| |
| |||||||
Log-Analyse und Auswertung: PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.06.2012, 08:02
| #1 |
| |  PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber? Guten Tag Forum, erstmal grosses Lob für die detailierten Beschreibungen, die Erklärthreads sind der Hammer! Und 1000 Dank das mein Rechner jetzt erstmal wieder läuft, dieser Platinum-XXXX ist ja echt mieß. Ok, ich hab dieses Thema durchgearbeitet: http://www.trojaner-board.de/116774-...entfernen.html und alle 3 Scanner laufen lassen, beim 3ten wurde nix mehr gefunden,unten folgen die Logfiles. Meine Frage, ist der Rechner jetzt wieder ok? Nochmals vielen Dank! _________________________________________________________________________ Logfile von Malwarebytes: Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.18.07 Windows XP Service Pack 3 x86 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 6.0.2900.5512 MIKA :: VAIO [Administrator] Schutz: Deaktiviert 18.06.2012 21:52:37 mbam-log-2012-06-18 (21-52-37).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 215148 Laufzeit: 2 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum (Trojan.FakeAlert.LSPGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|529C50A800006A620000258FD151FC84 (Trojan.FakeAlert.LSPGen) -> Daten: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\529C50A800006A620000258FD151FC84\529C50A800006A620000258FD151FC84.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\529C50A800006A620000258FD151FC84\529C50A800006A620000258FD151FC84.exe (Trojan.FakeAlert.LSPGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\MIKA\Desktop\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) _________________________________________________________________________ Logfile von Emsisoft Anti-Malware: Emsisoft Anti-Malware - Version 6.6 Letztes Update: 18.06.2012 22:18:40 Scan Einstellungen: Scan Methode: Detail Scan Objekte: Rootkits, Speicher, Traces, C:\, D:\ Archiv Scan: An ADS Scan: An Scan Beginn: 18.06.2012 22:18:50 c:\dokumente und einstellungen\mika\startmenü\programme\live security platinum\live security platinum.lnk gefunden: Trace.File.livesecurityplatinum!E1 C:\System Volume Information\_restore{E895C312-F1D7-4F63-B5B3-B26DD2D11986}\RP24\A0007250.exe gefunden: Trojan.Win32.FakeAV!E2 C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Temporary Internet Files\Content.IE5\O5Q7WDMN\soft4[1].exe gefunden: Trojan.Win32.FakeAV!E2 D:\# SOFTWARE\FILE Renamer\filerenamerbasic.exe gefunden: Riskware.Win32.MyWay.c!E1 Gescannt 551589 Gefunden 4 Scan Ende: 19.06.2012 00:25:49 Scan Zeit: 2:06:59 D:\# SOFTWARE\FILE Renamer\filerenamerbasic.exe Quarantäne Riskware.Win32.MyWay.c!E1 C:\System Volume Information\_restore{E895C312-F1D7-4F63-B5B3-B26DD2D11986}\RP24\A0007250.exe Quarantäne Trojan.Win32.FakeAV!E2 C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Temporary Internet Files\Content.IE5\O5Q7WDMN\soft4[1].exe Quarantäne Trojan.Win32.FakeAV!E2 c:\dokumente und einstellungen\mika\startmenü\programme\live security platinum\live security platinum.lnk Quarantäne Trace.File.livesecurityplatinum!E1 Quarantäne 4 _________________________________________________________________________ Logfile von HitmanPro 3.6: |
|
21.06.2012, 07:29
| #2 |
| | PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber? Sorry, die fehlen wohl noch, hier die Logfiles von OTL,
__________________OTL.txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.06.2012 07:34:46 - Run 1 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Dokumente und Einstellungen\MIKA\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1022,42 Mb Total Physical Memory | 655,20 Mb Available Physical Memory | 64,08% Memory free 2,40 Gb Paging File | 1,73 Gb Available in Paging File | 71,96% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 37,26 Gb Total Space | 22,82 Gb Free Space | 61,24% Space Free | Partition Type: NTFS Drive D: | 48,91 Gb Total Space | 16,36 Gb Free Space | 33,45% Space Free | Partition Type: NTFS Computer Name: VAIO | User Name: MIKA | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.18 22:42:21 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MIKA\Desktop\OTL.exe PRC - [2012.06.17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005.05.20 17:41:42 | 000,153,600 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe PRC - [2005.05.15 05:51:24 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe PRC - [2004.02.20 14:12:34 | 000,032,768 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\ISB Utility\ISBMgr.exe PRC - [2003.11.07 10:21:28 | 000,114,688 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe PRC - [2003.02.26 04:08:42 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe PRC - [2002.03.14 16:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe ========== Modules (No Company Name) ========== MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2005.05.20 17:42:20 | 000,010,752 | ---- | M] () -- C:\Programme\Sony\VAIO Event Service\VESBasePS.dll MOD - [2004.11.02 21:16:40 | 000,121,856 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012.06.17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Programme\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2012.06.10 13:51:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2005.05.20 17:41:42 | 000,153,600 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012.04.30 18:45:28 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.05.19 14:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2005.06.29 07:35:10 | 003,173,888 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005.06.10 03:31:28 | 000,076,800 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony) DRV - [2005.05.23 03:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2005.05.23 03:30:48 | 000,178,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2005.05.23 03:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005.05.03 07:03:54 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005.04.30 16:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R) DRV - [2005.02.10 23:07:50 | 000,456,448 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS) DRV - [2003.09.29 06:31:38 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2000.12.05 16:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall) DRV - [2000.11.09 12:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Sony: Community: Welcome to the Sony Community for Computing IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "eBay" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "www.google.de" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.06.10 13:14:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.06.10 03:01:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Mozilla\Extensions [2012.06.11 10:22:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Mozilla\Firefox\Profiles\evdvgxkz.default\extensions [2012.06.10 03:01:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.06.10 03:16:33 | 000,634,964 | ---- | M] () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MIKA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\EVDVGXKZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.06.11 01:53:28 | 000,697,058 | ---- | M] () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MIKA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\EVDVGXKZ.