Spyware die ieav.exe von ieantiavdownload.com runterladen will

balu@work · 24.06.2008, 22:38

Hallo also ich habe folgendes Problem. ich mache nen doppelklick auf meinen Arbeitsplatz oder auf Programme oder so und ich kriege die Meldung das ich einen gefährlichen Virus auf meinem Computer habe. Ich hab da 2 Auswahlmöglichkeiten bei Ok lande ich auf ner HP wo ich mir das Programm IE Antivir runterladen kann und bei abrechen macht er einfach die fenster auf.Dann habe ich das Programm Kaspersky Internet Security 2009 (30 Tage Testversion) drüberlaufen lassen und danach Ad-Aware 2008. letzteres fand auch malware. habe diese dann entfernt trotzdem kommt folgendes Proplem wieder.

Habe HijackThis durch laufen lassen
kann damit nichts anfangen wer kann mir helfen.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:27:01, on 24.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Progarmme\Kasper Internet Security\avp.exe
C:\Programme\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
D:\Progarmme\Kasper Internet Security\avp.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programme\DT\Speedport W 100 Stick\Wifiusb.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Programme\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\System32\alg.exe
D:\PROGAR~1\MOZILL~1\FIREFOX.EXE
D:\Progarmme\Ad-Aware\aawservice.exe
D:\Progarmme\Ad-Aware\Ad-Aware.exe
D:\Progarmme\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {034A5928-49ED-4FB1-89FE-9991C680DECF} - C:\WINDOWS\system32\opnnKdcY.dll (file missing)
O2 - BHO: BHO toolbar - {2FF811E6-8925-4084-A649-C159955E67E8} - C:\WINDOWS\system32\opus32.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Progarmme\Kasper Internet Security\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Microsoft.SupportCenter 0 - {7FFBBA7A-4237-40A2-9FF0-E600A34AA000} - C:\Dokumente und Einstellungen\****\Anwendungsdaten\Microsoft\HelpCenter\Windows-QEUB.SCenter (file missing)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O4 - HKLM\..\Run: [RaidTool] C:\Programme\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [20eb0464] rundll32.exe "C:\WINDOWS\system32\obkhlwhx.dll",b
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Programme\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [AVP] "D:\Progarmme\Kasper Internet Security\avp.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [UpdateStar] C:\Dokumente und Einstellungen\****\Anwendungsdaten\UpdateStar\UpdateStar.exe -A
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Speedport W 100 Stick WLAN Manager.lnk = C:\Programme\DT\Speedport W 100 Stick\Wifiusb.exe
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - D:\Progarmme\Kasper Internet Security\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Progarmme\Kasper Internet Security\SCIEPlgn.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://h**p://***.update.microsoft.c...?1195913100670
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: D:\PROGAR~1\KASPER~1\mzvkbd.dll,D:\PROGAR~1\KASPER~1\adialhk.dll,D:\PROGAR~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: gebbyvu - gebbyvu.dll (file missing)
O20 - Winlogon Notify: lbbmpsrd - lbbmpsrd.dll (file missing)
O20 - Winlogon Notify: ssqQjIBr - ssqQjIBr.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Progarmme\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - D:\Progarmme\Kasper Internet Security\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\system32\windows (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 7417 bytes

Fals ich was vergessen habe tut es mir leid reiche es dann nach danke schonmal

BataAlexander · 24.06.2008, 23:28

Bitte lasse Malwarebytes laufen und poste das Logfile dann hier.

balu@work · 25.06.2008, 10:05

ich werde es durchlaufen lassen melde mich dann

BataAlexander · 25.06.2008, 10:10

Wenn Du Malwarebytes anklickst, öffnet sich eine Seite mit einer Anleitung für das Programm.

balu@work · 25.06.2008, 11:05

Malwarebytes' Anti-Malware 1.18
Datenbank Version: 889

12:04:07 25.06.2008
mbam-log-6-25-2008 (12-04-02).txt

Scan Art: Komplett Scan (C:\|D:\|)
Objekte gescannt: 138410
Scan Dauer: 53 minute(s), 6 second(s)

Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 1
Infizierte Registrierungsschlüssel: 16
Infizierte Registrierungswerte: 3
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 6
Infizierte Dateien: 15

Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)

Infizierte Speicher Module:
C:\WINDOWS\system32\opus32.dll (Trojan.FakeAlert) -> No action taken.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{2ff811e6-8925-4084-a649-c159955e67e8} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2ff811e6-8925-4084-a649-c159955e67e8} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f5d55a23-dba5-4055-a53d-550462125bde} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\bhonew.bhoapp (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\bhonew.bhoapp.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{15c7d7ad-a87a-4c0d-9d8b-637fcd3488ef} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSControlService (Rootkit.Agent) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4ad56e6f-7074-41ee-8a40-583c2c76efcd} (Rogue.PCSuperCharger) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{f5d55a23-dba5-4055-a53d-550462125bde} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\20eb0464 (Trojan.Vundo) -> No action taken.

Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\MySearch (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\Settings (Adware.MyWebSearch) -> No action taken.

Infizierte Dateien:
C:\WINDOWS\system32\lbbmpsrd.dllbox (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\opus32.dll (Trojan.FakeAlert) -> No action taken.
C:\Dokumente und Einstellungen\****\Desktop\Downloads\qip8050.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{38D703EB-5948-40A3-8E48-949F86676FFE}\RP279\A0085863.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\nada16.dll (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\opus64.dll (Trojan.FakeAlert) -> No action taken.
C:\Programme\MySearch\bar\1.bin\MYSEARCHPLUGINPROXY.CLASS (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\1.bin\PARTNER.BMP (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\1.bin\PARTNER.DAT (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\1.bin\UNINSTALL.INF (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\Cache\001F4F80 (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\Cache\001F529D.bmp (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\Cache\001F551E.bmp (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
C:\Programme\MySearch\bar\History\search (Adware.MyWebSearch) -> No action taken.

BataAlexander · 25.06.2008, 14:33

Gehe wiefolgt vor

Bitte öffne Deine HijackThis nochmal und scanne. Check die klickboxen neben den Einträgen die untenstehend gelistet sind.

O2 - BHO: (no name) - {034A5928-49ED-4FB1-89FE-9991C680DECF} - C:\WINDOWS\system32\opnnKdcY.dll (file missing)
O4 - HKLM\..\Run: [20eb0464] rundll32.exe "C:\WINDOWS\system32\obkhlwhx.dll",b
O20 - Winlogon Notify: gebbyvu - gebbyvu.dll (file missing)
O20 - Winlogon Notify: ssqQjIBr - ssqQjIBr.dll (file missing)

(file missing)dann Klicke Fix Checked. Schließe HiJackThis.

Filelist

1. Lade das filelist.zip auf deinen Desktop herunter.
2. Entpacke die Zip-Datei auf deinen Desktop (mit einem Packprogramm), öffne die nun auf deinem Destop vorhandene filelist.bat mit einem Doppelklick auf die Datei
3. Dein Editor (Textverarbeitungsprogramm) wird sich öffnen
4. Markiere von diesem Inhalt aus jedem Verzeichnis jeweils die letzten 30 Tage, wähle kopieren, füge diese Dateien in deinem nächsten Beitrag ein.

