| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner / Virus ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.03.2012, 18:24
| #1 |
| |  Trojaner / Virus ? `Hallo, ich habe seit einiger Zeit grosse Probleme mit meinem Laptop, Er ist langsam und beim Spielen kommen immer häufiger Ruckler.. Könnt ihr evtl schaun was dort kaputt ist ? Lg Romy |
|
29.03.2012, 18:25
| #2 |
| /// Malware-holic   | Trojaner / Virus ? hi
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
29.03.2012, 18:45
| #3 |
| | Trojaner / Virus ? Also.. hier ist einmal dieses OTL.txt:OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 29.03.2012 19:29:43 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Christian\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 4,41 Gb Available Physical Memory | 73,46% Memory free 12,14 Gb Paging File | 10,73 Gb Available in Paging File | 88,35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285,40 Gb Total Space | 218,65 Gb Free Space | 76,61% Space Free | Partition Type: NTFS Drive D: | 149,04 Gb Total Space | 128,23 Gb Free Space | 86,03% Space Free | Partition Type: NTFS Drive E: | 4,52 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.03.29 19:28:20 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Downloads\OTL.exe PRC - [2012.03.27 21:40:23 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011.09.22 02:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.08.26 05:48:13 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2009.04.10 23:28:16 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe PRC - [2009.04.08 04:00:08 | 002,861,624 | ---- | M] (ASUSTek.) -- C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe PRC - [2009.04.07 18:34:26 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe PRC - [2009.03.29 21:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe PRC - [2009.03.04 19:26:24 | 008,392,704 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2009.02.11 01:51:18 | 000,113,208 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\wbctlvga.exe PRC - [2009.02.07 01:57:18 | 000,072,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe PRC - [2008.06.18 07:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe PRC - [2008.04.01 08:09:30 | 000,266,240 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe PRC - [2008.03.31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2008.03.25 06:39:18 | 000,322,104 | ---- | M] (ASUSTek.) -- C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe PRC - [2008.01.26 03:32:38 | 000,778,240 | ---- | M] () -- C:\Program Files (x86)\P4P\P4P.exe PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe PRC - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2007.08.03 21:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe PRC - [2007.07.14 02:25:10 | 000,741,376 | ---- | M] (ChkMail) -- C:\Program Files\ChkMail\ChkMail\ChkMail.exe ========== Modules (No Company Name) ========== MOD - [2008.05.29 06:40:38 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OLED.dll MOD - [2008.05.29 06:39:48 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\SysInfo.dll MOD - [2008.02.19 07:32:46 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OvrClk.dll MOD - [2008.01.26 03:32:38 | 000,778,240 | ---- | M] () -- C:\Program Files (x86)\P4P\P4P.exe MOD - [2007.12.28 01:04:42 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\LED.dll MOD - [2007.12.12 01:07:28 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OUTLOOK.dll MOD - [2007.12.08 00:32:02 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\MSN.dll MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe MOD - [2007.11.07 23:16:26 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OutlookAlertBoxTerminate.dll MOD - [2007.03.10 01:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll MOD - [2006.10.28 00:35:18 | 000,436,512 | ---- | M] () -- C:\PROGRA~2\MICROS~1\Office12\ADDINS\UMOUTL~1.DLL MOD - [2006.10.27 06:30:42 | 000,065,312 | ---- | M] () -- C:\PROGRA~2\MICROS~1\Office12\ADDINS\COLLEA~1.DLL ========== Win32 Services (SafeList) ========== SRV:64bit: - [2008.01.21 04:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV:64bit: - [2007.08.03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) SRV - [2012.03.27 21:40:23 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.02.09 11:59:08 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.09.22 02:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security) SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.03.29 21:42:16 | 000,066,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.02.07 01:57:18 | 000,072,248 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe -- (WBVGAservice) SRV - [2008.08.14 05:59:52 | 000,100,920 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2008.03.31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.28 16:13:11 | 000,561,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\ccHPx64.sys -- (ccHP) DRV:64bit: - [2012.03.28 13:07:51 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2012.03.28 13:07:41 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\BHDrvx64.sys -- (BHDrvx64) DRV:64bit: - [2011.09.22 02:35:58 | 000,279,160 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\SYMTDI.SYS -- (SYMTDI) DRV:64bit: - [2011.09.22 02:35:58 | 000,120,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\SYMFW.SYS -- (SYMFW) DRV:64bit: - [2011.09.22 02:35:58 | 000,056,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\SYMNDISV.SYS -- (SYMNDISV) DRV:64bit: - [2010.01.20 23:03:40 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SYMEFA64.SYS -- (SymEFA) DRV:64bit: - [2010.01.20 23:03:40 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM) DRV:64bit: - [2010.01.20 23:03:39 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\SRTSP64.SYS -- (SRTSP) DRV:64bit: - [2010.01.20 23:03:39 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:64bit: - [2009.08.26 05:22:55 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm) DRV:64bit: - [2009.04.10 22:03:34 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus) DRV:64bit: - [2009.04.02 02:46:40 | 000,016,440 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\lullaby.sys -- (lullaby) DRV:64bit: - [2009.02.11 11:26:17 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor) DRV:64bit: - [2009.01.14 02:48:18 | 001,187,840 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr) DRV:64bit: - [2008.11.03 09:03:27 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2008.08.21 08:39:13 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV:64bit: - [2008.08.21 06:18:39 | 001,836,800 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV:64bit: - [2008.07.09 11:16:19 | 000,092,200 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2008.05.13 15:02:13 | 000,019,880 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid) DRV:64bit: - [2008.05.13 15:02:11 | 000,121,896 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2008.05.02 07:59:47 | 000,166,912 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2008.02.16 03:27:18 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2008.01.29 04:46:57 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2008.01.24 07:24:23 | 000,060,928 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir) DRV:64bit: - [2008.01.21 04:51:07 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2007.12.06 12:12:55 | 000,320,048 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP) DRV:64bit: - [2007.10.17 06:54:20 | 000,015,872 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\EIO64.sys -- (EIO64) DRV:64bit: - [2007.07.28 04:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp) DRV:64bit: - [2007.07.27 05:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2007.07.24 20:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV:64bit: - [2006.10.27 15:01:07 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATK64AMD.sys -- (MTsensor) DRV:64bit: - [2006.10.04 03:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64) DRV - [2012.03.26 12:35:56 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20120328.036\EX64.SYS -- (NAVEX15) DRV - [2012.03.26 12:35:56 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012.03.26 12:35:56 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012.03.26 12:35:56 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20120328.036\ENG64.SYS -- (NAVENG) DRV - [2012.03.24 19:21:42 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20120328.002\IDSviA64.sys -- (IDSVia64) DRV - [2012.02.09 11:48:24 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=91CB4F1D-6C7F-4637-AE31-C06DFB68832E&apn_sauid=3ADFF042-0ABA-4653-AE3F-8778386049E2 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2012.03.28 19:46:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.27 16:35:36 | 000,000,000 | ---D | M] [2012.03.27 16:35:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Extensions [2012.03.28 19:34:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\zqxwvkaf.default\extensions [2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zqxwvkaf.default\searchplugins\askcom.xml [2012.03.29 19:09:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.03.27 20:10:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} () (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZQXWVKAF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ATK) O4 - HKLM..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [ChkMail] C:\Program Files\ChkMail\ChkMail\ChkMail.exe (ChkMail) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe (ASUSTek.) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [PowerForPhone] C:\Program Files (x86)\P4P\P4P.exe () O4 - HKLM..\Run: [Turbo Gear] C:\Program Files\ASUS\Turbo Gear\TurboGear.exe () O4 - HKLM..\Run: [Turbo Gear Help] C:\Program Files\ASUS\Turbo Gear\GearHelp.exe () O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{241A682B-5B96-4D59-B6C0-22024A95B2C9}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\symres - No CLSID value found O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll (Symantec Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg O27:64bit: - HKLM IFEO\bttray.