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI [2012.06.01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.06.01 18:33:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll File not found O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll File not found O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) O4 - HKLM..\Run: [VAIO Update 2] C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SnagIt 8.lnk = C:\Programme\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation) O4 - Startup: C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Autostart\Verknüpfung mit AUTOSTART HOTKEY VAIO.lnk = D:\AUTOHOTKEY STUFF\AUTOSTART HOTKEY VAIO.ahk () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4E15CB7-3F3B-4F4D-AC5C-273597C9CD0F}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.07.13 12:03:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012.05.12 12:13:22 | 000,000,000 | ---D | M] - D:\AUTOHOTKEY STUFF -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.06.19 08:40:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HitmanPro [2012.06.19 00:28:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\EurekaLog [2012.06.18 23:28:23 | 007,287,176 | ---- | C] (SurfRight B.V.) -- C:\Dokumente und Einstellungen\MIKA\Desktop\HitmanPro36.exe [2012.06.18 22:42:19 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MIKA\Desktop\OTL.exe [2012.06.18 22:13:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware [2012.06.18 22:12:59 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware [2012.06.18 22:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Anti-Malware [2012.06.18 21:44:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Malwarebytes [2012.06.18 21:44:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2012.06.18 21:44:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2012.06.18 21:44:36 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.06.18 21:44:36 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2012.06.18 06:50:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\529C50A800006A620000258FD151FC84 [2012.06.16 20:37:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\TeamViewer [2012.06.14 23:43:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AutoHotkey [2012.06.14 23:43:47 | 000,000,000 | ---D | C] -- C:\Programme\AutoHotkey [2012.06.10 16:09:17 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR [2012.06.10 15:35:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\SmartFTP [2012.06.10 15:31:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SmartFTP Client [2012.06.10 15:31:12 | 000,000,000 | ---D | C] -- C:\Programme\SmartFTP Client [2012.06.10 15:30:12 | 000,000,000 | ---D | C] -- C:\Programme\SmartFTP Client 3.0 Setup Files [2012.06.10 14:52:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Adobe [2012.06.10 14:46:33 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [2012.06.10 14:43:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FLEXnet [2012.06.10 14:24:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ALM [2012.06.10 14:05:55 | 000,190,696 | ---- | C] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\NPSWF32_FlashUtil.exe [2012.06.10 13:56:45 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2012.06.10 13:55:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Master Collection CS3 [2012.06.10 13:51:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared [2012.06.10 13:22:03 | 000,053,248 | ---- | C] (kish Designs) -- C:\WINDOWS\System32\cptoshex.dll [2012.06.10 13:22:03 | 000,000,000 | ---D | C] -- C:\Programme\CopyTo [2012.06.10 13:18:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\SnagIt Katalog [2012.06.10 13:17:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TechSmith [2012.06.10 13:17:01 | 000,000,000 | ---D | C] -- C:\Programme\TechSmith [2012.06.10 13:17:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\TechSmith [2012.06.10 13:16:11 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard [2012.06.10 13:14:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Apple Computer [2012.06.10 13:13:51 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime [2012.06.10 13:13:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer [2012.06.10 13:13:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Apple [2012.06.10 13:13:34 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update [2012.06.10 13:13:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple [2012.06.10 13:13:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Apple Computer [2012.06.10 13:07:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Media Player Classic [2012.06.10 13:06:38 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2012.06.10 13:06:38 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2012.06.10 13:06:38 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2012.06.10 13:06:37 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2012.06.10 13:06:37 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2012.06.10 13:06:37 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2012.06.10 13:06:36 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2012.06.10 13:06:36 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2012.06.10 13:06:35 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2012.06.10 13:06:35 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2012.06.10 13:06:35 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2012.06.10 13:06:34 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2012.06.10 