Win32:Rootkit-gen Virus was soll ich tun??!!??

big_kelly · 18.12.2009, 21:52

Hallo Zusammen

Hab seit gestern immer von avast eine Viruswarnung siehe Anhang.

Kann mir Jemand eine Hilfe sein und mir bei der Lösung des Problems behilflich sein?!

Ich kenn mich da zuwenig aus wie ich den Virus wieder weckbekomm!

MfG Kelly

big_kelly · 18.12.2009, 21:58

Das wirft mir VIRUS TOTAL heraus aber ich weiß damit nichts anzufangen!
Datei joadxsii_1_.bmp empfangen 2009.12.18 19:04:10 (UTC)
Status: Beendet
Ergebnis: 40/41 (97.56%)
Filter Filter
Drucken der Ergebnisse Drucken der Ergebnisse
Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.43 2009.12.18 Net-Worm.Win32.Kido!IK
AhnLab-V3 5.0.0.2 2009.12.18 Win32/Conficker.worm.168096
AntiVir 7.9.1.114 2009.12.18 Worm/Conficker.AU
Antiy-AVL 2.0.3.7 2009.12.18 Worm/Win32.Kido.ih.gen
Authentium 5.2.0.5 2009.12.02 W32/Conficker!Generic
Avast 4.8.1351.0 2009.12.18 Win32:Rootkit-gen
AVG 8.5.0.427 2009.12.18 Worm/Downadup
BitDefender 7.2 2009.12.18 Win32.Worm.Downadup.Gen
CAT-QuickHeal 10.00 2009.12.18 Worm.Conficker.gen
ClamAV 0.94.1 2009.12.18 Trojan.Dropper-18535
Comodo 3288 2009.12.18 NetWorm.Win32.Kido.bw
DrWeb 5.0.0.12182 2009.12.18 Win32.HLLW.Shadow.based
eSafe 7.0.17.0 2009.12.16 -
eTrust-Vet 35.1.7182 2009.12.18 Win32/Conficker
F-Prot 4.5.1.85 2009.12.18 W32/Conficker!Generic
F-Secure 9.0.15370.0 2009.12.18 Worm:W32/Downadup.DJ
Fortinet 4.0.14.0 2009.12.18 W32/Kido.BW!worm.im
GData 19 2009.12.18 Win32.Worm.Downadup.Gen
Ikarus T3.1.1.79.0 2009.12.18 Net-Worm.Win32.Kido
Jiangmin 13.0.900 2009.12.18 Worm/Kido.r
K7AntiVirus 7.10.923 2009.12.17 Net-Worm.Win32.Downadup.bw
Kaspersky 7.0.0.125 2009.12.18 Net-Worm.Win32.Kido.ih
McAfee 5836 2009.12.18 W32/Conficker.worm.gen.a
McAfee+Artemis 5836 2009.12.18 Artemis!93D305C90942
McAfee-GW-Edition 6.8.5 2009.12.18 Worm.Conficker.Z.03
Microsoft 1.5302 2009.12.18 Worm:Win32/Conficker.C
NOD32 4700 2009.12.18 a variant of Win32/Conficker.AE
Norman 6.04.03 2009.12.18 W32/Conficker.DH
nProtect 2009.1.8.0 2009.12.18 Worm/W32.Kido.168096
Panda 10.0.2.2 2009.12.15 W32/Conficker.C.worm
PCTools 7.0.3.5 2009.12.18 Worm.Conficker.B
Prevx 3.0 2009.12.18 High Risk Worm
Rising 22.26.04.02 2009.12.18 Hack.Exploit.Win32.MS08-067.ln
Sophos 4.49.0 2009.12.18 Mal/Conficker-A
Sunbelt 3.2.1858.2 2009.12.18 Trojan.Win32.Generic!BT
Symantec 1.4.4.12 2009.12.18 W32.Downadup.B
TheHacker 6.5.0.2.098 2009.12.18 W32/Kido.bw
TrendMicro 9.100.0.1001 2009.12.18 WORM_DOWNAD.AD
VBA32 3.12.12.0 2009.12.18 Worm.Win32.kido.123
ViRobot 2009.12.18.2097 2009.12.18 Worm.Win32.Conficker.168096
VirusBuster 5.0.21.0 2009.12.18 Worm.Kido.KZ
weitere Informationen
File size: 168096 bytes
MD5 : 93d305c9094278e3e6da70e40b543c28
SHA1 : 5d6e19afa9ea3855a6812a9c28c56019144d672b
SHA256: 9d651f48c785ac86de3e76d059385eaf9ecdb347da37f80e41d126219ce4af24
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1A560
timedatestamp.....: 0x4262ECC7 (Mon Apr 18 01:09:59 2005)
machinetype.......: 0x14C (Intel I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x4000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x5000 0x16000 0x15800 7.79 d3686ca402ad42f834d96a6be9bb3a49
UPX2 0x1B000 0x1000 0x200 3.80 0db74aca8a612de1bfc15455ab40c758

