Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.06.2012, 08:02   #1
virusistdoof
 
PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber? - Standard

PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber?



Guten Tag Forum,
erstmal grosses Lob für die detailierten Beschreibungen, die Erklärthreads sind der Hammer!
Und 1000 Dank das mein Rechner jetzt erstmal wieder läuft, dieser Platinum-XXXX ist ja echt mieß.

Ok, ich hab dieses Thema durchgearbeitet:
http://www.trojaner-board.de/116774-...entfernen.html
und alle 3 Scanner laufen lassen, beim 3ten wurde nix mehr gefunden,unten folgen die Logfiles.

Meine Frage, ist der Rechner jetzt wieder ok?

Nochmals vielen Dank!

_________________________________________________________________________

Logfile von Malwarebytes:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.18.07

Windows XP Service Pack 3 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 6.0.2900.5512
MIKA :: VAIO [Administrator]

Schutz: Deaktiviert

18.06.2012 21:52:37
mbam-log-2012-06-18 (21-52-37).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 215148
Laufzeit: 2 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum (Trojan.FakeAlert.LSPGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|529C50A800006A620000258FD151FC84 (Trojan.FakeAlert.LSPGen) -> Daten: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\529C50A800006A620000258FD151FC84\529C50A800006A620000258FD151FC84.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\529C50A800006A620000258FD151FC84\529C50A800006A620000258FD151FC84.exe (Trojan.FakeAlert.LSPGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Dokumente und Einstellungen\MIKA\Desktop\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


_________________________________________________________________________

Logfile von Emsisoft Anti-Malware:

Emsisoft Anti-Malware - Version 6.6
Letztes Update: 18.06.2012 22:18:40

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
Archiv Scan: An
ADS Scan: An

Scan Beginn: 18.06.2012 22:18:50

c:\dokumente und einstellungen\mika\startmenü\programme\live security platinum\live security platinum.lnk gefunden: Trace.File.livesecurityplatinum!E1
C:\System Volume Information\_restore{E895C312-F1D7-4F63-B5B3-B26DD2D11986}\RP24\A0007250.exe gefunden: Trojan.Win32.FakeAV!E2
C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Temporary Internet Files\Content.IE5\O5Q7WDMN\soft4[1].exe gefunden: Trojan.Win32.FakeAV!E2
D:\# SOFTWARE\FILE Renamer\filerenamerbasic.exe gefunden: Riskware.Win32.MyWay.c!E1

Gescannt 551589
Gefunden 4

Scan Ende: 19.06.2012 00:25:49
Scan Zeit: 2:06:59

D:\# SOFTWARE\FILE Renamer\filerenamerbasic.exe Quarantäne Riskware.Win32.MyWay.c!E1
C:\System Volume Information\_restore{E895C312-F1D7-4F63-B5B3-B26DD2D11986}\RP24\A0007250.exe Quarantäne Trojan.Win32.FakeAV!E2
C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Temporary Internet Files\Content.IE5\O5Q7WDMN\soft4[1].exe Quarantäne Trojan.Win32.FakeAV!E2
c:\dokumente und einstellungen\mika\startmenü\programme\live security platinum\live security platinum.lnk Quarantäne Trace.File.livesecurityplatinum!E1

Quarantäne 4


_________________________________________________________________________

Logfile von HitmanPro 3.6:

Alt 21.06.2012, 07:29   #2
virusistdoof
 
PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber? - Standard

PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber?



