Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Aus Sicherheitsgründen wurde ihr windows.... (https://www.trojaner-board.de/113069-sicherheitsgruenden-wurde-windows.html)

netbookie 03.04.2012 18:51
Aus Sicherheitsgründen wurde ihr windows....
 
Am Sonntag abend erschien plötzlich diese bekannte Meldung auf meinem Bildschirm. Ich habe daraufhin ein früheres Systemwiederherstellungsdatum hergestellt. Seitdem taucht der Bildschirm nicht mehr auf. Bin ich jetzt auf der sicheren Seite? In den Autostarteinträgen taucht eine PLFSetI.exe Datei auf, die einen unbekannten Hersteller hat. Ich habe ein Acer netbook aspire one. Vielen Dank für Eure Hilfe.

habe inzwischen malwarebytes drüber laufen lassen. Beim Quickscan wurde pup.bundle offer gefunden, was ich gelöscht habe.
Würde mich über eine Rückmeldung freuen.

cosinus 04.04.2012 14:12
Ohne die Logs von Malwarebytes und Co wird das hier nichts. :glaskugel:
Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

netbookie 04.04.2012 19:59
Hallo Arne,
kannst Du mir das erklären, wie lade ich die logs hoch?

cosinus 04.04.2012 22:34
Hast du es mal mit Lesen meines Beitrages probiert? Nichts hochladen, hier kopieren und einfügen! Mit CODE-Tags!

Hochladen nur wenn zu groß! Dann vorher die Logs in eine Datei zippen und dann hier => File-Upload.net - Ihr kostenloser File Hoster! hoachladen und in deinem nächsten Beitrag verlinken

netbookie 10.04.2012 21:15
hier steht das Log

Hallo, bin erst erst jetzt wieder mit dem computer ins netz. Hier ist das OTL:
OTL Logfile:
Code:
OTL logfile created on: 03.04.2012 21:29:30 - Run 1
OTL by OldTimer - Version 3.2.39.2    Folder = C:\Users\viaggio2\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1013,10 Mb Total Physical Memory | 551,52 Mb Available Physical Memory | 54,44% Memory free
1,99 Gb Paging File | 1,56 Gb Available in Paging File | 78,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 219,78 Gb Total Space | 131,57 Gb Free Space | 59,87% Space Free | Partition Type: NTFS
 
Computer Name: VIAGGIO | User Name: viaggio2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.03 21:29:10 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\viaggio2\Downloads\OTL.exe
PRC - [2011.11.22 18:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- c:\Programme\mcafee.com\agent\mcagent.exe
PRC - [2011.10.18 15:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2011.10.18 15:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\mcafee\SystemCore\mfefire.exe
PRC - [2011.04.09 00:58:57 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\mcafee\mcsvchost\McSvHost.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.01.03 19:45:07 | 000,016,832 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\ViewerPS.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.02.29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.03 23:56:20 | 000,287,616 | ---- | M] (medatixx GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\medatixx\ixx.downloadservice\ixx.downloadservice.exe -- (ixx.downloadservice)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.09 16:18:42 | 000,036,736 | ---- | M] (medatixx GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\medatixx\ixx.servicecenter\ixx.updateservice.exe -- (ixx.updateservice)
SRV - [2011.10.18 17:59:54 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\virusscan\mcods.exe -- (McODS)
SRV - [2011.10.18 15:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2011.10.18 15:28:34 | 000,160,608 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011.10.18 15:28:18 | 000,166,288 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011.05.26 11:21:20 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.04.01 10:31:39 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.01.27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011.01.27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011.01.27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011.01.27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011.01.27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011.01.27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011.01.27 19:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.04.23 10:46:32 | 000,735,776 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.04.17 07:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Programme\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.04.08 06:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) [Auto | Stopped] -- C:\Programme\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.03.26 10:40:52 | 000,628,000 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.11.17 16:37:16 | 000,441,608 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2011.11.17 16:37:16 | 000,277,576 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\Uim_Vim.sys -- (Uim_Vim)
DRV - [2011.11.17 16:37:16 | 000,045,240 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2011.10.15 14:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011.10.15 14:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011.10.15 14:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011.10.15 14:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011.10.15 14:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011.10.15 14:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011.10.15 14:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011.10.15 14:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011.10.15 14:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.04.21 09:47:36 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.04.13 08:16:50 | 000,252,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010.03.02 08:23:36 | 000,082,384 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EUCR6SK.sys -- (EUCR)
DRV - [2009.10.19 09:08:08 | 000,067,072 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SPR3322K.sys -- (SPR3322K)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.06.03 04:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009.06.03 04:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009.06.03 04:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Stopped] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = WEB.DE - E-Mail-Adresse kostenlos, FreeMail, Nachrichten & Services
IE - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\..\SearchScopes\{C0D15828-0596-4E91-988A-7494F302E5F9}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Sichere Suche"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.web.de/"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.04.02 02:29:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011.12.10 01:23:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012.04.02 11:17:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.18 23:47:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.29 14:32:23 | 000,000,000 | ---D | M]
 