Dies sind die Verzeichnisse von denen wir jeweils die letzten 30 Tage sehen wollen:
Verzeichnis von C:\
Verzeichnis von C:\WINDOWS\system32
Verzeichnis von C:\WINDOWS
Verzeichnis von C:\WINDOWS\Prefetch (Windows XP)
Verzeichnis von C:\WINDOWS\tasks
Verzeichnis von C:\WINDOWS\Temp
Verzeichnis von C:\DOCUME~1\Name\LOCALS~1\Temp
Credits to Karl83 / KarlKarl

Ist die Datei zu groß, lade sie bei File-Upload.net - Ihr kostenloser File Hoster! hoch und poste den Link.

Und erstelle bitte eine neues HijackThis Logfile.

balu@work · 25.06.2008, 15:05

so habe alles gemacht hier ist der link:
File-Upload.net - Windows.txt

und der neue log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:06:55, on 25.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Progarmme\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\VIA\RAID\raid_tool.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programme\DT\Speedport W 100 Stick\Wifiusb.exe
C:\Programme\Stardock\ObjectDock\ObjectDock.exe
D:\PROGAR~1\MOZILL~1\FIREFOX.EXE
C:\Programme\qip\infium.exe
D:\Progarmme\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Progarmme\Kasper Internet Security\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Microsoft.SupportCenter 0 - {7FFBBA7A-4237-40A2-9FF0-E600A34AA000} - C:\Dokumente und Einstellungen\Böhm\Anwendungsdaten\Microsoft\HelpCenter\Windows-QEUB.SCenter (file missing)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O4 - HKLM\..\Run: [RaidTool] C:\Programme\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Programme\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [AVP] "D:\Progarmme\Kasper Internet Security\avp.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware Reboot] "D:\Progarmme\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [UpdateStar] C:\Dokumente und Einstellungen\Böhm\Anwendungsdaten\UpdateStar\UpdateStar.exe -A
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Speedport W 100 Stick WLAN Manager.lnk = C:\Programme\DT\Speedport W 100 Stick\Wifiusb.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Progarmme\Kasper Internet Security\SCIEPlgn.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://h***p://w*w.update.microsoft....?1195913100670
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: D:\PROGAR~1\KASPER~1\mzvkbd.dll,D:\PROGAR~1\KASPER~1\adialhk.dll,D:\PROGAR~1\KASPER~1\kloehk.dll,
O20 - Winlogon Notify: lbbmpsrd - lbbmpsrd.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Progarmme\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - D:\Progarmme\Kasper Internet Security\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 6491 bytes

hoffe habe alles richtig gemacht

BataAlexander · 26.06.2008, 19:20

Zwischenzeitlich hast Du den Rechner bestimmt schon mal neu gebootet?
Mit Deinem Filelist hab ich Probleme ich kann es nicht öffnen, kannst Du es noch mal hochladen?

balu@work · 26.06.2008, 19:28

mmmhhh booten weiß nicht mal genau was das nun ist, nen bisschen ahnung habe ich aber das weiß ich nicht!!und ja kann den nochmal hochladen

texte den einfach mal hierrein..
Teil 1
Verzeichnis von C:\

10.10.16510 01:03 268 sqmdata12.sqm
10.10.16510 01:03 244 sqmnoopt12.sqm
25.01.7608 16:55 268 sqmdata01.sqm
25.01.7608 16:55 244 sqmnoopt01.sqm
01.12.2008 20:23 268 sqmdata04.sqm
01.12.2008 20:23 244 sqmnoopt04.sqm
01.12.2008 14:34 268 sqmdata03.sqm
01.12.2008 14:34 244 sqmnoopt03.sqm
25.06.2008 11:01 805.306.368 pagefile.sys
13.06.2008 21:14 268 sqmdata14.sqm
13.06.2008 21:14 244 sqmnoopt14.sqm
13.06.2008 18:27 244 sqmnoopt13.sqm
13.06.2008 18:27 268 sqmdata13.sqm
13.06.2008 15:08 244 sqmnoopt09.sqm
13.06.2008 15:08 268 sqmdata09.sqm
13.06.2008 12:58 244 sqmnoopt08.sqm
13.06.2008 12:58 268 sqmdata08.sqm
12.06.2008 20:32 268 sqmdata06.sqm
12.06.2008 20:32 244 sqmnoopt06.sqm
12.06.2008 19:52 268 sqmdata05.sqm
12.06.2008 19:52 244 sqmnoopt05.sqm
12.06.2008 14:55 244 sqmnoopt00.sqm
12.06.2008 14:55 268 sqmdata00.sqm
12.06.2008 14:41 268 sqmdata07.sqm
12.06.2008 14:41 244 sqmnoopt07.sqm
12.06.2008 10:01 268 sqmdata11.sqm
12.06.2008 10:01 244 sqmnoopt11.sqm
12.06.2008 08:02 268 sqmdata10.sqm
12.06.2008 08:02 244 sqmnoopt10.sqm
11.06.2008 19:15 244 sqmnoopt02.sqm
11.06.2008 19:15 268 sqmdata02.sqm
11.06.2008 12:36 268 sqmdata19.sqm
11.06.2008 12:36 244 sqmnoopt19.sqm
10.06.2008 09:59 244 sqmnoopt18.sqm
10.06.2008 09:59 268 sqmdata18.sqm
09.06.2008 17:27 268 sqmdata17.sqm
09.06.2008 17:27 244 sqmnoopt17.sqm
09.06.2008 14:19 268 sqmdata16.sqm
09.06.2008 14:19 244 sqmnoopt16.sqm
09.06.2008 10:09 268 sqmdata15.sqm
09.06.2008 10:09 244 sqmnoopt15.sqm

Verzeichnis von C:\WINDOWS\system32

25.06.2008 15:49 19.456 opus32.dll
23.06.2008 12:38 13.002 wpa.dbl
20.06.2008 11:53 413.696 wrap_oal.dll
20.06.2008 11:53 110.592 OpenAL32.dll
16.06.2008 20:27 103.736 PnkBstrB.exe
16.06.2008 20:26 66.872 PnkBstrA.exe
06.06.2008 12:05 263.824 FNTCACHE.DAT
05.06.2008 16:57 409.368 perfh009.dat
05.06.2008 16:57 64.508 perfc009.dat
05.06.2008 16:57 425.458 perfh007.dat
05.06.2008 16:57 78.114 perfc007.dat
05.06.2008 16:57 989.500 PerfStringBackup.INI
30.05.2008 12:53 107.888 CmdLineExt.dll
30.05.2008 01:35 17.486.968 MRT.exe
23.05.2008 00:20 200.704 ssldivx.dll
23.05.2008 00:20 1.044.480 libdivx.dll