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\olrsubmission.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\power2go.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\power2goexpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\turbogear.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\bttray.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\olrsubmission.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\power2go.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\power2goexpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\turbogear.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.12.22 01:14:45 | 000,054,544 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2009.11.05 09:34:55 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{790d1d51-91ee-11de-8510-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{790d1d51-91ee-11de-8510-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2009.12.22 01:14:45 | 000,054,544 | R--- | M] (Electronic Arts) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2012.03.29 13:24:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2012.03.29 13:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices [2012.03.29 12:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2012.03.28 16:02:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2012.03.28 02:10:33 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.03.28 00:01:16 | 000,000,000 | RH-D | C] -- C:\Users\Christian\AppData\Roaming\SecuROM [2012.03.27 23:15:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Electronic Arts [2012.03.27 23:10:33 | 000,447,752 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll [2012.03.27 23:10:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE [2012.03.27 21:35:49 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\PunkBuster [2012.03.27 21:35:44 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Battlefield 3 [2012.03.27 21:32:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2012.03.27 21:26:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool [2012.03.27 21:15:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell [2012.03.27 21:15:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell [2012.03.27 20:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.03.27 20:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012.03.27 20:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.03.27 20:12:57 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012.03.27 20:12:57 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012.03.27 20:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.03.27 20:12:13 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012.03.27 20:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.03.27 20:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.03.27 20:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask [2012.03.27 20:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.03.27 19:49:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN [2012.03.27 19:49:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES [2012.03.27 19:49:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES [2012.03.27 19:49:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES [2012.03.27 19:49:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES [2012.03.27 19:49:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN [2012.03.27 19:44:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012.03.27 19:28:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012.03.27 19:12:59 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2012.03.27 19:12:59 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2012.03.27 19:12:59 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2012.03.27 19:12:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012 [2012.03.27 19:12:52 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\TuneUp Software [2012.03.27 19:12:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012 [2012.03.27 19:12:43 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.03.27 19:12:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.03.27 18:47:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3 [2012.03.27 18:44:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2012.03.27 18:13:13 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Origin [2012.03.27 18:13:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012.03.27 18:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [2012.03.27 17:58:18 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Adobe [2012.03.27 17:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2012.03.27 17:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012.03.27 17:46:09 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2012.03.27 17:03:08 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Adobe [2012.03.27 17:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2012.03.27 17:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012.03.27 17:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2012.03.27 17:02:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2012.03.27 16:39:20 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Origin [2012.03.27 16:39:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2012.03.27 16:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012.03.27 16:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2012.03.27 16:35:39 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Mozilla [2012.03.27 16:35:39 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Mozilla [2012.03.27 16:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.03.27 16:33:18 | 000,031,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys [2012.03.27 16:33:15 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2012.03.27 16:33:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2012.03.27 16:33:15 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2012.03.27 16:26:55 | 000,000,000 | ---D | C] -- C:\Users\Christian\Bluetooth Software [2012.03.27 16:26:55 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\Bluetooth Exchange Folder [2012.03.27 16:26:31 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Macromedia [2012.03.27 16:26:30 | 000,000,000 | ---D | C] -- C:\Users\Christian\P4P [2012.03.27 16:26:27 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Power2Go [2012.03.27 16:26:09 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.03.27 16:26:09 | 000,000,000 | R--D | C] -- C:\Users\Christian\Searches [2012.03.27 16:26:09 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.03.27 16:26:02 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Identities [2012.03.27 16:26:00 | 000,000,000 | R--D | C] -- C:\Users\Christian\Contacts [2012.03.27 16:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.03.27 16:23:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.03.27 16:23:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012.03.27 16:21:42 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\VirtualStore [2012.03.27 16:21:40 | 000,000,000 | --SD | C] -- C:\Users\Christian\AppData\Roaming\Microsoft [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\Videos [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\Saved Games [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\Pictures [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\Music [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\Links [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\Favorites [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\Downloads [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\Documents [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\Desktop [2012.03.27 16:21:40 | 000,000,000 | R--D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Vorlagen [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\Verlauf [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\Temporary Internet Files [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Startmenü [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\SendTo [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Recent [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Netzwerkumgebung [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Lokale Einstellungen [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Documents\Eigene Videos [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Documents\Eigene Musik [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Eigene Dateien [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Documents\Eigene Bilder [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Druckumgebung [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Cookies [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\AppData\Local\Anwendungsdaten [2012.03.27 16:21:40 | 000,000,000 | -HSD | C] -- C:\Users\Christian\Anwendungsdaten [2012.03.27 16:21:40 | 000,000,000 | -H-D | C] -- C:\Users\Christian\AppData [2012.03.27 16:21:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Temp [2012.03.27 16:21:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Microsoft [2012.03.27 16:21:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Media Center Programs [2012.03.27 16:21:40 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite ========== Files - Modified Within 30 Days ========== [2012.03.29 19:17:21 | 001,418,806 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.03.29 19:17:21 | 000,618,442 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.03.29 19:17:21 | 000,587,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.03.29 19:17:21 | 000,122,842 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.03.29 19:17:21 | 000,101,250 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.03.29 19:14:40 | 000,000,024 | ---- | M] () -- C:\Windows\SysWow64\ChkMail.ini [2012.03.29 19:09:51 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.03.29 19:09:49 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.03.29 19:09:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.03.29 