Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Auswertung PC und Laptop

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 23.02.2011, 13:21   #1
Teddy<3
 
Auswertung PC und Laptop - Standard

Auswertung PC und Laptop



Hallo,

ich wollte einfach mal abchecken ob bei meinen zwei Geräten alles okay ist. Ich poste in der folgenden Reihenfolge:

Anti-malewarebytes
OTL (quickscann - falls normaler scann benötigt habe ich auch noch)
Hijackthis

Zuerst kommt mein PC

---------------------

Anti-Malewarebytes

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
 
Datenbank Version: 5799
 
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
 
18.02.2011 18:31:16
mbam-log-2011-02-18 (18-31-16).txt
 
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|)
Durchsuchte Objekte: 251662
Laufzeit: 13 Minute(n), 3 Sekunde(n)
 
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
 
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
 
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
 
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
OTL
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 18.02.2011 18:43:53 - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Philipp\Desktop\SchnickSchnack
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 69,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 922,79 Gb Total Space | 823,27 Gb Free Space | 89,22% Space Free | Partition Type: NTFS
 
Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.02.18 18:10:58 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe
PRC - [2011.02.06 12:18:29 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.10 14:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.09.01 05:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.08.03 09:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2010.04.07 15:59:42 | 000,013,624 | ---- | M] (Alienware) -- C:\Programme\Alienware\Command Center\AlienFXHook32Mngr.exe
PRC - [2010.04.07 15:59:20 | 000,061,256 | ---- | M] (Alienware Corporation) -- C:\Programme\Alienware\Command Center\AlienwareAlienFXController.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.02.18 18:10:58 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.01.05 03:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.04.07 16:04:18 | 000,014,648 | ---- | M] (Alienware) [Auto | Stopped] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV - [2011.02.06 12:18:29 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.02.05 23:55:12 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.03 15:56:06 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.02.07 16:23:26 | 000,019,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys -- (AWOPFilterDriver)
DRV:64bit: - [2011.01.10 14:23:15 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.01.10 14:23:15 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.01.05 04:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.05 03:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.12.14 18:51:20 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.11.17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2009.11.23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.08.25 14:42:22 | 000,112,240 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.07 00:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 CD 93 63 84 C5 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.06 00:00:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.06 00:00:47 | 000,000,000 | ---D | M]
 