Verzeichnis von C:\WINDOWS

28.11.3407 11:33 20.290 KB896428.log
28.11.3407 11:33 291.372 msxml4-KB936181-enu.LOG
28.11.3407 11:32 20.596 KB935839.log
28.11.3407 11:32 22.910 KB894391.log
28.11.3407 11:32 18.452 KB908519.log
28.11.3407 11:32 13.596 KB920683.log
28.11.3407 11:32 18.292 KB914389.log
28.11.3407 11:32 22.525 KB890859.log
28.11.3407 11:32 15.624 KB928843.log
25.06.2008 15:39 1.160.002 WindowsUpdate.log
25.06.2008 11:02 0 0.log
25.06.2008 11:02 159 wiadebug.log
25.06.2008 11:02 50 wiaservc.log
25.06.2008 11:01 2.048 bootstat.dat
25.06.2008 05:36 32.570 SchedLgU.Txt
25.06.2008 02:12 270 lexstat.ini
25.06.2008 00:06 28.806 wmsetup.log
24.06.2008 19:13 83.066 setupapi.log
24.06.2008 16:29 95 winamp.ini
21.06.2008 08:08 12.384 comsetup.log
21.06.2008 08:08 5.941 iis6.log
21.06.2008 08:08 7.511 ntdtcsetup.log
21.06.2008 08:08 14.154 tsoc.log
21.06.2008 08:08 1.374 imsins.log
21.06.2008 08:08 2.052 ocmsn.log
21.06.2008 08:08 12.092 KB951376-v2.log
21.06.2008 08:08 17.496 ocgen.log
21.06.2008 08:08 1.854 msgsocm.log
21.06.2008 08:08 37.095 FaxSetup.log
20.06.2008 11:55 418.395 Directx.log
19.06.2008 22:57 927 mozver.dat
11.06.2008 23:14 1.374 imsins.BAK
11.06.2008 23:14 16.381 KB951698.log
11.06.2008 23:14 12.252 KB950762.log
11.06.2008 23:14 32.910 KB950759.log
11.06.2008 23:13 2.097 updspapi.log
11.06.2008 23:13 6.868 KB950760.log
11.06.2008 23:13 9.383 KB951376.log
11.06.2008 23:13 0 setuperr.log
11.06.2008 23:13 0 setupact.log
05.06.2008 17:01 0 ativpsrm.bin
05.06.2008 16:44 10 WININIT.INI
30.05.2008 22:54 4.096 d3dx.dat
22.05.2008 17:44 824 eReg.dat

Verzeichnis von C:\WINDOWS\Prefetch

25.06.2008 15:55 12.492 FIND.EXE-0EC32F1E.pf
25.06.2008 15:55 12.422 CMD.EXE-087B4001.pf
25.06.2008 15:54 40.730 WINRAR.EXE-3588DFE8.pf
25.06.2008 15:52 15.972 REGEDIT.EXE-1B606482.pf
25.06.2008 15:50 17.450 NOTEPAD.EXE-336351A9.pf
25.06.2008 15:50 44.650 WMIPRVSE.EXE-28F301A9.pf
25.06.2008 15:50 24.144 HIJACKTHIS.EXE-152801C3.pf
25.06.2008 15:39 26.618 WUAUCLT.EXE-399A8E72.pf
25.06.2008 13:23 51.950 HELPSVC.EXE-2878DDA2.pf
25.06.2008 13:21 38.766 DFRGNTFS.EXE-269967DF.pf
25.06.2008 13:21 16.524 DEFRAG.EXE-273F131E.pf
25.06.2008 13:10 269.640 Layout.ini
25.06.2008 11:28 26.970 INFIUM.EXE-2D083543.pf
25.06.2008 11:10 41.144 MBAM.EXE-21B70EE9.pf
25.06.2008 11:09 17.748 REGSVR32.EXE-25EEFE2F.pf
25.06.2008 11:09 21.814 MBAM-SETUP.TMP-06EEC32E.pf
25.06.2008 11:09 15.564 MBAM-SETUP.EXE-0816CA96.pf
25.06.2008 11:05 75.446 FIREFOX.EXE-2E822426.pf
25.06.2008 11:05 15.678 LAUNCHER.EXE-1FA37B0E.pf
25.06.2008 11:05 18.988 TASKMGR.EXE-20256C55.pf
25.06.2008 11:04 59.000 OBJECTDOCK.EXE-200AFFC9.pf
25.06.2008 11:04 5.046 PCANUSER.EXE-2CD82967.pf
25.06.2008 11:04 39.312 WIFIUSB.EXE-2D82E442.pf
25.06.2008 11:04 57.180 AVP.EXE-081F6180.pf
25.06.2008 11:04 43.040 UPDATESTAR.EXE-1D8F34FD.pf
25.06.2008 11:04 70.614 CCC.EXE-1B087988.pf
25.06.2008 11:03 16.904 ALG.EXE-0F138680.pf
25.06.2008 11:03 18.314 IMAPI.EXE-0BF740A4.pf
25.06.2008 11:03 41.790 DAEMON.EXE-0281E4E0.pf
25.06.2008 11:03 803.992 NTOSBOOT-B00DFAAD.pf
25.06.2008 05:36 17.732 LOGONUI.EXE-0AF22957.pf
25.06.2008 05:23 14.480 THREATWORK.EXE-3190F098.pf
25.06.2008 02:08 14.528 LXBKJSWX.EXE-16A78713.pf
25.06.2008 02:08 17.118 LXBKPSWX.EXE-1C1D8359.pf
25.06.2008 02:00 70.562 WINWORD.EXE-0B995611.pf
25.06.2008 01:21 47.524 AD-AWARE.EXE-05FF932C.pf
25.06.2008 00:55 71.658 FIREFOX.EXE-06285832.pf
25.06.2008 00:49 19.396 MSNMSGR.EXE-3ACF7E89.pf
25.06.2008 00:46 19.646 DRWTSN32.EXE-2B4B52AC.pf
25.06.2008 00:46 38.830 DWWIN.EXE-30875ADC.pf
25.06.2008 00:46 31.474 DUMPREP.EXE-1B46F901.pf
25.06.2008 00:44 40.906 AAWSERVICE.EXE-0C552B8A.pf
25.06.2008 00:42 22.862 AD-WATCH.EXE-1C702533.pf
25.06.2008 00:41 58.868 RUNDLL32.EXE-132B2031.pf
25.06.2008 00:38 20.286 RUNDLL32.EXE-1831A4F3.pf
25.06.2008 00:38 18.386 CONTROL.EXE-013DBFB5.pf
25.06.2008 00:38 8.926 WSCNTFY.EXE-1B24F5EB.pf