19:09:27 | 2146,471,935 | -HS- | M] () -- C:\hiberfil.sys [2012.03.29 17:28:23 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.03.29 13:27:01 | 000,380,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.03.29 13:04:45 | 003,717,232 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\Cat.DB [2012.03.29 12:16:57 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat [2012.03.29 12:16:57 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat [2012.03.29 12:16:57 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat [2012.03.29 12:16:57 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat [2012.03.29 12:16:47 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.03.29 12:16:44 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.03.28 23:06:42 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.03.28 23:06:42 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.03.28 23:06:28 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.03.28 19:45:17 | 000,002,277 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2012.03.28 18:15:31 | 000,000,929 | -H-- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012.03.28 16:13:11 | 000,561,800 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\cchpx64.sys [2012.03.28 16:13:10 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\isolate.ini [2012.03.28 16:08:28 | 000,002,083 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Luxus-Accessoires.lnk [2012.03.28 13:07:51 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2012.03.28 13:07:51 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2012.03.28 13:07:51 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2012.03.28 13:07:41 | 000,334,384 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\BHDrvx64.sys [2012.03.28 13:07:40 | 000,009,412 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\symnetv.cat [2012.03.28 13:07:40 | 000,007,362 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\bhdrvx64.cat [2012.03.28 13:07:40 | 000,001,481 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SymNetV.inf [2012.03.28 13:07:40 | 000,000,640 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008030.006\BHDrvx64.inf [2012.03.28 01:13:19 | 000,060,826 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.03.27 23:10:21 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Die*Sims™*3.lnk [2012.03.27 23:09:48 | 000,447,752 | ---- | M] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll [2012.03.27 21:40:23 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.03.27 21:29:01 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2012.03.27 19:12:58 | 000,001,930 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.03.27 19:12:58 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk [2012.03.27 18:47:17 | 000,001,012 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2012.03.27 18:13:05 | 000,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2012.03.27 17:02:56 | 000,001,773 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.03.27 17:02:56 | 000,001,771 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.03.27 16:36:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_G71GX.alu [2012.03.27 16:35:37 | 000,000,895 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.03.27 16:24:00 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012.03.01 02:02:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012.03.01 02:02:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012.03.01 02:02:00 | 000,011,770 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2012.02.29 13:26:56 | 000,416,064 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe ========== Files Created - No Company Name ========== [2012.03.29 12:16:47 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.03.29 12:16:44 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.03.28 16:08:28 | 000,002,083 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Luxus-Accessoires.lnk [2012.03.28 01:12:36 | 2146,471,935 | -HS- | C] () -- C:\hiberfil.sys [2012.03.27 23:10:21 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Die*Sims™*3.lnk [2012.03.27 21:35:52 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.03.27 20:51:26 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl [2012.03.27 20:51:26 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl [2012.03.27 20:51:25 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs [2012.03.27 20:51:25 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs [2012.03.27 20:51:25 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml [2012.03.27 20:51:25 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml [2012.03.27 20:30:25 | 002,608,861 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf [2012.03.27 20:12:57 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012.03.27 19:30:06 | 000,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf [2012.03.27 19:30:04 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.03.27 19:30:00 | 000,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml [2012.03.27 19:30:00 | 000,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml [2012.03.27 19:29:57 | 000,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf [2012.03.27 19:29:54 | 000,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf [2012.03.27 19:29:51 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll [2012.03.27 19:29:51 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2012.03.27 19:29:33 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2012.03.27 19:29:33 | 000,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin [2012.03.27 19:29:32 | 000,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2012.03.27 19:29:24 | 000,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF [2012.03.27 19:29:19 | 000,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs [2012.03.27 19:29:19 | 000,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs [2012.03.27 19:29:19 | 000,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man [2012.03.27 19:29:19 | 000,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man [2012.03.27 19:12:58 | 000,001,930 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.03.27 19:12:58 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk [2012.03.27 19:12:57 | 000,001,938 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk [2012.03.27 18:47:17 | 000,001,012 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2012.03.27 18:13:05 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2012.03.27 17:45:53 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.03.27 17:45:53 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.03.27 17:45:51 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.03.27 17:02:56 | 000,001,773 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012.03.27 17:02:56 | 000,001,771 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.03.27 16:36:35 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_G71GX.alu [2012.03.27 16:35:36 | 000,000,907 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.03.27 16:35:36 | 000,000,895 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.03.27 16:33:15 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2012.03.27 16:33:15 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2012.03.27 16:26:22 | 000,000,956 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.03.27 16:26:19 | 000,000,986 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.03.27 16:26:09 | 000,000,981 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012.03.27 16:25:59 | 000,000,922 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2012.03.27 16:24:00 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012.03.27 16:24:00 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012.03.27 16:21:50 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe [2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe ========== LOP Check ========== [2012.03.27 16:40:51 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Origin [2012.03.27 19:12:52 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TuneUp Software [2012.03.29 17:28:23 | 000,012,786 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.03.27 16:26:25 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2009.08.26 05:48:01 | 000,000,000 | -H-D | M] -- C:\ASUS.SYS [2012.03.27 19:58:18 | 000,000,000 | -HSD | M] -- C:\Boot [2006.11.02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2009.08.26 05:02:07 | 000,000,000 | ---D | M] -- C:\Intel [2009.08.26 04:38:27 | 000,000,000 | RH-D | M] -- C:\MSOCache [2012.03.27 20:16:45 | 000,000,000 | ---D | M] -- C:\NVIDIA [2008.01.21 05:04:13 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.03.29 13:24:58 | 000,000,000 | R--D | M] -- C:\Program Files [2012.03.29 13:24:58 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012.03.29 12:13:50 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.03.27 16:33:19 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.03.27 20:18:42 | 000,000,000 | R--D | M] -- C:\Users [2012.03.29 13:25:38 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys [2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys [2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys < MD5 for: ATAPI.SYS > [2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys [2009.04.11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys [2009.04.11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll [2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EXPLORER.EXE > [2009.08.26 05:03:42 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe [2009.08.26 05:03:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe [2009.08.26 05:03:42 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe [2009.08.26 05:03:41 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe [2009.04.11 00:10:18 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe [2009.04.11 00:10:18 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe [2009.08.26 05:03:42 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe [2009.08.26 05:03:41 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe [2009.08.26 