Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: VIRUS oder doch nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.08.2011, 19:17   #1
Lulu17
 
VIRUS oder doch nicht - Standard

VIRUS oder doch nicht



Hallo,

Ich habe ein großes Problem. Ich war jetzt eine Woche im Urlaub und bin erst gestern wieder gekommen und seitdem bleibt mein Laptop immer hängen und mein Internet ist langsamer geworden und mein Youtube geht nicht und kann auch keine Downloads mehr machen . Ich habe ihn schon Defragementiert und ihn gesceant und jetzt weiß ich einfach nicht mehr weiter :/ ICh hoffe ihr kommt mir helfen



Zitat:
OTL logfile created on: 05.08.2011 20:08:37 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\NIKI\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,90 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 42,26% Memory free
7,80 Gb Paging File | 5,09 Gb Available in Paging File | 65,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,16 Gb Total Space | 391,94 Gb Free Space | 87,26% Space Free | Partition Type: NTFS

Computer Name: NIKI-PC | User Name: NIKI | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\NIKI\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
PRC - C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\fsav32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Vodafone-Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\fssm32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\FSGK32.EXE (F-Secure Corporation)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Vodafone-Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\Vodafone-Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\Vodafone-Sicherheitspaket\Common\FSHDLL32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSGUI\fscuif.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\Vc.exe (Acer Incoporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\NIKI\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - \\?\c:\program files (x86)\vodafone-sicherheitspaket\hips\fshook32.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (FSORSPClient) -- C:\Program Files (x86)\Vodafone-Sicherheitspaket\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (Norton Ghost) -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (GenericMount Helper Service) -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe (Symantec)
SRV - (SymSnapService) -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe (Symantec)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (IGBASVC) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (FSMA) -- C:\Program Files (x86)\Vodafone-Sicherheitspaket\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (FSDFWD) -- C:\Program Files (x86)\Vodafone-Sicherheitspaket\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\SysNative\drivers\FPSensor.sys (EgisTec)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (VProEventMonitor) -- C:\Windows\SysNative\drivers\vproeventmonitor.sys (Symantec Corporation)
DRV:64bit: - (GenericMount) -- C:\Windows\SysNative\drivers\GenericMount.sys (Symantec Corporation)
DRV:64bit: - (symsnap) -- C:\Windows\SysNative\drivers\symsnap.sys (StorageCraft)
DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (hidshim) -- C:\Windows\SysNative\drivers\hidshim.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (nuvotonhidcir) -- C:\Windows\SysNative\drivers\nuvotonhidcir.sys (Nuvoton Technology Corporation)
DRV:64bit: - (nuvotonir) -- C:\Windows\SysNative\drivers\nuvotonir.sys (Nuvoton Technology Corporation)
DRV:64bit: - (nuvotoncir) -- C:\Windows\SysNative\drivers\nuvotoncir.sys (Nuvoton Technology Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (FSFW) -- C:\Windows\SysNative\drivers\fsdfw.sys (F-Secure Corporation)
DRV:64bit: - (FSES) -- C:\Windows\SysNative\drivers\fses.sys (F-Secure Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (O2MDGRDR) -- C:\Windows\SysNative\drivers\o2mdgx64.sys (O2Micro )
DRV:64bit: - (O2SDGRDR) -- C:\Windows\SysNative\drivers\o2sdgx64.sys (O2Micro )
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (F-Secure Gatekeeper) -- C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\minifilter\fsgk.sys ()
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (F-Secure HIPS) -- C:\Program Files (x86)\Vodafone-Sicherheitspaket\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (F-Secure Filter) -- C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\Win2K\FSfilter.sys ()
DRV - (F-Secure Recognizer) -- C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\Win2K\FSrec.sys ()
DRV - (fsvista) -- C:\Program Files (x86)\Vodafone-Sicherheitspaket\Anti-Virus\minifilter\fsvista.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8935g&r=27360311h606l04f3z105t4829u355
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8935g&r=27360311h606l04f3z105t4829u355
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8935g&r=27360311h606l04f3z105t4829u355

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8935g&r=27360311h606l04f3z105t4829u355
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8935g&r=27360311h606l04f3z105t4829u355
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Plus! Network"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {333b42b0-9c75-11db-b606-0800200c9a66}:2.200100126
FF - prefs.js..extensions.enabledItems: {a02c0c70-605c-11da-8cd6-0800200c9a66}:4.22
FF - prefs.js..extensions.enabledItems: {e7348bc0-16f6-11de-8c30-0800200c9a66}:3.6.19.02.10
FF - prefs.js..keyword.URL: "hxxp://www.plusnetwork.com/?sp=addr&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\NIKI\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\Vodafone-Sicherheitspaket\NRS\litmus-ff@f-secure.com [2011.03.21 02:16:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.25 09:59:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.07 22:06:23 | 000,000,000 | ---D | M]

