Trojaner-Board - Trojaner/Virus über ICQ

Hey, danke für dia Antwort:dankeschoen:

So...
Hier ist mal der Vollscan von Malwarebyte:

Code:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org
 

Datenbank Version: 4305
 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385
 

12.07.2010 17:12:25

mbam-log-2010-07-12 (17-12-25).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)

Durchsuchte Objekte: 202796

Laufzeit: 37 Minute(n), 58 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 1

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 0
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

HKEY_CURRENT_USER\SOFTWARE\JDK5SWFMZY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

(Keine bösartigen Objekte gefunden)

Der OTL Log:

Code:

OTL logfile created on: 12.07.2010 17:15:11 - Run 1

OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\***\Desktop

 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 127,58 Gb Total Space | 95,33 Gb Free Space | 74,72% Space Free | Partition Type: NTFS

Drive D: | 51,45 Gb Total Space | 43,66 Gb Free Space | 84,85% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 465,76 Gb Total Space | 154,92 Gb Free Space | 33,26% Space Free | Partition Type: NTFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: LAPTOP

Current User Name: ***

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)

PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)

PRC - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)

PRC - C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe (Raxco Software, Inc.)

PRC - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Windows\System32\vmnat.exe (VMware, Inc.)

PRC - C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)

PRC - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)

PRC - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - C:\Program Files\GrabIt\GrabIt.exe ()

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)

MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)

MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (CGVPNCliSrvc) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)

SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (PDAgent) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)

SRV - (PDEngine) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

SRV - (VMware NAT Service) -- C:\Windows\System32\vmnat.exe (VMware, Inc.)

SRV - (VMnetDHCP) -- C:\Windows\System32\vmnetdhcp.exe (VMware, Inc.)

SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)

SRV - (VMUSBArbService) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)

SRV - (ufad-ws60) -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.)

SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)

SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)

SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)

SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)

SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)

SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)

SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)

SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)

SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)

SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()

DRV - (DefragFS) -- C:\Windows\System32\drivers\DefragFs.sys (Raxco Software, Inc.)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (VMnetuserif) -- C:\Windows\System32\drivers\vmnetuserif.sys (VMware, Inc.)

DRV - (vmkbd) -- C:\Windows\System32\drivers\VMkbd.sys (VMware, Inc.)

DRV - (vmx86) -- C:\Windows\System32\drivers\vmx86.sys (VMware, Inc.)

DRV - (vmci) -- C:\Windows\System32\drivers\vmci.sys (VMware, Inc.)

DRV - (hcmon) -- C:\Windows\System32\drivers\hcmon.sys (VMware, Inc.)

DRV - (VMnetBridge) -- C:\Windows\System32\drivers\vmnetbridge.sys (VMware, Inc.)

DRV - (VMnetAdapter) -- C:\Windows\System32\drivers\vmnetadapter.sys (VMware, Inc.)

DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)

DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)

DRV - (vstor2-ws60) -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.)

DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)

DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)

DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)

DRV - (NETw5s32) Intel(R) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)

DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)

DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)

DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)

DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)

DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)

DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)

DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)

DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)

DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)

DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)

DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)

DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)

DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)

DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)

DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)

DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)

DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)

DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)

DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)

DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)

DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)

DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)

DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)

DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)

DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)

DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)

DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)

DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)

DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)

DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)

DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)

DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)

DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)

DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)

DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)

DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)

DRV - (xnacc) -- C:\Windows\System32\drivers\xnacc.sys (Microsoft Corporation)

DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)

DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)

DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)

DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)

DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)

DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)

DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)

DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)

DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)

DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)

DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)

DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)

DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)

DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 6B 50 0E A5 FD CA 01  [binary data]

IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.defaultthis.engineName: "Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "Search"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4

FF - prefs.js..extensions.enabledItems: {2f17f610-5e97-4fed-828f-9940b7b577a4}:1.5.6

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1

FF - prefs.js..network.proxy.backup.ftp: "164.78.252.24"

FF - prefs.js..network.proxy.backup.ftp_port: 80

FF - prefs.js..network.proxy.backup.gopher: "164.78.252.24"

FF - prefs.js..network.proxy.backup.gopher_port: 80

FF - prefs.js..network.proxy.backup.socks: "164.78.252.24"

FF - prefs.js..network.proxy.backup.socks_port: 80

FF - prefs.js..network.proxy.backup.ssl: "164.78.252.24"

FF - prefs.js..network.proxy.backup.ssl_port: 80

FF - prefs.js..network.proxy.ftp: "208.96.213.149"

FF - prefs.js..network.proxy.ftp_port: 80

FF - prefs.js..network.proxy.gopher: "208.96.213.149"

FF - prefs.js..network.proxy.gopher_port: 80

FF - prefs.js..network.proxy.http: "208.96.213.149"

FF - prefs.js..network.proxy.http_port: 80

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "208.96.213.149"

FF - prefs.js..network.proxy.socks_port: 80

FF - prefs.js..network.proxy.ssl: "208.96.213.149"

FF - prefs.js..network.proxy.ssl_port: 80

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.27 14:54:59 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.03 13:57:39 | 000,000,000 | ---D | M]

 

[2010.05.27 16:03:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions

[2010.07.11 19:05:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\iwz2o6r4.default\extensions

[2010.07.06 13:59:46 | 000,000,000 | ---D | M] (TV-Fox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\iwz2o6r4.default\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}

[2010.07.10 21:25:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\iwz2o6r4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010.05.27 16:08:49 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\iwz2o6r4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2010.05.27 16:08:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\iwz2o6r4.default\extensions\firebug@software.joehewitt.com

[2010.06.10 20:19:54 | 000,000,873 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\iwz2o6r4.default\searchplugins\conduit.xml

[2010.07.06 14:09:46 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\iwz2o6r4.default\searchplugins\icqplugin-1.xml

[2010.02.03 15:37:50 | 000,000,947 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\iwz2o6r4.default\searchplugins\icqplugin.xml

[2010.05.27 16:03:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml

[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2009.12.01 04:47:17 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ]