05:03:41 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe [2009.08.26 05:03:42 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe [2008.01.21 04:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe [2008.01.21 04:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe < MD5 for: IASTOR.SYS > [2009.02.11 11:26:17 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Windows\SysNative\drivers\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys [2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys < MD5 for: NETLOGON.DLL > [2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll [2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll [2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll [2009.04.11 00:11:18 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll [2009.04.11 00:11:18 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll [2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll < MD5 for: NVSTOR.SYS > [2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys [2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll [2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll [2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll [2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll [2009.04.11 00:11:24 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll [2009.04.11 00:11:24 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 04:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll [2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll [2009.04.10 23:26:46 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll [2009.04.10 23:26:46 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll [2009.04.11 00:11:28 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll [2009.04.11 00:11:28 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe [2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe [2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 00:11:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe [2009.04.11 00:11:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe [2008.01.21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe [2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe [2009.04.10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2012.03.29 19:41:33 | 001,048,576 | -HS- | M] () -- C:\Users\Christian\NTUSER.DAT [2012.03.29 19:41:33 | 000,262,144 | -H-- | M] () -- C:\Users\Christian\ntuser.dat.LOG1 [2012.03.27 16:21:40 | 000,000,000 | -H-- | M] () -- C:\Users\Christian\ntuser.dat.LOG2 [2012.03.29 17:27:33 | 000,065,536 | -HS- | M] () -- C:\Users\Christian\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf [2012.03.29 17:27:33 | 000,524,288 | -HS- | M] () -- C:\Users\Christian\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms [2012.03.27 17:46:40 | 000,524,288 | -HS- | M] () -- C:\Users\Christian\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms [2012.03.27 16:21:40 | 000,000,020 | -HS- | M] () -- C:\Users\Christian\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 < > < End of report > Und hier das andereOTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 29.03.2012 19:29:43 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Christian\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,41 Gb Available Physical Memory | 73,46% Memory free
12,14 Gb Paging File | 10,73 Gb Available in Paging File | 88,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,40 Gb Total Space | 218,65 Gb Free Space | 76,61% Space Free | Partition Type: NTFS
Drive D: | 149,04 Gb Total Space | 128,23 Gb Free Space | 86,03% Space Free | Partition Type: NTFS
Drive E: | 4,52 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = F5 B6 C7 13 43 0C CD 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2C462B86-2CB1-476C-A25B-FAB39A2E9BC5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{60537FCD-E49B-414F-9D45-8231B497ACE3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9EF71739-E24E-4E0C-A480-F4A9472F802A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CCF7CB8E-9B16-40D0-A70F-FE82BB51196B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DBEEF08B-42A4-4BDB-A8D7-F98119EE2237}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E1F81BB7-56A5-4EA2-BAD5-E4E8D592F93C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E38FB84A-57AC-4076-BD3D-69D6FE27161E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E9882455-836C-4E6D-B8DC-9091B6ACDCEB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F5892AF4-033C-4A7C-AF90-346FE665C273}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2D8131E3-0137-4674-B2B5-F4D7F0F50211}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{38163E69-FB3C-4443-9CA8-1B40B0642855}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5879B8DB-68C5-4578-9A44-EC0E8C14EBFA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{5BAB9002-F9E2-43C4-B31A-98D1C40A4BA6}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{A820CCE1-36AF-476A-A047-92CA33582F9C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{AA0130A7-4C5A-413C-9BEB-EB288BE296B4}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C743A64C-A899-4693-AAEA-A57EB5DC6C3A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FA7D2C6E-1230-4526-874C-862326665831}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007
"{90120000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 UVC 2.0M WebCam" = USB 2.0 UVC 2.0M WebCam
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{250F0996-1830-40C8-9B1D-6874D808DD95}" = ChkMail
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{439F7BFD-4F1B-4CAE-834A-4136396C2738}" = ASUS Turbo Gear Enhanced VGA Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{558B0625-03A7-491C-9693-FD1066005CBB}" = Turbo Gear Extreme
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{99A4344A-C723-4661-A507-D9D939480358}" = Cisco LEAP Module
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}" = Cisco EAP-FAST Module
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C3B6103A-C76F-45CF-898E-22E74BD33CFF}" = Direct Console 2.0
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CD344FA5-6657-47CD-940F-8727EED35595}" = Cisco PEAP Module
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E8CC51B4-F039-4A13-8C23-57661C5A90AC}" = Express Gate
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"NIS" = Norton Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PROHYBRIDR" = 2007 Microsoft Office system
"PunkBusterSvc" = PunkBuster Services
"TuneUp Utilities 2012" = TuneUp Utilities 2012
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.03.2012 11:46:12 | Computer Name = Christian-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Origin Games\Battlefield 3\bf3.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.03.2012 11:46:12 | Computer Name = Christian-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Origin Games\Battlefield 3\bf3.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.03.2012 11:49:03 | Computer Name = Christian-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.03.2012 11:49:55 | Computer Name = Christian-PC | Source = Perflib | ID = 1008
Description =
Error - 27.03.2012 11:57:35 | Computer Name = Christian-PC | Source = System Restore | ID = 8193
Description =
Error - 27.03.2012 12:00:21 | Computer Name = Christian-PC | Source = System Restore | ID = 8193
Description =
Error - 27.03.2012 12:02:09 | Computer Name = Christian-PC | Source = System Restore | ID = 8193
Description =
Error - 27.03.2012 12:12:56 | Computer Name = Christian-PC | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 27.03.2012 12:13:46 | Computer Name = Christian-PC | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 27.03.2012 12:45:17 | Computer Name = Christian-PC | Source = System Restore | ID = 8193
Description =
[ System Events ]
Error - 28.03.2012 10:33:47 | Computer Name = Christian-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 28.03.2012 10:33:47 | Computer Name = Christian-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 28.03.2012 10:33:47 | Computer Name = Christian-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 28.03.2012 10:33:47 | Computer Name = Christian-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 28.03.2012 10:33:47 | Computer Name = Christian-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 28.03.2012 10:33:47 | Computer Name = Christian-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 28.03.2012 13:47:18 | Computer Name = Christian-PC | Source = DCOM | ID = 10010
Description =
Error - 28.03.2012 13:47:23 | Computer Name = Christian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description =
Error - 28.03.2012 13:47:23 | Computer Name = Christian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 28.03.2012 13:58:11 | Computer Name = Christian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
|
|
29.03.2012, 18:53
| #4 |
| /// Malware-holic | Trojaner / Virus ? malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
29.03.2012, 21:27
| #5 |
| | Trojaner / Virus ? Also das Programm hat gesagt es wurde nichts gefunden Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.03.29.07 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Christian :: CHRISTIAN-PC [Administrator] Schutz: Aktiviert 29.03.2012 21:02:38 mbam-log-2012-03-29 (21-02-38).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 498347 Laufzeit: 1 Stunde(n), 22 Minute(n), 42 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
30.03.2012, 11:57
| #6 | |
| /// Malware-holic | Trojaner / Virus ? sieht io aus. Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> Trojaner / Virus ? |
|
30.03.2012, 13:30
| #7 |
| | Trojaner / Virus ? PS: Beim Runterladen hat sich mein Laptop 2 mal aufgehangen beim Virenüberprüfen der Datei... Es wurde kein Neustart verlangt... hier das Dokument Combofix Logfile: Code:
ATTFilter ComboFix 12-03-30.06 - Christian 30.03.2012 14:15:12.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.6142.4692 [GMT 2:00]
ausgeführt von:: c:\users\Christian\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-28 bis 2012-03-30 ))))))))))))))))))))))))))))))
.
.