Sorry, die fehlen wohl noch, hier die Logfiles von OTL,

OTL.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 21.06.2012 07:34:46 - Run 1
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Dokumente und Einstellungen\MIKA\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,42 Mb Total Physical Memory | 655,20 Mb Available Physical Memory | 64,08% Memory free
2,40 Gb Paging File | 1,73 Gb Available in Paging File | 71,96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,26 Gb Total Space | 22,82 Gb Free Space | 61,24% Space Free | Partition Type: NTFS
Drive D: | 48,91 Gb Total Space | 16,36 Gb Free Space | 33,45% Space Free | Partition Type: NTFS
 
Computer Name: VAIO | User Name: MIKA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.18 22:42:21 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MIKA\Desktop\OTL.exe
PRC - [2012.06.17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.05.20 17:41:42 | 000,153,600 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2005.05.15 05:51:24 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Power Management\SPMgr.exe
PRC - [2004.02.20 14:12:34 | 000,032,768 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\ISB Utility\ISBMgr.exe
PRC - [2003.11.07 10:21:28 | 000,114,688 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2003.02.26 04:08:42 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2002.03.14 16:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2005.05.20 17:42:20 | 000,010,752 | ---- | M] () -- C:\Programme\Sony\VAIO Event Service\VESBasePS.dll
MOD - [2004.11.02 21:16:40 | 000,121,856 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Programme\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.06.10 13:51:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2005.05.20 17:41:42 | 000,153,600 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.04.30 18:45:28 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.05.19 14:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2005.06.29 07:35:10 | 003,173,888 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.06.10 03:31:28 | 000,076,800 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
DRV - [2005.05.23 03:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.05.23 03:30:48 | 000,178,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.05.23 03:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.05.03 07:03:54 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005.04.30 16:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2005.02.10 23:07:50 | 000,456,448 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS)
DRV - [2003.09.29 06:31:38 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2000.12.05 16:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000.11.09 12:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Sony: Community: Welcome to the Sony Community for Computing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "eBay"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.06.10 13:14:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2012.06.10 03:01:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Mozilla\Extensions
[2012.06.11 10:22:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Mozilla\Firefox\Profiles\evdvgxkz.default\extensions
[2012.06.10 03:01:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.10 03:16:33 | 000,634,964 | ---- | M] () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MIKA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\EVDVGXKZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.06.11 01:53:28 | 000,697,058 | ---- | M] () (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MIKA\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\EVDVGXKZ.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2012.06.01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.01 18:33:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll File not found
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIO Update 2] C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SnagIt 8.lnk = C:\Programme\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Autostart\Verknüpfung mit AUTOSTART HOTKEY VAIO.lnk = D:\AUTOHOTKEY STUFF\AUTOSTART HOTKEY VAIO.ahk ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4E15CB7-3F3B-4F4D-AC5C-273597C9CD0F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.07.13 12:03:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.05.12 12:13:22 | 000,000,000 | ---D | M] - D:\AUTOHOTKEY STUFF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.19 08:40:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HitmanPro
[2012.06.19 00:28:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\EurekaLog
[2012.06.18 23:28:23 | 007,287,176 | ---- | C] (SurfRight B.V.) -- C:\Dokumente und Einstellungen\MIKA\Desktop\HitmanPro36.exe
[2012.06.18 22:42:19 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MIKA\Desktop\OTL.exe
[2012.06.18 22:13:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware
[2012.06.18 22:12:59 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.06.18 22:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Anti-Malware
[2012.06.18 21:44:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Malwarebytes
[2012.06.18 21:44:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.06.18 21:44:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.06.18 21:44:36 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.06.18 21:44:36 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.06.18 06:50:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\529C50A800006A620000258FD151FC84
[2012.06.16 20:37:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\TeamViewer
[2012.06.14 23:43:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AutoHotkey
[2012.06.14 23:43:47 | 000,000,000 | ---D | C] -- C:\Programme\AutoHotkey
[2012.06.10 16:09:17 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2012.06.10 15:35:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\SmartFTP
[2012.06.10 15:31:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SmartFTP Client
[2012.06.10 15:31:12 | 000,000,000 | ---D | C] -- C:\Programme\SmartFTP Client
[2012.06.10 15:30:12 | 000,000,000 | ---D | C] -- C:\Programme\SmartFTP Client 3.0 Setup Files
[2012.06.10 14:52:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Adobe
[2012.06.10 14:46:33 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2012.06.10 14:43:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FLEXnet
[2012.06.10 14:24:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ALM
[2012.06.10 14:05:55 | 000,190,696 | ---- | C] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\NPSWF32_FlashUtil.exe
[2012.06.10 13:56:45 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2012.06.10 13:55:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Master Collection CS3
[2012.06.10 13:51:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared
[2012.06.10 13:22:03 | 000,053,248 | ---- | C] (kish Designs) -- C:\WINDOWS\System32\cptoshex.dll
[2012.06.10 13:22:03 | 000,000,000 | ---D | C] -- C:\Programme\CopyTo
[2012.06.10 13:18:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\SnagIt Katalog
[2012.06.10 13:17:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TechSmith
[2012.06.10 13:17:01 | 000,000,000 | ---D | C] -- C:\Programme\TechSmith
