Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Virus "Wie findest du dieses Bild" (winscdvn.exe)

Virus "Wie findest du dieses Bild" (winscdvn.exe)


Plagegeister aller Art und deren Bekämpfung: Virus "Wie findest du dieses Bild" (winscdvn.exe)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.06.2010, 17:36   #1
Alexande
 
Virus "Wie findest du dieses Bild" (winscdvn.exe) - Standard

Virus "Wie findest du dieses Bild" (winscdvn.exe)


Auch mich hats erwischt. Leider werde ich aus den anderen posts nicht schlau
hier mal mein otl scan. Avira hat die wuaucld.exe bereits mit den letzten update selber erkannt.

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.06.2010 18:18:10 - Run 2
OTL by OldTimer - Version 3.2.6.0     Folder = C:\Users\Alex\Downloads
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,95 Gb Total Space | 235,94 Gb Free Space | 81,94% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 4,28 Gb Free Space | 42,75% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ALEX-NOTEBOOK
Current User Name: Alex
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Alex\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Internet\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH)
PRC - C:\Programme\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - c:\Programme\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Bluetooth\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\Bluetooth\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_c8e33401effad09d\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_c8e33401effad09d\AEstSrv.exe (Andrea Electronics Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Alex\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Akamai) -- C:/Program Files/Common Files/Akamai/rswin_3697.dll ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (mitsijm2011) -- C:\Programme\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe ()
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (btwdins) -- C:\Programme\Bluetooth\bin\btwdins.exe (Broadcom Corporation.)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_c8e33401effad09d\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_c8e33401effad09d\AEstSrv.exe (Andrea Electronics Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (MpFilter) -- C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 09 64 A6 DB AA 01 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Live Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..keyword.URL: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..network.proxy.type: 4
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: \components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: \plugins
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Programme\Mozilla Sunbird\components [2010.06.09 20:47:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Programme\Mozilla Sunbird\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: \components
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: \plugins
 