2012-03-30 12:26 . 2012-03-30 12:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-29 19:01 . 2012-03-29 19:01 -------- d-----w- c:\programdata\Malwarebytes
2012-03-29 19:01 . 2012-03-29 19:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-29 19:01 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-29 11:24 . 2012-03-29 11:24 -------- d-----w- c:\program files\Windows Portable Devices
2012-03-29 11:24 . 2012-03-29 11:24 -------- d-----w- c:\program files (x86)\Windows Portable Devices
2012-03-29 11:04 . 2009-10-01 01:02 30208 ----a-w- c:\windows\SysWow64\WPDShextAutoplay.exe
2012-03-29 11:04 . 2009-10-01 00:52 34816 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2012-03-29 11:04 . 2009-10-01 00:51 37888 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2012-03-29 11:04 . 2009-10-01 00:51 107008 ----a-w- c:\windows\system32\wpdbusenum.dll
2012-03-29 11:04 . 2009-10-01 00:55 2560 ----a-w- c:\windows\system32\drivers\UMDF\de-DE\wpdmtpdr.dll.mui
2012-03-29 10:39 . 2009-11-08 08:55 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2012-03-29 10:39 . 2009-11-08 08:55 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2012-03-29 10:39 . 2009-11-08 08:55 48960 ----a-w- c:\windows\system32\netfxperf.dll
2012-03-29 10:39 . 2009-11-08 08:55 444752 ----a-w- c:\windows\system32\mscoree.dll
2012-03-29 10:39 . 2009-11-08 08:55 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2012-03-29 10:39 . 2009-11-08 08:55 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2012-03-29 10:39 . 2009-11-08 08:55 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2012-03-29 10:39 . 2009-11-08 08:55 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-03-29 10:39 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-03-29 10:39 . 2009-11-08 08:55 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-03-29 10:15 . 2012-03-29 10:15 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2012-03-29 10:14 . 2012-03-29 10:14 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2012-03-29 10:14 . 2012-03-29 10:14 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2012-03-29 10:14 . 2012-03-29 10:14 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2012-03-29 10:14 . 2012-03-29 10:14 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2012-03-29 10:14 . 2012-03-29 10:14 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
2012-03-29 10:14 . 2012-03-29 10:14 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2012-03-29 10:14 . 2012-03-29 10:14 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2012-03-29 10:13 . 2012-03-29 10:13 -------- d-----w- c:\programdata\Symantec
2012-03-29 10:10 . 2009-09-10 02:05 103424 ----a-w- c:\windows\system32\UIAnimation.dll
2012-03-29 10:10 . 2009-09-10 02:00 92672 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2012-03-29 10:09 . 2009-09-10 02:07 3815424 ----a-w- c:\windows\system32\UIRibbon.dll
2012-03-29 10:09 . 2009-09-10 02:06 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2012-03-29 10:09 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2012-03-29 10:09 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2012-03-28 14:02 . 2012-03-28 14:02 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-03-28 13:41 . 2011-09-20 21:06 1426304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-28 13:41 . 2012-02-02 15:34 2765824 ----a-w- c:\windows\system32\win32k.sys
2012-03-28 13:41 . 2012-02-14 16:49 196096 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-28 13:41 . 2012-02-13 14:38 2002944 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-28 13:41 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-03-28 13:41 . 2012-02-13 14:06 834048 ----a-w- c:\windows\system32\d2d1.dll
2012-03-28 13:41 . 2012-02-13 13:47 683008 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-03-28 13:41 . 2012-02-14 16:49 327680 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-28 13:41 . 2012-02-14 15:45 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-03-28 13:41 . 2012-02-14 15:45 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-03-28 13:41 . 2012-02-13 14:03 1555968 ----a-w- c:\windows\system32\DWrite.dll
2012-03-28 13:41 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-28 13:39 . 2011-11-08 14:58 2048 ----a-w- c:\windows\system32\tzres.dll
2012-03-28 13:39 . 2011-11-08 14:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-03-28 13:38 . 2011-11-18 20:55 1585152 ----a-w- c:\windows\system32\ntdll.dll
2012-03-28 13:38 . 2011-11-18 20:55 1167984 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-03-28 13:38 . 2011-08-25 16:20 735744 ----a-w- c:\windows\system32\UIAutomationCore.dll
2012-03-28 13:38 . 2011-08-25 16:15 555520 ----a-w- c:\windows\SysWow64\UIAutomationCore.dll
2012-03-28 13:38 . 2011-08-25 13:54 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2012-03-28 13:38 . 2011-08-25 13:31 4096 ----a-w- c:\windows\SysWow64\oleaccrc.dll
2012-03-28 13:38 . 2011-08-25 16:19 332288 ----a-w- c:\windows\system32\oleacc.dll
2012-03-28 13:38 . 2011-08-25 16:14 563712 ----a-w- c:\windows\SysWow64\oleaut32.dll
2012-03-28 13:38 . 2011-08-25 16:14 238080 ----a-w- c:\windows\SysWow64\oleacc.dll
2012-03-28 13:38 . 2011-08-25 16:19 847360 ----a-w- c:\windows\system32\oleaut32.dll
2012-03-28 13:34 . 2009-11-03 22:08 35328 ----a-w- c:\windows\system32\drivers\de-DE\http.sys.mui
2012-03-28 13:33 . 2011-10-14 17:30 559616 ----a-w- c:\windows\system32\EncDec.dll
2012-03-28 13:33 . 2011-10-14 16:02 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2012-03-28 13:33 . 2011-04-21 14:17 695296 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-03-28 13:33 . 2009-06-17 10:37 35328 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-03-28 13:32 . 2011-11-25 16:25 451072 ----a-w- c:\windows\system32\winsrv.dll
2012-03-28 13:32 . 2011-09-30 16:16 893440 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-03-28 13:32 . 2011-09-30 16:16 50688 ----a-w- c:\program files\Windows Mail\wabimp.dll
2012-03-28 13:32 . 2011-09-30 15:57 707584 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2012-03-28 13:32 . 2012-01-03 14:25 404992 ----a-w- c:\windows\system32\drivers\afd.sys
2012-03-28 13:32 . 2010-09-06 18:28 179712 ----a-w- c:\windows\system32\srvsvc.dll
2012-03-28 13:32 . 2010-09-06 18:28 12288 ----a-w- c:\windows\system32\sscore.dll
2012-03-28 13:32 . 2010-09-06 18:27 17920 ----a-w- c:\windows\system32\netevent.dll
2012-03-28 13:32 . 2010-09-06 16:20 9728 ----a-w- c:\windows\SysWow64\sscore.dll
2012-03-28 13:32 . 2010-09-06 16:19 17920 ----a-w- c:\windows\SysWow64\netevent.dll
2012-03-28 13:30 . 2011-11-18 18:07 76800 ----a-w- c:\windows\system32\packager.dll
2012-03-28 13:30 . 2011-11-18 17:47 66560 ----a-w- c:\windows\SysWow64\packager.dll