[2012.06.10 13:17:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\TechSmith
[2012.06.10 13:16:11 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
[2012.06.10 13:14:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Apple Computer
[2012.06.10 13:13:51 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2012.06.10 13:13:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer
[2012.06.10 13:13:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Apple
[2012.06.10 13:13:34 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2012.06.10 13:13:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple
[2012.06.10 13:13:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Apple Computer
[2012.06.10 13:07:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Media Player Classic
[2012.06.10 13:06:38 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2012.06.10 13:06:38 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2012.06.10 13:06:38 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2012.06.10 13:06:37 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2012.06.10 13:06:37 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2012.06.10 13:06:37 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2012.06.10 13:06:36 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2012.06.10 13:06:36 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2012.06.10 13:06:35 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2012.06.10 13:06:35 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2012.06.10 13:06:35 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2012.06.10 13:06:34 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2012.06.10 13:06:34 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2012.06.10 13:06:33 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2012.06.10 13:06:32 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2012.06.10 13:06:32 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2012.06.10 13:06:31 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2012.06.10 13:06:31 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2012.06.10 13:06:30 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2012.06.10 13:06:30 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2012.06.10 13:06:30 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2012.06.10 13:06:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2012.06.10 13:06:28 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2012.06.10 13:06:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2012.06.10 13:06:28 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2012.06.10 13:06:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2012.06.10 13:06:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2012.06.10 13:06:27 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2012.06.10 13:06:27 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2012.06.10 13:06:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2012.06.10 13:06:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2012.06.10 13:06:25 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2012.06.10 13:06:25 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2012.06.10 13:06:24 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2012.06.10 13:06:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2012.06.10 13:06:24 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2012.06.10 13:06:23 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2012.06.10 13:06:23 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2012.06.10 13:06:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2012.06.10 13:06:22 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2012.06.10 13:06:22 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2012.06.10 13:06:21 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2012.06.10 13:06:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2012.06.10 13:06:21 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2012.06.10 13:06:20 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2012.06.10 13:06:20 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2012.06.10 13:06:19 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2012.06.10 13:06:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2012.06.10 13:06:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2012.06.10 13:06:17 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2012.06.10 13:06:17 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2012.06.10 13:06:17 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2012.06.10 13:06:16 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2012.06.10 13:06:15 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2012.06.10 13:06:15 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2012.06.10 13:06:15 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2012.06.10 13:06:14 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2012.06.10 13:06:13 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2012.06.10 13:06:13 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2012.06.10 13:06:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2012.06.10 13:06:12 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2012.06.10 13:06:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2012.06.10 13:06:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2012.06.10 13:06:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2012.06.10 13:06:11 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2012.06.10 13:06:11 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2012.06.10 13:06:08 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2012.06.10 13:06:06 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2012.06.10 13:06:06 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2012.06.10 13:06:03 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2012.06.10 13:06:02 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2012.06.10 13:06:01 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2012.06.10 13:06:01 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2012.06.10 13:06:00 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2012.06.10 13:06:00 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2012.06.10 13:06:00 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2012.06.10 13:06:00 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2012.06.10 13:05:59 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2012.06.10 13:05:59 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2012.06.10 13:05:59 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2012.06.10 13:05:58 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2012.06.10 13:05:58 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2012.06.10 13:05:57 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2012.06.10 13:05:57 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2012.06.10 13:05:57 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2012.06.10 13:05:56 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2012.06.10 13:05:56 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2012.06.10 13:05:56 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2012.06.10 13:05:55 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2012.06.10 13:05:55 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2012.06.10 13:05:53 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2012.06.10 13:05:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2012.06.10 13:04:58 | 000,000,000 | ---D | C] -- C:\Programme\MPC-HC