[2010.06.09 20:48:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions
[2010.06.01 19:16:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.06.09 20:48:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2010.06.07 21:35:50 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\h3p7oj9f.default\extensions
[2010.06.09 20:48:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\mozilla\Sunbird\Profiles\3uhg0o3d.default\extensions
[2009.02.19 20:36:12 | 000,001,632 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\Mozilla\FireFox\Profiles\h3p7oj9f.default\searchplugins\live-search.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Internet\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Bluetooth\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Bluetooth\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.204.40.250 194.25.2.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{15c00b82-73e0-11df-84ce-00225f4b5de6}\Shell - "" = AutoRun
O33 - MountPoints2\{15c00b82-73e0-11df-84ce-00225f4b5de6}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.12 13:41:51 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\PDMO
[2010.06.12 12:41:35 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.06.12 12:41:35 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.06.12 12:41:26 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.06.12 12:41:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.06.12 12:41:18 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.06.12 12:41:18 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.06.12 12:41:18 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.06.12 12:41:18 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.06.09 20:47:53 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Sunbird
[2010.06.09 19:13:59 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.06.09 17:50:47 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Diagnostics
[2010.06.08 14:42:30 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Malwarebytes
[2010.06.08 14:42:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.06.08 14:42:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.06.08 14:42:20 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.06.08 14:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.08 08:17:46 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Avira
[2010.06.08 08:14:17 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.06.08 08:14:14 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.06.08 08:14:14 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.06.08 08:14:14 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.06.08 08:14:14 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.06.08 08:14:12 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.06.08 08:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.06.08 07:58:28 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2010.06.08 07:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.06.07 21:24:23 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.06.07 20:51:40 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\ElevatedDiagnostics
[2010.06.07 12:25:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Adobe
[2010.06.07 12:20:59 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Photoshop CS3
[2010.06.07 12:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.06.07 12:18:03 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.06.07 12:15:59 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Stock Photos CS3
[2010.06.07 12:12:41 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.06.07 12:10:44 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Device Central CS3
[2010.06.07 12:01:58 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Bridge CS3
[2010.06.07 11:58:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2010.06.07 11:18:59 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Neuer Ordner
[2010.06.07 09:06:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Frauen
[2010.06.07 09:01:24 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2010.06.07 09:01:24 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010.06.07 09:01:24 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
[2010.06.07 08:55:45 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\INETWH32.DLL
[2010.06.07 08:53:04 | 000,000,000 | ---D | C] -- C:\Programme\NetObjects
[2010.06.06 23:54:24 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\dvdcss
[2010.06.06 23:40:28 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.06.06 23:09:12 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\vlc
[2010.06.06 21:04:57 | 000,000,000 | ---D | C] -- C:\Windows\Fonts\Redist
[2010.06.06 21:04:26 | 000,000,000 | ---D | C] -- C:\Programme\Autodesk Impression 3
[2010.06.06 21:02:58 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.06.06 21:02:58 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.06.06 21:02:58 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.06.06 21:02:57 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.06.06 21:02:55 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.06.06 21:02:51 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.06.06 21:02:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.06.06 21:02:50 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.06.06 21:02:50 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.06.06 21:02:50 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.06.06 21:02:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.06.06 21:02:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.06.06 21:02:49 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.06.06 21:02:49 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.06.06 20:44:26 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Akamai
[2010.06.04 10:02:14 | 010,222,080 | ---- | C] (Foxit Corporation) -- C:\Users\Alex\Foxit Reader.exe
[2010.06.03 21:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.06.03 21:44:37 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.06.03 21:44:24 | 000,000,000 | ---D | C] -- C:\extensions
[2010.06.03 21:44:23 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.06.03 21:44:23 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.06.03 21:44:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.06.03 21:44:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.06.03 21:41:47 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\OpenOffice.org
[2010.06.03 20:16:16 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3
[2010.06.03 12:23:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\Tracing
[2010.06.03 09:31:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Documents\Scanned Documents
[2010.06.03 09:31:20 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Fax
[2010.06.03 09:29:13 | 000,000,000 | ---D | C] -- C:\Programme\Archivierung
[2010.06.03 09:20:24 | 000,000,000 | ---D | C] -- C:\Programme\Office
[2010.06.03 09:17:24 | 000,000,000 | ---D | C] -- C:\Programme\Video
[2010.06.02 16:40:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Essentials
[2010.06.02 16:31:50 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Apps
[2010.06.02 16:31:49 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Deployment
[2010.06.02 16:14:41 | 000,000,000 | ---D | C] -- C:\Programme\DellTPad
[2010.06.02 16:12:56 | 000,492,544 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\ctapo32.dll
[2010.06.02 16:12:56 | 000,372,736 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2010.06.02 16:12:56 | 000,133,632 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2010.06.02 16:12:56 | 000,053,248 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2010.06.02 16:12:56 | 000,045,568 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\ctppld.dll
