Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: eventueller Befall. Programme automatisch gelöscht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.04.2010, 18:22   #1
Bricktop
 
eventueller Befall. Programme automatisch gelöscht - Standard

eventueller Befall. Programme automatisch gelöscht



Hallo,

mein Betriebssystem ist Windows 7 (64 Bit) ich benutze AVG Free. Wie aus heiterem Himmel, waren sehr viele Programme (nicht alle) weg. Also die Verknüpfungen noch da. Aber die Ordner im Programmeordner waren einfach nicht mehr da. Auch AVG Free ist nichtmehr funktionstüchtig. Ich habe heute einen Scan mit Malwarebytes' Anti-Malware gemacht, der nix gefunden hat und am Wochenende mit AVG, das auch nichts fand. Ich weiß also nicht, ob was drauf ist, aber ich kann mir vorstellen, wo es sonst herkommen soll.


Hier mal ein OTL-LOG:
Zitat:
OTL logfile created on: 19.04.2010 17:47:55 - Run 3
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\***\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 264,79 Gb Total Space | 148,06 Gb Free Space | 55,91% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 982,03 Mb Total Space | 719,27 Mb Free Space | 73,24% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MACHINE
Current User Name: ***
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Mode Switch\VMSwitch.exe (Sony Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (NSUService) -- C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV - (avg9wd) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9emc) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (RtkAudioService) -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (Winh**pAutoProxySvc) -- winh**p.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (AvgTdiA) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgMfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgLdx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifimp) -- C:\Windows\SysNative\drivers\vwifimp.sys (Microsoft Corporation)
DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (usbvideo) USB-Videogerät (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\drivers\Entech64.sys (EnTech Taiwan)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (CSC) -- C:\Windows\CSC [2010.04.17 17:36:02 | 000,000,000 | ---D | M]
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (ElbyCDIO) -- C:\Windows\SysWOW64\ElbyCDIO.dll (Elaborate Bytes AG)
DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = h**p://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC BB 40 85 AA DC CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.5.10
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 1080

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2010.04.17 18:08:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.04.19 09:13:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\6lqzydtb.default\extensions
[2010.04.17 18:08:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\6lqzydtb.default\extensions\fastdial@telega.phpnet.us
[2010.04.17 18:08:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\6lqzydtb.default\extensions\firebug@software.joehewitt.com
[2010.04.17 18:08:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\6lqzydtb.default\extensions\foxmarks@kei.com
[2009.11.29 23:37:02 | 000,001,667 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\6lqzydtb.default\searchplugins\leo-deu-eng.xml
[2009.12.05 16:00:29 | 000,001,338 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\6lqzydtb.default\searchplugins\wikipedia-de.xml
[2010.03.07 17:57:15 | 000,002,057 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\6lqzydtb.default\searchplugins\youtube-videosuche.xml