( 0 imports )

( 0 exports )
TrID : File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.5%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Clipper DOS Executable (2.5%)
ThreatExpert: http://www.threatexpert.com/report.aspx?md5=93d305c9094278e3e6da70e40b543c28
ssdeep: 3072:5voeCLXp5X79LuaZzmhT7D67sm5V2TTGH0JyOLyp40EQBpl:5weWTL9Luk4TCqTGUJyWyp409l
Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=5CBAED1FA06B2E07904902A92A41240098008503
PEiD : -
packers (Kaspersky): PE_Patch.UPX, UPX
packers (F-Prot): UPX
CWSandbox: http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=93d305c9094278e3e6da70e40b543c28
packers (Authentium): UPX
RDS : NSRL Reference Data Set
-

ACHTUNG ACHTUNG: VirusTotal ist ein kostenloser Dienst bereitgestellt von Hispasec Sistemas. Es gibt keine Garantie zur Verfügbarkeit sowie Fortbestehen der Dienstleistung. Obwohl die Erkennungsrate mehrerer Antivirus-Engines besser ist als nur durch ein Produkt, garantieren die Ergebnisse des Scans nicht die Harmlosigkeit einer Datei. Gegenwärtig gibt es keine Lösung, welche eine Erkennungsrate aller Viren und Malware zu 100% bietet.

Bitte um hilfe Danke

big_kelly · 18.12.2009, 22:01

DDS (Ver_09-12-01.01) - NTFSx86
Run by Admin at 21:59:42,78 on 18.12.2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.2.1252.49.1031.18.2046.1258 [GMT 1:00]