[2012.06.10 13:01:20 | 000,000,000 | ---D | C] -- C:\Programme\WinZip
[2012.06.10 12:48:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2012.06.10 12:48:39 | 000,000,000 | ---D | C] -- C:\Programme\OFFICE 2000
[2012.06.10 12:42:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office
[2012.06.10 12:42:24 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft ActiveSync
[2012.06.10 12:42:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.06.10 12:42:10 | 000,000,000 | ---D | C] -- C:\Programme\OFFICE 2003
[2012.06.10 12:38:03 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.06.10 10:38:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.06.10 03:18:48 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.06.10 03:18:48 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.10 03:11:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Avira
[2012.06.10 03:08:02 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.06.10 03:07:59 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.06.10 03:07:59 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.06.10 03:07:59 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.06.10 03:07:58 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2012.06.10 03:07:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.06.10 03:04:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Downloads
[2012.06.10 03:01:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.06.10 03:01:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Mozilla
[2012.06.10 03:01:13 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.06.10 02:48:41 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2012.06.10 02:41:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Macromedia
[2012.06.10 02:39:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Sun
[2012.06.10 02:39:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Google
[2012.06.10 02:39:14 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2012.06.10 02:38:56 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2012.06.10 02:38:55 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012.06.10 02:38:33 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012.06.10 02:38:19 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012.06.10 02:38:10 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2012.06.10 02:37:33 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2012.06.10 02:37:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012.06.10 02:36:33 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2012.06.10 02:36:33 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2012.06.10 02:33:47 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.06.10 02:33:41 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2012.06.10 02:33:39 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2012.06.10 02:33:31 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2012.06.10 02:32:42 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2012.06.10 02:26:36 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2012.06.10 02:26:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2012.06.10 02:25:55 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.06.10 02:25:16 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2012.06.10 02:24:49 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.06.10 02:24:37 | 002,150,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012.06.10 02:24:36 | 002,194,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012.06.10 02:24:36 | 002,029,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012.06.10 02:24:35 | 002,071,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012.06.10 02:17:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.06.10 02:17:47 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2012.06.10 02:16:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage
[2012.06.10 02:16:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.06.10 02:12:37 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\MIKA\UserData
[2012.06.10 02:11:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012.06.10 02:08:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.06.10 02:03:31 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2012.06.10 02:03:31 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2012.06.10 02:03:31 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2012.06.10 02:03:29 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2012.06.10 02:03:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2012.06.10 02:03:28 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2012.06.10 02:03:28 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2012.06.10 02:03:28 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2012.06.10 02:03:28 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2012.06.10 02:03:28 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2012.06.10 02:03:28 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2012.06.10 02:03:28 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2012.06.10 02:03:28 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2012.06.10 02:03:28 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2012.06.10 02:03:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2012.06.10 02:03:27 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2012.06.10 02:03:27 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2012.06.10 02:03:27 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2012.06.10 02:03:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2012.06.10 02:03:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2012.06.10 02:03:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2012.06.10 02:03:26 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2012.06.10 02:03:26 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2012.06.10 02:03:26 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2012.06.10 02:03:26 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2012.06.10 02:03:26 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2012.06.10 02:03:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2012.06.10 02:03:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2012.06.10 02:03:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2012.06.10 02:03:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2012.06.10 02:03:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2012.06.10 02:03:23 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2012.06.10 02:03:23 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2012.06.10 02:03:23 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2012.06.10 02:03:23 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2012.06.10 02:03:23 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2012.06.10 02:03:23 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2012.06.10 02:03:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2012.06.10 02:03:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2012.06.10 02:03:22 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2012.06.10 02:03:22 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2012.06.10 02:03:22 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2012.06.10 