[2011.06.19 23:17:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viaggio2\AppData\Roaming\mozilla\Extensions
[2011.11.09 16:51:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viaggio2\AppData\Roaming\mozilla\Firefox\Profiles\xzjgf9jx.default\extensions
[2012.03.28 18:04:07 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\viaggio2\AppData\Roaming\mozilla\Firefox\Profiles\xzjgf9jx.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2011.11.09 16:51:30 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\viaggio2\AppData\Roaming\mozilla\Firefox\Profiles\xzjgf9jx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.23 22:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.02 11:17:58 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE
[2012.03.18 23:47:20 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012.02.13 23:12:05 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.13 23:12:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.13 23:12:05 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.13 23:12:05 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.09 14:44:17 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.02.13 23:12:05 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.13 23:12:05 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\SystemCore\ScriptSn.20111227020605.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3121230782-1022693462-554458433-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-3121230782-1022693462-554458433-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\viaggio2\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\viaggio2\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{686C5576-7248-4C50-8CA7-E1D0220D751B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF858C33-D19F-4644-8266-C4F75DD54BAF}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.03 21:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.04.03 21:23:11 | 000,000,000 | ---D | C] -- C:\Users\viaggio2\AppData\Roaming\Malwarebytes
[2012.04.03 21:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.03 21:23:04 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.03 21:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.03.29 14:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\medatixx
[2012.03.28 18:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2012.03.27 14:05:03 | 000,000,000 | ---D | C] -- C:\Users\viaggio2\AppData\Roaming\HP
[2012.03.27 10:36:10 | 000,000,000 | ---D | C] -- C:\Users\viaggio2\Desktop\Praktikanten
[2012.03.26 19:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2012.03.26 19:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2012.03.26 19:36:23 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2012.03.19 14:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.03.19 14:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.03.16 13:41:08 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.03.16 13:41:07 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.03.14 11:57:51 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.03.14 11:57:44 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.03.14 11:56:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.03.14 11:56:57 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.03.14 11:56:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.03.14 11:56:42 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[1 C:\Users\viaggio2\Documents\*.tmp files -> C:\Users\viaggio2\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.03 21:23:06 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.03 21:22:46 | 000,696,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.03 21:22:46 | 000,652,150 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.03 21:22:46 | 000,148,128 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.03 21:22:46 | 000,121,082 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.03 21:18:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.03 21:17:59 | 796,733,440 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.03 21:15:39 | 000,015,408 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.03 21:15:37 | 000,015,408 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.03 18:52:00 | 000,001,321 | ---- | M] () -- C:\Windows\WINACS.INI
[2012.04.02 02:42:09 | 000,009,484 | ---- | M] () -- C:\Users\viaggio2\Documents\cc_20120402_024149.reg
[2012.03.20 18:12:01 | 000,027,648 | ---- | M] () -- C:\Users\viaggio2\Desktop\Ich bin da - formatiert.wbk
[2012.03.18 23:13:55 | 001,360,783 | ---- | M] () -- C:\Users\viaggio2\Desktop\Praxisinfos201121x2172seiten.pdf
[2012.03.16 13:59:06 | 000,343,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.11 00:24:22 | 000,248,084 | ---- | M] () -- C:\Users\viaggio2\Desktop\merkblatt_jobsharing.pdf
[1 C:\Users\viaggio2\Documents\*.tmp files -> C:\Users\viaggio2\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.03 21:23:06 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.02 02:42:02 | 000,009,484 | ---- | C] () -- C:\Users\viaggio2\Documents\cc_20120402_024149.reg
[2012.03.20 15:34:45 | 000,027,648 | ---- | C] () -- C:\Users\viaggio2\Desktop\Ich bin da - formatiert.wbk
[2012.03.18 23:13:55 | 001,360,783 | ---- | C] () -- C:\Users\viaggio2\Desktop\Praxisinfos201121x2172seiten.pdf
[2012.03.11 00:24:22 | 000,248,084 | ---- | C] () -- C:\Users\viaggio2\Desktop\merkblatt_jobsharing.pdf