2012-03-28 13:30 . 2011-07-29 16:08 375808 ----a-w- c:\windows\system32\psisdecd.dll
2012-03-28 13:30 . 2011-07-29 16:01 293376 ----a-w- c:\windows\SysWow64\psisdecd.dll
2012-03-28 13:30 . 2011-07-29 16:01 217088 ----a-w- c:\windows\SysWow64\psisrndr.ax
2012-03-28 13:30 . 2011-07-29 16:08 289792 ----a-w- c:\windows\system32\psisrndr.ax
2012-03-28 13:30 . 2011-07-29 16:06 73216 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-03-28 13:30 . 2011-07-29 16:06 100352 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-03-28 13:30 . 2011-07-29 16:00 57856 ----a-w- c:\windows\SysWow64\MSDvbNP.ax
2012-03-28 13:30 . 2011-07-29 16:00 69632 ----a-w- c:\windows\SysWow64\Mpeg2Data.ax
2012-03-28 12:22 . 2012-01-09 16:16 708096 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-28 12:22 . 2012-01-09 15:54 613376 ----a-w- c:\windows\SysWow64\rdpencom.dll
2012-03-28 12:22 . 2012-01-09 14:27 209920 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-27 21:10 . 2012-03-27 21:09 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2012-03-27 21:10 . 2012-03-27 21:10 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-03-27 19:35 . 2012-03-28 21:06 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-03-27 19:32 . 2012-03-27 19:32 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2012-03-27 19:26 . 2012-03-27 19:26 -------- d-----w- c:\windows\SysWow64\spool
2012-03-27 18:57 . 2010-02-24 09:26 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-27 18:56 . 2010-02-20 23:15 32768 ----a-w- c:\windows\system32\nshhttp.dll
2012-03-27 18:56 . 2010-02-20 23:06 24064 ----a-w- c:\windows\SysWow64\nshhttp.dll
2012-03-27 18:56 . 2010-02-20 23:14 33792 ----a-w- c:\windows\system32\httpapi.dll
2012-03-27 18:56 . 2010-02-20 21:30 620032 ----a-w- c:\windows\system32\drivers\http.sys
2012-03-27 18:56 . 2010-02-20 23:05 30720 ----a-w- c:\windows\SysWow64\httpapi.dll
2012-03-27 18:48 . 2010-01-21 15:37 72192 ----a-w- c:\windows\system32\l3codeca.acm
2012-03-27 18:48 . 2010-01-21 15:05 62464 ----a-w- c:\windows\SysWow64\l3codeca.acm
2012-03-27 18:48 . 2009-04-11 07:09 181760 ----a-w- c:\windows\system32\l3codecp.acm
2012-03-27 18:48 . 2009-04-11 06:27 220672 ----a-w- c:\windows\SysWow64\l3codecp.acm
2012-03-27 18:48 . 2009-09-04 11:54 82944 ----a-w- c:\windows\system32\msasn1.dll
2012-03-27 18:48 . 2009-09-04 11:41 60928 ----a-w- c:\windows\SysWow64\msasn1.dll
2012-03-27 18:46 . 2009-08-14 16:04 143360 ----a-w- c:\windows\system32\netiohlp.dll
2012-03-27 18:45 . 2010-12-28 16:08 466944 ----a-w- c:\windows\system32\odbc32.dll
2012-03-27 18:44 . 2009-08-10 12:47 441856 ----a-w- c:\windows\system32\WSDApi.dll
2012-03-27 18:42 . 2011-03-02 16:12 117760 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-03-27 18:42 . 2009-05-04 10:21 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2012-03-27 18:42 . 2009-05-04 09:59 25088 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2012-03-27 18:18 . 2012-03-27 18:18 -------- d-----w- c:\users\UpdatusUser
2012-03-27 18:18 . 2012-03-27 18:18 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-03-27 18:17 . 2012-02-29 20:59 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-03-27 18:16 . 2012-03-27 18:16 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-03-27 18:10 . 2012-03-27 18:10 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-03-27 18:10 . 2012-03-27 18:10 -------- d-----w- c:\programdata\Ask
2012-03-27 18:10 . 2012-03-27 18:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-27 18:10 . 2012-03-27 18:10 -------- d-----w- c:\program files (x86)\Java
2012-03-27 17:49 . 2012-03-27 17:51 -------- d-----w- c:\windows\SysWow64\ca-ES
2012-03-27 17:49 . 2012-03-27 17:51 -------- d-----w- c:\windows\SysWow64\eu-ES
2012-03-27 17:49 . 2012-03-27 17:51 -------- d-----w- c:\windows\SysWow64\vi-VN
2012-03-27 17:49 . 2012-03-27 17:50 -------- d-----w- c:\windows\system32\ca-ES
2012-03-27 17:49 . 2012-03-27 17:50 -------- d-----w- c:\windows\system32\eu-ES
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-01 00:02 . 2009-02-19 03:40 17642816 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-03-01 00:02 . 2009-02-19 03:40 2660160 ----a-w- c:\windows\system32\nvapi64.dll
2012-03-01 00:02 . 2008-12-16 07:02 2301248 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-03-01 00:02 . 2008-12-16 07:02 15009600 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-02-29 21:00 . 2009-02-19 03:40 3089728 ----a-w- c:\windows\system32\nvsvc64.dll
2012-02-29 21:00 . 2008-12-16 07:02 6074176 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-29 20:59 . 2009-02-19 03:40 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-02-29 20:59 . 2009-02-19 03:40 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-29 20:59 . 2008-12-16 07:02 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-02-29 11:26 . 2012-02-29 11:26 416064 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-07 159744]
"ADSMTray"="c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"DirectConsole2"="c:\program files (x86)\ASUS\Direct Console\Direct Console.exe" [2009-04-08 2861624]
"Turbo Gear Help"="c:\program files\ASUS\Turbo Gear\GearHelp.exe" [2008-10-01 1025536]
"Turbo Gear"="c:\program files\ASUS\Turbo Gear\TurboGear.exe" [2008-10-14 2987008]
"PowerForPhone"="c:\program files (x86)\P4P\P4P.exe" [2008-01-26 778240]
"ChkMail"="c:\program files\ChkMail\ChkMail\ChkMail.exe" [2007-07-14 741376]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2008-10-01 1126400]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-08-26 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-26 47672]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-30 1026088]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - BHDrvx64
*Deregistered* - ccHP
*Deregistered* - NAVENG
*Deregistered* - NAVEX15
*Deregistered* - SRTSPX
*Deregistered* - SymEvent
*Deregistered* - SymIM
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-04-28 7731232]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-20 1833504]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1216808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zqxwvkaf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3437982719-567605747-1198494745-1000\Software\SecuROM\License information*]
"datasecu"=hex:14,d9,82,63,00,b1,b5,b6,e7,68,91,6e,97,8b,be,62,b9,9a,9d,1d,d1,
9c,a0,55,c5,52,86,74,e9,cd,e9,08,77,0b,99,62,9c,a8,d6,ac,7c,28,98,ba,7a,f7,\
"rkeysecu"=hex:3a,09,47,c0,27,28,76,c8,8c,c5,80,50,49,cc,e8,d7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
Zeit der Fertigstellung: 2012-03-30 14:28:12
ComboFix-quarantined-files.txt 2012-03-30 12:28
.
Vor Suchlauf: 8 Verzeichnis(se), 236.603.019.264 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 237.026.119.680 Bytes frei
.