02:03:22 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2012.06.10 02:03:22 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2012.06.10 02:03:22 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2012.06.10 02:03:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2012.06.10 02:03:21 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2012.06.10 02:03:21 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2012.06.10 02:03:21 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2012.06.10 02:03:21 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2012.06.10 02:03:21 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2012.06.10 02:03:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2012.06.10 02:03:20 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2012.06.10 02:03:20 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2012.06.10 02:03:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2012.06.10 02:03:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2012.06.10 02:03:19 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2012.06.10 02:03:19 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2012.06.10 02:03:18 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2012.06.10 02:03:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.06.10 02:03:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2012.06.10 02:03:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2012.06.10 02:03:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.06.10 02:01:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012.06.10 01:58:29 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2012.06.10 01:58:29 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2012.06.10 01:58:29 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2012.06.10 01:58:29 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2012.06.10 01:58:29 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2012.06.10 01:58:29 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2012.06.10 01:58:29 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2012.06.10 01:58:29 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2012.06.10 01:58:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.06.10 01:58:28 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2012.06.10 01:58:28 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2012.06.10 01:58:28 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2012.06.10 01:58:28 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2012.06.10 01:58:28 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2012.06.10 01:58:28 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2012.06.10 01:58:28 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2012.06.10 01:58:28 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2012.06.10 01:58:28 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2012.06.10 01:58:28 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2012.06.10 01:58:28 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2012.06.10 01:58:28 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2012.06.10 01:58:28 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2012.06.10 01:58:28 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2012.06.10 01:58:27 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2012.06.10 01:58:27 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2012.06.10 01:58:27 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2012.06.10 01:58:27 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2012.06.10 01:58:27 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2012.06.10 01:58:27 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2012.06.10 01:58:27 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2012.06.10 01:58:26 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2012.06.10 01:58:26 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2012.06.10 01:58:26 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2012.06.10 01:58:26 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2012.06.10 01:58:26 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2012.06.10 01:58:26 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2012.06.10 01:58:26 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2012.06.10 01:58:24 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2012.06.10 01:58:24 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2012.06.10 01:58:24 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2012.06.10 01:58:24 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2012.06.10 01:58:24 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2012.06.10 01:58:24 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2012.06.10 01:58:24 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2012.06.10 01:58:24 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2012.06.10 01:58:23 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2012.06.10 01:58:23 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2012.06.10 01:58:23 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2012.06.10 01:58:23 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2012.06.10 01:58:23 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2012.06.10 01:58:23 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2012.06.10 01:58:22 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2012.06.10 01:58:22 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2012.06.10 01:58:22 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2012.06.10 01:58:22 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2012.06.10 01:58:22 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2012.06.10 01:58:22 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2012.06.10 01:58:22 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2012.06.10 01:54:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.06.10 01:54:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.06.10 01:48:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\AdobeUM
[2012.06.10 01:47:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Adobe
[2012.06.10 01:45:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.06.10 01:43:54 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Microsoft
[2012.06.10 01:43:54 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\MIKA\Cookies
[2012.06.10 01:43:54 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten
[2012.06.10 01:43:54 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Eigene Musik
[2012.06.10 01:43:54 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien
[2012.06.10 01:43:54 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Eigene Dateien\Eigene Bilder
[2012.06.10 01:43:54 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\MIKA\Druckumgebung
[2012.06.10 01:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Sony Corporation
[2012.06.10 01:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Identities
[2012.06.10 01:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Desktop
[2012.06.10 01:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Anwendungsdaten\Adobe
[2012.06.10 01:43:53 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\MIKA\SendTo
[2012.06.10 01:43:53 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\MIKA\Recent
[2012.06.10 01:43:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Zubehör