Verzeichnis von C:\WINDOWS\tasks

25.06.2008 11:01 6 SA.DAT

Verzeichnis von C:\WINDOWS\temp

25.06.2008 11:02 40.960 rtdrvmon.exe
24.06.2008 23:43 171.966.464 PR345.tmp
24.06.2008 23:37 8.192 cch~aef5e5f7b.htp
24.06.2008 23:37 8.192 cch~aef5e56bc.htp
13.06.2008 15:05 16.384 Perflib_Perfdata_814.dat

balu@work · 26.06.2008, 19:29

Teil 2

Verzeichnis von C:\DOKUME~1\BHM~1\LOKALE~1\Temp

25.06.2008 15:55 111.959 filelist.txt
25.06.2008 15:47 14.782.449 fla32.tmp
25.06.2008 15:24 84.867.583 fla30.tmp
25.06.2008 14:51 100.079.487 fla2D.tmp
25.06.2008 11:28 32.768 ~DF7FA4.tmp
25.06.2008 11:14 40.960 rtdrvmon.exe
25.06.2008 11:06 6.747 jusched.log
24.06.2008 23:37 181.432.266 fla344.tmp
24.06.2008 22:10 53.760 78721c.mst
24.06.2008 19:14 7.018 kl-setup-2008-06-24-19-07-04.log
24.06.2008 19:14 4.290.810 kl-install-2008-06-24-19-07-05.log
24.06.2008 19:13 346.616 caevents.log
24.06.2008 19:11 270 MSI3e580.LOG
24.06.2008 19:10 4.094 kleaner (pid 2348) 2008-06-24 19-10-41.log
24.06.2008 19:10 16.665 kleaner (pid 1040) 2008-06-24 19-10-27.log
24.06.2008 19:10 16.665 kleaner (pid 2428) 2008-06-24 19-10-27.log
24.06.2008 19:08 16.655 kleaner (pid 1040) 2008-06-24 19-08-08.log
24.06.2008 19:08 8.178 kleaner (pid 1040) 2008-06-24 19-08-01.log
24.06.2008 19:07 2.812 tmp80.tmp
24.06.2008 16:28 3.064 e966_appcompat.txt
24.06.2008 16:22 57.224 Standard20.fxV3_Q30_MESH_TWEENED_BLEND_ALPHAFADE_PREMULTIPLYVERTEXALPHA
24.06.2008 16:22 37.144 Standard30.fxV3_Q30_MESH_TWEENED_BLEND_ALPHAFADE_PREMULTIPLYVERTEXALPHA
24.06.2008 16:22 30.896 Glow20.fxV3_Q30_MESH_TWEENED_BLEND_ALPHAFADE_PREMULTIPLYVERTEXALPHA
24.06.2008 16:22 60.252 Standard20.fxV3_Q30_MESH_STANDARD_SPECULAR_ILLUMINATION
24.06.2008 16:22 40.508 Standard30.fxV3_Q30_MESH_STANDARD_SPECULAR_ILLUMINATION
24.06.2008 16:22 60.280 Standard20.fxV3_Q30_MESH_TWEENED_BUMP_ILLUMINATION
24.06.2008 16:22 40.336 Standard30.fxV3_Q30_MESH_TWEENED_BUMP_ILLUMINATION
24.06.2008 16:22 57.436 Standard20.fxV3_Q30_MESH_TWEENED_BLEND_ALPHAFADE_SCROLL
24.06.2008 16:22 37.228 Standard30.fxV3_Q30_MESH_TWEENED_BLEND_ALPHAFADE_SCROLL
24.06.2008 16:22 30.836 Glow20.fxV3_Q30_MESH_TWEENED_BLEND_ALPHAFADE_SCROLL
24.06.2008 16:22 57.040 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE_SCROLL_PREMULTIPLYVERTEXALPHA
24.06.2008 16:22 36.812 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE_SCROLL_PREMULTIPLYVERTEXALPHA
24.06.2008 16:22 31.016 Glow20.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE_SCROLL_PREMULTIPLYVERTEXALPHA
24.06.2008 16:22 68.352 Standard20.fxV3_Q30_MESH_TWEENED_BUMP_BUMPDETAIL_SPECULAR_REFLECTION
24.06.2008 16:22 48.744 Standard30.fxV3_Q30_MESH_TWEENED_BUMP_BUMPDETAIL_SPECULAR_REFLECTION
24.06.2008 16:22 58.140 Standard20.fxV3_Q30_MESH_TWEENED_BUMP_SPECULAR
24.06.2008 16:22 41.264 Standard30.fxV3_Q30_MESH_TWEENED_BUMP_SPECULAR
24.06.2008 16:22 56.916 Standard20.fxV3_Q30_MESH_TWEENED_BLEND_SCROLL
24.06.2008 16:22 36.420 Standard30.fxV3_Q30_MESH_TWEENED_BLEND_SCROLL
24.06.2008 16:22 30.144 Glow20.fxV3_Q30_MESH_TWEENED_BLEND_SCROLL
24.06.2008 16:22 28.556 Glow20.fxV3_Q30_MESH_TWEENED
24.06.2008 16:22 65.320 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_ILLUMINATION
24.06.2008 16:22 42.164 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_ILLUMINATION
24.06.2008 16:22 68.636 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_REFLECTION_ILLUMINATION
24.06.2008 16:22 42.824 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_REFLECTION_ILLUMINATION
24.06.2008 16:22 66.004 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFRACTION2D_SCROLL
24.06.2008 16:22 45.648 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFRACTION2D_SCROLL
24.06.2008 16:22 46.320 Glass.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFRACTION2D_SCROLL
24.06.2008 16:22 57.076 Standard20.fxV3_Q30_MESH_RIGID_BLEND_ALPHAFADE
24.06.2008 16:22 32.080 Standard30.fxV3_Q30_MESH_RIGID_BLEND_ALPHAFADE
24.06.2008 16:22 34.704 Glow20.fxV3_Q30_MESH_RIGID_BLEND_ALPHAFADE
24.06.2008 16:22 81.720 Standard20.fxV3_Q30_MESH_WEIGHTED_BLEND_SPECULAR
24.06.2008 16:22 39.284 Standard30.fxV3_Q30_MESH_WEIGHTED_BLEND_SPECULAR
24.06.2008 16:22 56.240 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_PREMULTIPLYVERTEXALPHA
24.06.2008 16:22 35.832 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_PREMULTIPLYVERTEXALPHA
24.06.2008 16:22 30.288 Glow20.fxV3_Q30_MESH_STANDARD_BLEND_PREMULTIPLYVERTEXALPHA
24.06.2008 16:22 51.432 Standard20.fxV3_Q30_MESH_STANDARD_SCROLL
24.06.2008 16:22 34.256 Standard30.fxV3_Q30_MESH_STANDARD_SCROLL
24.06.2008 16:22 28.800 Glow20.fxV3_Q30_MESH_STANDARD_SCROLL
24.06.2008 16:22 65.704 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFRACTION2D
24.06.2008 16:22 45.476 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFRACTION2D
24.06.2008 16:22 46.156 Glass.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFRACTION2D
24.06.2008 16:22 35.200 Glow20.fxV3_Q30_MESH_STANDARD_REFLECTION
24.06.2008 16:22 37.868 StaticShadowTextureAdditive.fxV3_Q30_MESH_STANDARD_BLEND_SCROLL
24.06.2008 16:06 78.164 Standard20.fxV3_Q30_MESH_WEIGHTED_BLEND_ALPHAFADE
24.06.2008 16:06 36.324 Standard30.fxV3_Q30_MESH_WEIGHTED_BLEND_ALPHAFADE
24.06.2008 16:06 34.264 Glow20.fxV3_Q30_MESH_WEIGHTED_BLEND_ALPHAFADE
24.06.2008 16:06 77.972 Standard20.fxV3_Q30_MESH_WEIGHTED_BLEND
24.06.2008 16:06 36.132 Standard30.fxV3_Q30_MESH_WEIGHTED_BLEND
24.06.2008 16:06 33.340 Glow20.fxV3_Q30_MESH_WEIGHTED_BLEND
24.06.2008 16:06 49.160 Cloth30.fxV3_Q30_MESH_WEIGHTED_BUMP_PARALLAX_RIMLIGHTING_SPECULAR
24.06.2008 16:06 84.048 Standard20.fxV3_Q30_MESH_WEIGHTED_BUMP_PARALLAX_RIMLIGHTING_SPECULAR
24.06.2008 16:06 44.588 Standard30.fxV3_Q30_MESH_WEIGHTED_BUMP_PARALLAX_RIMLIGHTING_SPECULAR
24.06.2008 16:06 52.092 Skin20.fxV3_Q30_MESH_WEIGHTED_BUMP_PARALLAX_RIMLIGHTING_SPECULAR
24.06.2008 16:06 49.544 Skin30.fxV3_Q30_MESH_WEIGHTED_BUMP_PARALLAX_RIMLIGHTING_SPECULAR
24.06.2008 16:06 40.380 Cloth30.fxV3_Q30_MESH_WEIGHTED_RIMLIGHTING
24.06.2008 16:06 74.176 Standard20.fxV3_Q30_MESH_WEIGHTED_RIMLIGHTING
24.06.2008 16:06 35.752 Standard30.fxV3_Q30_MESH_WEIGHTED_RIMLIGHTING
24.06.2008 16:06 42.648 Skin20.fxV3_Q30_MESH_WEIGHTED_RIMLIGHTING
24.06.2008 16:06 40.692 Skin30.fxV3_Q30_MESH_WEIGHTED_RIMLIGHTING
24.06.2008 15:45 84.052 Standard20.fxV3_Q30_MESH_WEIGHTED_BUMP_BUMPDETAIL_SPECULAR
24.06.2008 15:45 44.636 Standard30.fxV3_Q30_MESH_WEIGHTED_BUMP_BUMPDETAIL_SPECULAR