[2011.12.10 20:41:45 | 000,071,893 | ---- | C] () -- C:\Users\viaggio2\AppData\Roaming\Photo.jpg
[2011.09.30 16:04:54 | 000,000,126 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.09.28 16:01:59 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.08.21 20:58:03 | 000,000,099 | ---- | C] () -- C:\Windows\wiso.ini
[2011.07.13 11:51:19 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011.07.13 11:51:18 | 000,000,229 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011.07.13 11:46:14 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2011.06.22 15:46:31 | 000,000,466 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.06.22 15:38:30 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf05a.dat
[2011.06.22 15:28:33 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011.06.19 23:16:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.06.03 20:08:13 | 000,006,144 | ---- | C] () -- C:\Users\viaggio2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.13 09:58:12 | 002,785,280 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2011.05.12 12:53:30 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2011.04.27 13:56:49 | 000,000,145 | ---- | C] () -- C:\Windows\System32\EBPPORT3.DAT
[2011.04.15 14:02:23 | 000,000,268 | ---- | C] () -- C:\Users\viaggio2\AppData\Roaming\LMCPaper.dat
[2011.04.15 12:27:02 | 000,003,932 | ---- | C] () -- C:\Users\viaggio2\AppData\Roaming\LMLayout.dat
[2011.04.15 12:14:53 | 000,000,150 | ---- | C] () -- C:\Windows\System32\LM_SUPPORT.INI
[2011.04.15 12:12:19 | 000,003,932 | ---- | C] () -- C:\Windows\System32\LMLayout.dat
[2011.04.15 12:12:17 | 000,004,256 | ---- | C] () -- C:\Windows\System32\LMStatus.ini
[2011.04.15 11:03:28 | 000,000,293 | ---- | C] () -- C:\Windows\{005E2D03-8002-4574-A0E7-A63D3F2A033C}_WiseFW.ini
[2011.04.11 19:09:18 | 000,073,216 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.04.11 00:28:57 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.04.11 00:28:55 | 000,000,063 | ---- | C] () -- C:\Windows\mdm.ini
[2011.04.11 00:28:46 | 000,000,000 | ---- | C] () -- C:\Windows\NSREX.INI
[2011.04.09 12:06:03 | 000,001,321 | ---- | C] () -- C:\Windows\WINACS.INI
[2011.04.09 12:04:17 | 000,000,970 | ---- | C] () -- C:\Windows\IsyPoller.ini
[2011.04.09 12:04:17 | 000,000,214 | ---- | C] () -- C:\Windows\cardterm.ini
[2011.04.09 12:04:17 | 000,000,031 | ---- | C] () -- C:\Windows\HIGHEDIT.INI
[2011.04.09 11:56:39 | 000,004,681 | ---- | C] () -- C:\Windows\System32\FoxFix5.ini
[2011.04.09 11:56:31 | 000,225,792 | ---- | C] () -- C:\Windows\System32\IMGMAN30.DLL
[2011.04.09 11:56:29 | 000,066,560 | ---- | C] () -- C:\Windows\System32\HERTF32.DLL
[2011.04.09 11:56:29 | 000,039,936 | ---- | C] () -- C:\Windows\System32\HETOOL32.DLL
[2011.04.09 11:56:28 | 000,573,952 | ---- | C] () -- C:\Windows\System32\HEKRNL32.DLL
[2011.04.09 11:56:28 | 000,155,136 | ---- | C] () -- C:\Windows\System32\HEMENU32.DLL
[2011.04.09 11:56:27 | 000,187,392 | ---- | C] () -- C:\Windows\System32\HEICON32.DLL
[2011.04.09 11:56:27 | 000,069,120 | ---- | C] () -- C:\Windows\System32\HEDLG32.DLL
[2011.04.09 11:56:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2011.04.09 11:56:24 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2011.04.09 11:56:21 | 000,368,640 | ---- | C] () -- C:\Windows\System32\QtSql4.dll
[2011.04.09 11:56:20 | 001,261,568 | ---- | C] () -- C:\Windows\System32\QtCore4.dll
[2011.04.09 11:56:19 | 000,210,944 | ---- | C] () -- C:\Windows\System32\Msvcrt10.dll
[2011.04.09 11:56:19 | 000,081,920 | ---- | C] () -- C:\Windows\System32\pdf_edit.dll
[2011.04.09 11:56:11 | 000,045,056 | ---- | C] ( ) -- C:\Windows\System32\ct_api_com.dll
[2011.04.08 01:21:19 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.03.19 11:06:02 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.03.19 11:04:28 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.06.05 20:50:45 | 000,696,832 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.06.05 20:50:45 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.06.05 20:50:45 | 000,148,128 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.06.05 20:50:45 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.06.05 11:14:09 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.06.05 11:14:09 | 000,000,302 | ---- | C] () -- C:\Windows\PidList.ini
[2010.06.05 11:14:08 | 000,113,264 | ---- | C] () -- C:\Windows\FixUVC.exe
[2010.05.04 05:36:37 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.05.04 05:34:06 | 000,361,808 | ---- | C] () -- C:\Windows\EMCRI_E.dll
[2010.05.04 05:29:13 | 000,231,056 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2010.05.04 05:29:13 | 000,030,856 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
[2010.05.04 05:29:13 | 000,001,352 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2010.05.04 05:29:13 | 000,000,712 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2010.05.04 05:29:13 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX3.dat
[2010.05.04 05:29:13 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2010.05.04 05:29:13 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2010.05.04 05:29:13 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0_old.dat
[2010.05.04 05:29:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2010.05.04 05:29:13 | 000,000,024 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
 
