 22:37:11 | 000,016,653 | ---- | C] () -- C:\Users\***\Desktop\WM 2010.odt
[2010.06.12 14:32:59 | 167,555,440 | ---- | C] () -- C:\Users\***\Desktop\OOo_3.2.0_Win32Intel_install_wJRE_de.exe
[2009.09.24 23:19:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.02.06 18:30:00 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.01.02 08:26:25 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2009.01.02 08:26:25 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2009.01.02 08:18:07 | 000,004,860 | ---- | C] () -- C:\Windows\HotFixList.ini
[2009.01.02 07:51:14 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.01.02 07:51:04 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1540.dll
[2008.09.12 15:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.11.14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2009.09.15 20:08:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2010.03.13 16:29:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular
[2009.09.29 19:04:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mp3tag
[2010.08.13 18:21:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NetSpeedMonitor
[2009.05.20 22:58:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2010.08.13 00:30:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2010.08.12 01:00:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2009.04.01 19:43:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.08.12 23:24:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Uniblue
[2010.08.13 23:35:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Western Digital
[2010.08.14 19:35:13 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.08.15 00:33:07 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\SupBackGroundTask.job
[2010.08.15 00:50:22 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{EDBA682A-4CCF-4440-A406-FC63B1CDC3AF}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:C69EAC3C
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >
--- --- ---


LG Alke

Larusso 15.08.2010 10:54
Schritt 1

Windows + R Taste drücken. Kopiere nun folgendes in die Zeile
Code:
reg add "HKEY_LOCAL_MACHINE\Software\Policies\ Microsoft\Windows Defender" /v DisableAntiSpyware /t Reg_Dword /d 1 /f
und drücke OK

Starte den Rechner neu auf.


Schritt 2
Code:
:OTL
O3 - HKLM\..\Toolbar: (no name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O4 - HKCU..\Run: [{ED0B4B8D-3966-B24A-F69A-984CA48C147A}] C:\Users\***\AppData\Roaming\Sium\opun.exe File not found
:services
:files
:reg
:Commands
[purity]
[emptytemp]
[reboot]
  • Schliesse bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • Klick auf http://larusso.trojaner-board.de/Images/otlfix2.jpg.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


Schritt 3

Starte bitte OTL und drücke den QuickScan Button.

Alke_1981 15.08.2010 12:44
Hallo,

hier Schritt 2:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{ED0B4B8D-3966-B24A-F69A-984CA48C147A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0B4B8D-3966-B24A-F69A-984CA48C147A}\ not found.
========== SERVICES/DRIVERS ==========
========== FILES ==========
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: ***
->Temp folder emptied: 42848 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Opera cache emptied: 3627498 bytes
->Flash cache emptied: 1219 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 264618 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 4,00 mb
OTL by OldTimer - Version 3.2.9.1 log created on 08152010_132614
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...

und Schritt 3:

OTL Logfile:
Code:
OTL logfile created on: 15.08.2010 13:30:11 - Run 3
OTL by OldTimer - Version 3.2.9.1    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 109,88 Gb Total Space | 68,25 Gb Free Space | 62,11% Space Free | Partition Type: NTFS
Drive D: | 110,00 Gb Total Space | 21,33 Gb Free Space | 19,39% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***-PC
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - [2010.08.14 17:50:25 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.08.13 21:50:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2010.03.02 10:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 09:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.04.17 04:50:00 | 006,111,232 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.08.13 21:50:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - File not found [Auto | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2010.08.14 17:50:25 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.24 09:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\wdcsam.sys -- (WDC_SAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMC326.sys -- (VMC326)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMC302.sys -- (VMC302)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010.03.01 09:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 13:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.12.17 16:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.11 06:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2008.08.05 05:02:22 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008.08.05 05:02:22 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2008.07.22 08:33:02 | 000,319,000 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.04.17 09:31:00 | 002,098,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.12.28 03:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007.10.26 07:39:08 | 000,193,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.05.23 10:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p:\\www.samsungcomputer.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://search.conduit.com?SearchSource=10&ctid=CT2431245
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy1.ewetel.net:8080
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.11 17:56:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.15 02:28:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird 3 Beta 2\components
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird 3 Beta 2\plugins [2010.08.15 02:28:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.08.11 17:18:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.08.15 02:28:39 | 000,000,000 | ---D | M]
 
