Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Die Skriptdatei

Die Skriptdatei


Plagegeister aller Art und deren Bekämpfung: Die Skriptdatei

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.04.2012, 16:34   #1
Pandagirl
 
Die Skriptdatei - Frage

Die Skriptdatei


Liebes Forum, das ist mein erster Beitrag und ich bin nicht besonders erfahren mit Computerzeugs, also bitte verzeiht mir offensichtliche Fehler.

Ich habe gerade eben diesen Beitrag gelesen: http://www.trojaner-board.de/95766-s...-gefunden.html

Ich denke ich habe das selbe Problem. Wenn ich auf Computer-Verknüpfung klicke, wird mir diese Fehlermeldung angezeigt (windowsvista)ie Skriptdatei "C:Windows\xx.vbs" wurde nicht gefunden!
Ich habe (wie in oben angegebenem Link geraten) OTL runtergeladen und einen Scan durchgeführt:


OTL.Txt kommt gleich, ist ein bisschen zu lang...


Nur leider sagen mir diese beiden Reporte rein gar nichts. Habe ich jetzt einen Virus? Und wenn ja, wie werde ich den los? Ich bin gerade dabei Malwarebytes downzuloaden.

Freue und bedanke mich auf Antwort im Voraus!

OTL.TxtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.04.2012 16:20:03 - Run 1
OTL by OldTimer - Version 3.2.41.0     Folder = C:\Users\Sera\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 47,16% Memory free
6,19 Gb Paging File | 4,50 Gb Available in Paging File | 72,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287,71 Gb Total Space | 153,61 Gb Free Space | 53,39% Space Free | Partition Type: NTFS
Drive F: | 327,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: SERA-PC | User Name: Sera | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Sera\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\NCH Software\BroadCam\broadcam.exe (NCH Software)
PRC - C:\Programme\Baidu\BaiduPlayer\1.13.0.19\BaiduP2PService.exe (Baidu.com, Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Programme\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Common Files\PPLiveNetwork\PPAP.exe (PPLive Corporation)
PRC - C:\Programme\sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
PRC - C:\Programme\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Programme\sony\Network Utility\LANUtil.exe (Sony Corporation)
PRC - C:\Programme\sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\sony\VAIO Power Management\SPMService.exe (Sony Corporation)
PRC - C:\Programme\sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Programme\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\86f6e2383ca898849c321080b32b66f8\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\48302596a8c8f2ab396b3be518dbd800\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll ()
MOD - C:\Programme\Mozilla Firefox\js3250.dll ()
MOD - C:\Programme\Common Files\PPLiveNetwork\tipsdone.dll ()
MOD - C:\Programme\Common Files\PPLiveNetwork\tipsclient.dll ()
MOD - C:\Programme\Common Files\PPLiveNetwork\tipsstatistic.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\0c0985a86f0aa0d6aafe90ccdb1ca856\System.IdentityModel.Selectors.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c12259751030b8fb693006bb6e7dd55f\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a4b9d424cd4509b6b76fba81f347f561\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\696e2d9a6491947cd89ead8cc4cc658a\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\effa6ad5369cea835146937a5635275b\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll ()
MOD - C:\Programme\Common Files\PPLiveNetwork\MngModule.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Programme\Stardock\CursorFX\zlib1.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BroadCamService) -- C:\Programme\NCH Software\BroadCam\broadcam.exe (NCH Software)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\7.1.361.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\7.1.361.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (VUAgent) -- C:\Programme\sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VCFw) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (NSUService) -- C:\Programme\sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Programme\sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (AdobeActiveFileMonitor7.0) -- C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (uCamMonitor) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sscdmdm) -- system32\DRIVERS\sscdmdm.sys File not found
DRV - (sscdmdfl) -- system32\DRIVERS\sscdmdfl.sys File not found
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- system32\DRIVERS\sscdbus.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (NdisrdMP) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (Ndisrd) -- C:\Windows\System32\drivers\Ndisrd.sys (NT Kernel Resources)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCxdm924YYDE&ptb=O8fAdBhCUv_4my2PDgtuKg&psa=&ind=2010121610&ptnrS=ZCxdm924YYDE&si=&st=sb&n=77d0058a&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNYT
IE - HKLM\..\SearchScopes\{FEF36E3B-F768-4A7E-A590-DF7B1E9380CA}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCxdm924YYDE&ptb=O8fAdBhCUv_4my2PDgtuKg&psa=&ind=2010121610&ptnrS=ZCxdm924YYDE&si=&st=sb&n=77d0058a&searchfor={searchTerms}
IE - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNYT
IE - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..\SearchScopes\{FEF36E3B-F768-4A7E-A590-DF7B1E9380CA}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=&rlz=1I7SNYT_de
IE - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.gmx.ch/"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@alipay.com/npaliedit: C:\Windows\system32\aliedit\2.5.0.3\npaliedit.dll (Alipay.com co.,ltd)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@baidu.com/npxbdyy: C:\Program Files\Baidu\BaiduPlayer\1.13.0.19\npxbdyy.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pptv.com/plugin: C:\Program Files\Internet Explorer\PPLite\plugin\npplugin2.dll (PPLive Corporation)
FF - HKLM\Software\MozillaPlugins\@qq.com/npqscall: C:\Program Files\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
FF - HKLM\Software\MozillaPlugins\@qq.com/npqscall,version=1.0.0: %commonprogramfiles%\tencent\NPQSCALL\npqscall.dll File not found
FF - HKLM\Software\MozillaPlugins\@qq.com/QQPhotoDrawEx: C:\Program Files\Tencent\Qzone\npQQPhotoDrawEx.dll ()
FF - HKLM\Software\MozillaPlugins\@qq.com/QzoneMusic: C:\Program Files\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll (Tencent)
FF - HKLM\Software\MozillaPlugins\@qq.com/TXSSO: C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sera\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.07.12 17:08:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.22 13:40:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 04:52:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.07.12 17:08:31 | 000,000,000 | ---D | M]
 