========== Files - Unicode (All) ==========
[2011.04.15 15:04:26 | 000,000,000 | ---- | M] ()(C:\Windows\System32\????????h???????) -- C:\Windows\System32\췍﷽﷽�����h偵亖ࠀર˯ᰐ˓
[2011.04.15 15:04:26 | 000,000,000 | ---- | C] ()(C:\Windows\System32\????????h???????) -- C:\Windows\System32\췍﷽﷽�����h偵亖ࠀર˯ᰐ˓
[2011.04.15 13:03:19 | 000,000,000 | ---- | M] ()(C:\Windows\System32\???????) -- C:\Windows\System32\췍﷽﷽����
[2011.04.15 13:03:19 | 000,000,000 | ---- | C] ()(C:\Windows\System32\???????) -- C:\Windows\System32\췍﷽﷽����
[2011.04.15 12:27:16 | 000,000,000 | ---- | M] ()(C:\Windows\System32\???) -- C:\Windows\System32\췍﷽﷽
[2011.04.15 12:27:16 | 000,000,000 | ---- | C] ()(C:\Windows\System32\???) -- C:\Windows\System32\췍﷽﷽

< End of report >
--- --- ---

und hier die Kurzversion:OTL Logfile:
Code:
OTL logfile created on: 03.04.2012 21:38:55 - Run 1
OTL by OldTimer - Version 3.2.39.2    Folder = C:\Users\viaggio2\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1013,10 Mb Total Physical Memory | 494,15 Mb Available Physical Memory | 48,78% Memory free
1,99 Gb Paging File | 1,47 Gb Available in Paging File | 73,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 219,78 Gb Total Space | 131,57 Gb Free Space | 59,87% Space Free | Partition Type: NTFS
 