O1 HOSTS File: ([2010.04.17 14:41:20 | 000,392,034 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 w*w.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 w*w.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 w*w.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 w*w.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 w*w.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 w*w.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 w*w.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 w*w.100888290cs.com
O1 - Hosts: 127.0.0.1 w*w.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 w*w.10sek.com
O1 - Hosts: 127.0.0.1 w*w.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 w*w.123fporn.info
O1 - Hosts: 13539 more lines...
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VMSwitch] C:\Program Files (x86)\Sony\VAIO Mode Switch\VMSwitch.exe (Sony Corporation)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe File not found
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe File not found
MsConfig:64bit - StartUpReg: Connectify - hkey= - key= - C:\Program Files (x86)\Connectify\Connectify.exe File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2010.04.19 16:32:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.19 16:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.04.17 20:28:49 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\NetBeansProjects
[2010.04.17 20:24:43 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.04.17 20:10:28 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010.04.17 20:10:28 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010.04.17 20:10:28 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010.04.17 20:10:28 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010.04.17 20:10:28 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010.04.17 20:10:28 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010.04.17 20:10:28 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010.04.17 20:10:28 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010.04.17 20:10:27 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010.04.17 20:10:27 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010.04.17 20:10:27 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010.04.17 20:10:27 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010.04.17 20:10:27 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010.04.17 20:10:27 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010.04.17 20:10:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010.04.17 20:10:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010.04.17 20:10:26 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.04.17 20:10:26 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.04.17 20:10:26 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.04.17 20:10:26 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.04.17 20:10:25 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010.04.17 20:10:25 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.04.17 20:10:25 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010.04.17 20:10:25 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.04.17 20:10:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010.04.17 20:10:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010.04.17 20:10:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010.04.17 20:10:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010.04.17 20:10:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010.04.17 19:01:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.04.17 19:00:27 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.04.17 19:00:27 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.04.17 19:00:13 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010.04.17 19:00:12 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010.04.17 19:00:12 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010.04.17 19:00:10 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.04.17 19:00:10 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010.04.17 19:00:10 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.04.17 19:00:10 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010.04.17 19:00:10 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.04.17 19:00:08 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.04.17 19:00:07 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.04.17 19:00:06 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.04.17 19:00:06 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.04.17 19:00:05 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.04.17 19:00:05 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.04.17 19:00:04 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.04.17 19:00:04 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.04.17 19:00:02 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.04.17 19:00:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.04.17 19:00:02 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.04.17 19:00:02 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.04.17 19:00:02 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.04.17 19:00:01 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.04.17 19:00:01 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.04.17 19:00:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.04.17 18:59:57 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.04.17 18:59:57 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.04.17 18:59:57 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.04.17 18:59:57 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.04.17 18:59:56 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.04.17 18:59:56 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.04.17 18:59:55 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.04.17 18:59:55 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.04.17 18:59:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.04.17 18:59:55 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.04.17 18:59:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll
[2010.04.17 18:59:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll
[2010.04.17 18:59:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll
[2010.04.17 18:59:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll
[2010.04.17 18:59:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2010.04.17 18:59:54 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.04.17 18:59:54 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.04.17 18:58:09 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.04.17 18:48:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.04.17 18:48:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.04.17 18:48:41 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.04.17 18:48:41 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.04.17 18:48:41 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.04.17 18:48:41 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.04.17 18:48:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.04.17 18:48:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.04.17 18:48:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.04.17 18:32:54 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.04.17 18:30:28 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games
[2010.04.17 18:02:30 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2010.04.17 17:47:09 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2010.04.17 17:41:10 | 000,000,000 | --SD | C] -- C:\Users\***\AppData\Roaming\Microsoft
[2010.04.17 17:41:10 | 000,000,000 | R--D | C] -- C:\Users\***\Videos
[2010.04.17 17:41:10 | 000,000,000 | R--D | C] -- C:\Users\***\Saved Games
[2010.04.17 17:41:10 | 000,000,000 | R--D | C] -- C:\Users\***\Pictures
[2010.04.17 17:41:10 | 000,000,000 | R--D | C] -- C:\Users\***\Music
[2010.04.17 17:41:10 | 000,000,000 | R--D | C] -- C:\Users\***\Links
[2010.04.17 17:41:10 | 000,000,000 | R--D | C] -- C:\Users\***\Favorites
[2010.04.17 17:41:10 | 000,000,000 | R--D | C] -- C:\Users\***\Downloads
[2010.04.17 17:41:10 | 000,000,000 | R--D | C] -- C:\Users\***\Documents
[2010.04.17 17:41:10 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Vorlagen
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Verlauf
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Temporary Internet Files
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Startmenü
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\SendTo
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Recent
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Netzwerkumgebung
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Lokale Einstellungen
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Videos
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Musik
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Eigene Dateien
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Bilder
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Druckumgebung
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Cookies
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Anwendungsdaten
[2010.04.17 17:41:10 | 000,000,000 | -HSD | C] -- C:\Users\***\Anwendungsdaten
[2010.04.17 17:41:10 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData
[2010.04.17 17:41:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Temp
[2010.04.17 17:41:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft
[2010.04.17 17:41:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2010.04.17 17:39:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010.04.17 17:39:10 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.04.17 17:38:18 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics
[2010.04.17 17:35:12 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.04.17 14:55:12 | 000,012,976 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010.04.17 14:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.04.17 14:03:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.04.17 14:03:28 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.17 14:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.16 23:57:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.04.16 14:05:32 | 000,000,000 | ---D | C] -- C:\Windows\Robin Hood 1.0
[2010.04.15 23:05:21 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\jsrss
[2010.04.15 15:26:37 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\gadget
[2010.04.15 11:25:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Player Classic
[2010.04.13 17:53:58 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\iconex_v_bundle_png
[2010.04.13 14:07:24 | 000,000,000 | ---D | C] -- C:\Users\***\Steuererklärung 09
[2010.04.13 13:19:14 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\elsterformular
[2010.04.13 12:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2010.04.12 16:09:51 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\6.5.0.0.0-Dateien
[2010.04.07 15:04:51 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\kontoauszüge
[2010.04.06 15:13:47 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\revolbyte_alt
[2010.04.02 15:25:04 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.04.02 15:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.04.02 15:25:04 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.04.02 15:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010.04.02 15:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.04.02 15:22:21 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.04.02 15:22:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.03.29 16:17:04 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\mysql-connector-java-5.1.12
[2010.03.29 14:59:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Sun
[2010.03.29 14:35:23 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\NetBeansProjects
[2010.03.28 15:34:24 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\flows_step9
[2010.03.28 14:44:23 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\revolbyte