[2009.09.15 18:34:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sera\AppData\Roaming\mozilla\Extensions
[2012.04.24 04:55:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sera\AppData\Roaming\mozilla\Firefox\Profiles\ummgvhgp.default\extensions
[2011.08.18 20:47:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sera\AppData\Roaming\mozilla\Firefox\Profiles\ummgvhgp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.18 20:47:56 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Sera\AppData\Roaming\mozilla\Firefox\Profiles\ummgvhgp.default\extensions\personas@christopher.beard
[2011.11.03 16:28:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.05.31 19:39:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.11.30 14:46:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.30 14:46:53 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.30 14:46:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.30 14:46:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.30 14:46:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Programme\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000..\Run: [Facebook Update] C:\Users\Sera\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000..\Run: [PPAP] C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe (PPLive Corporation)
O4 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Sera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Sera\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: taobao.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..Trusted Domains: alipay.com ([]http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..Trusted Domains: alipay.com ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..Trusted Domains: alisoft.com ([]http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..Trusted Domains: alisoft.com ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..Trusted Domains: taobao.com ([]http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1853740544-2963255041-2762684636-1000\..Trusted Domains: taobao.com ([]https in Vertrauenswürdige Sites)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 222.172.200.68 61.166.150.123
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2E27893-A70E-43A1-B92D-33895DB60DE1}: DhcpNameServer = 222.172.200.68 61.166.150.123
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB6F9C2A-1211-4AEE-AAE2-7145085F542A}: NameServer = 88.149.128.12,88.149.128.22
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Sera\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Sera\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk C:\
O33 - MountPoints2\{2f1d05a7-ed8d-11de-b0c0-0022fb68724a}\Shell - "" = AutoRun
O33 - MountPoints2\{2f1d05a7-ed8d-11de-b0c0-0022fb68724a}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{2f1d05b2-ed8d-11de-b0c0-0022fb68724a}\Shell - "" = AutoRun
O33 - MountPoints2\{2f1d05b2-ed8d-11de-b0c0-0022fb68724a}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b29c5e38-ef55-11de-82be-0022fb68724a}\Shell - "" = AutoRun
O33 - MountPoints2\{b29c5e38-ef55-11de-82be-0022fb68724a}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b6a766b7-ec89-11de-bda5-0022fb68724a}\Shell - "" = AutoRun
O33 - MountPoints2\{b6a766b7-ec89-11de-bda5-0022fb68724a}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e7b0e4d4-73c1-11df-b16b-e98484027862}\Shell - "" = AutoRun
O33 - MountPoints2\{e7b0e4d4-73c1-11df-b16b-e98484027862}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{e7b0e4f8-73c1-11df-b16b-89fdb499a119}\Shell\AutoRun\command - "" = I:\Menu.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Programme\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.24 16:20:13 | 000,000,000 | ---D | C] -- C:\Users\Sera\AppData\Roaming\Avira
[2012.04.24 16:14:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.04.24 16:14:30 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.04.24 16:14:29 | 000,137,416 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.04.24 16:14:29 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.04.24 16:14:29 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.04.24 16:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.04.24 16:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.04.23 05:59:48 | 000,155,648 | -HS- | C] (Microsoft Corporation) -- C:\Windows\System\svchost.exe
[2012.04.20 16:22:54 | 000,000,000 | -HSD | C] -- C:\baidu player
[2012.04.20 16:22:45 | 000,000,000 | ---D | C] -- C:\Users\Sera\AppData\Roaming\Baidu
[2012.04.20 16:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Baidu
[2012.04.20 16:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Player
[2012.04.20 16:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Baidu