[2012.06.10 01:43:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Startmenü
[2012.06.10 01:43:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Favoriten
[2012.06.10 01:43:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Autostart
[2012.06.10 01:43:53 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\MIKA\Vorlagen
[2012.06.10 01:43:53 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\MIKA\Netzwerkumgebung
[2012.06.10 01:43:53 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen
[2012.06.10 01:43:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.06.10 01:43:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150030}
[2012.05.31 15:22:01 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.19 09:49:17 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012.06.19 08:40:24 | 007,287,176 | ---- | M] (SurfRight B.V.) -- C:\Dokumente und Einstellungen\MIKA\Desktop\HitmanPro36.exe
[2012.06.18 22:43:06 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\nnkidthc.exe
[2012.06.18 22:42:21 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MIKA\Desktop\OTL.exe
[2012.06.18 22:01:56 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.06.18 22:01:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.18 22:01:01 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.14 09:55:34 | 000,004,608 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.14 01:00:20 | 003,193,489 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\24-heures-du-mans-2012-free-practice.pdf
[2012.06.14 00:59:45 | 010,045,454 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\2012_24_heures_du_mans_plan_situation.pdf
[2012.06.14 00:59:28 | 000,285,288 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\2012-schedule-24-heures-du-mans.pdf
[2012.06.14 00:57:52 | 002,105,454 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\24.bmp
[2012.06.14 00:32:12 | 000,313,817 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\entry_list_24_heures_du_mans_2012.pdf
[2012.06.13 00:46:33 | 001,550,000 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.13 00:27:24 | 000,084,255 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\KLEINE-HELDEN-Visitenkarte-Vorne.png
[2012.06.13 00:27:16 | 000,071,597 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\KLEINE-HELDEN-Visitenkarte-Hinten.png
[2012.06.12 23:33:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.06.10 22:37:30 | 000,320,072 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.10 22:37:30 | 000,314,842 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.10 22:37:30 | 000,049,396 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.10 22:37:30 | 000,041,170 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.10 13:17:07 | 000,001,730 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SnagIt 8.lnk
[2012.06.10 13:14:39 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2012.06.10 13:14:24 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012.06.10 12:58:17 | 000,000,553 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Autostart\Verknüpfung mit AUTOSTART HOTKEY VAIO.lnk
[2012.06.10 12:49:07 | 000,000,751 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012.06.10 03:18:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.06.10 03:18:48 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.10 02:35:53 | 000,000,347 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\Eigene Dateien D.lnk
[2012.06.10 02:28:40 | 000,000,237 | ---- | M] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\Software.lnk
[2012.06.10 02:16:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.10 02:08:42 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.06.10 01:58:01 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2012.06.10 01:49:24 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012.06.10 01:42:50 | 000,000,164 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.06.10 01:42:46 | 000,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315H.mrk
[2012.05.31 15:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2012.05.26 12:36:44 | 000,178,176 | ---- | M] () -- C:\WINDOWS\System32\unrar.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.18 22:43:05 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\nnkidthc.exe
[2012.06.18 22:01:01 | 1072,156,672 | -HS- | C] () -- C:\hiberfil.sys
[2012.06.14 01:00:20 | 003,193,489 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\24-heures-du-mans-2012-free-practice.pdf
[2012.06.14 00:59:44 | 010,045,454 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\2012_24_heures_du_mans_plan_situation.pdf
[2012.06.14 00:59:28 | 000,285,288 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\2012-schedule-24-heures-du-mans.pdf
[2012.06.14 00:57:51 | 002,105,454 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\24.bmp
[2012.06.14 00:32:12 | 000,313,817 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\entry_list_24_heures_du_mans_2012.pdf
[2012.06.13 00:27:23 | 000,084,255 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\KLEINE-HELDEN-Visitenkarte-Vorne.png
[2012.06.13 00:27:15 | 000,071,597 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\KLEINE-HELDEN-Visitenkarte-Hinten.png
[2012.06.10 14:05:55 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2012.06.10 13:17:07 | 000,001,730 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SnagIt 8.lnk
[2012.06.10 13:14:39 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2012.06.10 13:14:09 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012.06.10 13:14:09 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012.06.10 13:07:06 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.10 13:05:00 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012.06.10 12:58:17 | 000,000,553 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Autostart\Verknüpfung mit AUTOSTART HOTKEY VAIO.lnk
[2012.06.10 12:48:59 | 000,002,499 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Excel.lnk
[2012.06.10 12:48:59 | 000,002,463 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk
[2012.06.10 12:42:47 | 000,000,751 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.06.10 12:42:26 | 000,002,060 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Outlook 2003.lnk
[2012.06.10 02:32:23 | 000,000,347 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\Eigene Dateien D.lnk
[2012.06.10 02:28:40 | 000,000,237 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Desktop\Software.lnk
[2012.06.10 02:25:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.06.10 02:25:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.06.10 01:58:27 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012.06.10 01:58:26 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012.06.10 01:58:24 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012.06.10 01:43:54 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Remoteunterstützung.lnk
[2012.06.10 01:43:54 | 000,000,776 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Windows Media Player.lnk
[2012.06.10 01:43:54 | 000,000,751 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Internet Explorer.lnk
[2012.06.10 01:43:54 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\MIKA\Startmenü\Programme\Outlook Express.lnk
[2012.06.10 01:42:46 | 000,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315H.mrk