[2010.06.02 16:12:55 | 005,550,145 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2010.06.02 16:12:55 | 002,469,888 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2010.06.02 16:12:55 | 000,512,000 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2010.06.02 16:12:55 | 000,073,728 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll
[2010.06.02 16:12:09 | 000,580,608 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2010.06.02 16:12:09 | 000,404,480 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2010.06.02 16:12:09 | 000,379,904 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2010.06.02 16:12:09 | 000,344,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2010.06.02 16:12:09 | 000,164,352 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\st325939.dll
[2010.06.02 16:12:08 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.06.02 16:12:08 | 000,000,000 | ---D | C] -- C:\Programme\IDT
[2010.06.02 16:12:05 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InstallShield
[2010.06.02 16:10:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Bluetooth-Exchange-Ordner
[2010.06.02 16:10:05 | 000,000,000 | ---D | C] -- C:\Users\Alex\Bluetooth Software
[2010.06.02 16:09:38 | 000,100,392 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys
[2010.06.02 16:09:38 | 000,029,736 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwl2cap.sys
[2010.06.02 16:09:37 | 000,081,960 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys
[2010.06.02 16:09:37 | 000,017,448 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys
[2010.06.02 16:09:31 | 000,233,472 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\BtwRSupport.dll
[2010.06.02 16:09:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-MX
[2010.06.02 16:09:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\es-AR
[2010.06.02 16:09:19 | 000,000,000 | ---D | C] -- C:\Programme\Bluetooth
[2010.06.02 16:07:05 | 000,000,000 | ---D | C] -- C:\dell
[2010.06.02 16:03:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\vmm32
[2010.06.02 16:03:45 | 000,000,000 | ---D | C] -- C:\Programme\Dell
[2010.06.02 13:15:08 | 000,000,000 | ---D | C] -- C:\Users\Alex\.hedgewars
[2010.06.02 13:12:44 | 000,000,000 | ---D | C] -- C:\Programme\Spiele
[2010.06.02 12:11:17 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Macromedia
[2010.06.02 12:11:17 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Adobe
[2010.06.02 12:11:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.06.01 22:45:30 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.06.01 19:46:22 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight
[2010.06.01 19:46:13 | 000,054,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010.06.01 19:46:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.06.01 19:45:22 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.06.01 19:45:09 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2010.06.01 19:44:40 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.06.01 19:44:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.06.01 19:44:14 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2010.06.01 19:43:57 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.06.01 19:43:35 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.06.01 19:41:41 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Autodesk,_Inc
[2010.06.01 19:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010.06.01 19:38:09 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Windows Live
[2010.06.01 19:24:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.06.01 19:24:06 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.06.01 19:16:23 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Thunderbird
[2010.06.01 19:16:23 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Thunderbird
[2010.06.01 19:14:43 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Mozilla
[2010.06.01 19:14:42 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Mozilla
[2010.06.01 19:12:22 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Autodesk
[2010.06.01 19:12:19 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Macrovision Shared
[2010.06.01 19:09:02 | 000,000,000 | ---D | C] -- C:\Programme\Internet
[2010.06.01 19:08:56 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.06.01 19:07:35 | 000,000,000 | ---D | C] -- C:\MITSI 2011 Temporary Files
[2010.06.01 19:07:35 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Inventor
[2010.06.01 19:07:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Autodesk
[2010.06.01 19:06:07 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Chart Controls
[2010.06.01 19:06:01 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft WSE
[2010.06.01 19:04:58 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Autodesk
[2010.06.01 19:04:46 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.06.01 19:04:46 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.06.01 19:04:45 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.06.01 19:04:23 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Designer
[2010.06.01 19:04:22 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.06.01 19:04:06 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Autodesk Shared
[2010.06.01 19:04:06 | 000,000,000 | ---D | C] -- C:\Programme\Autodesk
[2010.06.01 18:59:53 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.06.01 18:59:50 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.06.01 18:59:50 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.06.01 18:59:37 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.06.01 18:59:37 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.06.01 18:59:37 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.06.01 18:59:37 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.06.01 18:59:12 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.06.01 18:59:12 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.06.01 18:58:54 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.06.01 18:58:52 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.06.01 18:58:52 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.06.01 18:58:52 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.06.01 18:58:52 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.06.01 18:58:51 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.06.01 18:58:51 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.06.01 18:58:50 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.06.01 18:58:50 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.06.01 18:58:50 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.06.01 18:58:34 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.06.01 18:58:34 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.06.01 18:58:34 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.06.01 18:58:34 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.06.01 18:58:34 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.06.01 18:58:34 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.06.01 18:58:34 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.06.01 18:58:34 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.06.01 18:58:34 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.06.01 18:58:02 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Autodesk
[2010.06.01 18:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2010.06.01 18:57:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.06.01 18:56:35 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.06.01 18:55:55 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.06.01 18:45:48 | 000,000,000 | ---D | C] -- C:\Users\Alex\AutoCAD_Inventor_Suite_2011_German_Win_32bit