[2012.04.17 16:12:34 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.04.12 04:58:37 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.04.12 04:58:37 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.04.12 04:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.04.12 04:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.04.11 16:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2012.04.11 16:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2012.04.11 15:51:15 | 000,000,000 | ---D | C] -- C:\Users\Sera\Desktop\Klingeltöne
[2012.04.11 15:37:06 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.11 15:37:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.11 15:37:04 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.11 15:37:04 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.04.11 15:37:04 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.04.11 15:37:04 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.04.11 15:37:04 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.04.11 15:37:03 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.11 15:37:03 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.04.11 15:37:03 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.04.11 15:37:03 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.11 15:37:03 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.04.11 15:37:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.04.11 15:37:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.04.11 15:37:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.04.11 15:37:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.04.11 15:37:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.04.11 15:37:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.04.11 15:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs
[2012.04.06 06:55:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\aliedit
[2012.03.27 13:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.03.27 13:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.24 16:25:23 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1853740544-2963255041-2762684636-1000UA.job
[2012.04.24 16:22:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1853740544-2963255041-2762684636-1000Core.job
[2012.04.24 16:17:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.24 16:16:36 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D9EB60D9-D448-479D-B1D6-66D28136713B}.job
[2012.04.24 16:14:41 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.04.24 16:04:38 | 000,001,199 | ---- | M] () -- C:\Users\Sera\Desktop\freeu.ini
[2012.04.24 15:59:36 | 000,001,199 | ---- | M] () -- C:\Users\Sera\Desktop\fg.ini
[2012.04.24 15:31:42 | 000,000,138 | ---- | M] () -- C:\Windows\vsfilter.INI
[2012.04.24 14:44:39 | 000,087,812 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.04.24 14:44:29 | 000,087,812 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.04.24 14:44:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.24 14:44:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.24 14:44:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.24 14:44:08 | 3218,055,168 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.24 08:13:33 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.04.24 08:12:06 | 000,000,104 | ---- | M] () -- C:\Users\Sera\Desktop\Computer - Verknüpfung.lnk
[2012.04.24 06:51:44 | 000,002,377 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.24 04:51:57 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.24 04:51:57 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.24 04:51:57 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.24 04:51:57 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.23 05:59:47 | 000,019,995 | -HS- | M] () -- C:\1306634069.vbs
[2012.04.23 05:59:47 | 000,000,563 | ---- | M] () -- C:\Dokumente und Einstellungen.lnk
[2012.04.23 05:59:47 | 000,000,559 | ---- | M] () -- C:\System Volume Information.lnk
[2012.04.23 05:59:47 | 000,000,553 | ---- | M] () -- C:\Documents and Settings.lnk
[2012.04.23 05:59:47 | 000,000,545 | ---- | M] () -- C:\VAIO Entertainment.lnk
[2012.04.23 05:59:47 | 000,000,535 | ---- | M] () -- C:\Program Files.lnk
[2012.04.23 05:59:47 | 000,000,535 | ---- | M] () -- C:\FavoriteVideo.lnk
[2012.04.23 05:59:47 | 000,000,535 | ---- | M] () -- C:\Documentation.lnk
[2012.04.23 05:59:47 | 000,000,535 | ---- | M] () -- C:\Click to Disc.lnk
[2012.04.23 05:59:47 | 000,000,533 | ---- | M] () -- C:\baidu player.lnk
[2012.04.23 05:59:47 | 000,000,533 | ---- | M] () -- C:\$Recycle.Bin.lnk
[2012.04.23 05:59:47 | 000,000,531 | ---- | M] () -- C:\ProgramData.lnk
[2012.04.23 05:59:47 | 000,000,531 | ---- | M] () -- C:\_FS_SWRINFO.lnk
[2012.04.23 05:59:47 | 000,000,527 | ---- | M] () -- C:\Programme.lnk