< End of report >
         
--- --- ---


Extras.txt:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 21.06.2012 07:34:46 - Run 1
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Dokumente und Einstellungen\MIKA\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,42 Mb Total Physical Memory | 655,20 Mb Available Physical Memory | 64,08% Memory free
2,40 Gb Paging File | 1,73 Gb Available in Paging File | 71,96% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,26 Gb Total Space | 22,82 Gb Free Space | 61,24% Space Free | Partition Type: NTFS
Drive D: | 48,91 Gb Total Space | 16,36 Gb Free Space | 33,45% Space Free | Partition Type: NTFS
 
Computer Name: VAIO | User Name: MIKA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\OFFICE 2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\OFFICE 2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Yahoo!\Messenger\YPager.exe" = C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Temp\7zS2B.tmp\SymNRT.exe" = C:\Dokumente und Einstellungen\MIKA\Lokale Einstellungen\Temp\7zS2B.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Programme\SmartFTP Client\SmartFTP.exe" = C:\Programme\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 3.0 -- (SmartSoft Ltd.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{004685F7-9FB6-4789-812F-59ABB34A55AF}" = Adobe Setup
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0F0447B4-6DDD-4831-933A-1EDF52091150}" = SnagIt 8
"{169C78C0-8C32-4CA1-9602-D8E998ECE96A}" = VAIO Original Screen Saver VAIO Scene HD Wide Contents
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}" = VAIO Original Screen Saver VAIO Scene HD Normal Contents
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.2.4902
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2
"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents
"{531C0C3A-7112-4986-8222-5778FB547D81}" = VAIO Original Screen Saver VAIO Motion HD Normal Contents
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71249EFF-EFAB-48A0-B967-630F4E70BBC3}" = VAIO Original Screen Saver VAIO Scene SD Normal Contents
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}" = Adobe After Effects CS3 Third Party Content
"{805BC1AB-46C5-438C-BCB7-537A1A32290C}" = VAIO Original Screen Saver VAIO Motion SD Normal Contents
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBD4DAC9-DF99-48CA-8F62-AE6F2BD47063}" = VAIO Original Screen Saver VAIO Motion HD Wide Contents
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{E365AAB7-F160-4E2F-ACAC-28D487ACF47D}" = VAIO Original Screen Saver VAIO Scene SD Wide Contents
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3675c95c239b992d5d0ee8fce969b9e" = Adobe After Effects CS3 Third Party Content
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"AutoHotkey" = AutoHotkey 1.0.48.05
"Avira AntiVir Desktop" = Avira Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"CopyTo2_is1" = CopyTo Synchronizer v3
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox 13.0 (x86 de)" = Mozilla Firefox 13.0 (x86 de)
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"SmartFTP Client 3.0 Setup Files" = SmartFTP Client 3.0 Setup Files (remove only)
"SmartFTP Client German Language Addon" = SmartFTP Client German Language Addon (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR Archivierer
"WinZip" = WinZip
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.06.2012 21:08:56 | Computer Name = VAIO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
 zurückgegeben.  .
 