24.06.2008 15:45 62.312 Standard20.fxV3_Q30_MESH_TWEENED_BLEND_ILLUMINATION
24.06.2008 15:45 38.920 Standard30.fxV3_Q30_MESH_TWEENED_BLEND_ILLUMINATION
24.06.2008 15:45 67.328 Standard20.fxV3_Q30_MESH_TWEENED_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:45 45.184 Standard30.fxV3_Q30_MESH_TWEENED_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:45 56.432 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_SCROLL
24.06.2008 15:45 35.916 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_SCROLL
24.06.2008 15:45 30.260 Glow20.fxV3_Q30_MESH_STANDARD_BLEND_SCROLL
24.06.2008 15:45 63.460 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_REFLECTION_ALPHAFADE
24.06.2008 15:45 40.880 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_REFLECTION_ALPHAFADE
24.06.2008 15:45 51.656 Standard20.fxV3_Q30_MESH_STANDARD_ALPHAFADE
24.06.2008 15:45 34.520 Standard30.fxV3_Q30_MESH_STANDARD_ALPHAFADE
24.06.2008 15:45 29.272 Glow20.fxV3_Q30_MESH_STANDARD_ALPHAFADE
24.06.2008 15:45 51.640 Standard20.fxV3_Q30_MESH_TWEENED
24.06.2008 15:45 34.592 Standard30.fxV3_Q30_MESH_TWEENED
24.06.2008 15:36 62.644 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:36 42.416 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:36 45.064 Cloth30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:35 80.848 Standard20.fxV3_Q30_MESH_WEIGHTED_BUMP_RIMLIGHTING_SUBSURFACE_SPECULAR
24.06.2008 15:35 41.676 Standard30.fxV3_Q30_MESH_WEIGHTED_BUMP_RIMLIGHTING_SUBSURFACE_SPECULAR
24.06.2008 15:35 49.428 Skin20.fxV3_Q30_MESH_WEIGHTED_BUMP_RIMLIGHTING_SUBSURFACE_SPECULAR
24.06.2008 15:35 46.880 Skin30.fxV3_Q30_MESH_WEIGHTED_BUMP_RIMLIGHTING_SUBSURFACE_SPECULAR
24.06.2008 15:35 53.488 Standard00.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_REFLECTION_REFRACTION2D
24.06.2008 15:35 60.296 Standard13.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_REFLECTION_REFRACTION2D
24.06.2008 15:35 67.700 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_REFLECTION_REFRACTION2D
24.06.2008 15:35 48.152 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_REFLECTION_REFRACTION2D
24.06.2008 15:35 48.004 Glass.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_REFLECTION_REFRACTION2D
24.06.2008 15:35 63.568 Standard20.fxV3_Q30_MESH_STANDARD_REFLECTION_ILLUMINATION
24.06.2008 15:35 41.168 Standard30.fxV3_Q30_MESH_STANDARD_REFLECTION_ILLUMINATION
24.06.2008 15:35 66.432 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_BUMPDETAIL_SPECULAR_ILLUMINATION
24.06.2008 15:35 46.596 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_BUMPDETAIL_SPECULAR_ILLUMINATION
24.06.2008 15:35 56.740 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE_PREMULTIPLYVERTEXALPHA
24.06.2008 15:35 36.640 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE_PREMULTIPLYVERTEXALPHA
24.06.2008 15:35 30.888 Glow20.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE_PREMULTIPLYVERTEXALPHA
24.06.2008 15:35 36.660 Glow20.fxV3_Q30_MESH_STANDARD_BLEND_REFLECTION
24.06.2008 15:20 30.016 Glow20.fxV3_Q30_MESH_TWEENED_BLEND
24.06.2008 15:20 98.236 Standard20.fxV3_Q30_MESH_WEIGHTED_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 44.904 Standard30.fxV3_Q30_MESH_WEIGHTED_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 63.228 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_ILLUMINATION
24.06.2008 15:20 43.432 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_ILLUMINATION
24.06.2008 15:20 63.160 Standard20.fxV3_Q30_MESH_TWEENED_BLEND_BUMP_SPECULAR
24.06.2008 15:20 42.920 Standard30.fxV3_Q30_MESH_TWEENED_BLEND_BUMP_SPECULAR
24.06.2008 15:20 88.600 Standard20.fxV3_Q30_MESH_WEIGHTED_BUMP_REFLECTION
24.06.2008 15:20 41.868 Standard30.fxV3_Q30_MESH_WEIGHTED_BUMP_REFLECTION
24.06.2008 15:20 92.916 Standard20.fxV3_Q30_MESH_WEIGHTED_BLEND_SPECULAR_REFLECTION
24.06.2008 15:20 42.612 Standard30.fxV3_Q30_MESH_WEIGHTED_BLEND_SPECULAR_REFLECTION
24.06.2008 15:20 39.444 ScatterNew.fxV3_Q30_MESH_STANDARD_BLEND
24.06.2008 15:20 30.996 Glow20.fxV3_Q30_MESH_RIGID
24.06.2008 15:20 67.016 Standard20.fxV3_Q30_MESH_RIGID_BLEND_SPECULAR_REFLECTION
24.06.2008 15:20 38.092 Standard30.fxV3_Q30_MESH_RIGID_BLEND_SPECULAR_REFLECTION
24.06.2008 15:20 61.932 Standard20.fxV3_Q30_MESH_RIGID_SPECULAR_REFLECTION
24.06.2008 15:20 37.712 Standard30.fxV3_Q30_MESH_RIGID_SPECULAR_REFLECTION
24.06.2008 15:20 63.768 Standard20.fxV3_Q30_MESH_RIGID_BUMP_SPECULAR_ILLUMINATION
24.06.2008 15:20 39.828 Standard30.fxV3_Q30_MESH_RIGID_BUMP_SPECULAR_ILLUMINATION
24.06.2008 15:20 65.104 Standard20.fxV3_Q30_MESH_RIGID_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 40.484 Standard30.fxV3_Q30_MESH_RIGID_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 65.948 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_PARALLAX_SPECULAR
24.06.2008 15:20 45.688 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_PARALLAX_SPECULAR
24.06.2008 15:20 87.868 Standard20.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_PARALLAX_SPECULAR
24.06.2008 15:20 44.968 Standard30.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_PARALLAX_SPECULAR
24.06.2008 15:20 62.500 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_PARALLAX
24.06.2008 15:20 42.208 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_PARALLAX
24.06.2008 15:20 41.908 GlassSurface.fxV3_Q30_MESH_STANDARD_BUMP_REFRACTION2D
24.06.2008 15:20 47.044 Standard13.fxV3_Q30_MESH_STANDARD_BUMP_REFRACTION2D
24.06.2008 15:20 57.220 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_REFRACTION2D
24.06.2008 15:20 40.220 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_REFRACTION2D
24.06.2008 15:20 74.176 Standard20.fxV3_Q30_MESH_WEIGHTED
24.06.2008 15:20 35.752 Standard30.fxV3_Q30_MESH_WEIGHTED
24.06.2008 15:20 80.848 Standard20.fxV3_Q30_MESH_WEIGHTED_BUMP_SPECULAR
24.06.2008 15:20 41.676 Standard30.fxV3_Q30_MESH_WEIGHTED_BUMP_SPECULAR
24.06.2008 15:20 92.268 Standard20.fxV3_Q30_MESH_WEIGHTED_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 45.004 Standard30.fxV3_Q30_MESH_WEIGHTED_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 58.156 Standard20.fxV3_Q30_MESH_RIGID_BUMP_SPECULAR
24.06.2008 15:20 37.156 Standard30.fxV3_Q30_MESH_RIGID_BUMP_SPECULAR
24.06.2008 15:20 89.096 Standard20.fxV3_Q30_MESH_WEIGHTED_SPECULAR_REFLECTION
24.06.2008 15:20 42.232 Standard30.fxV3_Q30_MESH_WEIGHTED_SPECULAR_REFLECTION
24.06.2008 15:20 56.564 Standard20.fxV3_Q30_MESH_RIGID_BLEND
24.06.2008 15:20 31.612 Standard30.fxV3_Q30_MESH_RIGID_BLEND