[2011.02.05 23:48:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions
[2011.02.18 15:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\ozoss7bt.default\extensions
[2011.02.15 18:31:13 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\ozoss7bt.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.02.05 23:53:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\ozoss7bt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.02.05 23:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.02.05 23:55:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.05 23:55:10 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel]  File not found
O4:64bit: - HKLM..\Run: [Thermal Controller] C:\Program Files\Alienware\Command Center\ThermalController.exe (Alienware Corp.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4407195f-3171-11e0-8ac6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4407195f-3171-11e0-8ac6-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.18 18:21:36 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Auswertung PC
[2011.02.11 19:44:41 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2011.02.10 17:57:52 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\2K Games
[2011.02.10 17:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.02.07 23:02:46 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents\Scanned Documents
[2011.02.07 23:02:46 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\Fax
[2011.02.07 16:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
[2011.02.06 20:00:04 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.02.06 16:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2011.02.06 16:17:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2011.02.06 15:47:48 | 000,000,000 | ---D | C] -- C:\Programme\World of Warcraft
[2011.02.06 15:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011.02.06 15:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2011.02.06 12:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011.02.06 12:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2011.02.06 12:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2011.02.06 12:21:11 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2011.02.06 12:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011.02.06 12:19:18 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\PunkBuster
[2011.02.06 12:19:16 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\BFBC2
[2011.02.06 07:44:00 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.02.06 07:43:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\OEM
[2011.02.06 07:43:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM
[2011.02.06 02:23:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Macromedia
[2011.02.06 02:23:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Adobe
[2011.02.06 02:19:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.02.06 01:41:42 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Activision
[2011.02.06 01:13:51 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\AlienFX
[2011.02.06 01:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Alienware
[2011.02.06 01:09:49 | 000,000,000 | ---D | C] -- C:\Programme\Alienware
[2011.02.06 00:56:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.02.06 00:45:07 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\TS3Client
[2011.02.06 00:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.02.06 00:39:12 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2011.02.06 00:34:55 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Malwarebytes
[2011.02.06 00:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.06 00:34:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.02.06 00:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.06 00:34:43 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.06 00:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.02.06 00:29:33 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011.02.06 00:02:01 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple Computer
[2011.02.06 00:02:00 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Apple Computer
[2011.02.06 00:01:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.02.06 00:01:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.02.06 00:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.02.06 00:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.02.06 00:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.02.06 00:00:36 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple
[2011.02.06 00:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.02.06 00:00:29 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011.02.06 00:00:22 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.02.06 00:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.02.06 00:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.02.06 00:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.02.05 23:57:42 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Logitech
[2011.02.05 23:55:56 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.02.05 23:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.02.05 23:55:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.02.05 23:55:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.02.05 23:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.02.05 23:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.02.05 23:54:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011.02.05 23:50:55 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Avira
[2011.02.05 23:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.02.05 23:50:01 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.02.05 23:50:01 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.05 23:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.02.05 23:50:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.02.05 23:49:03 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\SchnickSchnack
[2011.02.05 23:48:11 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Mozilla
[2011.02.05 23:48:11 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Mozilla
[2011.02.05 23:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.02.05 23:48:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.02.05 23:44:02 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\ATI
[2011.02.05 23:44:02 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\ATI
[2011.02.05 23:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.02.05 23:41:25 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies
[2011.02.05 23:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011.02.05 23:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Stream SDK v2
[2011.02.05 23:41:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Stream
[2011.02.05 23:41:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2011.02.05 23:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.02.05 23:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011.02.05 23:40:42 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2011.02.05 23:40:39 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2011.02.05 23:40:08 | 000,000,000 | ---D | C] -- C:\ATI
[2011.02.05 23:39:54 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011.02.05 23:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.02.05 23:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom
[2011.02.05 23:28:22 | 000,000,000 | ---D | C] -- C:\Programme\Broadcom
[2011.02.05 23:27:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.02.05 23:27:32 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Downloaded Installations
[2011.02.05 23:27:03 | 000,000,000 | ---D | C] -- C:\RaidTool
[2011.02.05 23:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JMicron Technology Corp
[2011.02.05 23:26:58 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2011.02.05 23:23:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.02.05 23:23:42 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2011.02.05 23:23:27 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.02.05 23:23:27 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.02.05 23:23:26 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.02.05 23:23:26 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.02.05 23:23:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.02.05 23:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.02.05 23:23:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.02.05 23:23:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.02.05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.02.05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Searches
[2011.02.05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.02.05 23:18:54 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Identities
[2011.02.05 23:18:49 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Contacts
[2011.02.05 23:18:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\VirtualStore
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Vorlagen
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Verlauf
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Temporary Internet Files
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Startmenü
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\SendTo
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Recent
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Netzwerkumgebung
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Lokale Einstellungen
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Videos
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Musik
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Eigene Dateien
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Bilder
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Druckumgebung
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Cookies
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Anwendungsdaten
[2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Anwendungsdaten
[2011.02.05 23:18:27 | 000,000,000 | --SD | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Videos
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Saved Games
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Pictures
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Music
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Links
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Favorites
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Downloads
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Desktop
[2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.02.05 23:18:27 | 000,000,000 | -H-D | C] -- C:\Users\Philipp\AppData
[2011.02.05 23:18:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Temp
[2011.02.05 23:18:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Microsoft
[2011.02.05 23:18:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Media Center Programs
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.02.05 22:50:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.02.05 22:46:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.18 18:19:02 | 001,613,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.18 18:19:02 | 000,696,752 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.18 18:19:02 | 000,652,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.18 18:19:02 | 000,148,048 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.18 18:19:02 | 000,121,002 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.18 17:11:21 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 17:11:21 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 17:03:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.18 17:03:37 | 529,731,583 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.10 15:21:42 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.09 17:48:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.02.07 16:26:28 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2011.02.07 16:26:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AWOPFilterDriver_01007.Wdf
[2011.02.07 16:23:26 | 000,019,464 | ---- | M] () -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys
[2011.02.06 19:43:32 | 008,690,712 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.06 12:19:22 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.02.06 12:19:22 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.06 12:18:29 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.02.06 12:18:29 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.06 00:39:15 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.02.06 00:01:58 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.05 23:58:44 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.02.05 23:57:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2011.02.05 23:57:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2011.02.05 23:49:19 | 000,001,031 | ---- | M] () -- C:\Users\Philipp\Desktop\Philipp - Verknüpfung.lnk
[2011.02.05 23:48:09 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.05 23:44:53 | 000,012,526 | ---- | M] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk
[2011.02.05 23:42:56 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011.02.05 23:23:54 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2011.02.05 23:17:08 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.02.05 23:17:08 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.02.05 22:54:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.01.29 16:51:24 | 000,000,171 | ---- | M] () -- C:\WJYJUIF7.dat
 