[2010.08.12 18:20:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.08.12 18:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.08.12 17:28:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\ag6sai08.default\extensions
[2010.02.12 22:32:35 | 000,000,261 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\ag6sai08.default\searchplugins\Search.xml
[2010.08.12 23:43:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.08.12 23:43:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.12 23:42:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} h**p://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} h**p://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} h**p://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{60b801ca-a6d6-11df-bb07-001377985cdf}\Shell - "" = AutoRun
O33 - MountPoints2\{60b801ca-a6d6-11df-bb07-001377985cdf}\Shell\AutoRun\command - "" = H:\WD SmartWare.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.08.15 02:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.08.15 02:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.08.15 02:26:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Adobe
[2010.08.14 17:48:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.08.14 17:48:24 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.08.14 17:48:24 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.08.14 17:48:24 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.08.14 17:48:24 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.08.14 17:48:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.08.14 17:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010.08.14 12:56:54 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.08.14 00:09:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.08.13 23:49:58 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner
[2010.08.13 23:02:10 | 000,072,704 | ---- | C] (GravityGripp) -- C:\Users\***\Desktop\ZipIt2.exe
[2010.08.13 21:50:36 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.08.13 20:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.08.13 20:18:15 | 000,000,000 | ---D | C] -- C:\rsit
[2010.08.13 19:55:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.08.13 19:54:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.13 19:54:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.13 19:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.08.13 19:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.13 19:17:16 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Simply Super Software
[2010.08.13 19:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010.08.13 19:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010.08.13 16:29:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Western Digital
[2010.08.13 16:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2010.08.13 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Western Digital
[2010.08.13 00:30:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Opera
[2010.08.13 00:30:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Opera
[2010.08.13 00:30:31 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010.08.12 23:39:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010.08.12 23:24:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Uniblue
[2010.08.12 19:26:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\NetSpeedMonitor
[2010.08.12 01:00:04 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\QuickScan
[2010.08.11 22:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.08.11 20:10:49 | 016,299,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\ProgramData\jre-6u21-windows-i586-s.exe
[2010.08.11 19:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.08.11 19:53:52 | 000,875,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\ProgramData\jre-6u21-windows-i586-iftw-rv.exe
[2010.08.11 17:50:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010.08.11 17:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010.08.11 17:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010.08.11 17:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.08.11 17:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.08.11 17:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010.08.11 17:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010.08.11 17:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\readmes
[2010.08.11 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\redist
[2010.08.11 17:40:26 | 000,000,000 | ---D | C] -- C:\Program Files\licenses
[2010.08.11 17:38:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2010.08.11 17:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\ElsterFormular
[2010.08.11 17:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.08.11 17:29:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird 3 Beta 2
[2010.08.11 17:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.08.11 17:29:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.08.11 17:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2010.08.11 16:54:16 | 000,000,000 | R--D | C] -- C:\Users\***\Documents\Notes
[2010.08.11 16:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.08.11 16:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\softonic-de3
[2010.08.11 16:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\VistaCodecs
[2010.08.08 15:45:47 | 000,241,664 | ---- | C] (TODO: <Company name>) -- C:\Windows\System32\TFTPClientAX.dll
[2010.06.05 12:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010.06.05 12:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.06.05 12:17:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
 