24.06.2008 15:20 33.648 Glow20.fxV3_Q30_MESH_RIGID_BLEND
24.06.2008 15:20 60.292 Standard20.fxV3_Q30_MESH_RIGID_BLEND_SPECULAR
24.06.2008 15:20 34.764 Standard30.fxV3_Q30_MESH_RIGID_BLEND_SPECULAR
24.06.2008 15:20 51.504 Standard20.fxV3_Q30_MESH_RIGID
24.06.2008 15:20 31.232 Standard30.fxV3_Q30_MESH_RIGID
24.06.2008 15:20 63.240 Standard20.fxV3_Q30_MESH_RIGID_BLEND_BUMP_SPECULAR
24.06.2008 15:20 37.536 Standard30.fxV3_Q30_MESH_RIGID_BLEND_BUMP_SPECULAR
24.06.2008 15:20 54.508 Standard20.fxV3_Q30_MESH_RIGID_BUMP
24.06.2008 15:20 34.020 Standard30.fxV3_Q30_MESH_RIGID_BUMP
24.06.2008 15:20 70.188 Standard20.fxV3_Q30_MESH_RIGID_BLEND_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 40.864 Standard30.fxV3_Q30_MESH_RIGID_BLEND_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 63.040 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_REFRACTION2D_SCROLL_ALPHAFADE
24.06.2008 15:20 42.856 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_REFRACTION2D_SCROLL_ALPHAFADE
24.06.2008 15:20 43.656 Glass.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_REFRACTION2D_SCROLL_ALPHAFADE
24.06.2008 15:20 55.208 Standard20.fxV3_Q30_MESH_RIGID_SPECULAR
24.06.2008 15:20 34.384 Standard30.fxV3_Q30_MESH_RIGID_SPECULAR
24.06.2008 15:20 45.240 Cloth30.fxV3_Q30_MESH_WEIGHTED_BLEND_RIMLIGHTING_SPECULAR
24.06.2008 15:20 81.720 Standard20.fxV3_Q30_MESH_WEIGHTED_BLEND_RIMLIGHTING_SPECULAR
24.06.2008 15:20 39.284 Standard30.fxV3_Q30_MESH_WEIGHTED_BLEND_RIMLIGHTING_SPECULAR
24.06.2008 15:20 47.852 Skin20.fxV3_Q30_MESH_WEIGHTED_BLEND_RIMLIGHTING_SPECULAR
24.06.2008 15:20 45.616 Skin30.fxV3_Q30_MESH_WEIGHTED_BLEND_RIMLIGHTING_SPECULAR
24.06.2008 15:20 84.668 Standard20.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_SPECULAR
24.06.2008 15:20 42.056 Standard30.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_SPECULAR
24.06.2008 15:20 48.140 Cloth30.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 84.668 Standard20.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 42.056 Standard30.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 50.964 Skin20.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 48.512 Skin30.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 46.496 Cloth30.fxV3_Q30_MESH_WEIGHTED_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 80.848 Standard20.fxV3_Q30_MESH_WEIGHTED_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 41.676 Standard30.fxV3_Q30_MESH_WEIGHTED_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 49.428 Skin20.fxV3_Q30_MESH_WEIGHTED_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 46.880 Skin30.fxV3_Q30_MESH_WEIGHTED_BUMP_RIMLIGHTING_SPECULAR
24.06.2008 15:20 96.088 Standard20.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 45.384 Standard30.fxV3_Q30_MESH_WEIGHTED_BLEND_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 59.764 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_ILLUMINATION
24.06.2008 15:20 39.832 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_ILLUMINATION
24.06.2008 15:20 70.244 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 47.764 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 64.924 Standard20.fxV3_Q30_MESH_TWEENED_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 45.580 Standard30.fxV3_Q30_MESH_TWEENED_BUMP_SPECULAR_REFLECTION
24.06.2008 15:20 55.164 Standard20.fxV3_Q30_MESH_TWEENED_SPECULAR
24.06.2008 15:20 38.340 Standard30.fxV3_Q30_MESH_TWEENED_SPECULAR
24.06.2008 15:20 56.636 Standard20.fxV3_Q30_MESH_TWEENED_BLEND
24.06.2008 15:20 36.248 Standard30.fxV3_Q30_MESH_TWEENED_BLEND
24.06.2008 15:20 66.532 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_PARALLAX_SPECULAR_ILLUMINATION
24.06.2008 15:20 46.708 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_PARALLAX_SPECULAR_ILLUMINATION
24.06.2008 15:20 62.960 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_REFLECTION
24.06.2008 15:20 40.152 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_REFLECTION
24.06.2008 15:20 67.060 Standard20.fxV3_Q30_MESH_STANDARD_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 44.696 Standard30.fxV3_Q30_MESH_STANDARD_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 73.084 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_BUMPDETAIL_SPECULAR_REFLECTION
24.06.2008 15:20 49.908 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_BUMPDETAIL_SPECULAR_REFLECTION
24.06.2008 15:20 56.952 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE_SCROLL
24.06.2008 15:20 36.724 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE_SCROLL
24.06.2008 15:20 30.860 Glow20.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE_SCROLL
24.06.2008 15:20 75.336 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 49.420 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 72.648 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION_ILLUMINATION_ALPHAFADE
24.06.2008 15:20 47.068 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION_ILLUMINATION_ALPHAFADE
24.06.2008 15:20 65.848 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_BUMPDETAIL_SPECULAR
24.06.2008 15:20 45.576 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_BUMPDETAIL_SPECULAR
24.06.2008 15:20 60.164 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_ALPHAFADE
24.06.2008 15:20 40.212 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_ALPHAFADE
24.06.2008 15:20 68.320 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_ILLUMINATION
24.06.2008 15:20 45.088 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_ILLUMINATION
24.06.2008 15:20 57.480 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_PARALLAX
24.06.2008 15:20 40.556 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_PARALLAX
24.06.2008 15:20 72.128 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 46.352 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION_ILLUMINATION
24.06.2008 15:20 66.972 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION_ALPHAFADE
24.06.2008 15:20 44.396 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION_ALPHAFADE
24.06.2008 15:20 68.260 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_PARALLAX_SPECULAR_REFLECTION
24.06.2008 15:20 48.352 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_PARALLAX_SPECULAR_REFLECTION
24.06.2008 15:20 61.828 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_ILLUMINATION
24.06.2008 15:20 38.416 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_ILLUMINATION