- - End Of File - - 1690496D4615BECD1BB5C1ACB301F9C2
|
|
30.03.2012, 14:31
| #8 |
| /// Malware-holic | Trojaner / Virus ? bis her passt alles, malware technisch scheints io zu sein. lade den CCleaner standard: CCleaner Download - CCleaner 3.17.1689 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
30.03.2012, 14:42
| #9 |
| | Trojaner / Virus ? Also bei ganz vielen Programmen denke ich die gehören zum System, bei denen wo ich mir nicht sicher bin, habe ich unbekannt hin geschrieben. 2007 Microsoft Office system Microsoft Corporation 25.08.2009 1.022MB 12.0.4518.1014 Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 25.08.2009 14,0MB Adobe Flash Player 11 Plugin Adobe Systems Incorporated 26.03.2012 11.1.102.63 Adobe Reader 9.0.1 - Deutsch Adobe Systems Incorporated 26.03.2012 232MB 9.0.1 ASUS CopyProtect ASUS 24.08.2009 3,47MB 1.0.0012 ASUS Data Security Manager ASUS 24.08.2009 15,0MB 1.00.0011 ASUS LifeFrame3 ASUS 24.08.2009 27,7MB 3.0.19 ASUS Live Update ASUS 25.08.2009 0,43MB 2.5.7 ASUS MultiFrame 25.08.2009 2,36MB 1.0.0018 ASUS SmartLogon ASUS 24.08.2009 10,9MB 1.0.0005 ASUS Splendid Video Enhancement Technology ASUS 24.08.2009 25,0MB 1.02.0025 ASUS Turbo Gear Enhanced VGA Driver ASUSTeK Computer Inc. 25.08.2009 0,27MB 0.0.0.18 ASUS Virtual Camera asus 24.08.2009 2,88MB 1.0.14 Asus_Camera_ScreenSaver ASUS 25.08.2009 2.0.0008 Atheros Client Installation Program Atheros 24.08.2009 1,29MB 7.0 Unbekannt ATK Generic Function Service ATK 24.08.2009 0,45MB 1.00.0008 ATK Hotkey ASUS 24.08.2009 5,80MB 1.0.0049 ATK Media ASUS 24.08.2009 0,18MB 2.0.0004 ATKOSD2 ASUS 24.08.2009 7,99MB 7.0.0003 Battlefield 3™ Electronic Arts 26.03.2012 16.034MB 1.0.0.0 benötigt Battlelog Web Plugins EA Digital Illusions CE AB 26.03.2012 11,3MB 1.118.0 benötigt CCleaner Piriform 29.03.2012 8,94MB 3.17 ChkMail ChkMail 24.08.2009 0,71MB 2.0.0.16 Unbekannt Cisco EAP-FAST Module Cisco Systems, Inc. 24.08.2009 1,56MB 2.2.10 Unbekannt Cisco LEAP Module Cisco Systems, Inc. 24.08.2009 0,62MB 1.0.16 Unbekannt Cisco PEAP Module Cisco Systems, Inc. 24.08.2009 1,24MB 1.1.3 Unbekannt CyberLink LabelPrint CyberLink Corp. 24.08.2009 88,4MB 2.5.1720 CyberLink Power2Go CyberLink Corp. 24.08.2009 108,4MB 6.1.2713 Die Sims™ 3 Electronic Arts 26.03.2012 6.721MB 1.33.2 benötigt Die Sims™ 3 Luxus-Accessoires Electronic Arts 27.03.2012 270MB 3.13.1 benötigt Direct Console 2.0 ASUS 24.08.2009 9,53MB 2.0.7 ESN Sonar ESN Social Software AB 26.03.2012 2,38MB 0.70.4 Unbekannt Express Gate DeviceVM, Inc. 24.08.2009 366MB 1.1.9.2 Unbekannt Java(TM) 6 Update 31 Oracle 26.03.2012 95,1MB 6.0.310 Malwarebytes Anti-Malware Version 1.60.1.1000 Malwarebytes Corporation 28.03.2012 11,5MB 1.60.1.1000 McAfee Security Scan Plus McAfee, Inc. 26.03.2012 2,33MB 2.0.181.2 Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 28.03.2012 42,1MB Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 28.03.2012 42,1MB Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 26.03.2012 0,58MB 9.0.30729 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 26.03.2012 13,8MB 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 26.03.2012 11,1MB 10.0.40219 Microsoft WSE 3.0 Runtime Microsoft Corp. 26.03.2012 0,92MB 3.0.5305.0 Mozilla Firefox 11.0 (x86 de) Mozilla 26.03.2012 36,0MB 11.0 NB Probe 25.08.2009 2,75MB Unbekannt NVIDIA 3D Vision Treiber 296.10 NVIDIA Corporation 26.03.2012 23,6MB 296.10 NVIDIA Grafiktreiber 296.10 NVIDIA Corporation 26.03.2012 165,3MB 296.10 NVIDIA PhysX-Systemsoftware 9.12.0213 NVIDIA Corporation 26.03.2012 90,6MB 9.12.0213 NVIDIA Update 1.7.11 NVIDIA Corporation 26.03.2012 1,00MB 1.7.11 Origin Electronic Arts, Inc. 26.03.2012 117,1MB 8.5.0.4554 Unbekannt P4P P4P 24.08.2009 0,75MB 1.0.0.17 Unbekannt PunkBuster Services Even Balance, Inc. 26.03.2012 0.991 Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek 24.08.2009 1,49MB 1.00.0000 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 24.08.2009 11,1MB 6.0.1.5836 RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 25.08.2009 2,11MB 3.55.01 Synaptics Pointing Device Driver Synaptics 25.08.2009 14,2MB 10.1.8.0 TuneUp Utilities 2012 TuneUp Software 26.03.2012 82,2MB 12.0.3010.1 benötigt Turbo Gear Extreme 25.08.2009 1,27MB 1.00.22 USB 2.0 UVC 2.0M WebCam 25.08.2009 WIDCOMM Bluetooth Software Broadcom Corporation 24.08.2009 50,1MB 5.2.0.800 WinFlash 25.08.2009 1,37MB Unbekannt Wireless Console 2 ATK 24.08.2009 2.0.10 |
|
30.03.2012, 15:02
| #10 |
| /// Malware-holic | Trojaner / Virus ? wo ist die beschriftung. ich will dass du die programme, aus deiner sicht, in nötig, unnötig und unbekannt unterteilst.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
30.03.2012, 15:25
| #11 |