13:06:34 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2012.06.10 13:06:33 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2012.06.10 13:06:32 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2012.06.10 13:06:32 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2012.06.10 13:06:31 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2012.06.10 13:06:31 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2012.06.10 13:06:30 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2012.06.10 13:06:30 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2012.06.10 13:06:30 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2012.06.10 13:06:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2012.06.10 13:06:28 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2012.06.10 13:06:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2012.06.10 13:06:28 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2012.06.10 13:06:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2012.06.10 13:06:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll [2012.06.10 13:06:27 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll [2012.06.10 13:06:27 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll [2012.06.10 13:06:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2012.06.10 13:06:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2012.06.10 13:06:25 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2012.06.10 13:06:25 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2012.06.10 13:06:24 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll [2012.06.10 13:06:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2012.06.10 13:06:24 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll [2012.06.10 13:06:23 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll [2012.06.10 13:06:23 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2012.06.10 13:06:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2012.06.10 13:06:22 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2012.06.10 13:06:22 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2012.06.10 13:06:21 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2012.06.10 13:06:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2012.06.10 13:06:21 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2012.06.10 13:06:20 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2012.06.10 13:06:20 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2012.06.10 13:06:19 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2012.06.10 13:06:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2012.06.10 13:06:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2012.06.10 13:06:17 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2012.06.10 13:06:17 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2012.06.10 13:06:17 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2012.06.10 13:06:16 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2012.06.10 13:06:15 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2012.06.10 13:06:15 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2012.06.10 13:06:15 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2012.06.10 13:06:14 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll [2012.06.10 13:06:13 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll [2012.06.10 13:06:13 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2012.06.10 13:06:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2012.06.10 13:06:12 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2012.06.10 13:06:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2012.06.10 13:06:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll [2012.06.10 13:06:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll [2012.06.10 13:06:11 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll [2012.06.10 13:06:11 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll [2012.06.10 13:06:08 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll [2012.06.10 13:06:06 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll [2012.06.10 13:06:06 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll [2012.06.10 13:06:03 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll [2012.06.10 13:06:02 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll [2012.06.10 13:06:01 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2012.06.10 13:06:01 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll [2012.06.10 13:06:00 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll [2012.06.10 13:06:00 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll [2012.06.10 13:06:00 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll [2012.06.10 13:06:00 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll [2012.06.10 13:05:59 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll [2012.06.10 13:05:59 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll [2012.06.10 13:05:59 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll [2012.06.10 13:05:58 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll [2012.06.10 13:05:58 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll [2012.06.10 13:05:57 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll [2012.06.10 13:05:57 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll [2012.06.10 13:05:57 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll [2012.06.10 13:05:56 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll [2012.06.10 13:05:56 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll [2012.06.10 13:05:56 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll [2012.06.10 13:05:55 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll [2012.06.10 13:05:55 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll [2012.06.10 13:05:53 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll [2012.06.10 13:05:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs [2012.06.10 13:04:58 | 000,000,000 | ---D | C] -- C:\Programme\MPC-HC [2012.06.10 13:01:20 | 000,000,000 | ---D | C] -- C:\Programme\WinZip [2012.06.10 12:48:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew [2012.06.10 12:48:39 | 000,000,000 | ---D | C] -- C:\Programme\OFFICE 2000 [2012.06.10 12:42:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office [2012.06.10 12:42:24 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft ActiveSync [2012.06.10 