[2011.03.21 02:54:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NIKI\AppData\Roaming\mozilla\Extensions
[2011.08.04 22:47:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NIKI\AppData\Roaming\mozilla\Firefox\Profiles\fgpuv3cr.default\extensions
[2011.04.15 13:34:39 | 000,000,000 | ---D | M] (PinkHope) -- C:\Users\NIKI\AppData\Roaming\mozilla\Firefox\Profiles\fgpuv3cr.default\extensions\{333b42b0-9c75-11db-b606-0800200c9a66}
[2011.04.15 13:38:22 | 000,000,000 | ---D | M] (PimpZilla) -- C:\Users\NIKI\AppData\Roaming\mozilla\Firefox\Profiles\fgpuv3cr.default\extensions\{a02c0c70-605c-11da-8cd6-0800200c9a66}
[2011.05.06 22:19:02 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\NIKI\AppData\Roaming\mozilla\Firefox\Profiles\fgpuv3cr.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.04 22:47:11 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\NIKI\AppData\Roaming\mozilla\Firefox\Profiles\fgpuv3cr.default\extensions\bbrs_002@blabbers.com
[2011.04.15 13:34:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NIKI\AppData\Roaming\mozilla\Firefox\Profiles\fgpuv3cr.default\extensions\{333b42b0-9c75-11db-b606-0800200c9a66}\chrome\mozapps\extensions
[2011.04.15 13:34:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NIKI\AppData\Roaming\mozilla\Firefox\Profiles\fgpuv3cr.default\extensions\{333b42b0-9c75-11db-b606-0800200c9a66}\chrome\mozapps\extensions\CVS
[2011.08.05 10:10:00 | 000,002,770 | ---- | M] () -- C:\Users\NIKI\AppData\Roaming\Mozilla\Firefox\Profiles\fgpuv3cr.default\searchplugins\Plusnetwork.xml
[2011.08.05 13:49:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.03.21 03:16:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.21 23:09:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\NIKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FGPUV3CR.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2011.06.25 09:59:01 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.07 22:06:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.07 22:06:17 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.05.07 22:06:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.07 22:06:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.07 22:06:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.07 22:06:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Vodafone-Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Vodafone-Sicherheitspaket\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Vodafone-Sicherheitspaket\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [EA Core] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\NIKI\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\NIKI\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\Vodafone-Sicherheitspaket\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{08a9efdb-534e-11e0-89a6-60eb6972e32d}\Shell - "" = AutoRun
O33 - MountPoints2\{08a9efdb-534e-11e0-89a6-60eb6972e32d}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.08.05 20:06:40 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\NIKI\Desktop\OTL.exe
[2011.08.05 12:36:59 | 000,000,000 | ---D | C] -- C:\Users\NIKI\Desktop\Taly
[2011.08.05 10:10:00 | 000,000,000 | ---D | C] -- C:\Users\NIKI\AppData\Local\Messenger_Plus_Live
[2011.08.04 22:47:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowserCompanion
[2011.08.04 19:52:57 | 000,000,000 | ---D | C] -- C:\Users\NIKI\Desktop\04.08.2011
[2011.07.23 23:02:08 | 000,000,000 | ---D | C] -- C:\Users\NIKI\AppData\Roaming\Alawar
[2011.07.23 23:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Alawar
[2011.07.23 23:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotel Imperium Las Vegas
[2011.07.23 23:01:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotel Imperium Las Vegas
[2011.07.22 18:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.07.15 12:49:03 | 000,000,000 | ---D | C] -- C:\Users\NIKI\AppData\Roaming\DVDVideoSoft
[2011.07.13 09:43:20 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.07.13 09:43:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.13 09:43:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.13 09:43:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.07.13 09:43:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.07.13 09:43:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.07.13 09:43:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.07.13 09:43:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.07.13 09:43:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.07.13 09:43:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.07.13 09:43:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.07.13 09:43:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.07.13 09:43:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.07.13 09:43:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.07.13 09:43:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.07.13 09:43:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.07.13 09:42:42 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.07.13 09:42:37 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.07.13 09:42:36 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.07.13 09:42:35 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.07.13 09:42:34 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.07.13 09:42:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.07.13 09:42:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.07.13 09:42:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.07.13 09:42:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.07.13 09:42:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.07.13 09:42:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.07.13 09:42:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.07.11 12:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.07.11 11:53:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2009.10.16 19:26:38 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