O32 - Unable to obtain root file information for disk F:\

O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.07.12 16:31:56 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe

[2010.07.12 16:30:52 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\logs

[2010.07.11 21:30:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\VMware

[2010.07.11 21:22:33 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Virtual Machines

[2010.07.11 21:05:20 | 000,025,216 | ---- | C] (The OpenVPN Project) -- C:\Windows\System32\drivers\tap0901.sys

[2010.07.11 21:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\S.A.D

[2010.07.11 20:33:00 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\VMware

[2010.07.11 20:27:31 | 000,059,952 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vnetinst.dll

[2010.07.11 20:27:31 | 000,016,560 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnetadapter.sys

[2010.07.11 20:27:27 | 000,334,384 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe

[2010.07.11 20:27:23 | 000,395,824 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe

[2010.07.11 20:27:22 | 000,026,288 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnetuserif.sys

[2010.07.11 20:27:21 | 000,051,248 | R--- | C] (VMware, Inc.) -- C:\Windows\System32\vmnetbridge.dll

[2010.07.11 20:27:21 | 000,036,400 | R--- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnetbridge.sys

[2010.07.11 20:27:21 | 000,018,736 | R--- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnet.sys

[2010.07.11 20:27:19 | 000,760,368 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vnetlib.dll

[2010.07.11 20:26:56 | 000,023,216 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\VMkbd.sys

[2010.07.11 20:26:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware

[2010.07.11 20:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware

[2010.07.11 20:25:38 | 000,000,000 | ---D | C] -- C:\Program Files\VMware

[2010.07.11 19:28:58 | 000,000,000 | R--D | C] -- C:\Users\***\Virtual Machines

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-TW

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-CN

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Virtual PC

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\tr-TR

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\th-TH

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\sv-SE

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ru-RU

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ro-RO

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-PT

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pt-BR

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\pl-PL

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nl-NL

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\nb-NO

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ko-KR

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ja-JP

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\it-IT

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\hu-HU

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\he-IL

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fr-FR

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\fi-FI

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\es-ES

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\en-US

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\el-GR

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\da-DK

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\cs-CZ

[2010.07.11 19:25:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\ar-SA

[2010.07.11 19:24:09 | 002,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VPCWizard.exe

[2010.07.11 19:24:09 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vpcvmm.sys

[2010.07.11 19:24:08 | 003,330,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpc.exe

[2010.07.11 19:24:08 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VMWindow.exe

[2010.07.11 19:22:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pl-PL\vpchbus.sys.mui

[2010.07.11 19:22:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cs-CZ\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpchbuspipe.dll

[2010.07.11 19:22:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tr-TR\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ru-RU\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ro-RO\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-BR\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nl-NL\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nb-NO\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hu-HU\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fi-FI\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\da-DK\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\th-TH\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ko-KR\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ja-JP\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\he-IL\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-TW\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-CN\vpchbus.sys.mui

[2010.07.11 19:22:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\th-TH\vpcuxd.sys.mui

[2010.07.11 19:22:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ru-RU\vpcuxd.sys.mui

[2010.07.11 19:22:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cs-CZ\vpcuxd.sys.mui

[2010.07.11 19:22:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\th-TH\vpcusb.sys.mui

[2010.07.11 19:22:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ru-RU\vpcusb.sys.mui

[2010.07.11 19:22:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fi-FI\vpcusb.sys.mui

[2010.07.11 19:22:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cs-CZ\vpcusb.sys.mui

[2010.07.11 19:22:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nl-NL\vpcnfltr.sys.mui

[2010.07.11 19:22:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\vpcnfltr.sys.mui

[2010.07.11 19:22:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tr-TR\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\th-TH\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ru-RU\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-BR\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pl-PL\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nl-NL\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nb-NO\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hu-HU\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fi-FI\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\da-DK\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cs-CZ\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-TW\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-CN\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ko-KR\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ja-JP\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\he-IL\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\vpcvmm.sys.mui

[2010.07.11 19:22:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pl-PL\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hu-HU\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fi-FI\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pl-PL\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nl-NL\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hu-HU\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\el-GR\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-TW\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-CN\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tr-TR\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ro-RO\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-BR\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nl-NL\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nb-NO\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ko-KR\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ja-JP\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\he-IL\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\da-DK\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\vpcuxd.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-TW\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-CN\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tr-TR\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ro-RO\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-BR\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nb-NO\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ko-KR\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ja-JP\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\he-IL\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\da-DK\vpcusb.sys.mui

[2010.07.11 19:22:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\vpcusb.sys.mui

[2010.07.11 19:22:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ro-RO\vpcvmm.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-TW\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\zh-CN\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tr-TR\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ru-RU\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ro-RO\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pl-PL\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nb-NO\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ko-KR\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ja-JP\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\it-IT\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hu-HU\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\he-IL\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fi-FI\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\da-DK\vpcnfltr.sys.mui

[2010.07.11 19:22:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ar-SA\vpcnfltr.sys.mui

[2010.07.11 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\th-TH\vpcnfltr.sys.mui

[2010.07.11 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sv-SE\vpcnfltr.sys.mui

[2010.07.11 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-PT\vpcnfltr.sys.mui

[2010.07.11 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pt-BR\vpcnfltr.sys.mui

[2010.07.11 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fr-FR\vpcnfltr.sys.mui

[2010.07.11 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\es-ES\vpcnfltr.sys.mui

[2010.07.11 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\cs-CZ\vpcnfltr.sys.mui

[2010.07.11 19:22:08 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vpchbus.sys

[2010.07.11 19:22:08 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vpcusb.sys

[2010.07.11 19:22:08 | 000,055,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vpcnfltr.sys

[2010.07.11 19:22:07 | 001,260,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VPCSettings.exe

[2010.07.11 19:22:07 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmsal.exe

[2010.07.11 19:22:07 | 000,559,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VMCPropertyHandler.dll