| | Trojaner / Virus ? Also bei vielen sachen, weiß ich nicht was das ist.. 2007 Microsoft Office system Microsoft Corporation 25.08.2009 1.022MB 12.0.4518.1014 nötig Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 25.08.2009 14,0MB nötig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 26.03.2012 11.1.102.63 nötig Adobe Reader 9.0.1 - Deutsch Adobe Systems Incorporated 26.03.2012 232MB 9.0.1 nötig ASUS CopyProtect ASUS 24.08.2009 3,47MB 1.0.0012 unbekannt ASUS Data Security Manager ASUS 24.08.2009 15,0MB 1.00.0011 unbekannt ASUS LifeFrame3 ASUS 24.08.2009 27,7MB 3.0.19 unnötig ASUS Live Update ASUS 25.08.2009 0,43MB 2.5.7 nötig ASUS MultiFrame 25.08.2009 2,36MB 1.0.0018 unbekannt ASUS SmartLogon ASUS 24.08.2009 10,9MB 1.0.0005 unbekannt ASUS Splendid Video Enhancement Technology ASUS 24.08.2009 25,0MB 1.02.0025 unbekannt ASUS Turbo Gear Enhanced VGA Driver ASUSTeK Computer Inc. 25.08.2009 0,27MB 0.0.0.18 unbekannt ASUS Virtual Camera asus 24.08.2009 2,88MB 1.0.14 unbekannt Asus_Camera_ScreenSaver ASUS 25.08.2009 2.0.0008 unbekannt Atheros Client Installation Program Atheros 24.08.2009 1,29MB 7.0 Unbekannt ATK Generic Function Service ATK 24.08.2009 0,45MB 1.00.0008 unbekannt ATK Hotkey ASUS 24.08.2009 5,80MB 1.0.0049 unbekannt ATK Media ASUS 24.08.2009 0,18MB 2.0.0004 unbekannt ATKOSD2 ASUS 24.08.2009 7,99MB 7.0.0003 unbekannt Battlefield 3™ Electronic Arts 26.03.2012 16.034MB 1.0.0.0 nötig Battlelog Web Plugins EA Digital Illusions CE AB 26.03.2012 11,3MB 1.118.0 nötig CCleaner Piriform 29.03.2012 8,94MB 3.17 nötig ChkMail ChkMail 24.08.2009 0,71MB 2.0.0.16 Unbekannt Cisco EAP-FAST Module Cisco Systems, Inc. 24.08.2009 1,56MB 2.2.10 Unbekannt Cisco LEAP Module Cisco Systems, Inc. 24.08.2009 0,62MB 1.0.16 Unbekannt Cisco PEAP Module Cisco Systems, Inc. 24.08.2009 1,24MB 1.1.3 Unbekannt CyberLink LabelPrint CyberLink Corp. 24.08.2009 88,4MB 2.5.1720 Unbekannt CyberLink Power2Go CyberLink Corp. 24.08.2009 108,4MB 6.1.2713 Unbekannt Die Sims™ 3 Electronic Arts 26.03.2012 6.721MB 1.33.2 nötig Die Sims™ 3 Luxus-Accessoires Electronic Arts 27.03.2012 270MB 3.13.1 nötig Direct Console 2.0 ASUS 24.08.2009 9,53MB 2.0.7 unbekannt ESN Sonar ESN Social Software AB 26.03.2012 2,38MB 0.70.4 Unbekannt Express Gate DeviceVM, Inc. 24.08.2009 366MB 1.1.9.2 Unbekannt Java(TM) 6 Update 31 Oracle 26.03.2012 95,1MB 6.0.310 nötig Malwarebytes Anti-Malware Version 1.60.1.1000 Malwarebytes Corporation 28.03.2012 11,5MB 1.60.1.1000 nötig McAfee Security Scan Plus McAfee, Inc. 26.03.2012 2,33MB 2.0.181.2 nötig Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft unbekannt Corporation 28.03.2012 42,1MB Unbekannt Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 28.03.2012 42,1MB Unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Unbekannt Corporation 26.03.2012 0,58MB 9.0.30729 Unbekannt Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 26.03.2012 13,8MB 10.0.40219 Unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 26.03.2012 11,1MB 10.0.40219 Unbekannt Microsoft WSE 3.0 Runtime Microsoft Corp. 26.03.2012 0,92MB 3.0.5305.0 Unbekannt Mozilla Firefox 11.0 (x86 de) Mozilla 26.03.2012 36,0MB 11.0 nötig NB Probe 25.08.2009 2,75MB Unbekannt NVIDIA 3D Vision Treiber 296.10 NVIDIA Corporation 26.03.2012 23,6MB 296.10 nötig NVIDIA Grafiktreiber 296.10 NVIDIA Corporation 26.03.2012 165,3MB 296.10 nötig NVIDIA PhysX-Systemsoftware 9.12.0213 NVIDIA Corporation 26.03.2012 90,6MB 9.12.0213 nötig NVIDIA Update 1.7.11 NVIDIA Corporation 26.03.2012 1,00MB 1.7.11 nötig Origin Electronic Arts, Inc. 26.03.2012 117,1MB 8.5.0.4554 nötig P4P P4P 24.08.2009 0,75MB 1.0.0.17 Unbekannt PunkBuster Services Even Balance, Inc. 26.03.2012 0.991 nötig Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek 24.08.2009 1,49MB 1.00.0000 Unbekannt Realtek High Definition Audio Driver Realtek Semiconductor Corp. 24.08.2009 11,1MB 6.0.1.5836 Unbekannt RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 25.08.2009 2,11MB 3.55.01 Unbekannt Synaptics Pointing Device Driver Synaptics 25.08.2009 14,2MB 10.1.8.0 Unbekannt TuneUp Utilities 2012 TuneUp Software 26.03.2012 82,2MB 12.0.3010.1 benötigt Turbo Gear Extreme 25.08.2009 1,27MB 1.00.22 Unbekannt USB 2.0 UVC 2.0M WebCam 25.08.2009 nötig WIDCOMM Bluetooth Software Broadcom Corporation 24.08.2009 50,1MB 5.2.0.800 Unbekannt WinFlash 25.08.2009 1,37MB Unbekannt Wireless Console 2 ATK 24.08.2009 2.0.10 Unbekannt |
|
30.03.2012, 18:23
| #12 |
| /// Malware-holic | Trojaner / Virus ? deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: ChkMail CyberLink : beide ESN TuneUp : weg damit, solche software bringt nichts und kann dem system schaden öffne den ccleaner, analysieren, ccleaner starten. öffne start ausführen, tippe: msconfig enter systemstart. überall haken raus, außer windows defender. ok klicken pc startet neu. falls was wichtiges fehlt, können wirs nachträglich wieder anhaken. gibts ne besserung?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
30.03.2012, 22:47
| #13 |
| | Trojaner / Virus ? Anweisungen Befolgt.. Aber immer noch nach 10 minuten spielen ne zeit lang ruckler.. Wird dann an irgendwas anderem liegen, aber anscheinend nicht an viren oder so.. Dennoch vielen Dank !!! Werde mir warscheinlich dann bald n neuen PC holen.. |
|
| Themen zu Trojaner / Virus ? |
| beim spielen, einiger, grosse, häufiger, kaputt, langsam, laptop, probleme, schaun, spiele, spielen, troja, trojaner, virus, virus ? |
Linear-Darstellung