[ System Events ]
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.06.2012 07:37:53 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.06.2012 07:37:54 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.06.2012 07:37:54 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 10.06.2012 07:37:54 | Computer Name = VAIO | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
 
< End of report >
         
--- --- ---
__________________


Antwort

Themen zu PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber?
administrator, anti-malware, autostart, dateien, dateisystem, desktop, emsisoft, explorer, folge, forum, frage, gelöscht, heuristiks/extra, heuristiks/shuriken, live, malwarebytes, microsoft, programme, rechner, rootkits, scan, security, service pack 3, software, system volume information, traces, update, vaio, verseucht, wiederholt



Ähnliche Themen: PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber?


  1. Was tun nach "Live Security Platinum" Virus
    Plagegeister aller Art und deren Bekämpfung - 27.10.2012 (28)
  2. Hab mir gestern auch "Live Security Platinum 3.6.1." eingefangen und bin ratlos.
    Plagegeister aller Art und deren Bekämpfung - 20.10.2012 (5)
  3. Und das ausgerechnet jetzt: Live Security Platinum Virus
    Log-Analyse und Auswertung - 18.10.2012 (8)
  4. "Live Security Platinum" eingefangen - Totaler Leihe
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (2)
  5. Live Security Platinum - leider mal wieder
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (33)
  6. "Live Security Platinum" - erfolgreich entfernt?
    Log-Analyse und Auswertung - 10.09.2012 (1)
  7. Nach löschen von Live Security Platinum System sauber?
    Log-Analyse und Auswertung - 06.09.2012 (33)
  8. Hilfe zur Entfernung des "Live Security Platinum" Trojaners
    Log-Analyse und Auswertung - 03.09.2012 (33)
  9. Check nach "Live Security Platinum"-Befall
    Log-Analyse und Auswertung - 14.08.2012 (1)
  10. Kann "Live Security Platinum" Festplattenprobleme verursachen?
    Diskussionsforum - 06.08.2012 (2)
  11. "Live Security Platinum" vollständig entfernt? Logs anbei.
    Log-Analyse und Auswertung - 03.08.2012 (33)
  12. Live Security Platinum wieder entfernen?
    Log-Analyse und Auswertung - 24.07.2012 (27)
  13. Live Security Platinum - Wie System wieder sauber bekommen? Evtl. ZeroAccess?
    Plagegeister aller Art und deren Bekämpfung - 22.07.2012 (2)
  14. Erst Live Security Platinum und jetzt Rootkit.0Access
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (5)
  15. Befallen vom "Live Security Platinum" Virus
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (1)
  16. Crypt.ZPACK.Gen - ist mein Rechner jetzt endlich wieder "sauber"
    Plagegeister aller Art und deren Bekämpfung - 11.04.2010 (1)
  17. Trojaner "TDSS" / Antivirus 2009 Spyware -Ist das System jetzt wieder sauber???
    Log-Analyse und Auswertung - 15.02.2009 (3)

Zum Thema PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber? - Guten Tag Forum, erstmal grosses Lob für die detailierten Beschreibungen, die Erklärthreads sind der Hammer! Und 1000 Dank das mein Rechner jetzt erstmal wieder läuft, dieser Platinum-XXXX ist ja echt - PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber?...
Archiv
Du betrachtest: PC wiederholt verseucht mit "Live Security Platinum", jetzt wieder sauber? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.