[2012.04.23 05:59:47 | 000,000,525 | ---- | M] () -- C:\PerfLogs.lnk
[2012.04.23 05:59:47 | 000,000,525 | ---- | M] () -- C:\MSOCache.lnk
[2012.04.23 05:59:47 | 000,000,523 | ---- | M] () -- C:\Windows.lnk
[2012.04.23 05:59:47 | 000,000,523 | ---- | M] () -- C:\QQMusic.lnk
[2012.04.23 05:59:47 | 000,000,521 | ---- | M] () -- C:\Update.lnk
[2012.04.23 05:59:47 | 000,000,519 | ---- | M] () -- C:\Users.lnk
[2012.04.23 05:59:47 | 000,000,519 | ---- | M] () -- C:\movie.lnk
[2012.04.23 05:59:47 | 000,000,517 | ---- | M] () -- C:\Boot.lnk
[2012.04.23 05:59:47 | 000,000,513 | ---- | M] () -- C:\qq.lnk
[2012.04.23 05:59:47 | 000,000,250 | -HS- | M] () -- C:\AutoRun.inf
[2012.04.22 13:43:35 | 000,002,631 | ---- | M] () -- C:\Users\Sera\Desktop\Microsoft Office Word 2007.lnk
[2012.04.17 16:12:34 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.04.17 16:12:34 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.04.14 03:46:27 | 000,116,604 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2012.04.13 03:50:02 | 000,002,633 | ---- | M] () -- C:\Users\Sera\Desktop\Microsoft Office Excel 2007.lnk
[2012.04.12 04:57:41 | 000,000,600 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\winscp.rnd
[2012.04.11 15:06:45 | 000,058,880 | ---- | M] () -- C:\Users\Sera\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2012.04.24 16:14:41 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.04.24 15:59:35 | 000,001,199 | ---- | C] () -- C:\Users\Sera\Desktop\freeu.ini
[2012.04.24 15:58:09 | 000,001,199 | ---- | C] () -- C:\Users\Sera\Desktop\fg.ini
[2012.04.24 08:12:06 | 000,000,104 | ---- | C] () -- C:\Users\Sera\Desktop\Computer - Verknüpfung.lnk
[2012.04.23 05:59:47 | 000,019,995 | -HS- | C] () -- C:\1306634069.vbs
[2012.04.23 05:59:47 | 000,000,563 | ---- | C] () -- C:\Dokumente und Einstellungen.lnk
[2012.04.23 05:59:47 | 000,000,559 | ---- | C] () -- C:\System Volume Information.lnk
[2012.04.23 05:59:47 | 000,000,553 | ---- | C] () -- C:\Documents and Settings.lnk
[2012.04.23 05:59:47 | 000,000,545 | ---- | C] () -- C:\VAIO Entertainment.lnk
[2012.04.23 05:59:47 | 000,000,535 | ---- | C] () -- C:\Program Files.lnk
[2012.04.23 05:59:47 | 000,000,535 | ---- | C] () -- C:\FavoriteVideo.lnk
[2012.04.23 05:59:47 | 000,000,535 | ---- | C] () -- C:\Documentation.lnk
[2012.04.23 05:59:47 | 000,000,535 | ---- | C] () -- C:\Click to Disc.lnk
[2012.04.23 05:59:47 | 000,000,533 | ---- | C] () -- C:\baidu player.lnk
[2012.04.23 05:59:47 | 000,000,533 | ---- | C] () -- C:\$Recycle.Bin.lnk
[2012.04.23 05:59:47 | 000,000,531 | ---- | C] () -- C:\ProgramData.lnk
[2012.04.23 05:59:47 | 000,000,531 | ---- | C] () -- C:\_FS_SWRINFO.lnk
[2012.04.23 05:59:47 | 000,000,527 | ---- | C] () -- C:\Programme.lnk
[2012.04.23 05:59:47 | 000,000,525 | ---- | C] () -- C:\PerfLogs.lnk
[2012.04.23 05:59:47 | 000,000,525 | ---- | C] () -- C:\MSOCache.lnk
[2012.04.23 05:59:47 | 000,000,523 | ---- | C] () -- C:\Windows.lnk
[2012.04.23 05:59:47 | 000,000,523 | ---- | C] () -- C:\QQMusic.lnk
[2012.04.23 05:59:47 | 000,000,521 | ---- | C] () -- C:\Update.lnk
[2012.04.23 05:59:47 | 000,000,519 | ---- | C] () -- C:\Users.lnk
[2012.04.23 05:59:47 | 000,000,519 | ---- | C] () -- C:\movie.lnk
[2012.04.23 05:59:47 | 000,000,517 | ---- | C] () -- C:\Boot.lnk
[2012.04.23 05:59:47 | 000,000,513 | ---- | C] () -- C:\qq.lnk
[2012.04.23 05:59:47 | 000,000,250 | -HS- | C] () -- C:\AutoRun.inf
[2012.04.20 16:25:01 | 000,000,138 | ---- | C] () -- C:\Windows\vsfilter.INI
[2012.04.17 16:12:35 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.14 03:46:27 | 000,116,604 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012.04.11 16:24:57 | 000,000,600 | ---- | C] () -- C:\Users\Sera\AppData\Roaming\winscp.rnd
[2012.04.11 15:33:34 | 000,000,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
[2012.04.11 13:58:42 | 000,000,971 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BroadCam Video Streaming Server.lnk
[2012.04.11 13:58:29 | 000,000,987 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Videobearbeitungs-Software.lnk
[2012.04.02 04:55:51 | 000,000,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2012.03.27 13:51:02 | 000,002,377 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.10.19 08:16:16 | 000,018,760 | ---- | C] () -- C:\Windows\System32\QQVistaHelper.dll
[2011.08.13 14:13:18 | 000,000,572 | ---- | C] () -- C:\Windows\hpomdl51.dat.temp
[2011.07.12 17:00:16 | 000,192,786 | ---- | C] () -- C:\Windows\hpoins51.dat
[2011.07.07 22:17:39 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.04.17 01:21:21 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini
[2010.09.03 20:27:01 | 000,000,680 | ---- | C] () -- C:\Users\Sera\AppData\Local\d3d9caps.dat
[2010.05.28 06:42:01 | 000,000,572 | ---- | C] () -- C:\Windows\hpomdl51.dat
 