========== Files - Modified Within 90 Days ==========
 
[2010.08.15 13:30:12 | 003,145,728 | -HS- | M] () -- C:\Users\***\NTUSER.DAT
[2010.08.15 13:27:22 | 000,000,438 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010.08.15 13:27:05 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.15 13:27:05 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.15 13:27:04 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\SupBackGroundTask.job
[2010.08.15 13:27:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.15 13:26:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.15 13:26:20 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.08.15 13:26:20 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.08.15 13:22:30 | 003,090,339 | -H-- | M] () -- C:\Users\***AppData\Local\IconCache.db
[2010.08.15 13:20:05 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EDBA682A-4CCF-4440-A406-FC63B1CDC3AF}.job
[2010.08.15 02:28:40 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.14 17:48:31 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.08.14 16:49:45 | 000,134,966 | ---- | M] () -- C:\Users\***\Desktop\MovedFiles.rar
[2010.08.14 16:20:09 | 000,000,022 | ---- | M] () -- C:\Users\***\Desktop\***.zip
[2010.08.14 13:39:08 | 000,293,376 | ---- | M] () -- C:\Users\***\Desktop\pxyfv7if.exe
[2010.08.14 13:19:51 | 001,602,126 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.14 13:19:51 | 000,689,604 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.14 13:19:51 | 000,645,990 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.14 13:19:51 | 000,151,372 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.14 13:19:51 | 000,122,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.14 12:40:15 | 000,293,376 | ---- | M] () -- C:\Users\***\Desktop\3g8jx9mx.exe
[2010.08.13 23:02:10 | 000,072,704 | ---- | M] (GravityGripp) -- C:\Users\***\Desktop\ZipIt2.exe
[2010.08.13 21:50:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.08.13 20:16:58 | 000,339,991 | ---- | M] () -- C:\Users\***\Desktop\RSIT.exe
[2010.08.13 19:54:43 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.13 18:19:17 | 000,085,504 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.13 17:38:05 | 000,307,122 | ---- | M] () -- C:\Users\***\Desktop\auftragsbestaetigung.pdf
[2010.08.13 00:30:37 | 000,000,674 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.08.12 02:12:13 | 000,105,816 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.12 02:11:54 | 000,394,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.12 02:08:15 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini
[2010.08.11 22:49:35 | 000,000,764 | ---- | M] () -- C:\Users\***\Desktop\CCleaner.lnk
[2010.08.11 17:56:57 | 000,001,684 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.11 17:52:52 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2010.08.11 17:42:32 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.11 17:38:32 | 000,000,736 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2010.08.11 17:18:07 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010.08.08 16:06:07 | 000,001,705 | ---- | M] () -- C:\Windows\ST6UNST.002
[2010.08.08 16:02:59 | 000,000,724 | ---- | M] () -- C:\Windows\ST6UNST.001
[2010.08.08 15:45:47 | 000,000,724 | ---- | M] () -- C:\Windows\ST6UNST.000
[2010.08.08 14:22:10 | 000,000,275 | ---- | M] () -- C:\WirelessDiagLog.csv
[2010.07.01 21:22:09 | 000,003,354 | ---- | M] () -- C:\Windows\System32\dmlg.dat
[2010.06.25 19:48:35 | 000,016,653 | ---- | M] () -- C:\Users\***\Desktop\WM 2010.odt
[2010.06.23 12:35:52 | 000,059,392 | ---- | M] () -- C:\Windows\System32\xvid.ax
[2010.06.12 14:44:41 | 167,555,440 | ---- | M] () -- C:\Users\***\Desktop\OOo_3.2.0_Win32Intel_install_wJRE_de.exe
 