========== Files Created - No Company Name ==========
 
[2011.02.09 17:48:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.02.07 16:26:28 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2011.02.07 16:26:06 | 000,019,464 | ---- | C] () -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys
[2011.02.07 16:26:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AWOPFilterDriver_01007.Wdf
[2011.02.06 12:19:22 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.02.06 12:18:30 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.06 12:18:29 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.02.06 12:18:29 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.06 01:02:45 | 008,690,712 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.06 00:39:15 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.02.06 00:01:58 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.06 00:00:35 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.02.05 23:57:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2011.02.05 23:57:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2011.02.05 23:54:36 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.02.05 23:49:19 | 000,001,031 | ---- | C] () -- C:\Users\Philipp\Desktop\Philipp - Verknüpfung.lnk
[2011.02.05 23:48:09 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.05 23:44:53 | 000,012,526 | ---- | C] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk
[2011.02.05 23:42:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.05 23:23:54 | 000,188,416 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2011.02.05 23:23:54 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.02.05 23:23:54 | 000,088,064 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2011.02.05 23:23:54 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.02.05 23:23:54 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2011.02.05 23:19:20 | 000,001,411 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.02.05 23:19:12 | 000,001,445 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.02.05 22:57:10 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.02.05 22:57:03 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.02.05 22:54:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.01.29 16:51:24 | 000,000,171 | ---- | C] () -- C:\WJYJUIF7.dat
[2010.04.07 15:58:22 | 000,097,584 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2011.02.06 14:48:06 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\TS3Client
[2009.07.14 06:08:49 | 000,012,474 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---


Hijackthis:

HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:50:04, on 18.02.2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
 
Running processes:
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Philipp\Desktop\SchnickSchnack\HiJackThis204.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 6469 bytes
         
--- --- ---


Hier mein Laptop:

Anti-Malewarebyts

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
 
Datenbank Version: 5799
 
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
 
18.02.2011 18:38:30
mbam-log-2011-02-18 (18-38-30).txt
 
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 247251
Laufzeit: 17 Minute(n), 7 Sekunde(n)
 
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
 
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
 
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
 
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
OTL

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 18.02.2011 18:42:57 - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Philipp\Desktop\SchnickSchnack
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 225,80 Gb Total Space | 194,95 Gb Free Space | 86,34% Space Free | Partition Type: NTFS
Drive D: | 226,19 Gb Total Space | 226,09 Gb Free Space | 99,96% Space Free | Partition Type: NTFS
 
Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.02.18 18:10:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe
PRC - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.10 14:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.04.08 21:18:40 | 000,908,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.04.08 21:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.04.08 21:18:40 | 000,298,064 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.03.09 00:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.02.01 19:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.13 10:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009.12.25 02:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009.12.25 02:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009.11.06 01:51:20 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.02.18 18:10:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.03.29 17:41:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.02.09 19:07:15 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.04.23 10:46:22 | 000,867,360 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.04.08 21:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.03.26 11:46:48 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.02.01 19:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.11.06 01:51:20 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2009.11.06 01:50:50 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.01.10 14:23:15 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.01.10 14:23:15 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.04.02 01:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.29 17:51:38 | 006,405,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.03.29 16:46:28 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.03.09 15:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.03.06 18:04:08 | 000,335,400 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.02.16 04:05:12 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.02.09 06:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.01.14 23:41:12 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.01.14 23:41:06 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.12.22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.10.22 05:55:06 | 000,272,432 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.10.16 11:32:22 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.08.24 02:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.09 19:18:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.09 19:18:55 | 000,000,000 | ---D | M]
 