[2010.07.11 19:20:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode

[2010.07.11 19:04:43 | 486,678,800 | ---- | C] (Microsoft Corporation) -- C:\Users\***\Desktop\WindowsXPMode_de-de.exe

[2010.07.11 19:02:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat

[2010.07.11 19:01:22 | 000,159,144 | ---- | C] (Microsoft Corporation) -- C:\Users\***\Desktop\WindowsActivationUpdate.exe

[2010.07.10 18:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro

[2010.07.10 18:24:00 | 000,000,000 | ---D | C] -- C:\rsit

[2010.07.10 18:10:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes

[2010.07.10 18:10:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010.07.10 18:10:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010.07.10 18:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010.07.10 18:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010.07.10 17:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010.07.04 14:41:43 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\mindfuck

[2010.07.03 18:48:23 | 000,320,512 | ---- | C] (Heuberger Software) -- C:\Users\***\Desktop\CamMirror.exe

[2010.06.29 20:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Raxco

[2010.06.29 11:36:45 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0

[2010.06.28 16:01:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Monolith Productions

[2010.06.27 12:36:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Yahoo!

[2010.06.24 17:25:32 | 000,000,000 | ---D | C] -- C:\s-winprosa

[2010.06.24 16:20:59 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll

[2010.06.24 16:20:59 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll

[2010.06.24 16:20:56 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll

[2010.06.24 16:20:56 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll

[2010.06.24 16:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5

[2010.06.24 16:09:50 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Any Video Converter Professional

[2010.06.24 16:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2010.06.24 16:09:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\AnvSoft

[2010.06.24 15:51:03 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Xilisoft Corporation

[2010.06.24 15:51:02 | 000,000,000 | ---D | C] -- C:\Users\***\Application Data

[2010.06.24 15:17:45 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\My Games

[2010.06.23 19:30:51 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe

[2010.06.23 19:30:51 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll

[2010.06.23 19:30:51 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll

[2010.06.23 19:29:46 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll

[2010.06.23 19:29:46 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll

[2010.06.23 19:29:46 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax

[2010.06.23 19:29:46 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax

[2010.06.21 18:44:05 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\backupipod

[2010.06.21 18:32:00 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apple Computer

[2010.06.21 18:31:55 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll

[2010.06.21 18:31:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE

[2010.06.21 18:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2010.06.21 18:31:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2010.06.21 18:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2010.06.21 18:30:47 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2010.06.21 18:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2010.06.21 18:30:40 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apple

[2010.06.21 18:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2010.06.21 18:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2010.06.19 08:46:02 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Arbeitsdateien

[2010.06.17 20:19:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010.06.15 17:47:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\AlcaTech

[2010.06.15 17:47:18 | 000,126,464 | ---- | C] (AlcaTech) -- C:\Windows\System32\Setup.dll

[2010.06.15 17:47:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AlcaTech

[2010.06.14 19:44:32 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\cs5

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.07.12 17:17:21 | 001,572,864 | -HS- | M] () -- C:\Users\***\NTUSER.DAT

[2010.07.12 16:58:06 | 000,224,021 | ---- | M] () -- C:\Users\***\Desktop\The.Big.Lebowski.German.1998.AC3.DVDRiP.XviD.iNTERNAL-CiA.nzb

[2010.07.12 16:55:05 | 000,247,157 | ---- | M] () -- C:\Users\***\Desktop\_Bud.und.Doyle.German.1996.DVDRip.XviD.iNTERNAL-BiG.nzb

[2010.07.12 16:35:07 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010.07.12 16:35:07 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010.07.12 16:32:21 | 000,658,724 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2010.07.12 16:32:21 | 000,619,230 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010.07.12 16:32:21 | 000,131,850 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2010.07.12 16:32:21 | 000,108,136 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010.07.12 16:32:20 | 001,506,624 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010.07.12 16:31:57 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe

[2010.07.12 16:27:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.07.12 16:27:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.07.12 16:27:43 | 2388,287,488 | -HS- | M] () -- C:\hiberfil.sys

[2010.07.11 23:17:05 | 004,041,256 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db

[2010.07.11 21:05:22 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk

[2010.07.11 20:26:50 | 000,001,024 | ---- | M] () -- C:\.rnd

[2010.07.11 20:26:47 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk

[2010.07.11 19:18:42 | 486,678,800 | ---- | M] (Microsoft Corporation) -- C:\Users\***\Desktop\WindowsXPMode_de-de.exe

[2010.07.11 19:14:49 | 003,896,919 | ---- | M] () -- C:\Users\***\Desktop\Windows6.1-KB977206-x86.msu

[2010.07.11 19:09:48 | 009,591,606 | ---- | M] () -- C:\Users\***\Desktop\Windows6.1-KB958559-x86.msu

[2010.07.11 19:02:46 | 000,159,144 | ---- | M] (Microsoft Corporation) -- C:\Users\***\Desktop\WindowsActivationUpdate.exe

[2010.07.10 22:44:42 | 000,000,989 | ---- | M] () -- C:\Users\***\Desktop\blabla.gif

[2010.07.10 18:18:53 | 000,339,991 | ---- | M] () -- C:\Users\***\Desktop\RSIT.exe

[2010.07.10 18:06:36 | 000,032,132 | ---- | M] () -- C:\Users\***\Documents\cc_20100710_180629.reg

[2010.07.10 17:57:13 | 000,000,925 | ---- | M] () -- C:\Users\***\Desktop\CCleaner.lnk

[2010.07.07 18:50:11 | 000,015,882 | ---- | M] () -- C:\Users\***\Documents\1.docx

[2010.07.05 18:03:45 | 000,035,840 | ---- | M] () -- C:\Users\***\Documents\31.07.2002-19.42.14_Uhr-1.doc

[2010.07.05 18:01:17 | 000,013,820 | ---- | M] () -- C:\Users\***\Documents\Was sind Lebensmittelzusatzstoffe.docx

[2010.07.03 21:32:50 | 000,292,176 | ---- | M] () -- C:\Users\***\Desktop\Webcam1.jpg