Computer Name: VIAGGIO | User Name: viaggio2 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\viaggio2\Downloads\OTL.exe (OldTimer Tools)
PRC - c:\Programme\mcafee.com\agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\mcafee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc.)
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ixx.downloadservice) -- C:\Programme\medatixx\ixx.downloadservice\ixx.downloadservice.exe (medatixx GmbH & Co. KG)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (ixx.updateservice) -- C:\Programme\medatixx\ixx.servicecenter\ixx.updateservice.exe (medatixx GmbH & Co. KG)
SRV - (McODS) -- C:\Programme\McAfee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (Secunia Update Agent) -- C:\Programme\Secunia\PSI\sua.exe (Secunia)
SRV - (Secunia PSI Agent) -- C:\Programme\Secunia\PSI\psia.exe (Secunia)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Programme\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
SRV - (DsiWMIService) -- C:\Programme\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (GREGService) -- C:\Programme\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (DgiVecp) -- C:\Windows\system32\Drivers\DgiVecp.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (Uim_Vim) -- C:\Windows\System32\drivers\Uim_Vim.sys (Paragon)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (EUCR) -- C:\Windows\System32\drivers\EUCR6SK.sys (ENE Technology Inc.)
DRV - (SPR3322K) -- C:\Windows\System32\drivers\SPR3322K.sys (SCM Microsystems Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = WEB.DE - E-Mail-Adresse kostenlos, FreeMail, Nachrichten & Services
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{C0D15828-0596-4E91-988A-7494F302E5F9}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Sichere Suche"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.web.de/"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.04.02 02:29:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011.12.10 01:23:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012.04.02 11:17:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.18 23:47:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.29 14:32:23 | 000,000,000 | ---D | M]
 