[2011.02.09 18:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions
[2011.02.17 22:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\nmen04xg.default\extensions
[2011.02.17 06:59:46 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\nmen04xg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.02.09 18:55:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\nmen04xg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.02.09 19:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.02.09 19:03:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.09 19:03:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.18 18:20:17 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Auswertung Laptop
[2011.02.18 18:11:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Diagnostics
[2011.02.13 19:20:10 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Malwarebytes
[2011.02.13 19:20:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.02.13 19:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.13 19:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.13 19:20:03 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.13 19:20:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.02.11 17:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.02.11 17:26:57 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.02.11 17:26:55 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Skype
[2011.02.11 17:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.02.11 17:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.02.09 19:19:51 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple Computer
[2011.02.09 19:19:50 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Apple Computer
[2011.02.09 19:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.02.09 19:19:25 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.02.09 19:19:24 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.02.09 19:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.02.09 19:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.02.09 19:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.02.09 19:18:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.02.09 19:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.02.09 19:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.02.09 19:18:32 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple
[2011.02.09 19:18:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011.02.09 19:18:11 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.02.09 19:18:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.02.09 19:18:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.02.09 19:18:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.02.09 19:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.02.09 19:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011.02.09 19:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.02.09 19:04:04 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.02.09 19:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.02.09 19:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.02.09 19:03:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.02.09 18:56:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\SchnickSchnack
[2011.02.09 18:56:19 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Avira
[2011.02.09 18:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.02.09 18:51:25 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.02.09 18:51:24 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.02.09 18:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.02.09 18:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.02.09 18:49:34 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Mozilla
[2011.02.09 18:49:34 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Mozilla
[2011.02.09 18:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.02.09 18:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.02.09 18:47:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Adobe
[2011.02.09 15:29:18 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Google
[2011.02.09 15:17:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\ATI
[2011.02.09 15:17:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\ATI
[2011.02.09 15:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.02.09 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011.02.09 15:16:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\EgisTec IPS
[2011.02.09 15:16:43 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Macromedia
[2011.02.09 15:16:12 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.02.09 15:16:12 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.02.09 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Searches
[2011.02.09 15:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2011.02.09 15:15:39 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Identities
[2011.02.09 15:15:31 | 000,000,000 | ---D | C] -- C:\Programme\Acer Accessory Store
[2011.02.09 15:15:26 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Contacts
[2011.02.09 15:15:22 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\VirtualStore
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Vorlagen
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Verlauf
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Temporary Internet Files
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Startmenü
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\SendTo
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Recent
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Netzwerkumgebung
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Lokale Einstellungen
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Videos
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Musik
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Eigene Dateien
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Bilder
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Druckumgebung
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Cookies
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Anwendungsdaten
[2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Anwendungsdaten
[2011.02.09 15:14:45 | 000,000,000 | --SD | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Videos
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Saved Games
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Pictures
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Music
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Links
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Favorites
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Downloads
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Desktop
[2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.02.09 15:14:45 | 000,000,000 | -H-D | C] -- C:\Users\Philipp\AppData
[2011.02.09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Temp
[2011.02.09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Microsoft
[2011.02.09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Media Center Programs
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.02.08 21:57:08 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2011.02.08 21:57:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2011.02.08 21:57:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2011.02.08 21:57:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2011.02.08 21:56:00 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2011.02.08 21:56:00 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2011.02.08 21:55:58 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2011.02.08 21:55:58 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2011.02.08 21:50:54 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log
[2011.02.08 21:47:16 | 000,349,776 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINSTLMv4.EXE