balu@work · 26.06.2008, 19:31

Teil 3
24.06.2008 15:20 30.732 Glow20.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE
24.06.2008 15:20 57.964 Standard20.fxV3_Q30_MESH_STANDARD_REFLECTION
24.06.2008 15:20 38.496 Standard30.fxV3_Q30_MESH_STANDARD_REFLECTION
24.06.2008 15:20 61.176 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_REFLECTION
24.06.2008 15:20 41.640 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_REFLECTION
24.06.2008 15:20 28.672 Glow20.fxV3_Q30_MESH_STANDARD
24.06.2008 15:20 57.136 Standard20.fxV3_Q30_MESH_TWEENED_BLEND_ALPHAFADE
24.06.2008 15:20 37.056 Standard30.fxV3_Q30_MESH_TWEENED_BLEND_ALPHAFADE
24.06.2008 15:20 30.708 Glow20.fxV3_Q30_MESH_TWEENED_BLEND_ALPHAFADE
24.06.2008 15:20 70.180 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFLECTION_ALPHAFADE
24.06.2008 15:20 47.464 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFLECTION_ALPHAFADE
24.06.2008 15:20 53.208 Standard00.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION
24.06.2008 15:20 56.816 Standard13.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION
24.06.2008 15:20 43.072 Glass.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION
24.06.2008 15:20 30.132 Glow20.fxV3_Q30_MESH_STANDARD_BLEND
24.06.2008 15:20 56.652 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE
24.06.2008 15:20 36.552 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_ALPHAFADE
24.06.2008 15:20 56.760 Standard20.fxV3_Q30_MESH_STANDARD_ILLUMINATION
24.06.2008 15:20 36.760 Standard30.fxV3_Q30_MESH_STANDARD_ILLUMINATION
24.06.2008 15:20 59.180 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP
24.06.2008 15:19 38.812 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP
24.06.2008 15:19 57.364 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_BUMPDETAIL
24.06.2008 15:19 40.320 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_BUMPDETAIL
24.06.2008 15:19 62.644 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR
24.06.2008 15:19 42.416 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR
24.06.2008 15:19 60.928 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_PARALLAX_SPECULAR
24.06.2008 15:19 44.036 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_PARALLAX_SPECULAR
24.06.2008 15:19 60.828 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_BUMPDETAIL_SPECULAR
24.06.2008 15:19 43.924 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_BUMPDETAIL_SPECULAR
24.06.2008 15:19 59.644 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR
24.06.2008 15:19 39.492 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR
24.06.2008 15:19 61.456 Standard20.fxV3_Q30_MESH_STANDARD_SPECULAR_REFLECTION
24.06.2008 15:19 42.024 Standard30.fxV3_Q30_MESH_STANDARD_SPECULAR_REFLECTION
24.06.2008 15:19 54.160 Standard20.fxV3_Q30_MESH_STANDARD_BUMP
24.06.2008 15:19 37.160 Standard30.fxV3_Q30_MESH_STANDARD_BUMP
24.06.2008 15:19 34.168 Bad.fxV3_Q30_MESH_STANDARD_ZBUFFERWRITE
24.06.2008 15:19 54.648 Standard20.fxV3_Q30_MESH_STANDARD_SPECULAR
24.06.2008 15:19 37.836 Standard30.fxV3_Q30_MESH_STANDARD_SPECULAR
24.06.2008 15:19 51.156 Standard20.fxV3_Q30_MESH_STANDARD
24.06.2008 15:19 34.088 Standard30.fxV3_Q30_MESH_STANDARD
24.06.2008 15:19 64.640 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_REFLECTION
24.06.2008 15:19 45.092 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR_REFLECTION
24.06.2008 15:19 57.624 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR
24.06.2008 15:19 40.760 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_SPECULAR
24.06.2008 15:19 66.452 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION
24.06.2008 15:19 43.680 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_SPECULAR_REFLECTION
24.06.2008 15:19 66.196 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_REFLECTION
24.06.2008 15:19 43.296 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_REFLECTION
24.06.2008 15:19 69.660 Standard20.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFLECTION
24.06.2008 15:19 46.748 Standard30.fxV3_Q30_MESH_STANDARD_BLEND_BUMP_SPECULAR_REFLECTION
24.06.2008 15:19 68.064 Standard20.fxV3_Q30_MESH_STANDARD_BUMP_BUMPDETAIL_SPECULAR_REFLECTION
24.06.2008 15:19 48.256 Standard30.fxV3_Q30_MESH_STANDARD_BUMP_BUMPDETAIL_SPECULAR_REFLECTION
24.06.2008 15:19 56.152 Standard20.fxV3_Q30_MESH_STANDARD_BLEND
24.06.2008 15:19 35.744 Standard30.fxV3_Q30_MESH_STANDARD_BLEND
24.06.2008 15:19 37.640 StaticShadowTextureAdditive.fxV3_Q30_MESH_STANDARD_BLEND
24.06.2008 15:19 36.872 StaticShadowTextureShadow.fxV3_Q30_MESH_STANDARD_BLEND
24.06.2008 15:19 39.060 StaticShadow.fxV3_Q30_MESH_STANDARD_BLEND
24.06.2008 14:45 32.768 ~DF3187.tmp
21.06.2008 17:23 31.372 MSI32d9.LOG
21.06.2008 17:01 396 MSIca9cd.LOG
20.06.2008 18:01 79 dw.log
20.06.2008 17:55 32.768 ~DFF312.tmp
20.06.2008 12:41 9.100 a9af_appcompat.txt
20.06.2008 12:24 45.008 Sprite.fxV3_Q30_SPRITES
20.06.2008 12:23 13.592 temp.ani
20.06.2008 12:23 208.896 drm_dyndata_7340016.dll
20.06.2008 11:51 306 MSI624a8.LOG
18.06.2008 18:57 1.040 java_install_reg.log
18.06.2008 12:41 32.768 ~DF3CCB.tmp
16.06.2008 20:45 72.192 ~e5.0001
16.06.2008 14:34 32.768 ~DF4EA1.tmp
15.06.2008 19:15 32.768 ~DF6726.tmp
15.06.2008 15:34 473.975 ins34.tmp
14.06.2008 23:08 32.768 ~DF99A3.tmp
14.06.2008 23:04 32.768 ~DFA8C9.tmp
14.06.2008 02:19 1.007 jar_cache28853.tmp
14.06.2008 02:19 869 jar_cache28852.tmp
14.06.2008 02:19 849 jar_cache28851.tmp
14.06.2008 02:15 7.006 jar_cache28850.tmp
14.06.2008 02:12 558 jar_cache28847.tmp
14.06.2008 02:12 7.156 jar_cache28848.tmp
13.06.2008 22:54 23.427 TFR79.tmp
13.06.2008 22:54 67.994 TFR75.tmp
13.06.2008 22:54 21.122 TFR72.tmp
13.06.2008 22:54 27.777 TFR70.tmp
13.06.2008 22:54 67.560 TFR6B.tmp
13.06.2008 22:54 59.218 TFR67.tmp
13.06.2008 22:54 46.660 TFR63.tmp
13.06.2008 22:54 46.021 TFR62.tmp
13.06.2008 21:09 220.598 MSI475cf.LOG
13.06.2008 21:03 28.672 DW2A7.tmp
13.06.2008 21:03 49.152 DW2A5.tmp
13.06.2008 20:56 456 MSI99796.LOG
13.06.2008 20:42 32.768 ~DF27F.tmp
13.06.2008 20:32 28.672 DW269.tmp
13.06.2008 20:32 49.152 DW267.tmp
13.06.2008 18:54 28.672 DW247.tmp
13.06.2008 18:54 49.152 DW245.tmp
13.06.2008 18:25 3.977.644 B57D9B.dmp
13.06.2008 18:24 11.926 73c_appcompat.txt
13.06.2008 15:10 28.672 DW27.tmp
13.06.2008 15:10 49.152 DW25.tmp
13.06.2008 15:05 28.672 DW21E8.tmp
13.06.2008 15:05 49.152 DW21E6.tmp
13.06.2008 13:02 32.768 ~DF6379.tmp
12.06.2008 20:02 32.768 ~DFA402.tmp
12.06.2008 17:11 32.768 ~DFE86A.tmp
12.06.2008 14:42 32.768 ~DFA9FE.tmp
12.06.2008 12:20 32.768 ~DFACF7.tmp
11.06.2008 21:04 4.592 SIntfIcn.ani
11.06.2008 21:04 24.516 SIntfNT.dll
11.06.2008 21:04 19.928 SIntf32.dll
11.06.2008 21:04 12.067 SIntf16.dll
11.06.2008 21:04 36.864 CmdLineExt02.dll
11.06.2008 16:04 32.768 ~DFA371.tmp
08.06.2008 12:59 65.536 drm_dialogs.dll
03.06.2008 21:33 25 E53D8C09.TMP
23.05.2008 15:06 440.832 14a5e95.mst