[2010.07.03 21:31:40 | 001,440,826 | ---- | M] () -- C:\Users\***\Desktop\Webcam1.psd

[2010.07.03 20:30:42 | 000,396,138 | ---- | M] () -- C:\Users\***\Documents\Auge.jpg

[2010.07.03 20:25:47 | 001,228,854 | ---- | M] () -- C:\Users\***\Desktop\Webcam1.bmp

[2010.07.03 20:16:31 | 001,247,677 | ---- | M] () -- C:\Users\***\Desktop\untitled.mp3

[2010.07.03 13:57:39 | 000,001,944 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010.07.01 16:36:49 | 000,035,840 | ---- | M] () -- C:\Users\***\Desktop\31.07.2002-19.42.14_Uhr.doc

[2010.06.29 20:40:57 | 000,002,057 | ---- | M] () -- C:\Users\Public\Desktop\PerfectDisk 11.lnk

[2010.06.29 20:07:02 | 000,126,464 | ---- | M] (AlcaTech) -- C:\Windows\System32\Setup.dll

[2010.06.28 14:24:11 | 000,671,254 | ---- | M] () -- C:\Users\***\Documents\Zusammenschrieb.pdf

[2010.06.21 18:31:56 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2010.06.19 16:30:14 | 000,000,132 | ---- | M] () -- C:\Users\***\AppData\Roaming\Adobe GIF Format CS5 Prefs

[2010.06.19 11:10:06 | 000,001,197 | ---- | M] () -- C:\Users\***\Desktop\DVDVideoSoft Free Studio.lnk

[2010.06.19 08:20:22 | 001,675,770 | ---- | M] () -- C:\Users\***\Desktop\TN_Mailing2010.pdf

[2010.06.16 21:03:03 | 000,085,744 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT

[2010.06.16 20:12:53 | 003,695,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

 
 ========== Files Created - No Company Name ==========

 

[2010.07.12 16:58:00 | 000,224,021 | ---- | C] () -- C:\Users\***\Desktop\The.Big.Lebowski.German.1998.AC3.DVDRiP.XviD.iNTERNAL-CiA.nzb

[2010.07.12 16:55:00 | 000,247,157 | ---- | C] () -- C:\Users\***\Desktop\_Bud.und.Doyle.German.1996.DVDRip.XviD.iNTERNAL-BiG.nzb

[2010.07.11 21:05:22 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk

[2010.07.11 20:26:50 | 000,001,024 | ---- | C] () -- C:\.rnd

[2010.07.11 20:26:47 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk

[2010.07.11 19:14:49 | 003,896,919 | ---- | C] () -- C:\Users\***\Desktop\Windows6.1-KB977206-x86.msu

[2010.07.11 19:09:36 | 009,591,606 | ---- | C] () -- C:\Users\***\Desktop\Windows6.1-KB958559-x86.msu

[2010.07.10 22:44:41 | 000,000,989 | ---- | C] () -- C:\Users\***\Desktop\blabla.gif

[2010.07.10 18:18:53 | 000,339,991 | ---- | C] () -- C:\Users\***\Desktop\RSIT.exe

[2010.07.10 18:06:32 | 000,032,132 | ---- | C] () -- C:\Users\***\Documents\cc_20100710_180629.reg

[2010.07.10 17:57:13 | 000,000,925 | ---- | C] () -- C:\Users\***\Desktop\CCleaner.lnk

[2010.07.10 16:50:41 | 000,000,000 | R--- | C] () -- C:\Users\***\AppData\Roaming\LJC8G.txt

[2010.07.10 16:50:41 | 000,000,000 | R--- | C] () -- C:\Users\***\AppData\Roaming\BkE6c.txt

[2010.07.07 18:50:11 | 000,015,882 | ---- | C] () -- C:\Users\***\Documents\1.docx

[2010.07.05 18:03:44 | 000,035,840 | ---- | C] () -- C:\Users\***\Documents\31.07.2002-19.42.14_Uhr-1.doc

[2010.07.05 18:01:16 | 000,013,820 | ---- | C] () -- C:\Users\***\Documents\Was sind Lebensmittelzusatzstoffe.docx

[2010.07.03 20:30:41 | 000,396,138 | ---- | C] () -- C:\Users\***\Documents\Auge.jpg

[2010.07.03 20:23:18 | 001,228,854 | ---- | C] () -- C:\Users\***\Desktop\Webcam1.bmp

[2010.07.03 20:18:57 | 000,292,176 | ---- | C] () -- C:\Users\***\Desktop\Webcam1.jpg

[2010.07.03 20:16:12 | 001,247,677 | ---- | C] () -- C:\Users\***\Desktop\untitled.mp3

[2010.07.03 19:53:40 | 001,440,826 | ---- | C] () -- C:\Users\***\Desktop\Webcam1.psd

[2010.07.03 13:57:39 | 000,001,944 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010.07.01 16:36:48 | 000,035,840 | ---- | C] () -- C:\Users\***\Desktop\31.07.2002-19.42.14_Uhr.doc

[2010.06.29 20:40:57 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\PerfectDisk 11.lnk

[2010.06.28 14:24:10 | 000,671,254 | ---- | C] () -- C:\Users\***\Documents\Zusammenschrieb.pdf

[2010.06.24 16:20:56 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2010.06.21 18:31:56 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2010.06.19 08:20:22 | 001,675,770 | ---- | C] () -- C:\Users\***\Desktop\TN_Mailing2010.pdf

[2010.06.17 18:56:11 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe GIF Format CS5 Prefs

[2010.05.28 17:17:31 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

< End of report >

Und der OTL Extra Log:

Code:

OTL Extras logfile created on: 12.07.2010 17:15:12 - Run 1

OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\***\Desktop

 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 127,58 Gb Total Space | 95,33 Gb Free Space | 74,72% Space Free | Partition Type: NTFS

Drive D: | 51,45 Gb Total Space | 43,66 Gb Free Space | 84,85% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 465,76 Gb Total Space | 154,92 Gb Free Space | 33,26% Space Free | Partition Type: NTFS