[2010.03.26 23:14:50 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010.03.26 23:11:15 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Peking
[2010.03.26 20:30:00 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Webweaver
[2010.03.26 20:17:40 | 000,000,000 | ---D | C] -- C:\Users\***\.netbeans
[2010.03.26 20:17:39 | 000,000,000 | ---D | C] -- C:\Users\***\.netbeans-registration
[2010.03.26 20:16:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\sges-v3
[2010.03.26 20:09:47 | 000,000,000 | ---D | C] -- C:\Users\***\.nbi
[2010.03.26 19:52:03 | 000,000,000 | ---D | C] -- C:\xampp
[2010.03.26 17:16:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Cisco
[2010.03.26 17:15:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2010.03.26 17:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.19 17:48:06 | 006,291,456 | -HS- | M] () -- C:\Users\***\NTUSER.DAT
[2010.04.19 17:26:46 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.19 17:26:46 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.19 17:18:46 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.19 17:18:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.19 17:18:08 | 3195,301,888 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.19 08:22:49 | 059,034,248 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010.04.19 08:21:44 | 000,068,272 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.17 21:16:40 | 000,310,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.04.17 20:53:54 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 6.8.lnk
[2010.04.17 20:49:49 | 000,003,016 | ---- | M] () -- C:\Users\***\Documents\cc_20100417_204946.reg
[2010.04.17 20:24:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.04.17 20:24:37 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.04.17 20:24:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.04.17 20:24:37 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.04.17 20:16:59 | 000,004,738 | ---- | M] () -- C:\Users\***\Documents\cc_20100417_201658.reg
[2010.04.17 20:16:48 | 000,001,614 | ---- | M] () -- C:\Users\***\Documents\cc_20100417_201645.reg
[2010.04.17 20:16:34 | 000,473,396 | ---- | M] () -- C:\Users\***\Documents\cc_20100417_201629.reg
[2010.04.17 20:16:17 | 003,869,238 | ---- | M] () -- C:\Users\***\Documents\cc_20100417_201607.reg
[2010.04.17 19:31:20 | 001,627,804 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.04.17 19:31:20 | 000,703,520 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.04.17 19:31:20 | 000,656,582 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.04.17 19:31:20 | 000,151,250 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.04.17 19:31:20 | 000,122,420 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.04.17 18:48:54 | 000,000,020 | -HS- | M] () -- C:\Users\***\ntuser.ini
[2010.04.17 18:44:26 | 000,057,035 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.04.17 18:44:26 | 000,057,035 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.04.17 18:33:40 | 000,022,960 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat
[2010.04.17 18:32:39 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.04.17 17:41:13 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.04.17 17:41:13 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.04.17 17:41:13 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.04.17 17:38:45 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.04.17 17:38:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.04.17 16:05:34 | 000,004,584 | ---- | M] () -- C:\Users\***\Desktop\Windows-Kompatibilitätsbericht.htm
[2010.04.17 16:00:26 | 000,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010.04.17 16:00:26 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2010.04.17 14:55:12 | 000,316,936 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010.04.17 14:55:12 | 000,035,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010.04.17 14:55:12 | 000,012,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010.04.17 14:55:06 | 000,269,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010.04.17 14:55:04 | 000,142,495 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2010.04.17 14:47:14 | 000,001,858 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010.04.17 14:41:20 | 000,392,034 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.04.17 13:47:22 | 000,002,097 | ---- | M] () -- C:\Users\***\Desktop\HijackThis.lnk
[2010.04.16 11:48:02 | 000,260,566 | ---- | M] () -- C:\Users\***\Desktop\apple.png
[2010.04.15 23:05:08 | 000,005,187 | ---- | M] () -- C:\Users\***\Desktop\jsrss.zip
[2010.04.12 16:09:51 | 000,031,881 | ---- | M] () -- C:\Users\***\Desktop\6.5.0.0.0.htm
[2010.04.12 16:09:43 | 000,036,531 | ---- | M] () -- C:\Users\***\Desktop\Apple.docx
[2010.04.12 14:58:32 | 000,276,329 | ---- | M] () -- C:\Users\***\Desktop\Visio-Bachelor_LV_Planung_2010_31Maerz2010.pdf
[2010.04.12 13:55:13 | 364,245,676 | ---- | M] () -- C:\Users\***\Desktop\iconex_v_bundle_png.zip
[2010.04.11 21:14:07 | 007,831,555 | ---- | M] () -- C:\Users\***\Desktop\Seyfu & Brutos- Fast-Food-Queen.mp3
[2010.04.11 16:26:11 | 000,176,513 | ---- | M] () -- C:\Users\***\Desktop\Vergleichstabellen zur Genetik.pdf
[2010.04.11 16:26:06 | 000,500,963 | ---- | M] () -- C:\Users\***\Desktop\Abitur Biologie Genetik.pdf
[2010.04.11 16:25:54 | 000,468,257 | ---- | M] () -- C:\Users\***\Desktop\Abitur Biologie Ökologie.pdf
[2010.04.11 16:24:34 | 000,235,603 | ---- | M] () -- C:\Users\***\Desktop\Abitur - Biologie.pdf
[2010.04.02 15:25:28 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.04.02 15:23:30 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.03.30 22:47:08 | 000,170,799 | ---- | M] () -- C:\Users\***\Documents\Ihre Bestellung bei eyesee.de (Rechnung).eml
[2010.03.30 16:38:58 | 006,019,200 | ---- | M] () -- C:\Users\***\Desktop\03_-_Shantel_____Bucovina___Haaksman___Haaksman_Soca_Bogle_Mix_.mp3
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.03.30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.03.29 14:04:00 | 000,013,165 | ---- | M] () -- C:\Users\***\Desktop\Noten_Betriebswirtschaftslehre_WS_0910.pdf