[2011.02.08 21:46:03 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011.02.08 21:46:03 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2011.02.08 21:46:02 | 000,450,560 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2011.02.08 21:46:02 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2011.02.08 21:46:02 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011.02.08 21:45:31 | 000,525,088 | ---- | C] (Wistron Corp.) -- C:\Windows\WGRegx64.exe
[2011.02.08 21:45:31 | 000,000,000 | ---D | C] -- C:\Windows\Lan
[2011.02.08 21:45:16 | 000,484,128 | ---- | C] (Wistron Corp.) -- C:\Windows\WISMVIMG.EXE
[2011.02.08 21:45:16 | 000,255,264 | ---- | C] (Wistron Corp.) -- C:\Windows\WISI2BAT.EXE
[2011.02.08 21:45:16 | 000,176,928 | ---- | C] (Wistron Corp.) -- C:\Windows\PATCHFUL.EXE
[2011.02.08 21:45:15 | 000,388,384 | ---- | C] (Wistron Corp.) -- C:\Windows\WisGAPasx64.exe
[2011.02.08 21:45:15 | 000,342,560 | ---- | C] (Acer Inc.) -- C:\Windows\ParseModule_X64.exe
[2011.02.08 21:45:14 | 000,326,432 | ---- | C] (Wistron Corp.) -- C:\Windows\WisGAPas.exe
[2011.02.08 21:45:14 | 000,231,968 | ---- | C] (Acer Inc.) -- C:\Windows\ParseModule_X86.exe
[2011.02.08 13:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011.02.08 13:21:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011.02.08 13:21:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.02.08 13:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011.02.08 13:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011.02.08 13:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011.02.08 13:21:03 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.02.08 13:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011.02.08 13:19:28 | 000,000,000 | ---D | C] -- C:\BOOK
[2011.02.08 13:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.02.08 13:19:06 | 000,000,000 | ---D | C] -- C:\Programme\Preload
[2011.02.08 13:18:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
[2011.02.08 13:18:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2011.02.08 13:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2011.02.08 13:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2011.02.08 13:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2011.02.08 13:15:59 | 000,000,000 | ---D | C] -- C:\Programme\Apoint2K
[2011.02.08 13:15:44 | 001,664,248 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.exe
[2011.02.08 13:15:44 | 000,049,464 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2011.02.08 13:15:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
[2011.02.08 13:13:29 | 000,000,000 | ---D | C] -- C:\Programme\WIDCOMM
[2011.02.08 13:12:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.02.08 13:12:24 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2011.02.08 13:12:22 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011.02.08 13:12:22 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.02.08 13:12:21 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.02.08 13:12:21 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.02.08 13:12:21 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.02.08 13:12:18 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011.02.08 13:12:18 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.02.08 13:12:18 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.02.08 13:12:18 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011.02.08 13:12:18 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011.02.08 13:12:18 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011.02.08 13:12:17 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011.02.08 13:12:17 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.02.08 13:12:12 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2011.02.08 13:12:12 | 000,321,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.02.08 13:12:11 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2011.02.08 13:12:11 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2011.02.08 13:12:11 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2011.02.08 13:12:11 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2011.02.08 13:12:11 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2011.02.08 13:12:11 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2011.02.08 13:12:11 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2011.02.08 13:12:11 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2011.02.08 13:12:11 | 000,122,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2011.02.08 13:12:10 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2011.02.08 13:12:10 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2011.02.08 13:12:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.02.08 13:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.02.08 13:11:42 | 000,000,000 | ---D | C] -- C:\Programme\DIFX
[2011.02.08 13:11:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.02.08 13:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2011.02.08 13:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.02.08 13:09:41 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2011.02.08 13:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011.02.08 13:06:25 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.02.08 13:03:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.18 18:30:01 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2011.02.18 18:14:52 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.18 18:14:52 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.18 18:14:52 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.18 18:14:52 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.18 18:14:52 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.18 18:06:05 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 18:06:05 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.18 17:58:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.18 17:58:21 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.11 17:32:08 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.11 17:26:57 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.02.09 19:19:47 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.09 19:08:23 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.02.09 19:02:40 | 000,000,987 | ---- | M] () -- C:\Users\Philipp\Desktop\Philipp.lnk
[2011.02.09 18:49:35 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011.02.09 18:49:24 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.09 15:24:40 | 000,012,482 | ---- | M] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk
[2011.02.09 15:16:37 | 000,000,201 | ---- | M] () -- C:\Windows\USER.XML
[2011.02.09 15:14:55 | 000,000,211 | RHS- | M] () -- C:\Preload.rev
[2011.02.09 15:14:55 | 000,000,168 | ---- | M] () -- C:\Windows\WisLangCode.ini
[2011.02.09 15:14:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.02.09 15:14:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.02.08 22:01:15 | 000,001,690 | ---- | M] () -- C:\Windows\WPatchProgress.ini
[2011.02.08 21:56:52 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2011.02.08 21:56:52 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2011.02.08 21:56:00 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2011.02.08 21:56:00 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2011.02.08 21:55:58 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2011.02.08 21:55:58 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2011.02.08 21:50:54 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag
[2011.02.08 21:48:54 | 000,000,926 | ---- | M] () -- C:\Windows\MOD01SET74DE0N0003.XML
[2011.02.08 13:32:54 | 000,000,213 | ---- | M] () -- C:\Windows\Factory.xml
[2011.02.08 13:22:47 | 000,000,020 | ---- | M] () -- C:\Windows\ú©
[2011.02.08 13:16:13 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI
[2011.02.08 13:16:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf
[2011.02.08 13:14:45 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011.02.08 13:07:11 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011.02.08 13:06:18 | 000,696,680 | ---- | M] () -- C:\Windows\SysNative\oem7.inf
 