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: LAPTOP

Current User Name: ***

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [Bridge] -- D:\CS5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode

"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5

"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1

"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes

"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris

"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch

"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k

"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support

"{B7607FC8-72AD-486D-B6B7-A402D5876309}" = PerfectDisk 11 Professional

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"ASIO4ALL" = ASIO4ALL

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"CCleaner" = CCleaner

"CyberGhost VPN_is1" = CyberGhost VPN

"ENTERPRISE" = Microsoft Office Enterprise 2007

"FL Studio 9" = FL Studio 9

"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 3.0

"GrabIt_is1" = GrabIt 1.7.2 Beta 4 (build 997)

"Hardcore" = Hardcore

"IL Download Manager" = IL Download Manager

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)

"NVIDIA Drivers" = NVIDIA Drivers

"PoiZone" = PoiZone

"Sakura" = Sakura

"Sawer" = Sawer

"Toxic Biohazard" = Toxic Biohazard

"Uninstall_is1" = Uninstall 1.0.0.1

"VMware_Workstation" = VMware Workstation

"WinRAR archiver" = WinRAR

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.8.1

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 11.07.2010 15:05:32 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 11.07.2010 15:05:32 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 11.07.2010 15:05:32 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 11.07.2010 15:06:03 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 11.07.2010 15:06:03 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 11.07.2010 15:06:03 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 11.07.2010 15:06:03 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 11.07.2010 15:06:03 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 12.07.2010 10:28:01 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 12.07.2010 10:28:01 | Computer Name = Laptop | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

[ System Events ]

Error - 26.06.2010 17:42:04 | Computer Name = Laptop | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

 

Error - 27.06.2010 09:06:08 | Computer Name = Laptop | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

 

Error - 28.06.2010 11:40:36 | Computer Name = Laptop | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

 

Error - 30.06.2010 15:02:44 | Computer Name = Laptop | Source = volsnap | ID = 393252

Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher

 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

 

Error - 05.07.2010 14:36:47 | Computer Name = Laptop | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

 

Error - 05.07.2010 14:36:48 | Computer Name = Laptop | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

 

Error - 05.07.2010 14:36:48 | Computer Name = Laptop | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

 

Error - 05.07.2010 14:36:49 | Computer Name = Laptop | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

 

Error - 05.07.2010 14:36:49 | Computer Name = Laptop | Source = Disk | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

 

Error - 10.07.2010 09:05:16 | Computer Name = Laptop | Source = VDS Basic Provider | ID = 33554433

Description = 

 

 

< End of report >

Und nochmal Danke für die Hilfe:dankeschoen::dankeschoen::dankeschoen:

Ok hab ich gemacht

Code:

ComboFix 10-07-11.07 - *** 12.07.2010  19:16:00.1.2 - x86

Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3037.2127 [GMT 2:00]

ausgeführt von:: c:\users\***\Desktop\cofi.exe

.
 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.
 

C:\Install.exe

c:\windows\system32\AVSredirect.dll
 

.

(((((((((((((((((((((((   Dateien erstellt von 2010-06-12 bis 2010-07-12  ))))))))))))))))))))))))))))))

.
 

2010-07-12 17:21 . 2010-07-12 17:21        --------        d-----w-        c:\users\***\AppData\Local\temp

2010-07-12 17:21 . 2010-07-12 17:21        --------        d-----w-        c:\users\Default\AppData\Local\temp

2010-07-12 16:39 . 2010-07-12 16:39        --------        d-----w-        C:\_OTL

2010-07-11 19:30 . 2010-07-11 19:30        --------        d-----w-        c:\users\***\AppData\Local\VMware

2010-07-11 19:05 . 2010-02-25 15:51        25216        ----a-w-        c:\windows\system32\drivers\tap0901.sys

2010-07-11 19:05 . 2010-07-11 19:05        --------        d-----w-        c:\program files\S.A.D

2010-07-11 18:33 . 2010-07-11 20:00        --------        d-----w-        c:\users\***\AppData\Roaming\VMware

2010-07-11 18:28 . 2010-07-11 18:28        909320        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\uninstall.exe

2010-07-11 18:28 . 2010-07-11 18:28        625200        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\instUtils.dll

2010-07-11 18:28 . 2010-07-11 18:24        360448        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\module_license.dll

2010-07-11 18:28 . 2010-07-11 18:24        958000        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\vnetlib64.dll

2010-07-11 18:28 . 2010-07-11 18:24        922672        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\vnetlib64.exe

2010-07-11 18:28 . 2010-07-11 18:24        760368        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\vnetlib.dll

2010-07-11 18:28 . 2010-07-11 18:24        703024        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\vnetlib.exe

2010-07-11 18:28 . 2010-07-11 18:24        569344        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\module_core.dll

2010-07-11 18:28 . 2010-07-11 18:24        331776        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\module_ws.dll

2010-07-11 18:28 . 2010-07-11 18:24        731696        ----a-w-        c:\programdata\VMware\VMware Workstation\Uninstaller\vminstutil.dll

2010-07-11 18:27 . 2010-01-22 15:13        59952        ----a-w-        c:\windows\system32\vnetinst.dll

2010-07-11 18:27 . 2010-01-22 15:13        16560        ----a-w-        c:\windows\system32\drivers\vmnetadapter.sys

2010-07-11 18:27 . 2010-01-22 20:13        334384        ----a-w-        c:\windows\system32\vmnetdhcp.exe

2010-07-11 18:27 . 2010-01-22 20:13        395824        ----a-w-        c:\windows\system32\vmnat.exe

2010-07-11 18:27 . 2010-01-22 20:14        26288        ----a-w-        c:\windows\system32\drivers\vmnetuserif.sys

2010-07-11 18:27 . 2010-01-22 15:13        51248        ----a-r-        c:\windows\system32\vmnetbridge.dll

2010-07-11 18:27 . 2010-01-22 15:13        36400        ----a-r-        c:\windows\system32\drivers\vmnetbridge.sys