========== Files - Modified Within 30 Days ==========

[2011.08.05 20:06:43 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\NIKI\Desktop\OTL.exe
[2011.08.05 18:18:43 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.05 18:18:43 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.05 18:11:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.05 18:11:01 | 3143,258,112 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.05 12:06:12 | 000,000,530 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2011.07.29 14:23:57 | 001,177,474 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.07.29 14:23:57 | 000,777,766 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.29 14:23:57 | 000,297,470 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.07.29 14:23:57 | 000,257,542 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.29 14:23:57 | 000,005,782 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.26 16:10:27 | 000,113,577 | ---- | M] () -- C:\Users\NIKI\Documents\Deckblatt.odt
[2011.07.26 16:09:10 | 000,017,433 | ---- | M] () -- C:\Users\NIKI\Documents\Lebenslauf.odt
[2011.07.26 15:51:07 | 000,019,671 | ---- | M] () -- C:\Users\NIKI\Documents\Bewerbung.odt
[2011.07.22 21:43:12 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.07.22 18:05:45 | 000,001,402 | ---- | M] () -- C:\Users\NIKI\Desktop\Free YouTube to MP3 Converter.lnk
[2011.07.22 18:05:45 | 000,001,243 | ---- | M] () -- C:\Users\NIKI\Desktop\DVDVideoSoft Free Studio.lnk
[2011.07.21 17:37:58 | 000,000,729 | ---- | M] () -- C:\Users\NIKI\Documents\lololoololollloo.rtf
[2011.07.21 17:37:42 | 000,006,023 | ---- | M] () -- C:\Users\NIKI\Documents\was ich sagen will.rtf
[2011.07.21 11:14:54 | 000,000,456 | ---- | M] () -- C:\Users\NIKI\Documents\Adresse.rtf
[2011.07.20 16:31:19 | 000,071,680 | -H-- | M] () -- C:\Users\NIKI\Desktop\photothumb.db
[2011.07.19 22:50:44 | 000,001,093 | ---- | M] () -- C:\Users\NIKI\Documents\english.rtf
[2011.07.17 22:22:20 | 000,006,662 | ---- | M] () -- C:\Users\NIKI\Documents\Spürche.rtf
[2011.07.16 16:27:54 | 000,002,558 | ---- | M] () -- C:\Users\NIKI\Documents\Aufsagen.rtf
[2011.07.13 18:20:02 | 000,376,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.07.07 22:52:34 | 000,004,096 | -H-- | M] () -- C:\Users\NIKI\Documents\photothumb.db

========== Files Created - No Company Name ==========

[2011.07.22 18:05:45 | 000,001,402 | ---- | C] () -- C:\Users\NIKI\Desktop\Free YouTube to MP3 Converter.lnk
[2011.07.22 18:05:45 | 000,001,243 | ---- | C] () -- C:\Users\NIKI\Desktop\DVDVideoSoft Free Studio.lnk
[2011.07.21 17:37:58 | 000,000,729 | ---- | C] () -- C:\Users\NIKI\Documents\lololoololollloo.rtf
[2011.07.21 11:14:54 | 000,000,456 | ---- | C] () -- C:\Users\NIKI\Documents\Adresse.rtf
[2011.07.21 00:08:46 | 000,006,023 | ---- | C] () -- C:\Users\NIKI\Documents\was ich sagen will.rtf
[2011.07.19 22:50:44 | 000,001,093 | ---- | C] () -- C:\Users\NIKI\Documents\english.rtf
[2011.07.17 16:57:08 | 000,006,662 | ---- | C] () -- C:\Users\NIKI\Documents\Spürche.rtf
[2011.07.16 16:27:54 | 000,002,558 | ---- | C] () -- C:\Users\NIKI\Documents\Aufsagen.rtf
[2011.05.21 18:29:05 | 000,000,768 | ---- | C] () -- C:\Windows\eReg.dat
[2011.05.14 12:41:26 | 000,004,608 | ---- | C] () -- C:\Users\NIKI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.17 21:14:45 | 000,006,353 | R--- | C] () -- C:\Windows\SysWow64\hphmon05.dat
[2011.03.23 22:23:10 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.03.21 22:57:06 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2011.03.21 04:06:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.21 02:53:57 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.03.21 02:47:58 | 000,000,000 | ---- | C] () -- C:\Users\NIKI\AppData\Roaming\wklnhst.dat
[2011.03.21 02:12:41 | 000,042,664 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2011.03.21 02:12:22 | 001,516,890 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.30 09:42:23 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll
[2010.10.30 09:42:23 | 000,206,072 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.10.30 09:42:23 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2010.10.30 09:42:23 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2010.10.30 09:40:07 | 000,001,005 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010.10.30 09:39:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.11.11 10:22:24 | 000,001,005 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.11.11 10:22:13 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.11.11 10:22:09 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.11.11 10:22:09 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.11.11 10:22:05 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2006.12.05 10:27:04 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\SatSrv.exe