[2010.06.01 18:32:42 | 000,000,000 | R--D | C] -- C:\Users\Alex\Searches
[2010.06.01 18:32:32 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Identities
[2010.06.01 18:32:31 | 000,000,000 | R--D | C] -- C:\Users\Alex\Contacts
[2010.06.01 18:32:22 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\VirtualStore
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Vorlagen
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\AppData\Local\Verlauf
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\AppData\Local\Temporary Internet Files
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Startmenü
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\SendTo
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Recent
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Netzwerkumgebung
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Lokale Einstellungen
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Documents\Eigene Videos
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Documents\Eigene Musik
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Eigene Dateien
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Documents\Eigene Bilder
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Druckumgebung
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Cookies
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\AppData\Local\Anwendungsdaten
[2010.06.01 18:32:21 | 000,000,000 | -HSD | C] -- C:\Users\Alex\Anwendungsdaten
[2010.06.01 18:32:20 | 000,000,000 | --SD | C] -- C:\Users\Alex\AppData\Roaming\Microsoft
[2010.06.01 18:32:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Videos
[2010.06.01 18:32:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Saved Games
[2010.06.01 18:32:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Pictures
[2010.06.01 18:32:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Music
[2010.06.01 18:32:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Links
[2010.06.01 18:32:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Favorites
[2010.06.01 18:32:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Downloads
[2010.06.01 18:32:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Documents
[2010.06.01 18:32:20 | 000,000,000 | R--D | C] -- C:\Users\Alex\Desktop
[2010.06.01 18:32:20 | 000,000,000 | -H-D | C] -- C:\Users\Alex\AppData
[2010.06.01 18:32:20 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Temp
[2010.06.01 18:32:20 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Microsoft
[2010.06.01 18:32:20 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Media Center Programs
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.06.01 18:32:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.06.01 18:27:42 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.06.01 18:25:08 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.06.01 18:24:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.12 18:23:43 | 002,097,152 | -HS- | M] () -- C:\Users\Alex\ntuser.dat
[2010.06.12 16:05:19 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.12 16:05:19 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.12 16:05:19 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.12 16:05:19 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.12 16:05:19 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.12 15:49:20 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.12 15:49:20 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.12 15:44:33 | 000,007,594 | ---- | M] () -- C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
[2010.06.12 15:40:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.12 15:40:17 | 001,740,224 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.12 15:40:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.12 15:39:51 | 2388,279,296 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.12 15:37:55 | 002,704,670 | -H-- | M] () -- C:\Users\Alex\AppData\Local\IconCache.db
[2010.06.11 01:43:42 | 000,956,778 | ---- | M] () -- C:\Users\Alex\Desktop\EMPA-Präsentation.odp
[2010.06.11 01:37:39 | 000,003,584 | ---- | M] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.11 01:33:49 | 002,725,612 | ---- | M] () -- C:\Users\Alex\Desktop\Animation_EMPA.wmv
[2010.06.09 20:48:00 | 000,001,662 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Sunbird.lnk
[2010.06.09 19:14:04 | 000,001,602 | ---- | M] () -- C:\Users\Alex\Desktop\CCleaner.lnk
[2010.06.08 14:42:25 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.08 14:38:02 | 000,002,921 | ---- | M] () -- C:\Users\Alex\Desktop\BT Verknüpfung.lnk
[2010.06.08 14:30:34 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.08 08:14:28 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.06.07 21:24:23 | 000,001,812 | ---- | M] () -- C:\Users\Alex\Desktop\HijackThis.lnk
[2010.06.07 12:25:26 | 000,001,486 | ---- | M] () -- C:\Users\Alex\Desktop\Photoshop - Verknüpfung.lnk
[2010.06.07 12:16:25 | 000,113,016 | ---- | M] () -- C:\Users\Alex\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.07 11:17:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.06.07 09:02:00 | 000,001,874 | ---- | M] () -- C:\Users\Public\Desktop\NetObjects Fusion 9.0.lnk
[2010.06.06 21:05:05 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Impression 3.lnk
[2010.06.03 21:44:14 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.06.03 21:44:14 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.06.03 21:44:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.06.03 21:44:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.06.03 20:16:44 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.06.03 12:30:08 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\ntuser.dat{880b6207-6edc-11df-a0a0-002219de4688}.TMContainer00000000000000000002.regtrans-ms
[2010.06.03 12:30:08 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\ntuser.dat{880b6207-6edc-11df-a0a0-002219de4688}.TMContainer00000000000000000001.regtrans-ms
[2010.06.03 12:30:08 | 000,065,536 | -HS- | M] () -- C:\Users\Alex\ntuser.dat{880b6207-6edc-11df-a0a0-002219de4688}.TM.blf
[2010.06.03 09:34:43 | 000,000,258 | ---- | M] () -- C:\Users\Alex\Desktop\GameExplorer.lnk
[2010.06.02 16:09:22 | 000,000,655 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
[2010.06.01 19:47:16 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.06.01 19:47:16 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.06.01 19:47:16 | 000,065,536 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.06.01 19:24:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.06.01 19:11:53 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Inventor Professional 2011.lnk
[2010.06.01 18:32:21 | 000,000,020 | -HS- | M] () -- C:\Users\Alex\ntuser.ini
[2010.06.01 18:28:30 | 000,057,035 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.06.01 18:27:25 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.06.01 13:37:58 | 000,065,536 | ---- | M] () -- C:\Users\Alex\Documents\cert8.db
[2010.06.01 13:37:58 | 000,016,384 | ---- | M] () -- C:\Users\Alex\Documents\key3.db
[2010.06.01 13:37:58 | 000,011,180 | ---- | M] () -- C:\Users\Alex\Documents\prefs.js
[2010.06.01 11:56:44 | 000,019,996 | ---- | M] () -- C:\Users\Alex\Documents\localstore.rdf
[2010.05.27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.05.27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.05.21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.21 09:11:36 | 000,009,632 | ---- | M] () -- C:\Users\Alex\Documents\mimeTypes.rdf
[2010.05.21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.05.19 09:58:26 | 010,222,080 | ---- | M] (Foxit Corporation) -- C:\Users\Alex\Foxit Reader.exe
 