2010-07-11 18:27 . 2010-01-22 15:13        18736        ----a-r-        c:\windows\system32\drivers\vmnet.sys

2010-07-11 18:27 . 2010-01-22 20:13        760368        ----a-w-        c:\windows\system32\vnetlib.dll

2010-07-11 18:26 . 2010-01-22 20:14        23216        ----a-w-        c:\windows\system32\drivers\VMkbd.sys

2010-07-11 18:26 . 2010-07-11 18:26        --------        d-----w-        c:\program files\Common Files\VMware

2010-07-11 18:25 . 2010-07-12 17:14        --------        d-----w-        c:\programdata\VMware

2010-07-11 18:25 . 2010-07-11 18:25        --------        d-----w-        c:\program files\VMware

2010-07-11 17:28 . 2010-07-11 17:35        --------        d-----r-        c:\users\***\Virtual Machines

2010-07-11 17:24 . 2009-12-31 09:22        295936        ----a-w-        c:\windows\system32\drivers\vpcvmm.sys

2010-07-11 17:24 . 2009-12-31 09:05        2171392        ----a-w-        c:\windows\system32\VPCWizard.exe

2010-07-11 17:24 . 2009-12-31 09:05        3330560        ----a-w-        c:\windows\system32\vpc.exe

2010-07-11 17:24 . 2009-12-31 06:48        1003008        ----a-w-        c:\windows\system32\VMWindow.exe

2010-07-11 17:22 . 2009-09-23 01:18        14848        ----a-w-        c:\windows\system32\vpchbuspipe.dll

2010-07-11 17:22 . 2009-09-23 01:19        55040        ----a-w-        c:\windows\system32\drivers\vpcnfltr.sys

2010-07-11 17:22 . 2009-09-23 01:18        78336        ----a-w-        c:\windows\system32\drivers\vpcusb.sys

2010-07-11 17:22 . 2009-09-23 01:18        165376        ----a-w-        c:\windows\system32\drivers\vpchbus.sys

2010-07-11 17:22 . 2009-09-23 01:18        1260032        ----a-w-        c:\windows\system32\VPCSettings.exe

2010-07-11 17:22 . 2009-09-23 01:18        793600        ----a-w-        c:\windows\system32\vmsal.exe

2010-07-11 17:22 . 2009-09-23 01:18        559616        ----a-w-        c:\windows\system32\VMCPropertyHandler.dll

2010-07-11 17:20 . 2010-07-11 17:20        --------        d-----w-        c:\program files\Windows XP Mode

2010-07-11 17:02 . 2010-07-11 17:02        --------        d-----w-        c:\windows\system32\Wat

2010-07-10 16:24 . 2010-07-10 16:24        --------        d-----w-        C:\rsit

2010-07-10 16:24 . 2010-07-10 16:24        --------        d-----w-        c:\program files\trend micro

2010-07-10 16:10 . 2010-07-10 16:10        --------        d-----w-        c:\users\***\AppData\Roaming\Malwarebytes

2010-07-10 16:10 . 2010-04-29 10:19        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys

2010-07-10 16:10 . 2010-07-10 16:10        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware

2010-07-10 16:10 . 2010-07-10 16:10        --------        d-----w-        c:\programdata\Malwarebytes

2010-07-10 16:10 . 2010-04-29 10:19        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys

2010-07-10 15:57 . 2010-07-10 15:57        --------        d-----w-        c:\program files\CCleaner

2010-06-29 18:40 . 2010-06-29 18:40        --------        d-----w-        c:\programdata\Raxco

2010-06-29 09:36 . 2010-06-29 09:36        --------        d-----w-        c:\program files\MSXML 4.0

2010-06-27 10:36 . 2010-06-27 10:36        --------        d-----w-        c:\users\***\AppData\Local\Yahoo!

2010-06-24 15:25 . 2010-06-24 15:35        --------        d-----w-        C:\s-winprosa

2010-06-24 14:20 . 2009-09-27 07:39        369152        ----a-w-        c:\windows\system32\avisynth.dll

2010-06-24 14:20 . 2004-02-22 08:11        719872        ----a-w-        c:\windows\system32\devil.dll

2010-06-24 14:20 . 2004-01-24 22:00        70656        ----a-w-        c:\windows\system32\yv12vfw.dll

2010-06-24 14:20 . 2004-01-24 22:00        70656        ----a-w-        c:\windows\system32\i420vfw.dll

2010-06-24 14:20 . 2010-06-24 14:20        --------        d-----w-        c:\program files\AviSynth 2.5

2010-06-24 14:09 . 2010-06-24 14:09        --------        d-----w-        c:\users\***\AppData\Roaming\AnvSoft

2010-06-23 17:30 . 2009-11-25 10:47        99176        ----a-w-        c:\windows\system32\PresentationHostProxy.dll

2010-06-23 17:30 . 2009-11-25 10:47        49472        ----a-w-        c:\windows\system32\netfxperf.dll

2010-06-23 17:30 . 2009-11-25 10:47        297808        ----a-w-        c:\windows\system32\mscoree.dll

2010-06-23 17:30 . 2009-11-25 10:47        295264        ----a-w-        c:\windows\system32\PresentationHost.exe

2010-06-23 17:30 . 2009-11-25 10:47        1130824        ----a-w-        c:\windows\system32\dfshim.dll

2010-06-23 17:29 . 2010-03-24 06:37        1286456        ----a-w-        c:\windows\system32\ntdll.dll

2010-06-23 17:29 . 2010-05-09 09:14        641536        ----a-w-        c:\windows\system32\CPFilters.dll

2010-06-23 17:29 . 2010-05-09 09:14        417792        ----a-w-        c:\windows\system32\msdri.dll

2010-06-21 16:32 . 2010-06-26 11:08        --------        d-----w-        c:\users\***\AppData\Local\Apple Computer

2010-06-21 16:31 . 2010-06-21 16:31        --------        dc----w-        c:\windows\system32\DRVSTORE

2010-06-21 16:31 . 2009-05-18 11:17        26600        ----a-w-        c:\windows\system32\drivers\GEARAspiWDM.sys