========== LOP Check ==========
 
[2012.04.20 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Baidu
[2009.12.24 18:36:59 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Desperate Housewives
[2011.07.27 15:03:17 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\DVDVideoSoft
[2011.03.25 12:36:23 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.08.13 16:36:13 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\InterVideo
[2009.07.24 15:40:18 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\IrfanView
[2011.04.17 01:17:20 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\PhotoScape
[2012.02.29 15:27:20 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\PPLive
[2011.10.19 08:37:14 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\QQMusicUpdate
[2009.07.24 15:43:16 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\TeamViewer
[2012.02.11 06:54:16 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Tencent
[2009.12.19 12:37:27 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Vodafone
[2012.04.24 16:22:00 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1853740544-2963255041-2762684636-1000Core.job
[2012.04.24 16:25:23 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1853740544-2963255041-2762684636-1000UA.job
[2012.04.24 08:13:33 | 000,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.04.24 16:16:36 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D9EB60D9-D448-479D-B1D6-66D28136713B}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.05.08 15:13:13 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Adobe
[2012.04.15 07:47:31 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Apple Computer
[2009.08.03 22:21:22 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\ArcSoft
[2012.04.24 16:20:13 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Avira
[2012.04.20 16:22:46 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Baidu
[2009.12.24 18:36:59 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Desperate Housewives
[2011.04.20 10:26:20 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\DivX
[2011.07.27 15:03:17 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\DVDVideoSoft
[2011.03.25 12:36:23 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.09.15 18:32:18 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Google
[2011.08.13 14:17:45 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\HP
[2011.07.19 17:32:27 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\HpUpdate
[2009.07.23 13:25:41 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Identities
[2009.09.23 17:22:58 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Intel
[2009.08.13 16:36:13 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\InterVideo
[2009.07.24 15:40:18 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\IrfanView
[2009.07.23 15:48:33 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Media Center Programs
[2011.12.07 07:59:10 | 000,000,000 | --SD | M] -- C:\Users\Sera\AppData\Roaming\Microsoft
[2009.09.15 18:34:22 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Mozilla
[2012.04.18 15:33:41 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\NCH Software
[2011.04.17 01:17:20 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\PhotoScape
[2012.02.29 15:27:20 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\PPLive
[2011.10.19 08:37:14 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\QQMusicUpdate
[2011.05.18 20:06:44 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Roxio
[2012.04.24 07:49:26 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Skype
[2011.07.16 13:41:03 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\skypePM
[2009.08.14 22:52:26 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Sony Corporation
[2009.07.24 15:43:16 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\TeamViewer
[2012.02.11 06:54:16 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Tencent
[2009.12.19 12:37:27 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\Vodafone
[2010.03.06 12:36:38 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\WinRAR
[2011.04.13 17:56:05 | 000,000,000 | ---D | M] -- C:\Users\Sera\AppData\Roaming\ZoomBrowser EX
 