AV: avast! antivirus 4.8.1296 [VPS 091218-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Programme\Alwil Software\Avast4\aswUpdSv.exe
C:\Programme\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\AskBarDis\bar\bin\AskService.exe
C:\Programme\Bonjour\mDNSResponder.exe
svchost.exe
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Programme\OO Software\DiskImage\oodiag.exe
C:\Programme\Alwil Software\Avast4\ashMaiSv.exe
C:\Programme\Alwil Software\Avast4\ashWebSv.exe
C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\lg_fwupdate\fwupdate.exe
C:\Programme\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Cyberlink\Shared Files\brs.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\programme\steam\steam.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programme\MSI\DualCoreCenter\DualCoreCenter.exe
C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.bearshare.com/
uSearch Bar = hxxp://search.bearshare.com/sidebar.html?src=ssb
mDefault_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10615&gct=&gc=1&q=
uInternet Connection Wizard,ShellNext = hxxp://www.incredimail.com/app/?tag=page_app_welcome&lang=7&version=5864189&setup_id=7000007&aff_id=102&addon=IncrediMail&upn=4f749101-4413-455d-af7e-281476e0ca86&ve=1
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10615&gct=&gc=1&q=%s
uURLSearchHooks: Softonic Deutsch Toolbar: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - c:\programme\softonic_deutsch\tbSoft.dll
uURLSearchHooks: H - No File
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\programme\icq6toolbar\ICQToolBar.dll
uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - c:\programme\asksearch\bin\DefaultSearch.dll
BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programme\gemeinsame dateien\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\programme\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\programme\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\programme\bearshare applications\bearshare\BearShareIEHelper.dll
BHO: Softonic Deutsch Toolbar: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - c:\programme\softonic_deutsch\tbSoft.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programme\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\programme\google\google gears\internet explorer\0.5.33.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programme\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\programme\daemon tools toolbar\DTToolbar.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\programme\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: Softonic Deutsch Toolbar: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - c:\programme\softonic_deutsch\tbSoft.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\programme\icq6toolbar\ICQToolBar.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\programme\askbardis\bar\bin\askBar.dll
TB: BearShare MediaBar: {d3dee18f-db64-4beb-9ff1-e1f0a5033e4a} - c:\programme\bearshare applications\bearshare mediabar\BearShareMediaBar.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\programme\icq6toolbar\ICQToolBar.dll
uRun: [OM2_Monitor] "c:\programme\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [LightScribe Control Panel] c:\programme\gemeinsame dateien\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [Start WingMan Profiler] "c:\programme\logitech\profiler\lwemon.exe" /noui
uRun: [Steam] "c:\programme\steam\steam.exe" -silent
mRun: [DelReg] c:\programme\msi\dualcorecenter\DelReg.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [LGODDFU] c:\programme\lg_fwupdate\fwupdate.exe blrun
mRun: [Acrobat Assistant 8.0] "c:\programme\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe_ID0EYTHM] c:\progra~1\gemein~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [GrooveMonitor] "c:\programme\microsoft office\office12\GrooveMonitor.exe"
mRun: [HP Software Update] c:\programme\hp\hp software update\HPWuSchd2.exe
mRun: [TkBellExe] "c:\programme\gemeinsame dateien\real\update_ob\realsched.exe" -osboot
mRun: [OM2_Monitor] "c:\programme\olympus\olympus master 2\FirstStart.exe" /OM
mRun: [QuickTime Task] "c:\programme\quicktime\QTTask.exe" -atboottime
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [AppleSyncNotifier] c:\programme\gemeinsame dateien\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Adobe ARM] "c:\programme\gemeinsame dateien\adobe\arm\1.0\AdobeARM.exe"
mRun: [WinSys2] c:\windows\system32\winsys2.exe