[2011.06.19 23:17:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viaggio2\AppData\Roaming\mozilla\Extensions
[2011.11.09 16:51:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\viaggio2\AppData\Roaming\mozilla\Firefox\Profiles\xzjgf9jx.default\extensions
[2012.03.28 18:04:07 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\viaggio2\AppData\Roaming\mozilla\Firefox\Profiles\xzjgf9jx.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2011.11.09 16:51:30 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\viaggio2\AppData\Roaming\mozilla\Firefox\Profiles\xzjgf9jx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.23 22:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.02 11:17:58 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE
[2012.03.18 23:47:20 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012.02.13 23:12:05 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.13 23:12:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.13 23:12:05 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.13 23:12:05 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.09 14:44:17 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.02.13 23:12:05 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.13 23:12:05 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\SystemCore\ScriptSn.20111227020605.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\viaggio2\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\viaggio2\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{686C5576-7248-4C50-8CA7-E1D0220D751B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF858C33-D19F-4644-8266-C4F75DD54BAF}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.03 21:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.04.03 21:23:11 | 000,000,000 | ---D | C] -- C:\Users\viaggio2\AppData\Roaming\Malwarebytes
[2012.04.03 21:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.03 21:23:04 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.03 21:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.03.29 14:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\medatixx
[2012.03.28 18:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2012.03.27 14:05:03 | 000,000,000 | ---D | C] -- C:\Users\viaggio2\AppData\Roaming\HP
[2012.03.27 10:36:10 | 000,000,000 | ---D | C] -- C:\Users\viaggio2\Desktop\Praktikanten
[2012.03.26 19:57:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2012.03.26 19:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2012.03.26 19:36:23 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2012.03.19 14:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.03.19 14:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.03.16 13:41:08 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.03.16 13:41:07 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.03.14 11:57:51 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.03.14 11:57:44 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.03.14 11:56:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.03.14 11:56:57 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.03.14 11:56:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.03.14 11:56:42 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[1 C:\Users\viaggio2\Documents\*.tmp files -> C:\Users\viaggio2\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.03 21:23:06 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.03 21:22:46 | 000,696,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.03 21:22:46 | 000,652,150 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.03 21:22:46 | 000,148,128 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.03 21:22:46 | 000,121,082 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.03 21:18:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.03 21:17:59 | 796,733,440 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.03 21:15:39 | 000,015,408 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.03 21:15:37 | 000,015,408 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.03 18:52:00 | 000,001,321 | ---- | M] () -- C:\Windows\WINACS.INI
[2012.04.02 02:42:09 | 000,009,484 | ---- | M] () -- C:\Users\viaggio2\Documents\cc_20120402_024149.reg
[2012.03.20 18:12:01 | 000,027,648 | ---- | M] () -- C:\Users\viaggio2\Desktop\Ich bin da - formatiert.wbk
[2012.03.18 23:13:55 | 001,360,783 | ---- | M] () -- C:\Users\viaggio2\Desktop\Praxisinfos201121x2172seiten.pdf
[2012.03.16 13:59:06 | 000,343,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.11 00:24:22 | 000,248,084 | ---- | M] () -- C:\Users\viaggio2\Desktop\merkblatt_jobsharing.pdf
[1 C:\Users\viaggio2\Documents\*.tmp files -> C:\Users\viaggio2\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.03 21:23:06 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.02 02:42:02 | 000,009,484 | ---- | C] () -- C:\Users\viaggio2\Documents\cc_20120402_024149.reg
[2012.03.20 15:34:45 | 000,027,648 | ---- | C] () -- C:\Users\viaggio2\Desktop\Ich bin da - formatiert.wbk
[2012.03.18 23:13:55 | 001,360,783 | ---- | C] () -- C:\Users\viaggio2\Desktop\Praxisinfos201121x2172seiten.pdf
[2012.03.11 00:24:22 | 000,248,084 | ---- | C] () -- C:\Users\viaggio2\Desktop\merkblatt_jobsharing.pdf
[2011.12.10 20:41:45 | 000,071,893 | ---- | C] () -- C:\Users\viaggio2\AppData\Roaming\Photo.jpg
[2011.09.30 16:04:54 | 000,000,126 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.09.28 16:01:59 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.08.21 20:58:03 | 000,000,099 | ---- | C] () -- C:\Windows\wiso.ini
[2011.07.13 11:51:19 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011.07.13 11:51:18 | 000,000,229 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011.07.13 11:46:14 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT
[2011.06.22 15:46:31 | 000,000,466 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.06.22 15:38:30 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf05a.dat
[2011.06.22 15:28:33 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011.06.19 23:16:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.06.03 20:08:13 | 000,006,144 | ---- | C] () -- C:\Users\viaggio2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.13 09:58:12 | 002,785,280 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2011.05.12 12:53:30 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2011.04.27 13:56:49 | 000,000,145 | ---- | C] () -- C:\Windows\System32\EBPPORT3.DAT
[2011.04.15 14:02:23 | 000,000,268 | ---- | C] () -- C:\Users\viaggio2\AppData\Roaming\LMCPaper.dat
[2011.04.15 12:27:02 | 000,003,932 | ---- | C] () -- C:\Users\viaggio2\AppData\Roaming\LMLayout.dat
[2011.04.15 12:14:53 | 000,000,150 | ---- | C] () -- C:\Windows\System32\LM_SUPPORT.INI
[2011.04.15 12:12:19 | 000,003,932 | ---- | C] () -- C:\Windows\System32\LMLayout.dat
[2011.04.15 12:12:17 | 000,004,256 | ---- | C] () -- C:\Windows\System32\LMStatus.ini
[2011.04.15 11:03:28 | 000,000,293 | ---- | C] () -- C:\Windows\{005E2D03-8002-4574-A0E7-A63D3F2A033C}_WiseFW.ini
[2011.04.11 19:09:18 | 000,073,216 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.04.11 00:28:57 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.04.11 00:28:55 | 000,000,063 | ---- | C] () -- C:\Windows\mdm.ini
[2011.04.11 00:28:46 | 000,000,000 | ---- | C] () -- C:\Windows\NSREX.INI
[2011.04.09 12:06:03 | 000,001,321 | ---- | C] () -- C:\Windows\WINACS.INI
[2011.04.09 12:04:17 | 000,000,970 | ---- | C] () -- C:\Windows\IsyPoller.ini
[2011.04.09 12:04:17 | 000,000,214 | ---- | C] () -- C:\Windows\cardterm.ini
[2011.04.09 12:04:17 | 000,000,031 | ---- | C] () -- C:\Windows\HIGHEDIT.INI
[2011.04.09 11:56:39 | 000,004,681 | ---- | C] () -- C:\Windows\System32\FoxFix5.ini
[2011.04.09 11:56:31 | 000,225,792 | ---- | C] () -- C:\Windows\System32\IMGMAN30.DLL
[2011.04.09 11:56:29 | 000,066,560 | ---- | C] () -- C:\Windows\System32\HERTF32.DLL
[2011.04.09 11:56:29 | 000,039,936 | ---- | C] () -- C:\Windows\System32\HETOOL32.DLL
[2011.04.09 11:56:28 | 000,573,952 | ---- | C] () -- C:\Windows\System32\HEKRNL32.DLL
[2011.04.09 11:56:28 | 000,155,136 | ---- | C] () -- C:\Windows\System32\HEMENU32.DLL
[2011.04.09 11:56:27 | 000,187,392 | ---- | C] () -- C:\Windows\System32\HEICON32.DLL
[2011.04.09 11:56:27 | 000,069,120 | ---- | C] () -- C:\Windows\System32\HEDLG32.DLL
[2011.04.09 11:56:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2011.04.09 11:56:24 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2011.04.09 11:56:21 | 000,368,640 | ---- | C] () -- C:\Windows\System32\QtSql4.dll
[2011.04.09 11:56:20 | 001,261,568 | ---- | C] () -- C:\Windows\System32\QtCore4.dll
[2011.04.09 11:56:19 | 000,210,944 | ---- | C] () -- C:\Windows\System32\Msvcrt10.dll
[2011.04.09 11:56:19 | 000,081,920 | ---- | C] () -- C:\Windows\System32\pdf_edit.dll
[2011.04.09 11:56:11 | 000,045,056 | ---- | C] ( ) -- C:\Windows\System32\ct_api_com.dll
[2011.04.08 01:21:19 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.03.19 11:06:02 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.03.19 11:04:28 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.06.05 20:50:45 | 000,696,832 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.06.05 20:50:45 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.06.05 20:50:45 | 000,148,128 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.06.05 20:50:45 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.06.05 11:14:09 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.06.05 11:14:09 | 000,000,302 | ---- | C] () -- C:\Windows\PidList.ini
[2010.06.05 11:14:08 | 000,113,264 | ---- | C] () -- C:\Windows\FixUVC.exe
[2010.05.04 05:36:37 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.05.04 05:34:06 | 000,361,808 | ---- | C] () -- C:\Windows\EMCRI_E.dll
[2010.05.04 05:29:13 | 000,231,056 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2010.05.04 05:29:13 | 000,030,856 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
[2010.05.04 05:29:13 | 000,001,352 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2010.05.04 05:29:13 | 000,000,712 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2010.05.04 05:29:13 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX3.dat
[2010.05.04 05:29:13 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2010.05.04 05:29:13 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2010.05.04 05:29:13 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0_old.dat
[2010.05.04 05:29:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2010.05.04 05:29:13 | 000,000,024 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
 