< %APPDATA%\*.exe /s >
[2012.04.20 16:22:46 | 000,537,544 | ---- | M] (Baidu.com) -- C:\Users\Sera\AppData\Roaming\Baidu\hao123\1.0.0.1083.hao123.exe
[2011.07.23 14:39:23 | 003,085,984 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Sera\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2012.02.08 07:12:35 | 000,106,496 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Sera\AppData\Roaming\Microsoft\Installer\{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}\NewShortcut31_2F252077BA3F4362913955273A708467.exe
[2012.02.15 16:27:31 | 000,061,440 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Sera\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\ARPPRODUCTICON.exe
[2012.02.15 16:27:32 | 000,106,496 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Sera\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut1_EDD4ABB1C1B34A9D84CE33FBFB5D3639.exe
[2012.02.15 16:27:32 | 000,061,440 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Sera\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut2_E88611396FF84AFCB2EE5C1594058E02.exe
[2012.02.15 16:27:32 | 000,106,496 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Sera\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut311_0951773981FA4AB2BC21B7DCEC95892A.exe
[2012.02.15 16:27:32 | 000,106,496 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Sera\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut31_2F252077BA3F4362913955273A708467.exe
[2009.07.24 17:13:34 | 000,010,134 | R--- | M] () -- C:\Users\Sera\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2012.02.29 15:14:12 | 005,890,224 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\PPLive\PPLite\Update\PPLite_Update.exe
[2012.01.17 11:24:02 | 000,128,472 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\PPLive\PPLive\crashreporter.exe
[2012.01.17 11:24:12 | 000,436,600 | ---- | M] (PPLive Corporation) -- C:\Users\Sera\AppData\Roaming\PPLive\PPLive\PPLive.exe
[2012.01.17 11:24:28 | 000,436,600 | ---- | M] (PPLive Corporation) -- C:\Users\Sera\AppData\Roaming\PPLive\PPLive\PPLiveU.exe
[2012.01.17 11:24:32 | 000,099,704 | ---- | M] (PPTV) -- C:\Users\Sera\AppData\Roaming\PPLive\PPLive\PPTVIconBubble.exe
[2012.01.17 10:34:24 | 000,046,456 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\PPLive\PPLive\RepairSetup.exe
[2012.01.17 10:34:22 | 000,032,120 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\PPLive\PPLive\SkinConverter.exe
[2012.02.29 15:28:08 | 000,382,385 | ---- | M] (PPLive Corporation) -- C:\Users\Sera\AppData\Roaming\PPLive\PPLive\uninst.exe
[2012.02.08 07:09:47 | 000,982,296 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\Tencent\QQ\commonf_inst\TXSSOSetup.exe
[2012.02.15 16:26:44 | 000,031,096 | ---- | M] (Tencent) -- C:\Users\Sera\AppData\Roaming\Tencent\QQ\SafeBase\QQSafeUD.exe
[2012.02.08 07:10:02 | 001,093,256 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download\P2PSetup.exe
[2012.02.08 07:09:52 | 001,541,976 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download\QQPhotoDrawExSetupForQQ.exe
[2012.02.08 07:09:39 | 003,894,008 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\Tencent\QQ\STemp\BackupDLTmp\Download\QzoneMusicInstall.exe
[2012.02.08 07:09:08 | 000,238,968 | ---- | M] (Tencent) -- C:\Users\Sera\AppData\Roaming\Tencent\QQ\STemp\SetupEx~0\QQSetupEx.exe
[2011.11.17 07:46:29 | 020,185,088 | ---- | M] (深圳市腾讯计算机系统有限公司) -- C:\Users\Sera\AppData\Roaming\Tencent\QQ\Temp\Setup\QQGameHallInstall.exe
[2011.10.19 08:40:21 | 011,964,672 | ---- | M] () -- C:\Users\Sera\AppData\Roaming\Tencent\QQMusic\Cache\59000015.zip.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys
[2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys
[2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys
[2008.04.22 02:20:41 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_054cd65f\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Files - Unicode (All) ==========
[2012.04.23 05:59:29 | 000,014,987 | ---- | M] ()(C:\Users\Sera\Desktop\????.docx) -- C:\Users\Sera\Desktop\爱情公寓.docx
[2012.04.22 16:24:32 | 000,014,987 | ---- | C] ()(C:\Users\Sera\Desktop\????.docx) -- C:\Users\Sera\Desktop\爱情公寓.docx
[2012.04.20 16:22:47 | 000,000,000 | ---D | C](C:\Users\Sera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hao123???) -- C:\Users\Sera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hao123桌面版
[2012.04.20 16:22:47 | 000,000,000 | ---D | C](C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hao123???) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hao123桌面版
[2012.04.07 13:18:34 | 036,154,530 | ---- | M] ()(C:\Users\Sera\Desktop\Martial Arts Music(????).wav) -- C:\Users\Sera\Desktop\Martial Arts Music(武术音乐).wav
[2012.04.07 11:18:31 | 036,154,530 | ---- | C] ()(C:\Users\Sera\Desktop\Martial Arts Music(????).wav) -- C:\Users\Sera\Desktop\Martial Arts Music(武术音乐).wav
[2012.03.13 06:45:46 | 000,000,000 | ---D | M](C:\Users\Sera\Desktop\????) -- C:\Users\Sera\Desktop\师范大学
[2011.10.23 16:38:11 | 000,000,000 | ---D | C](C:\Users\Sera\Desktop\????) -- C:\Users\Sera\Desktop\师范大学
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
 