12:42:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER [2012.06.10 12:42:10 | 000,000,000 | ---D | C] -- C:\Programme\OFFICE 2003 [2012.06.10 12:38:03 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.06.10 10:38:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.06.10 03:18:48 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.06.10 03:18:48 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.06.10 03:11:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Avira [2012.06.10 03:08:02 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2012.06.10 03:07:59 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.06.10 03:07:59 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2012.06.10 03:07:59 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2012.06.10 03:07:58 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2012.06.10 03:07:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2012.06.10 03:04:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Downloads [2012.06.10 03:01:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Mozilla [2012.06.10 03:01:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Mozilla [2012.06.10 03:01:13 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2012.06.10 02:48:41 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0 [2012.06.10 02:41:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Macromedia [2012.06.10 02:39:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Sun [2012.06.10 02:39:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Google [2012.06.10 02:39:14 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2012.06.10 02:38:56 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll [2012.06.10 02:38:55 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll [2012.06.10 02:38:33 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2012.06.10 02:38:19 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll [2012.06.10 02:38:10 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2012.06.10 02:37:33 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2012.06.10 02:37:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2012.06.10 02:36:33 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2012.06.10 02:36:33 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2012.06.10 02:33:47 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys [2012.06.10 02:33:41 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2012.06.10 02:33:39 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2012.06.10 02:33:31 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2012.06.10 02:32:42 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2012.06.10 02:26:36 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2012.06.10 02:26:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2012.06.10 02:25:55 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2012.06.10 02:25:16 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2012.06.10 02:24:49 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2012.06.10 02:24:37 | 002,150,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2012.06.10 02:24:36 | 002,194,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2012.06.10 02:24:36 | 002,029,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2012.06.10 02:24:35 | 002,071,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2012.06.10 02:17:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2012.06.10 02:17:47 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll [2012.06.10 02:16:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage [2012.06.10 02:16:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2012.06.10 02:12:37 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\MIKA\UserData [2012.06.10 02:11:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2012.06.10 02:08:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012.06.10 02:03:31 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2012.06.10 02:03:31 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll [2012.06.10 02:03:31 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2012.06.10 02:03:29 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll [2012.06.10 02:03:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2012.06.10 02:03:28 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll [2012.06.10 02:03:28 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll [2012.06.10 02:03:28 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll [2012.06.10 02:03:28 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll [2012.06.10 02:03:28 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2012.06.10 02:03:28 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll [2012.06.10 02:03:28 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll [2012.06.10 02:03:28 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax [2012.06.10 02:03:28 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax [2012.06.10 02:03:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2012.06.10 02:03:27 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2012.06.10 02:03:27 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2012.06.10 02:03:27 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2012.06.10 02:03:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2012.06.10 02:03:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2012.06.10 02:03:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2012.06.10 02:03:26 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2012.06.10 02:03:26 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2012.06.10 02:03:26 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2012.06.10 02:03:26 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2012.06.10 02:03:26 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll [2012.06.10 02:03:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2012.06.10 02:03:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2012.06.10 02:03:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2012.06.10 02:03:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2012.06.10 02:03:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2012.06.10 02:03:23 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll [2012.06.10 02:03:23 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2012.06.10 02:03:23 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2012.06.10 02:03:23 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2012.06.10 