========== Files Created - No Company Name ==========
 
[2010.06.11 01:37:39 | 000,003,584 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.11 01:33:31 | 002,725,612 | ---- | C] () -- C:\Users\Alex\Desktop\Animation_EMPA.wmv
[2010.06.09 20:48:00 | 000,001,662 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Sunbird.lnk
[2010.06.09 19:23:51 | 000,956,778 | ---- | C] () -- C:\Users\Alex\Desktop\EMPA-Präsentation.odp
[2010.06.09 19:14:04 | 000,001,602 | ---- | C] () -- C:\Users\Alex\Desktop\CCleaner.lnk
[2010.06.08 14:42:25 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.08 14:38:02 | 000,002,921 | ---- | C] () -- C:\Users\Alex\Desktop\BT Verknüpfung.lnk
[2010.06.08 14:30:34 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.08 08:14:28 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.06.08 07:54:29 | 000,000,655 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
[2010.06.07 21:26:58 | 000,007,594 | ---- | C] () -- C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
[2010.06.07 21:24:23 | 000,001,812 | ---- | C] () -- C:\Users\Alex\Desktop\HijackThis.lnk
[2010.06.07 12:25:26 | 000,001,486 | ---- | C] () -- C:\Users\Alex\Desktop\Photoshop - Verknüpfung.lnk
[2010.06.07 11:17:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.06.07 09:02:00 | 000,001,874 | ---- | C] () -- C:\Users\Public\Desktop\NetObjects Fusion 9.0.lnk
[2010.06.07 08:55:45 | 000,028,672 | ---- | C] () -- C:\Windows\System32\nnr.dll
[2010.06.06 21:05:05 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Impression 3.lnk
[2010.06.03 20:16:44 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.06.03 09:34:43 | 000,000,258 | ---- | C] () -- C:\Users\Alex\Desktop\GameExplorer.lnk
[2010.06.03 08:52:56 | 000,524,288 | -HS- | C] () -- C:\Users\Alex\ntuser.dat{880b6207-6edc-11df-a0a0-002219de4688}.TMContainer00000000000000000002.regtrans-ms
[2010.06.03 08:52:56 | 000,524,288 | -HS- | C] () -- C:\Users\Alex\ntuser.dat{880b6207-6edc-11df-a0a0-002219de4688}.TMContainer00000000000000000001.regtrans-ms
[2010.06.03 08:52:56 | 000,065,536 | -HS- | C] () -- C:\Users\Alex\ntuser.dat{880b6207-6edc-11df-a0a0-002219de4688}.TM.blf
[2010.06.01 19:24:08 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.06.01 19:24:06 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.06.01 19:18:06 | 000,065,536 | ---- | C] () -- C:\Users\Alex\Documents\cert8.db
[2010.06.01 19:18:06 | 000,019,996 | ---- | C] () -- C:\Users\Alex\Documents\localstore.rdf
[2010.06.01 19:18:06 | 000,016,384 | ---- | C] () -- C:\Users\Alex\Documents\secmod.db
[2010.06.01 19:18:06 | 000,016,384 | ---- | C] () -- C:\Users\Alex\Documents\key3.db
[2010.06.01 19:18:06 | 000,011,180 | ---- | C] () -- C:\Users\Alex\Documents\prefs.js
[2010.06.01 19:18:06 | 000,009,632 | ---- | C] () -- C:\Users\Alex\Documents\mimeTypes.rdf
[2010.06.01 19:18:06 | 000,002,602 | ---- | C] () -- C:\Users\Alex\Documents\extensions.rdf
[2010.06.01 19:11:53 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Inventor Professional 2011.lnk
[2010.06.01 18:32:21 | 000,524,288 | -HS- | C] () -- C:\Users\Alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.06.01 18:32:21 | 000,524,288 | -HS- | C] () -- C:\Users\Alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.06.01 18:32:21 | 000,262,144 | -HS- | C] () -- C:\Users\Alex\ntuser.dat.LOG1
[2010.06.01 18:32:21 | 000,065,536 | -HS- | C] () -- C:\Users\Alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.06.01 18:32:21 | 000,000,020 | -HS- | C] () -- C:\Users\Alex\ntuser.ini
[2010.06.01 18:32:21 | 000,000,000 | -HS- | C] () -- C:\Users\Alex\ntuser.dat.LOG2
[2010.06.01 18:32:20 | 002,097,152 | -HS- | C] () -- C:\Users\Alex\ntuser.dat
[2010.06.01 18:27:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.06.01 18:24:49 | 2388,279,296 | -HS- | C] () -- C:\hiberfil.sys
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2005.05.06 19:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
< End of report >
--- --- ---