========== Files Created - No Company Name ==========
 
[2010.08.15 02:28:40 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.14 17:48:31 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.08.14 16:50:07 | 000,134,966 | ---- | C] () -- C:\Users\***\Desktop\MovedFiles.rar
[2010.08.14 16:19:43 | 000,000,022 | ---- | C] () -- C:\Users\***\Desktop\***.zip
[2010.08.14 13:39:08 | 000,293,376 | ---- | C] () -- C:\Users\***\Desktop\pxyfv7if.exe
[2010.08.14 12:40:15 | 000,293,376 | ---- | C] () -- C:\Users\***\Desktop\3g8jx9mx.exe
[2010.08.13 20:16:58 | 000,339,991 | ---- | C] () -- C:\Users\***\Desktop\RSIT.exe
[2010.08.13 19:54:43 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.13 17:38:04 | 000,307,122 | ---- | C] () -- C:\Users\***\Desktop\auftragsbestaetigung.pdf
[2010.08.13 00:30:37 | 000,000,674 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.08.12 19:52:47 | 000,000,436 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{EDBA682A-4CCF-4440-A406-FC63B1CDC3AF}.job
[2010.08.11 22:49:35 | 000,000,764 | ---- | C] () -- C:\Users\***\Desktop\CCleaner.lnk
[2010.08.11 17:56:57 | 000,001,684 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.11 17:52:52 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2010.08.11 17:42:32 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.11 17:38:32 | 000,000,736 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2010.08.11 17:18:07 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010.08.11 16:45:37 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010.08.08 16:06:06 | 000,001,705 | ---- | C] () -- C:\Windows\ST6UNST.002
[2010.08.08 16:02:49 | 000,000,724 | ---- | C] () -- C:\Windows\ST6UNST.001
[2010.08.08 15:45:39 | 000,000,724 | ---- | C] () -- C:\Windows\ST6UNST.000
[2010.06.23 12:35:52 | 000,059,392 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2010.06.12 22:37:11 | 000,016,653 | ---- | C] () -- C:\Users\***\Desktop\WM 2010.odt
[2010.06.12 14:32:59 | 167,555,440 | ---- | C] () -- C:\Users\***\Desktop\OOo_3.2.0_Win32Intel_install_wJRE_de.exe
[2009.09.24 23:19:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.02.06 18:30:00 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.01.02 08:26:25 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2009.01.02 08:26:25 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2009.01.02 08:18:07 | 000,004,860 | ---- | C] () -- C:\Windows\HotFixList.ini
[2009.01.02 07:51:14 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.01.02 07:51:04 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1540.dll
[2008.09.12 15:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.11.14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2009.09.15 20:08:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2010.03.13 16:29:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular
[2009.09.29 19:04:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mp3tag
[2010.08.13 18:21:00 | 000,000,000 | ---D | M] -- C:\Users\***\Roaming\NetSpeedMonitor
[2009.05.20 22:58:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2010.08.13 00:30:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2010.08.12 01:00:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2009.04.01 19:43:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.08.12 23:24:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Uniblue
[2010.08.13 23:35:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Western Digital
[2010.08.15 13:26:22 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.08.15 13:27:04 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\SupBackGroundTask.job
[2010.08.15 13:20:05 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{EDBA682A-4CCF-4440-A406-FC63B1CDC3AF}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:C69EAC3C
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >
--- --- ---


LG Alke

Larusso 15.08.2010 14:03
Schritt 1

Öffne bitte Windows Defender --> Administratoroption
und entferne den Hacken bei Windows Defender verwenden

Rechner neu starten.


Schritt 2

Update bitte Malwarebytes und lass einen QuickScan laufen.


Schritt 3

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.
  • Dein Anti-Virus-Programm während des Scans deaktivieren.

    Button http://img695.imageshack.us/img695/1599/eset1l.jpg (<< klick) drücken.
    • Firefox-User:
      Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User:
      müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Hacken bei Yes, i accept the Terms of Use.
  • Drücke den http://img707.imageshack.us/img707/687/starteg.jpg Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Remove found threads" und "Scan archives".
  • http://img707.imageshack.us/img707/687/starteg.jpg drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke Finish.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.


Schritt 4

Downloade Dir bitte SecurityCheck
  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS- Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument ( checkup.txt ) öffnen.
Poste den Inhalt bitte hier.


Bitte poste in deiner nächsten Antwort
MBAM Logfile
ESET Log
checkup.txt
Berichte wie der Rechner läuft

Alke_1981 15.08.2010 16:05
Hallo,

hier der MBAM Logfile:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4432
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
15.08.2010 15:20:22
mbam-log-2010-08-15 (15-20-22).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 129904
Laufzeit: 6 Minute(n), 29 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

und der ESET Log:

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=917183f5521d05418ba558ff386d2971
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-15 01:41:43
# local_time=2010-08-15 03:41:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 153663 153663 0 0
# compatibility_mode=5892 16776574 100 100 136648 119412148 0 0
# compatibility_mode=8192 67108863 100 0 534 534 0 0
# scanned=170
# found=0
# cleaned=0
# scan_time=283
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=917183f5521d05418ba558ff386d2971
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-15 02:48:28
# local_time=2010-08-15 04:48:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 154077 154077 0 0
# compatibility_mode=5892 16776574 100 100 137062 119412562 0 0
# compatibility_mode=8192 67108863 100 0 948 948 0 0
# scanned=105026
# found=0
# cleaned=0
# scan_time=3873

und checkup.txt:

Results of screen317's Security Check version 0.99.5
Windows Vista Service Pack 2 (UAC is enabled)
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 18
Java(TM) 6 Update 21
Out of date Java installed!
Adobe Flash Player 10.1.82.76
Adobe Reader 9.3.3 - Deutsch
Mozilla Thunderbird (3.1.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent
````````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)
``````````End of Log````````````

Die Probleme die ich in Firefox hatte (langsamer Seitenaufbau und keine Videos werden mehr geladen), sind nicht mehr vorhanden. :taenzer:

LG Alke

Larusso 15.08.2010 16:07
Könntest DU vl versuchen die Logfiles ganz normal zu posten ?
Bekommt man nämlich Augenkrebs. Danke

Alke_1981 15.08.2010 16:20
Hi,

klar, so besser?


MBAM Logfile

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4432

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

15.08.2010 15:20:22
mbam-log-2010-08-15 (15-20-22).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 129904
Laufzeit: 6 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

ESET-Log:

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=917183f5521d05418ba558ff386d2971
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-15 01:41:43
# local_time=2010-08-15 03:41:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 153663 153663 0 0
# compatibility_mode=5892 16776574 100 100 136648 119412148 0 0
# compatibility_mode=8192 67108863 100 0 534 534 0 0
# scanned=170
# found=0
# cleaned=0
# scan_time=283
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=917183f5521d05418ba558ff386d2971
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-15 02:48:28
# local_time=2010-08-15 04:48:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 154077 154077 0 0
# compatibility_mode=5892 16776574 100 100 137062 119412562 0 0
# compatibility_mode=8192 67108863 100 0 948 948 0 0
# scanned=105026
# found=0
# cleaned=0
# scan_time=3873

Checkup

Results of screen317's Security Check version 0.99.5
Windows Vista Service Pack 2 (UAC is enabled)
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 18
Java(TM) 6 Update 21
Out of date Java installed!
Adobe Flash Player 10.1.82.76
Adobe Reader 9.3.3 - Deutsch
Mozilla Thunderbird (3.1.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent
````````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)

``````````End of Log````````````

Larusso 15.08.2010 17:45
Schritt 1

Deinstalliere bitte Java Update 18


Schritt 2

Downloade Dir bitte den Internet Explorer 8 von hier und installiere diesen.
Auch wenn dieser nicht dein Standard-Browser ist, sollte sich die aktuelle Version am Rechner befinden. Es gibt noch genug Software die diesen zum Updaten verwendet.


Schritt 3

Starte bitte OTL.exe.
Wähle unter
Extra Registrierung: Benutze Safe List und klicke auf den Scan Button.


Bitte poste in deiner nächsten Antwort
OTL.txt
Extras.txt

Alke_1981 15.08.2010 18:51
Hi,

das Java Update 18 lässt sich nicht deinstallieren. Da bin ich letzte Woche schon dran verzweifelt (trotz Internetrecherche).

Hast Du einen Tipp für mich?

Lg Alke

Alke_1981 15.08.2010 22:19
Hallo,

mit dem Deinstallieren von Java bin ich auch trotz JavaRa nicht weitergekommen. Es ist immer noch da.

Bin jetzt bis Mittwoch Abend im Kurzurlaub.

Vielen Dank bisher, ich gucke dann Mittwoch Abend wieder rein.

Lg Alke

Larusso 16.08.2010 17:13
Windows + R Taste drücken. Kopiere nun folgendes in die Zeile

msiexec /x "{26A24AE4-039D-4CA4-87B4-2F83216018F0}"

und drücke OK. Es sollte sich eine Deinstallationsroutine öffnen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:36 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131