02:03:23 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2012.06.10 02:03:23 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2012.06.10 02:03:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2012.06.10 02:03:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2012.06.10 02:03:22 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll [2012.06.10 02:03:22 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll [2012.06.10 02:03:22 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2012.06.10 02:03:22 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2012.06.10 02:03:22 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2012.06.10 02:03:22 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2012.06.10 02:03:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2012.06.10 02:03:21 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll [2012.06.10 02:03:21 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll [2012.06.10 02:03:21 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll [2012.06.10 02:03:21 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe [2012.06.10 02:03:21 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe [2012.06.10 02:03:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2012.06.10 02:03:20 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll [2012.06.10 02:03:20 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2012.06.10 02:03:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2012.06.10 02:03:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe [2012.06.10 02:03:19 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll [2012.06.10 02:03:19 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2012.06.10 02:03:18 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe [2012.06.10 02:03:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2012.06.10 02:03:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de [2012.06.10 02:03:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de [2012.06.10 02:03:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2012.06.10 02:01:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2012.06.10 01:58:29 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2012.06.10 01:58:29 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll [2012.06.10 01:58:29 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll [2012.06.10 01:58:29 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll [2012.06.10 01:58:29 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll [2012.06.10 01:58:29 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll [2012.06.10 01:58:29 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll [2012.06.10 01:58:29 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll [2012.06.10 01:58:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2012.06.10 01:58:28 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2012.06.10 01:58:28 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2012.06.10 01:58:28 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2012.06.10 01:58:28 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2012.06.10 01:58:28 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2012.06.10 01:58:28 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2012.06.10 01:58:28 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2012.06.10 01:58:28 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2012.06.10 01:58:28 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2012.06.10 01:58:28 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2012.06.10 01:58:28 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2012.06.10 01:58:28 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2012.06.10 01:58:28 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2012.06.10 01:58:28 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2012.06.10 01:58:27 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2012.06.10 01:58:27 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2012.06.10 01:58:27 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2012.06.10 01:58:27 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2012.06.10 01:58:27 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2012.06.10 01:58:27 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2012.06.10 01:58:27 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2012.06.10 01:58:26 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys [2012.06.10 01:58:26 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll [2012.06.10 01:58:26 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll [2012.06.10 01:58:26 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll [2012.06.10 01:58:26 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll [2012.06.10 01:58:26 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll [2012.06.10 01:58:26 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll [2012.06.10 01:58:24 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2012.06.10 01:58:24 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2012.06.10 01:58:24 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2012.06.10 01:58:24 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2012.06.10 01:58:24 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2012.06.10 01:58:24 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2012.06.10 01:58:24 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2012.06.10 01:58:24 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys [2012.06.10 01:58:23 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2012.06.10 01:58:23 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2012.06.10 01:58:23 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2012.06.10 01:58:23 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2012.06.10 01:58:23 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys [2012.06.10 01:58:23 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll [2012.06.10 01:58:22 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2012.06.10 01:58:22 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2012.06.10 01:58:22 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2012.06.10 01:58:22 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2012.06.10 01:58:22 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2012.06.10 01:58:22 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll [2012.06.10 01:58:22 