2010-06-21 16:31 . 2008-04-17 10:12        107368        ----a-w-        c:\windows\system32\GEARAspi.dll

2010-06-21 16:31 . 2010-06-21 16:31        --------        d-----w-        c:\program files\iPod

2010-06-21 16:31 . 2010-06-21 16:31        --------        d-----w-        c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-06-21 16:31 . 2010-06-21 16:31        --------        d-----w-        c:\program files\iTunes

2010-06-21 16:30 . 2010-06-21 16:31        --------        d-----w-        c:\programdata\Apple Computer

2010-06-21 16:30 . 2010-06-21 16:31        --------        d-----w-        c:\program files\QuickTime

2010-06-21 16:30 . 2010-06-21 16:30        --------        d-----w-        c:\users\***\AppData\Local\Apple

2010-06-21 16:30 . 2010-06-21 16:30        --------        d-----w-        c:\program files\Apple Software Update

2010-06-21 16:30 . 2010-06-21 16:30        --------        d-----w-        c:\program files\Bonjour

2010-06-17 18:19 . 2010-06-17 18:19        --------        d-----w-        c:\users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2010-06-15 18:01 . 2010-06-15 18:01        72504        ----a-w-        c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe

2010-06-15 15:47 . 2010-06-15 15:47        --------        d-----w-        c:\users\***\AppData\Roaming\AlcaTech

2010-06-15 15:47 . 2010-06-29 18:07        126464        ----a-w-        c:\windows\system32\Setup.dll

2010-06-15 15:47 . 2010-06-15 15:47        --------        d-----w-        c:\programdata\AlcaTech
 

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-07-12 17:19 . 2009-07-14 08:47        658724        ----a-w-        c:\windows\system32\perfh007.dat

2010-07-12 17:19 . 2009-07-14 08:47        131850        ----a-w-        c:\windows\system32\perfc007.dat

2010-07-12 16:50 . 2010-05-29 17:41        --------        d-----w-        c:\users\***\AppData\Roaming\ICQ

2010-07-12 16:10 . 2010-05-27 14:44        --------        d-----w-        c:\users\***\AppData\Roaming\GrabIt

2010-07-11 17:25 . 2010-07-11 17:25        --------        d-----w-        c:\program files\Windows Virtual PC

2010-06-29 18:40 . 2010-05-27 15:13        --------        d-----w-        c:\program files\Raxco

2010-06-29 18:08 . 2010-05-28 15:32        --------        d--h--w-        c:\program files\InstallShield Installation Information

2010-06-29 18:07 . 2010-05-27 15:20        --------        d-----w-        c:\programdata\WindSolutions

2010-06-23 17:31 . 2010-06-05 15:45        --------        d-----w-        c:\program files\Microsoft.NET

2010-06-21 16:37 . 2010-05-27 15:49        --------        d-----w-        c:\users\***\AppData\Roaming\Apple Computer

2010-06-21 16:31 . 2010-05-27 15:34        --------        d-----w-        c:\program files\Common Files\Apple

2010-06-21 13:24 . 2010-05-27 15:20        --------        d-----w-        c:\users\***\AppData\Roaming\WindSolutions

2010-06-19 09:10 . 2010-05-27 14:26        --------        d-----w-        c:\program files\Common Files\DVDVideoSoft

2010-06-16 19:03 . 2010-05-27 13:58        85744        ----a-w-        c:\users\***\AppData\Local\GDIPFONTCACHEV1.DAT

2010-06-12 09:45 . 2010-06-12 09:45        --------        d-----w-        c:\users\***\AppData\Roaming\Adobe Mini Bridge CS5

2010-06-12 09:45 . 2010-06-12 09:45        --------        d-----w-        c:\users\***\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2010-06-12 09:34 . 2010-06-12 09:34        --------        d-----w-        c:\programdata\regid.1986-12.com.adobe

2010-06-12 09:31 . 2010-05-27 14:35        --------        d-----w-        c:\program files\Common Files\Adobe

2010-06-12 09:29 . 2010-06-12 09:29        --------        d-----w-        c:\program files\Common Files\Adobe AIR

2010-06-10 12:27 . 2010-05-29 17:40        --------        d-----w-        c:\program files\ICQ7.1

2010-06-09 18:32 . 2010-06-09 18:28        --------        d-----w-        c:\program files\VstPlugins

2010-06-09 18:30 . 2010-06-09 18:30        --------        d-----w-        c:\program files\ASIO4ALL v2

2010-06-09 18:28 . 2010-06-09 18:26        --------        d-----w-        c:\program files\Image-Line

2010-06-09 18:28 . 2010-06-09 18:28        --------        d-----w-        c:\program files\Outsim

2010-06-07 19:45 . 2010-06-07 19:45        --------        d-----w-        c:\users\***\AppData\Roaming\MyVideoDownloader

2010-06-05 15:47 . 2010-06-05 15:41        --------        d-----w-        c:\programdata\Microsoft Help

2010-06-05 15:46 . 2010-06-05 15:46        --------        d-----w-        c:\program files\Microsoft Works

2010-05-29 17:51 . 2010-05-29 17:51        0        ---ha-w-        c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf

2010-05-29 17:41 . 2010-05-29 17:41        --------        d-----w-        c:\program files\ICQ6Toolbar

2010-05-29 17:41 . 2010-05-29 17:41        --------        d-----w-        c:\programdata\ICQ

2010-05-28 15:20 . 2010-05-28 15:16        --------        d-----w-        c:\users\***\AppData\Roaming\DAEMON Tools Lite

2010-05-28 15:17 . 2010-05-28 15:17        --------        d-----w-        c:\program files\DAEMON Tools Lite

2010-05-28 15:17 . 2010-05-28 15:17        691696        ----a-w-        c:\windows\system32\drivers\sptd.sys

2010-05-28 15:16 . 2010-05-28 15:16        --------        d-----w-        c:\programdata\DAEMON Tools Lite