========== LOP Check ==========

[2011.03.21 04:21:09 | 000,000,000 | -HSD | M] -- C:\Users\NIKI\AppData\Roaming\.#
[2011.07.23 23:02:08 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\Alawar
[2011.05.26 12:38:14 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\Auslogics
[2011.07.22 18:06:18 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\DVDVideoSoft
[2011.05.06 22:19:01 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.03.21 01:50:02 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\GameConsole
[2011.04.30 19:48:30 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\gtk-2.0
[2011.04.30 19:28:39 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\MAGIX
[2011.03.21 03:21:33 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\OpenOffice.org
[2011.05.07 22:50:14 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\PhotoScape
[2011.03.21 03:39:45 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\PowerCinema
[2011.03.21 03:57:55 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\SoftDMA
[2011.03.22 18:04:20 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\Steganos
[2011.03.22 19:25:36 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\TuneUp Software
[2011.04.10 18:42:51 | 000,000,000 | ---D | M] -- C:\Users\NIKI\AppData\Roaming\ViquaSoft
[2011.07.13 11:53:31 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.08.05 12:06:12 | 000,000,530 | ---- | M] () -- C:\Windows\Tasks\Scheduled scanning task.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:444C53BA

< End of report >

Alt 06.08.2011, 12:37   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
VIRUS oder doch nicht - Standard

VIRUS oder doch nicht



Zitat:
und ihn gesceant und jetzt weiß ich einfach nicht mehr weiter
Was hast du womit gescannt?
__________________

__________________

Antwort

Themen zu VIRUS oder doch nicht
.dll, alternate, autorun, bho, converter, error, explorer, firefox, format, home, hängen, igdpmd64.sys, internet, launch, locker, logfile, microsoft, monitor, mozilla, mp3, mywinlocker, plug-in, programme, realtek, registry, scan, software, start menu, studio, symantec, usb, version=1.0, virus, vodafone-sicherheitspaket, webcheck, windows




Ähnliche Themen: VIRUS oder doch nicht


  1. PC schaltet ab Temperatur Problem oder doch Virus
    Netzwerk und Hardware - 08.07.2014 (5)
  2. Sicherheitslücke oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 23.02.2014 (1)
  3. Alles ok oder doch nicht?
    Log-Analyse und Auswertung - 11.01.2014 (11)
  4. BKA Virus - oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 24.10.2013 (23)
  5. Ein Virus? oder doch nur eine Einstellungssache des Laptops?
    Plagegeister aller Art und deren Bekämpfung - 23.09.2013 (12)
  6. BSOD-Maustreiber oder doch Virus?
    Log-Analyse und Auswertung - 26.04.2013 (16)
  7. Google Redirect Virus oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (42)
  8. Virenprogramme versagen oder ist es doch kein Virus?
    Log-Analyse und Auswertung - 24.12.2012 (2)
  9. Virus oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 21.07.2011 (44)
  10. Virus/Trojaner oder doch Wurm
    Plagegeister aller Art und deren Bekämpfung - 06.07.2010 (9)
  11. Virus, Trojaner oder doch Hardwaredefekt?
    Plagegeister aller Art und deren Bekämpfung - 31.07.2009 (2)
  12. Störung des Provides oder doch ein Virus?
    Plagegeister aller Art und deren Bekämpfung - 27.04.2007 (2)
  13. Virus oder doch Windows-Fehler??? Hilfe!!!
    Plagegeister aller Art und deren Bekämpfung - 12.11.2006 (1)
  14. Zlob weg..oder doch nicht??
    Log-Analyse und Auswertung - 03.08.2006 (1)
  15. Net Sky, oder doch nicht?
    Plagegeister aller Art und deren Bekämpfung - 19.12.2005 (3)
  16. mp3-virus? oder doch ein anderes problem?
    Plagegeister aller Art und deren Bekämpfung - 13.10.2005 (6)
  17. Böswilliger Exploit??? Oder doch nen Virus??
    Plagegeister aller Art und deren Bekämpfung - 11.09.2005 (1)

Zum Thema VIRUS oder doch nicht - Hallo, Ich habe ein großes Problem. Ich war jetzt eine Woche im Urlaub und bin erst gestern wieder gekommen und seitdem bleibt mein Laptop immer hängen und mein Internet ist - VIRUS oder doch nicht...
Archiv
Du betrachtest: VIRUS oder doch nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.