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [36X Raid Configurer] c:\windows\system32\xRaidSetup.exe boot
mRun: [BDRegion] c:\programme\cyberlink\shared files\brs.exe
mRun: [RemoteControl] c:\programme\cyberlink\powerdvd\PDVDServ.exe
mRun: [LanguageShortcut] c:\programme\cyberlink\powerdvd\language\Language.exe
mRun: [SunJavaUpdateSched] "c:\programme\java\jre6\bin\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVIDIA nTune] "c:\programme\nvidia corporation\ntune\nTuneCmd.exe" clear
mRun: [avast!] "c:\programme\alwil software\avast4\ashDisp.exe"
mRun: [Name of App] c:\programme\samsung\fw liveupdate\FWManager.exe r
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\dokume~1\alluse~1\startm~1\progra~1\autost~1\dualco~1.lnk - c:\programme\msi\dualcorecenter\StartUpDualCoreCenter.exe
StartupFolder: c:\dokume~1\alluse~1\startm~1\progra~1\autost~1\hpdigi~1.lnk - c:\programme\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\dokume~1\alluse~1\startm~1\progra~1\autost~1\secure~1.lnk - c:\programme\msi\securedoc\Logon.exe
IE: An vorhandenes PDF anfügen - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\programme\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\programme\icq6.5\ICQ.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\programme\google\google gears\internet explorer\0.5.33.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\gemein~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\programme\gemeinsame dateien\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\dokume~1\admin\anwend~1\mozilla\firefox\profiles\7vyst7ih.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.at
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10615&gct=&gc=1&q=
FF - component: c:\dokumente und einstellungen\all users\anwendungsdaten\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
FF - component: c:\dokumente und einstellungen\all users\anwendungsdaten\google\toolbar for firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpjplug.dll
FF - plugin: c:\programme\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\programme\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\programme\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\programme\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\programme\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 oodisr;O&O DiskImage Snapshot/Restore Driver;c:\windows\system32\drivers\oodisr.sys [2008-9-5 95752]
R0 oodisrh;oodisrh;c:\windows\system32\drivers\oodisrh.sys [2008-9-5 28680]
R0 oodivd;O&O DiskImage VirtualDisk Driver;c:\windows\system32\drivers\oodivd.sys [2008-9-5 133640]
R0 oodivdh;oodivdh;c:\windows\system32\drivers\oodivdh.sys [2008-9-5 31240]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-12-16 111184]
R2 ASKService;ASKService;c:\programme\askbardis\bar\bin\AskService.exe [2009-7-20 460168]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-16 20560]
R2 avast! Antivirus;avast! Antivirus;c:\programme\alwil software\avast4\ashServ.exe [2009-12-16 155160]
R2 ICQ Service;ICQ Service;c:\programme\icq6toolbar\ICQ Service.exe [2009-7-20 222456]
R2 O&O DiskImage;O&O DiskImage;c:\programme\oo software\diskimage\oodiag.exe [2008-9-5 1934592]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programme\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2009-12-9 1044808]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\programme\alwil software\avast4\ashMaiSv.exe [2009-12-16 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\programme\alwil software\avast4\ashWebSv.exe [2009-12-16 352920]
R3 DualCoreCenter;DualCoreCenter;c:\programme\msi\dualcorecenter\NTGLM7X.sys [2009-12-2 28160]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programme\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S2 gupdate1ca07bdc362b0de;Google Update Service (gupdate1ca07bdc362b0de);c:\programme\google\update\GoogleUpdate.exe [2009-7-18 133104]
S2 ihrrbffzh;Image Helper;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336]
S3 __FOX__FOXONE_DRIVER__;__FOX__FOXONE_DRIVER__;\??\c:\dokume~1\admin\lokale~1\temp\foxdriver.sys --> c:\dokume~1\admin\lokale~1\temp\FoxDriver.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-12-8 1684736]
S3 MsibiosDevice;MsibiosDevice;\??\c:\programme\msi\live update 4\lu4\msibios.sys --> c:\programme\msi\live update 4\lu4\msibios.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\f:\ntglm7x.sys --> f:\NTGLM7X.sys [?]