========== Files Created - No Company Name ==========
 
[2011.02.11 17:26:57 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.02.11 16:44:08 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2011.02.09 19:19:47 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.02.09 19:18:32 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.02.09 19:06:26 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.02.09 19:02:40 | 000,000,987 | ---- | C] () -- C:\Users\Philipp\Desktop\Philipp.lnk
[2011.02.09 18:49:35 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.02.09 18:49:24 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.02.09 15:24:40 | 000,012,482 | ---- | C] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk
[2011.02.09 15:16:25 | 000,001,409 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.02.09 15:16:18 | 000,001,443 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.02.08 22:01:15 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag
[2011.02.08 21:57:37 | 000,654,166 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.08 21:57:37 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2011.02.08 21:57:37 | 000,130,006 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.08 21:57:37 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2011.02.08 21:49:01 | 000,000,926 | ---- | C] () -- C:\Windows\MOD01SET74DE0N0003.XML
[2011.02.08 21:48:34 | 000,000,385 | RHS- | C] () -- C:\Patch.rev
[2011.02.08 21:48:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1025_ACER_ACER_Aspire 7552.mrk
[2011.02.08 21:48:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\1025_ACER_ACER_Aspire 7552.mrk
[2011.02.08 21:46:03 | 000,511,072 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2011.02.08 21:46:03 | 000,511,072 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2011.02.08 21:46:03 | 000,026,112 | ---- | C] () -- C:\Windows\SysNative\atitmp64.dll
[2011.02.08 21:46:03 | 000,002,093 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.02.08 21:46:03 | 000,002,093 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2011.02.08 21:46:02 | 000,332,288 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe
[2011.02.08 21:46:02 | 000,201,875 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2011.02.08 21:46:02 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe
[2011.02.08 21:46:02 | 000,020,692 | ---- | C] () -- C:\Windows\atiogl.xml
[2011.02.08 21:46:01 | 000,033,616 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2011.02.08 21:45:31 | 000,000,201 | ---- | C] () -- C:\Windows\USER.XML
[2011.02.08 21:45:13 | 000,001,690 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2011.02.08 13:24:22 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011.02.08 13:22:46 | 000,000,020 | ---- | C] () -- C:\Windows\ú©
[2011.02.08 13:16:13 | 000,000,184 | ---- | C] () -- C:\Windows\LMv4.UNI
[2011.02.08 13:16:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf
[2011.02.08 13:15:44 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll
[2011.02.08 13:15:44 | 000,222,382 | ---- | C] () -- C:\Windows\Acer Crystal Eye webcam.ico
[2011.02.08 13:15:44 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011.02.08 13:15:44 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2011.02.08 13:15:44 | 000,009,168 | ---- | C] () -- C:\Windows\Suyin.reg
[2011.02.08 13:15:44 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2011.02.08 13:15:44 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2011.02.08 13:13:39 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2011.02.08 13:12:24 | 000,231,056 | ---- | C] () -- C:\Windows\SysNative\drivers\RTConvEQ.dat
[2011.02.08 13:12:24 | 000,026,448 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE3.DAT
[2011.02.08 13:12:24 | 000,001,352 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat
[2011.02.08 13:12:24 | 000,000,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat
[2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX3.dat
[2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat
[2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat
[2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2011.02.08 13:12:24 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ1.dat
[2011.02.08 13:12:24 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2011.02.08 13:07:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.08 13:06:22 | 000,696,680 | ---- | C] () -- C:\Windows\SysNative\oem7.inf
[2011.02.08 13:03:20 | 3219,787,776 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.19 23:08:32 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.05.19 23:07:19 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010.05.19 23:07:19 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2010.05.19 23:07:19 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2011.02.18 18:30:01 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
[2009.07.14 06:08:49 | 000,008,420 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---