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2012.06.10 01:54:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2012.06.10 01:54:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome [2012.06.10 01:48:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\AdobeUM [2012.06.10 01:47:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Adobe [2012.06.10 01:45:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2012.06.10 01:43:54 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Microsoft [2012.06.10 01:43:54 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\MIKA\Cookies [2012.06.10 01:43:54 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten [2012.06.10 01:43:54 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Eigene Musik [2012.06.10 01:43:54 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien [2012.06.10 01:43:54 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Eigene Bilder [2012.06.10 01:43:54 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\MIKA\Druckumgebung [2012.06.10 01:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Sony Corporation [2012.06.10 01:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Identities [2012.06.10 01:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Desktop [2012.06.10 01:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Adobe [2012.06.10 01:43:53 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\MIKA\SendTo [2012.06.10 01:43:53 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\MIKA\Recent [2012.06.10 01:43:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Zubehör [2012.06.10 01:43:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Startmenü [2012.06.10 01:43:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Favoriten [2012.06.10 01:43:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Autostart [2012.06.10 01:43:53 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\MIKA\Vorlagen [2012.06.10 01:43:53 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\MIKA\Netzwerkumgebung [2012.06.10 01:43:53 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen [2012.06.10 01:43:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Microsoft [2012.06.10 01:43:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150030} [2012.05.31 15:22:01 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.19 09:49:17 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2012.06.19 08:40:24 | 007,287,176 | ---- | M] (SurfRight B.V.) -- C:\Dokumente und Einstellungen\MIKA\Desktop\HitmanPro36.exe [2012.06.18 22:43:06 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\nnkidthc.exe [2012.06.18 22:42:21 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MIKA\Desktop\OTL.exe [2012.06.18 22:01:56 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012.06.18 22:01:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.06.18 22:01:01 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys [2012.06.14 09:55:34 | 000,004,608 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.06.14 01:00:20 | 003,193,489 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\24-heures-du-mans-2012-free-practice.pdf [2012.06.14 00:59:45 | 010,045,454 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\2012_24_heures_du_mans_plan_situation.pdf [2012.06.14 00:59:28 | 000,285,288 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\2012-schedule-24-heures-du-mans.pdf [2012.06.14 00:57:52 | 002,105,454 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\24.bmp [2012.06.14 00:32:12 | 000,313,817 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\entry_list_24_heures_du_mans_2012.pdf [2012.06.13 00:46:33 | 001,550,000 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.06.13 00:27:24 | 000,084,255 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\KLEINE-HELDEN-Visitenkarte-Vorne.png [2012.06.13 00:27:16 | 000,071,597 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\KLEINE-HELDEN-Visitenkarte-Hinten.png [2012.06.12 23:33:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.06.10 22:37:30 | 000,320,072 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.06.10 22:37:30 | 000,314,842 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.06.10 22:37:30 | 000,049,396 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.06.10 22:37:30 | 000,041,170 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.06.10 13:17:07 | 000,001,730 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SnagIt 8.lnk [2012.06.10 13:14:39 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2012.06.10 13:14:24 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2012.06.10 12:58:17 | 000,000,553 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Autostart\Verknüpfung mit AUTOSTART HOTKEY VAIO.lnk [2012.06.10 12:49:07 | 000,000,751 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2012.06.10 03:18:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.06.10 03:18:48 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.06.10 02:35:53 | 000,000,347 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\Eigene Dateien D.lnk [2012.06.10 02:28:40 | 000,000,237 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\Software.lnk [2012.06.10 02:16:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.06.10 02:08:42 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2012.06.10 01:58:01 | 000,251,712 | RHS- | M] () -- C:\ntldr [2012.06.10 01:49:24 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2012.06.10 01:42:50 | 000,000,164 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012.06.10 01:42:46 | 000,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315H.mrk [2012.05.31 15:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2012.05.26 12:36:44 | 000,178,176 | ---- | M] () -- C:\WINDOWS\System32\unrar.dll [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.18 22:43:05 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\nnkidthc.exe [2012.06.18 22:01:01 | 1072,156,672 | -HS- | C] () -- C:\hiberfil.sys [2012.06.14 01:00:20 | 003,193,489 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\24-heures-du-mans-2012-free-practice.pdf [2012.06.14 00:59:44 | 010,045,454 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\2012_24_heures_du_mans_plan_situation.pdf [2012.06.14 00:59:28 | 000,285,288 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\2012-schedule-24-heures-du-mans.pdf [2012.06.14 00:57:51 | 002,105,454 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\24.bmp [2012.06.14 00:32:12 | 000,313,817 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\entry_list_24_heures_du_mans_2012.pdf [2012.06.13 00:27:23 | 000,084,255 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\KLEINE-HELDEN-Visitenkarte-Vorne.png [2012.06.13 00:27:15 | 000,071,597 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\KLEINE-HELDEN-Visitenkarte-Hinten.png [2012.06.10 14:05:55 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll [2012.06.10 13:17:07 | 000,001,730 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SnagIt 8.lnk [2012.06.10 13:14:39 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2012.06.10 13:14:09 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2012.06.10 13:14:09 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2012.06.10 13:07:06 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.06.10 13:05:00 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012.06.10 12:58:17 | 000,000,553 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Autostart\Verknüpfung mit AUTOSTART HOTKEY VAIO.lnk [2012.06.10 12:48:59 | 000,002,499 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Excel.lnk [2012.06.10 12:48:59 | 000,002,463 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk [2012.06.10 12:42:47 | 000,000,751 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2012.06.10 12:42:26 | 000,002,060 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Outlook 2003.lnk [2012.06.10 02:32:23 | 000,000,347 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\Eigene Dateien D.lnk [2012.06.10 02:28:40 | 000,000,237 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\Software.lnk [2012.06.10 02:25:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.06.10 02:25:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012.06.10 01:58:27 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2012.06.10 01:58:26 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2012.06.10 01:58:24 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2012.06.10 01:43:54 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Remoteunterstützung.lnk [2012.06.10 01:43:54 | 000,000,776 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Windows Media Player.lnk [2012.06.10 01:43:54 | 000,000,751 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Internet Explorer.lnk [2012.06.10 01:43:54 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Outlook Express.lnk [2012.06.10 01:42:46 | 000,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315H.mrk < End of report > Extras.txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.06.2012 07:34:46 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Dokumente und Einstellungen\MIKA\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1022,42 Mb Total Physical Memory | 655,20 Mb Available Physical Memory | 64,08% Memory free
2,40 Gb Paging File | 1,73 Gb Available in Paging File | 71,96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,26 Gb Total Space | 22,82 Gb Free Space | 61,24% Space Free | Partition Type: NTFS
Drive D: | 48,91 Gb Total Space | 16,36 Gb Free Space | 33,45% Space Free | Partition Type: NTFS
Computer Name: VAIO | User Name: MIKA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\OFFICE 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\OFFICE 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Yahoo!\Messenger\YPager.exe" = C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Temp\7zS2B.tmp\SymNRT.exe" = C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Temp\7zS2B.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Programme\SmartFTP Client\SmartFTP.exe" = C:\Programme\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 3.0 -- (SmartSoft Ltd.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0F0447B4-6DDD-4831-933A-1EDF52091150}" = SnagIt 8
"{169C78C0-8C32-4CA1-9602-D8E998ECE96A}" = VAIO Original Screen Saver VAIO Scene HD Wide Contents
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}" = VAIO Original Screen Saver VAIO Scene HD Normal Contents
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.2.4902
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2
"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents
"{531C0C3A-7112-4986-8222-5778FB547D81}" = VAIO Original Screen Saver VAIO Motion HD Normal Contents
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71249EFF-EFAB-48A0-B967-630F4E70BBC3}" = VAIO Original Screen Saver VAIO Scene SD Normal Contents
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{805BC1AB-46C5-438C-BCB7-537A1A32290C}" = VAIO Original Screen Saver VAIO Motion SD Normal Contents
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBD4DAC9-DF99-48CA-8F62-AE6F2BD47063}" = VAIO Original Screen Saver VAIO Motion HD Wide Contents
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{E365AAB7-F160-4E2F-ACAC-28D487ACF47D}" = VAIO Original Screen Saver VAIO Scene SD Wide Contents
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"AutoHotkey" = AutoHotkey 1.0.48.05
"Avira AntiVir Desktop" = Avira Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"CopyTo2_is1" = CopyTo Synchronizer v3
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox 13.0 (x86 de)" = Mozilla Firefox 13.0 (x86 de)
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"SmartFTP Client 3.0 Setup Files" = SmartFTP Client 3.0 Setup Files (remove only)
"SmartFTP Client German Language Addon" = SmartFTP Client German Language Addon (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR Archivierer
"WinZip" = WinZip
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.06.2012 21:08:56 | Computer Name = VAIO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
[ System Events ]
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 10.06.2012 07:37:54 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 10.06.2012 07:37:54 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
Error - 10.06.2012 07:37:54 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126
< End of report >
|
|
| Themen zu PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber? |
| administrator, anti-malware, autostart, dateien, dateisystem, desktop, emsisoft, explorer, folge, forum, frage, gelöscht, heuristiks/extra, heuristiks/shuriken, live, malwarebytes, microsoft, programme, rechner, rootkits, scan, security, service pack 3, software, system volume information, traces, update, vaio, verseucht, wiederholt |
Linear-Darstellung