[2010.03.28 20:17:39 | 000,049,559 | ---- | M] () -- C:\Users\***\Desktop\mod_header_image-Joomla10_v211.zip
[2010.03.28 17:43:14 | 000,059,385 | ---- | M] () -- C:\Users\***\Desktop\extended-menu-module-1.0.6.zip
[2010.03.28 15:34:03 | 000,083,675 | ---- | M] () -- C:\Users\***\Desktop\flows_step9.zip
[2010.03.28 14:20:54 | 000,085,477 | ---- | M] () -- C:\menu.png
[2010.03.28 14:19:43 | 000,002,356 | ---- | M] () -- C:\Users\***\Desktop\safe.css
[2010.03.27 11:30:22 | 000,001,448 | ---- | M] () -- C:\Users\***\Desktop\XAMPP Control Panel.lnk
[2010.03.26 20:12:58 | 000,000,000 | ---- | M] () -- C:\Users\***\.javafx_eula_accepted
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.17 20:53:54 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 6.8.lnk
[2010.04.17 20:49:48 | 000,003,016 | ---- | C] () -- C:\Users\***\Documents\cc_20100417_204946.reg
[2010.04.17 20:16:58 | 000,004,738 | ---- | C] () -- C:\Users\***\Documents\cc_20100417_201658.reg
[2010.04.17 20:16:47 | 000,001,614 | ---- | C] () -- C:\Users\***\Documents\cc_20100417_201645.reg
[2010.04.17 20:16:31 | 000,473,396 | ---- | C] () -- C:\Users\***\Documents\cc_20100417_201629.reg
[2010.04.17 20:16:10 | 003,869,238 | ---- | C] () -- C:\Users\***\Documents\cc_20100417_201607.reg
[2010.04.17 18:48:54 | 000,000,020 | -HS- | C] () -- C:\Users\***\ntuser.ini
[2010.04.17 18:46:10 | 3195,301,888 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.17 18:33:40 | 000,022,960 | ---- | C] () -- C:\Windows\SysNative\emptyregdb.dat
[2010.04.17 17:41:11 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.04.17 17:41:11 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.04.17 17:41:10 | 006,291,456 | -HS- | C] () -- C:\Users\***\NTUSER.DAT
[2010.04.17 17:41:10 | 000,262,144 | -HS- | C] () -- C:\Users\***\ntuser.dat.LOG1
[2010.04.17 17:41:10 | 000,065,536 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.04.17 17:41:10 | 000,000,000 | -HS- | C] () -- C:\Users\***\ntuser.dat.LOG2
[2010.04.17 17:38:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.04.17 17:38:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.04.17 16:05:34 | 000,004,584 | ---- | C] () -- C:\Users\***\Desktop\Windows-Kompatibilitätsbericht.htm
[2010.04.17 16:00:05 | 000,002,544 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010.04.17 16:00:05 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2010.04.17 14:47:14 | 000,001,858 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010.04.17 13:47:22 | 000,002,097 | ---- | C] () -- C:\Users\***\Desktop\HijackThis.lnk
[2010.04.16 11:48:01 | 000,260,566 | ---- | C] () -- C:\Users\***\Desktop\apple.png
[2010.04.15 23:04:59 | 000,005,187 | ---- | C] () -- C:\Users\***\Desktop\jsrss.zip
[2010.04.12 16:09:51 | 000,031,881 | ---- | C] () -- C:\Users\***\Desktop\6.5.0.0.0.htm
[2010.04.12 16:09:42 | 000,036,531 | ---- | C] () -- C:\Users\***\Desktop\Apple.docx
[2010.04.12 14:58:32 | 000,276,329 | ---- | C] () -- C:\Users\***\Desktop\Visio-Bachelor_LV_Planung_2010_31Maerz2010.pdf
[2010.04.11 21:13:08 | 007,831,555 | ---- | C] () -- C:\Users\***\Desktop\Seyfu & Brutos- Fast-Food-Queen.mp3
[2010.04.11 19:13:23 | 364,245,676 | ---- | C] () -- C:\Users\***\Desktop\iconex_v_bundle_png.zip
[2010.04.11 16:26:11 | 000,176,513 | ---- | C] () -- C:\Users\***\Desktop\Vergleichstabellen zur Genetik.pdf
[2010.04.11 16:26:05 | 000,500,963 | ---- | C] () -- C:\Users\***\Desktop\Abitur Biologie Genetik.pdf
[2010.04.11 16:25:53 | 000,468,257 | ---- | C] () -- C:\Users\***\Desktop\Abitur Biologie Ökologie.pdf
[2010.04.11 16:24:34 | 000,235,603 | ---- | C] () -- C:\Users\***\Desktop\Abitur - Biologie.pdf
[2010.04.02 15:25:28 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.04.02 15:23:30 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.03.30 16:38:52 | 006,019,200 | ---- | C] () -- C:\Users\***\Desktop\03_-_Shantel_____Bucovina___Haaksman___Haaksman_Soca_Bogle_Mix_.mp3
[2010.03.29 14:03:59 | 000,013,165 | ---- | C] () -- C:\Users\***\Desktop\Noten_Betriebswirtschaftslehre_WS_0910.pdf
[2010.03.28 20:17:38 | 000,049,559 | ---- | C] () -- C:\Users\***\Desktop\mod_header_image-Joomla10_v211.zip
[2010.03.28 18:45:13 | 000,085,477 | ---- | C] () -- C:\menu.png
[2010.03.28 17:43:14 | 000,059,385 | ---- | C] () -- C:\Users\***\Desktop\extended-menu-module-1.0.6.zip
[2010.03.28 15:34:02 | 000,083,675 | ---- | C] () -- C:\Users\***\Desktop\flows_step9.zip
[2010.03.28 14:19:43 | 000,002,356 | ---- | C] () -- C:\Users\***\Desktop\safe.css
[2010.03.27 11:30:12 | 000,001,448 | ---- | C] () -- C:\Users\***\Desktop\XAMPP Control Panel.lnk
[2010.03.26 20:12:58 | 000,000,000 | ---- | C] () -- C:\Users\***\.javafx_eula_accepted
[2010.02.25 16:43:23 | 000,000,036 | ---- | C] () -- C:\Users\***\.org.eclipse.epp.usagedata.recording.userId
[2009.12.20 21:21:19 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2009.12.04 18:25:04 | 000,000,450 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.12.03 18:22:30 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010.04.17 18:08:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\1&1 EasyCam
[2010.04.17 18:08:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2010.04.19 08:20:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox
[2010.04.17 18:08:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular
[2010.04.17 18:08:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2010.04.17 18:08:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ImgBurn
[2010.04.17 18:08:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PLT Scheme
[2010.01.03 18:30:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2010.04.17 18:08:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Webweaver
[2009.07.14 07:08:49 | 000,002,898 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2009.12.20 01:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll
[2009.12.20 01:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\xampp\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 1001 bytes -> C:\Users\***\Documents\Ihre Bestellung bei eyesee.de (Rechnung).eml:OECustomProperty
< End of report >
HijackThislog:

Zitat:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:21:12, on 19.04.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Sony\VAIO Mode Switch\VMSwitch.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
E:\FirefoxPortable\FirefoxPortable.exe
E:\FirefoxPortable\App\firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VMSwitch] "C:\Program Files (x86)\Sony\VAIO Mode Switch\VMSwitch.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CA78B5F9-3FA6-4B4B-B9F7-4005957D5B86}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8712 bytes

Vielen Dank schonmal

Antwort

Themen zu eventueller Befall. Programme automatisch gelöscht
.dll, adobe, alternate, avg, bho, bonjour, components, e-mail, error, explorer, firefox, firefox 3.6.3, fontcache, format, helper, hijack, langs, location, logfile, malwarebytes' anti-malware, media center, mozilla, mssql, nvidia, nvstor.sys, object, oldtimer, otl-log, otl.exe, programdata, programmeordner, realtek, registry, scan, searchplugins, senden, software, sptd.sys, studio, syswow64, usb, usbvideo.sys, vista, visual studio, webcheck, windows, wmi



Ähnliche Themen: eventueller Befall. Programme automatisch gelöscht


  1. eventueller Trojaner befall
    Plagegeister aller Art und deren Bekämpfung - 30.10.2015 (3)
  2. Programme minimieren sich automatisch
    Log-Analyse und Auswertung - 08.01.2015 (15)
  3. Programme schliessen sich nach 15.20 min automatisch
    Plagegeister aller Art und deren Bekämpfung - 16.03.2013 (10)
  4. kann man verschiedene programme automatisch aktualiesieren?
    Alles rund um Windows - 12.01.2013 (2)
  5. Notebook verhält sich eigenartig... Eventueller Befall von Malware etc. ?
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (29)
  6. Eventueller Befall mit Zemra
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (2)
  7. Eventueller Befall von Trojan-Dropper.Win32.Injector.ewlp
    Log-Analyse und Auswertung - 21.05.2012 (1)
  8. Programme plötzlich gelöscht
    Log-Analyse und Auswertung - 30.11.2010 (7)
  9. viren automatisch nach neustart gelöscht?
    Plagegeister aller Art und deren Bekämpfung - 21.05.2009 (14)
  10. Programme beenden sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 26.02.2009 (12)
  11. Programme schließen immer automatisch
    Log-Analyse und Auswertung - 21.07.2008 (4)
  12. Downloads werden automatisch gelöscht??!
    Plagegeister aller Art und deren Bekämpfung - 29.06.2008 (8)
  13. Alle Antiviren Programme werdne automatisch beendet
    Mülltonne - 12.05.2008 (1)
  14. Internet Explorer und mehrere Programme gelöscht ..
    Plagegeister aller Art und deren Bekämpfung - 17.12.2007 (3)
  15. Programme schliessen sich u.a. automatisch
    Plagegeister aller Art und deren Bekämpfung - 11.05.2007 (10)
  16. Programme schliessen automatisch!! Hilfe!!!
    Log-Analyse und Auswertung - 22.03.2006 (23)
  17. Programme schließen automatisch... Hilfe
    Plagegeister aller Art und deren Bekämpfung - 07.12.2004 (12)

Zum Thema eventueller Befall. Programme automatisch gelöscht - Hallo, mein Betriebssystem ist Windows 7 (64 Bit) ich benutze AVG Free. Wie aus heiterem Himmel, waren sehr viele Programme (nicht alle) weg. Also die Verknüpfungen noch da. Aber die - eventueller Befall. Programme automatisch gelöscht...
Archiv
Du betrachtest: eventueller Befall. Programme automatisch gelöscht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.