2010-05-27 15:48 . 2010-05-27 15:34        --------        d-----w-        c:\programdata\Apple

2010-05-27 15:22 . 2010-05-27 15:22        0        ---ha-w-        c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2010-05-27 15:07 . 2010-05-27 15:07        --------        d-----w-        c:\users\***\AppData\Roaming\Avira

2010-05-27 15:03 . 2010-05-27 15:03        --------        d-----w-        c:\programdata\Avira

2010-05-27 15:03 . 2010-05-27 15:03        --------        d-----w-        c:\program files\Avira

2010-05-27 14:34 . 2010-05-27 14:28        --------        d-----w-        c:\programdata\NOS

2010-05-27 14:32 . 2009-07-14 02:37        --------        d-----w-        c:\program files\Windows Mail

2010-05-27 14:29 . 2010-05-27 14:04        --------        d-----w-        c:\programdata\NVIDIA

2010-05-27 14:26 . 2010-05-27 14:26        --------        d-----w-        c:\program files\GrabIt

2010-05-27 14:26 . 2010-05-27 14:26        --------        d-----w-        c:\program files\DVDVideoSoft

2010-05-27 13:55 . 2010-05-27 13:55        --------        d-sh--we        c:\programdata\Vorlagen

2010-05-27 13:55 . 2010-05-27 13:55        --------        d-sh--we        c:\programdata\Startmenü

2010-05-27 13:55 . 2010-05-27 13:55        --------        d-sh--we        c:\programdata\Favoriten

2010-05-27 13:55 . 2010-05-27 13:55        --------        d-sh--we        c:\programdata\Dokumente

2010-05-27 13:55 . 2010-05-27 13:55        --------        d-sh--we        c:\programdata\Anwendungsdaten

2010-05-27 13:55 . 2010-05-27 13:55        --------        d-sh--we        c:\program files\Gemeinsame Dateien

2010-05-27 09:44 . 2010-05-27 09:44        237320        ----a-w-        c:\windows\system32\PDBoot.exe

2010-05-27 07:24 . 2010-06-12 07:29        34304        ----a-w-        c:\windows\system32\atmlib.dll

2010-05-27 03:49 . 2010-06-12 07:29        293888        ----a-w-        c:\windows\system32\atmfd.dll

2010-05-21 12:14 . 2010-05-27 14:12        221568        ------w-        c:\windows\system32\MpSigStub.exe

2010-05-21 05:18 . 2010-06-12 07:29        977920        ----a-w-        c:\windows\system32\wininet.dll

2010-05-18 14:35 . 2010-05-18 14:35        91424        ----a-w-        c:\windows\system32\dnssd.dll

2010-05-18 14:35 . 2010-05-18 14:35        75040        ----a-w-        c:\windows\system32\jdns_sd.dll

2010-05-18 14:35 . 2010-05-18 14:35        197920        ----a-w-        c:\windows\system32\dnssdX.dll

2010-05-18 14:35 . 2010-05-18 14:35        107808        ----a-w-        c:\windows\system32\dns-sd.exe

2010-05-01 14:49 . 2010-06-12 07:29        2326528        ----a-w-        c:\windows\system32\win32k.sys

2010-04-23 07:13 . 2010-05-27 14:08        2048        ----a-w-        c:\windows\system32\tzres.dll

2010-04-19 18:47 . 2010-04-19 18:47        3062048        ----a-w-        c:\windows\system32\usbaaplrc.dll

2010-04-19 18:47 . 2010-04-19 18:47        41984        ----a-w-        c:\windows\system32\drivers\usbaapl.sys

2009-06-10 21:26 . 2009-07-14 02:04        9633792        --sha-r-        c:\windows\Fonts\StaticCache.dat

2009-07-14 01:14 . 2009-07-13 23:42        396800        --sha-w-        c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

.
 

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-28 13797920]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv
 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute        REG_MULTI_SZ           PDBoot.exe\0autocheck autochk *
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06        976832        ----a-w-        c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-06-20 02:04        35760        ----a-w-        c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

2010-03-06 01:44        500208        ------w-        c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]

2010-02-22 02:57        406992        ----a-w-        c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2010-04-01 09:16        357696        ----a-w-        c:\program files\DAEMON Tools Lite\DTLite.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2010-06-15 14:33        141624        ----a-w-        c:\program files\iTunes\iTunesHelper.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

2010-04-29 10:19        1090952        ----a-w-        c:\program files\Malwarebytes' Anti-Malware\mbam.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-03-18 20:16        421888        ----a-w-        c:\program files\QuickTime\QTTask.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Realtime Audio Engine]

2009-11-23 19:40        70144        ----a-w-        c:\windows\System32\mmrtkrnl.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]

2010-02-19 11:37        517096        ----a-w-        c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]

2010-01-22 20:13        129584        ----a-w-        c:\program files\VMware\VMware Workstation\vmware-tray.exe
 

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]

R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-11 1343400]

R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-28 691696]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]

S2 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2010-06-25 2398856]

S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2010-01-22 70704]

S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760]

S3 NETw5s32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 32-Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]

S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
 

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://start.icq.com/

uInternet Settings,ProxyOverride = *.local

IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe

LSP: c:\program files\VMware\VMware Workstation\vsocklib.dll

FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\iwz2o6r4.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

FF - plugin: c:\users\***\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll

FF - plugin: c:\windows\system32\Wat\npWatWeb.dll
 

---- FIREFOX Richtlinien ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -
 

MSConfigStartUp-Halo2 - c:\users\***\AppData\Local\Temp\sshnas21.dll
 
 

.

--------------------- Gesperrte Registrierungsschluessel ---------------------
 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5
 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2010-07-12  19:22:43

ComboFix-quarantined-files.txt  2010-07-12 17:22
 

Vor Suchlauf: 9 Verzeichnis(se), 101.335.752.704 Bytes frei

Nach Suchlauf: 13 Verzeichnis(se), 101.252.939.776 Bytes frei
 

- - End Of File - - E9A48AA50BD5B9FDFAA0922D52C29AC6