========== LOP Check ==========
 
[2011.10.28 00:19:32 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\Audacity
[2011.08.21 20:55:35 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\Buhl Data Service
[2011.11.10 01:13:39 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\DVDVideoSoft
[2011.11.09 16:57:57 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.05 00:11:00 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\EssentialPIM
[2011.06.19 19:27:11 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\medatixx
[2011.06.19 18:33:43 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\Roaming
[2011.04.11 14:41:34 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\TeamViewer
[2011.12.10 20:40:04 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\Total Immersion
[2011.05.30 10:20:51 | 000,000,000 | ---D | M] -- C:\Users\viaggio2\AppData\Roaming\Win7codecs
[2012.01.09 20:34:51 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011.04.15 15:04:26 | 000,000,000 | ---- | M] ()(C:\Windows\System32\????????h???????) -- C:\Windows\System32\췍﷽﷽�����h偵亖ࠀર˯ᰐ˓
[2011.04.15 15:04:26 | 000,000,000 | ---- | C] ()(C:\Windows\System32\????????h???????) -- C:\Windows\System32\췍﷽﷽�����h偵亖ࠀર˯ᰐ˓
[2011.04.15 13:03:19 | 000,000,000 | ---- | M] ()(C:\Windows\System32\???????) -- C:\Windows\System32\췍﷽﷽����
[2011.04.15 13:03:19 | 000,000,000 | ---- | C] ()(C:\Windows\System32\???????) -- C:\Windows\System32\췍﷽﷽����
[2011.04.15 12:27:16 | 000,000,000 | ---- | M] ()(C:\Windows\System32\???) -- C:\Windows\System32\췍﷽﷽
[2011.04.15 12:27:16 | 000,000,000 | ---- | C] ()(C:\Windows\System32\???) -- C:\Windows\System32\췍﷽﷽

< End of report >
--- --- ---


Vielen Dank für Eure Antwort!

cosinus 11.04.2012 12:38
Was soll das? Ich wollte die Logs von Malwarebytes sehen!


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:40 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131