Hijackthis

HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:52, on 18.02.2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Philipp\Desktop\SchnickSchnack\HiJackThis204.exe
C:\Windows\SysWOW64\DllHost.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 9360 bytes
         
--- --- ---


Vielen dank schonmal

Gruß

*push*

Antwort

Themen zu Auswertung PC und Laptop
64-bit, adblock, alienware, antivir, antivir guard, autorun, avg, avgntflt.sys, avira, bho, bonjour, desktop, error, explorer, firefox, format, home, home premium, langs, launch, location, locker, logfile, media center, mozilla, mywinlocker, nvidia, oldtimer, programdata, programme, realtek, registry, rundll, searchplugins, senden, software, start menu, symantec, syswow64, teamspeak, webcheck, windows xp



Ähnliche Themen: Auswertung PC und Laptop


  1. PC Auswertung
    Log-Analyse und Auswertung - 10.09.2015 (23)
  2. Laptop läuft langsam Win 7, Rechtsklick mit Maus funktioniert nicht, Laptop zickt rum.
    Plagegeister aller Art und deren Bekämpfung - 18.01.2015 (11)
  3. Laptop sehr langsam und wird schnell heiß wenn man games zockt virus? internet spackt auch oft ab (nur laptop)
    Plagegeister aller Art und deren Bekämpfung - 06.12.2014 (3)
  4. Habe ich Probleme mit Laptop, scannen - richtig gemacht? auswertung!
    Log-Analyse und Auswertung - 03.07.2014 (15)
  5. Lollipop Virus auf Laptop , Laptop wird immer Langsamer! Deinstellieren fehlerhaft
    Log-Analyse und Auswertung - 03.02.2014 (3)
  6. Laptop Probleme - "Laptop stürzt ständig ab oder friert ein - wohl Virus :-("
    Mülltonne - 30.12.2013 (1)
  7. GVU - olt.txt auswertung
    Log-Analyse und Auswertung - 12.08.2013 (12)
  8. Laptop gehackt oder nicht ? Auswertung von Logfiles
    Log-Analyse und Auswertung - 08.05.2013 (1)
  9. GVU Virus auf Laptop, Laie braucht dringend Hilfe, wie OTL auf verseuchten Laptop bringen?
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (21)
  10. LOG Auswertung
    Log-Analyse und Auswertung - 19.12.2012 (14)
  11. OTL Auswertung nach Hijackthis Online-Auswertung
    Log-Analyse und Auswertung - 11.11.2011 (3)
  12. Log-Auswertung!
    Log-Analyse und Auswertung - 10.02.2011 (4)
  13. TAN-Trojaner auf altem Laptop - Datenübertragung auf neuen Laptop?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2010 (5)
  14. zu langsamer Laptop trotz Norton 360 hijack this auswertung -
    Log-Analyse und Auswertung - 05.06.2010 (2)
  15. Auswertung
    Log-Analyse und Auswertung - 14.09.2009 (1)
  16. Mein Laptop schlepp sich, bitte um auswertung
    Log-Analyse und Auswertung - 13.01.2006 (1)
  17. Log Auswertung
    Log-Analyse und Auswertung - 29.09.2004 (5)

Zum Thema Auswertung PC und Laptop - Hallo, ich wollte einfach mal abchecken ob bei meinen zwei Geräten alles okay ist. Ich poste in der folgenden Reihenfolge: Anti-malewarebytes OTL (quickscann - falls normaler scann benötigt habe ich - Auswertung PC und Laptop...
Archiv
Du betrachtest: Auswertung PC und Laptop auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.