Alt 13.06.2010, 15:10   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus "Wie findest du dieses Bild" (winscdvn.exe) - Standard

Virus "Wie findest du dieses Bild" (winscdvn.exe)


Hallo und

Mach bitte zuerstmal einen Vollscan mit Malwarebytes und poste das Log.
Wenn Du es schon scannen lassen hast, dann reich bitte alle Logs von diesem Tool nach.
__________________

__________________
Antwort

Themen zu Virus "Wie findest du dieses Bild" (winscdvn.exe)
avgntflt.sys, components, conhost.exe, corp./icp, firefox.exe, fontcache, langs, location, media center, microsoft security, microsoft security essentials, mozilla thunderbird, nvstor.sys, oldtimer, otl.exe, plug-in, programdata, safer networking, sched.exe, searchplugins, start menu, taskhost.exe, webcheck


« AW: TR/Buzus.ejdf | Avira Antivir findet TR/Bredolab, TR/Crypt.XPACK.Gen ,TR/Drop. »


Ähnliche Themen: Virus "Wie findest du dieses Bild" (winscdvn.exe)


  1. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  2. Win7 Virus "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 31.12.2012 (11)
  3. "Dieses Programm kann die Website nicht anzeigen"-Virus
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (31)
  4. Virus - "Dieses Programm kann die Webseite nicht anzeigen" - Win 7 32bit
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (7)
  5. "Dieses Programm kann die Webseite nicht anzeigen" Virus (Windows 7)
    Plagegeister aller Art und deren Bekämpfung - 19.09.2012 (9)
  6. "Dieses Programm kann nicht die Webseite anzeigen" Virus
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (9)
  7. Icq virus / wie findest du das bild... usw
    Plagegeister aller Art und deren Bekämpfung - 09.11.2010 (16)
  8. MSN Virus erhalten "Guck mal dieses Bild" [...] Proxy Umleitung? :x
    Log-Analyse und Auswertung - 05.09.2010 (1)
  9. Mal wieder das Messenger-Virus ("Kennst du dieses Foto noch :D")
    Plagegeister aller Art und deren Bekämpfung - 06.07.2010 (8)
  10. ICQ Virus "Wie findest du das Bild?"
    Plagegeister aller Art und deren Bekämpfung - 23.06.2010 (9)
  11. icq virus "wie findest du das bild"
    Plagegeister aller Art und deren Bekämpfung - 20.06.2010 (23)
  12. Icq Viru: "Wie findest du das Bild:D"
    Plagegeister aller Art und deren Bekämpfung - 20.06.2010 (6)
  13. "Wie findest du dieses Bild"
    Plagegeister aller Art und deren Bekämpfung - 15.06.2010 (1)
  14. Msn/ICQ - Virus "Wie findest du dieses Bild" (winscdvn.exe)
    Plagegeister aller Art und deren Bekämpfung - 14.06.2010 (52)
  15. Wie findest du dieses Bild?
    Mülltonne - 13.06.2010 (1)
  16. ICQ Virus: "Wie findest du mein neues Foto denn so ;D "
    Plagegeister aller Art und deren Bekämpfung - 10.06.2010 (3)
  17. "Generic!atr" mit dem Element "autorun.inf"-Wie kann ich dieses entfernen???
    Plagegeister aller Art und deren Bekämpfung - 02.11.2008 (43)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virus "Wie findest du dieses Bild" (winscdvn.exe) - Auch mich hats erwischt. Leider werde ich aus den anderen posts nicht schlau hier mal mein otl scan. Avira hat die wuaucld.exe bereits mit den letzten update selber erkannt. OTL - Virus "Wie findest du dieses Bild" (winscdvn.exe)...
Archiv
Du betrachtest: Virus "Wie findest du dieses Bild" (winscdvn.exe) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131