sorry das ich es hier rein stelle aber das hochladen funktioniert irgendwie nicht

BataAlexander · 26.06.2008, 19:44

Hast Du einen Lexmark Drucker? Das Filelist ist sonst ohne Auffälligkeiten.

Gehe wiefolgt vor

Bitte öffne Deine HijackThis nochmal und scanne. Check die klickboxen neben den Einträgen die untenstehend gelistet sind.

O20 - Winlogon Notify: lbbmpsrd - lbbmpsrd.dll (file missing)

(file missing)dann Klicke Fix Checked. Schließe HiJackThis.

Öffne HijackThis erneut und erstelle ein Logfile und poste dieses, editiert!

balu@work · 26.06.2008, 20:02

hi ja habe so einen drucker!!

ach und die aufforderung it nun weg kann wieder alles öffnen ohne das die medung kommt

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:38, on 26.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Progarmme\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\VIA\RAID\raid_tool.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programme\Winamp\Winampa.exe
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\Programme\Lexmark X1100 Series\lxbkbmon.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programme\DT\Speedport W 100 Stick\Wifiusb.exe
C:\Programme\Stardock\ObjectDock\ObjectDock.exe
C:\Programme\qip\infium.exe
D:\Progarmme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Progarmme\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Progarmme\Kasper Internet Security\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Microsoft.SupportCenter 0 - {7FFBBA7A-4237-40A2-9FF0-E600A34AA000} - C:\Dokumente und Einstellungen\Böhm\Anwendungsdaten\Microsoft\HelpCenter\Windows-QEUB.SCenter (file missing)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O4 - HKLM\..\Run: [RaidTool] C:\Programme\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Programme\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [AVP] "D:\Progarmme\Kasper Internet Security\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [UpdateStar] C:\Dokumente und Einstellungen\Böhm\Anwendungsdaten\UpdateStar\UpdateStar.exe -A
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Speedport W 100 Stick WLAN Manager.lnk = C:\Programme\DT\Speedport W 100 Stick\Wifiusb.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Progarmme\Kasper Internet Security\SCIEPlgn.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1195913100670
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: D:\PROGAR~1\KASPER~1\mzvkbd.dll,D:\PROGAR~1\KASPER~1\adialhk.dll,D:\PROGAR~1\KASPER~1\kloehk.dll,
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Progarmme\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - D:\Progarmme\Kasper Internet Security\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 6475 bytes

BataAlexander · 26.06.2008, 20:11

Führe ein Java Update durch! Deinstalliere vorher alle alten Java Versionen (Systemsteuerung / Software). Durch alte Java Versionen können Schädlinge auf Dein System gelangen. Dies gilt für jegliche Software!

Dann update Dein kaspersky und führe einen Systemscan durch. Poste alle Funde hier.

24.06.2008, 23:28	#2
BataAlexander > MalwareDB	Spyware die ieav.exe von ieantiavdownload.com runterladen will Bitte lasse Malwarebytes laufen und poste das Logfile dann hier. __________________ __________________

25.06.2008, 10:10	#4
BataAlexander > MalwareDB	Spyware die ieav.exe von ieantiavdownload.com runterladen will Wenn Du Malwarebytes anklickst, öffnet sich eine Seite mit einer Anleitung für das Programm. __________________ If every computer is running a diverse ecosystem, crackers will have no choice but to resort to small-scale, targetted attacks, and the days of mass-market malware will be over[...]. Stuart Udall

Spyware die ieav.exe von ieantiavdownload.com runterladen will

Log-Analyse und Auswertung: Spyware die ieav.exe von ieantiavdownload.com runterladen will