< End of report >
--- --- ---

Alt 24.04.2012, 20:59   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Die Skriptdatei - Standard

Die Skriptdatei


Hat AntiVir schonmal was gefunden?
Wenn ja, alle Logs davon posten.
__________________

__________________
Alt 26.04.2012, 02:36   #3
Pandagirl
 
Die Skriptdatei - Standard

Die Skriptdatei


Ich habe jetzt einen Antivirscan durchlaufen lassen und einen Virus gefunden. Er wird als "VBS/Agent.II.2" angezeigt, aber Antivir hat ihn nicht gelöscht - wie werde ich diesen Plagegeist los?

Danke
__________________
Alt 26.04.2012, 09:27   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Die Skriptdatei - Standard

Die Skriptdatei


Was genau verstehst du an "alle Logs posten" eigentlich nicht?
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Die Skriptdatei
4d36e972-e325-11ce-bfc1-08002be10318, avira, baidu, bingbar, bonjour, converter, desktop, device driver, error, excel, fehlermeldung, flash player, format, google, home, limited.com/facebook, logfile, microsoft office word, mozilla, mp3, nvstor.sys, plug-in, realtek, registry, rundll, scan, searchscopes, security, server, skriptdatei nicht gefunden, software, svchost.exe, tcp, tencent, udp, version=1.0, windows, windowsvista, wrapper


« Benachrichtigungssymbole in Taskleiste sehen sehr "komisch" aus - Malware? | Windows Trojaner »


Ähnliche Themen: Die Skriptdatei


  1. Fehlende Skriptdatei & Verknüpfungen statt Ordner
    Log-Analyse und Auswertung - 14.03.2012 (5)
  2. Firefox will Skriptdatei runterladen
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (23)
  3. Die Skriptdatei Name.vbs wurde nicht gefunden!
    Plagegeister aller Art und deren Bekämpfung - 18.02.2011 (9)
  4. Skriptdatei boot.ini nicht gefunde...
    Plagegeister aller Art und deren Bekämpfung - 03.05.2008 (2)
  5. Skriptdatei C.\WINDOWS\boot.ini fehlt
    Mülltonne - 02.05.2008 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Die Skriptdatei - Liebes Forum, das ist mein erster Beitrag und ich bin nicht besonders erfahren mit Computerzeugs, also bitte verzeiht mir offensichtliche Fehler. Ich habe gerade eben diesen Beitrag gelesen: http://www.trojaner-board.de/95766-s...-gefunden.html Ich - Die Skriptdatei...
Archiv
Du betrachtest: Die Skriptdatei auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58