=============== Created Last 30 ================

2009-12-18 20:30:40 0 d-----w- c:\windows\system32\CatRoot_bak
2009-12-18 20:22:59 0 d-----w- c:\windows\system32\PreInstall
2009-12-18 20:22:56 0 d--h--w- c:\windows\$hf_mig$
2009-12-18 20:18:46 0 d-----w- c:\windows\system32\SoftwareDistribution
2009-12-18 19:31:44 168096 ----a-w- c:\windows\system32\x
2009-12-18 15:59:31 56668 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-17 22:55:37 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-17 22:53:28 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-17 22:52:54 0 d-----w- c:\programme\TuneUp Utilities 2010
2009-12-17 22:52:20 0 d-sh--w- c:\dokume~1\alluse~1\anwend~1\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-16 21:02:30 0 d-----w- c:\programme\Miles Sound Tools
2009-12-16 18:26:51 135168 ------r- c:\windows\system32\RtlCPAPI.dll
2009-12-16 18:26:13 69632 ------r- c:\windows\Alcmtr.exe
2009-12-16 18:13:52 0 d-----w- c:\programme\SAMSUNG
2009-12-16 16:52:52 0 d-----w- c:\programme\Steam
2009-12-13 23:58:05 0 d-----w- c:\programme\oZone3D
2009-12-13 23:05:36 16777216 ----a-w- c:\windows\system32\diskbench.tst
2009-12-13 17:33:01 0 d-----w- c:\programme\IObit
2009-12-13 03:31:03 209 ----a-w- c:\windows\system32\nvUnsupRes.dat
2009-12-13 01:04:25 0 d-----w- c:\programme\NVIDIA Corporation
2009-12-12 19:57:54 592488 ----a-w- c:\windows\system32\nvudisp.exe
2009-12-12 19:57:54 25699 ----a-w- c:\windows\system32\nvdisp.nvu
2009-12-12 19:57:54 0 d-----w- c:\windows\nview
2009-12-12 19:56:45 592488 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-12-11 19:42:59 0 d-----w- C:\UpdatePack-Files
2009-12-08 08:09:19 358944 ----a-w- c:\windows\vncutil.exe
2009-12-08 08:09:17 48672 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2009-12-08 08:09:17 1389056 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2009-12-08 08:09:17 129568 ----a-w- c:\windows\RtkAudioService.exe
2009-12-08 08:09:15 1684736 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2009-12-08 08:08:24 0 d-----w- c:\programme\Marvell
2009-12-08 07:46:45 0 d-----w- c:\programme\Driver-Soft
2009-12-08 07:38:54 0 d-----w- c:\dokume~1\alluse~1\anwend~1\PC Drivers HeadQuarters
2009-12-07 19:05:26 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-12-07 19:05:25 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-12-07 19:05:25 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-12-07 19:05:25 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-12-07 19:05:24 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-12-07 19:05:24 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-12-07 19:05:24 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-12-06 22:13:13 0 d-----w- c:\programme\QuickPar
2009-12-03 14:22:03 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-12-03 14:21:22 0 d-----w- C:\b4dc9b616a3ba97cde3f0e13b1
2009-12-03 14:21:18 0 d-----w- c:\windows\system32\LogFiles
2009-12-03 14:20:47 0 d-----w- C:\b8abfa86aecc936eae
2009-12-02 15:22:49 0 d-----w- c:\programme\gemeinsame dateien\Wise Installation Wizard
2009-12-02 15:14:16 0 d-----w- c:\programme\Setup Files
2009-12-02 14:52:44 0 d-----w- c:\windows\system32\Color
2009-12-02 14:52:07 8743 ----a-w- c:\windows\system32\nvinfo.pb
2009-12-02 14:52:07 69632 ----a-w- c:\windows\system32\OpenCL.dll
2009-12-02 14:52:07 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2009-12-02 14:52:07 1989224 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-12-02 14:52:06 11374592 ----a-w- c:\windows\system32\nvcompiler.dll
2009-12-02 14:52:02 2293286 ----a-w- c:\windows\system32\nvdata.bin
2009-12-02 14:51:36 208896 ----a-r- c:\windows\system32\WinSys2.exe
2009-12-02 14:51:36 131072 ----a-r- c:\windows\system32\smdll.dll
2009-12-02 14:51:26 32768 ----a-r- c:\windows\system32\Auxiliary.dll
2009-12-02 14:51:26 1777664 ----a-r- c:\windows\system32\msicpl.dll
2009-12-02 14:51:26 130048 ----a-r- c:\windows\system32\MadCHook.dll
2009-12-02 14:44:58 45056 ----a-w- c:\windows\system32\SUSBKey.dll
2009-12-02 14:44:58 45056 ----a-w- c:\windows\system32\ginamsi.dll
2009-12-02 14:39:00 53248 ----a-w- c:\windows\Nvgpio.dll
2009-12-02 14:39:00 499712 ----a-w- c:\windows\msvcp71.dll
2009-12-02 14:39:00 45056 ----a-w- c:\windows\NTuneGpu.dll
2009-12-02 14:39:00 421888 ----a-w- c:\windows\nvsulib.dll
2009-12-02 14:39:00 348160 ----a-w- c:\windows\msvcr71.dll
2009-12-02 14:39:00 217088 ----a-w- c:\windows\NVGfxOgl.dll
2009-12-02 14:39:00 18216 ----a-w- c:\windows\nvoclk64.sys
2009-12-02 14:39:00 1060864 ----a-w- c:\windows\MFC71.dll
2009-12-01 22:18:30 0 d-----w- c:\dokume~1\admin\anwend~1\HpUpdate
2009-12-01 22:18:27 0 d-----w- c:\windows\Hewlett-Packard
2009-12-01 21:39:29 0 d-----w- c:\dokume~1\admin\anwend~1\TuneUp Software
2009-12-01 21:39:07 0 d-----w- c:\dokume~1\alluse~1\anwend~1\TuneUp Software
2009-12-01 21:27:26 49 ----a-w- c:\windows\transp.gif
2009-12-01 21:24:13 0 d-----w- c:\programme\Microsoft Baseline Security Analyzer
2009-12-01 21:23:49 150 ----a-w- c:\windows\ODBC.INI
2009-12-01 21:09:17 1833504 ----a-w- c:\windows\SkyTel.exe
2009-12-01 20:14:24 0 d-----w- c:\windows\NV18361840.TMP
2009-12-01 19:57:04 0 d-----w- c:\programme\Carambis
2009-12-01 18:21:11 0 d-sh--w- C:\$RECYCLE.BIN
2009-11-20 14:14:43 0 d-----w- c:\programme\MozBackup
2009-11-19 14:02:50 0 d-----w- c:\programme\FOXCONN
2009-11-19 13:47:04 1970176 ----a-w- c:\windows\system32\xRaidSetup.exe
2009-11-19 13:47:04 151552 ----a-w- c:\windows\system32\xRaidAPI.dll
2009-11-19 13:47:04 0 d-----w- C:\RaidTool
2009-11-19 13:46:59 0 d-----w- c:\windows\RaidTool

==================== Find3M ====================

2009-12-17 23:07:56 80920 ----a-w- c:\windows\system32\perfc007.dat
2009-12-17 23:07:56 451980 ----a-w- c:\windows\system32\perfh007.dat
2009-11-21 02:34:54 6282752 ----a-w- c:\windows\system32\nv4_disp.dll
2009-11-21 02:34:54 4038656 ----a-w- c:\windows\system32\nvcuda.dll
2009-11-21 02:34:54 182888 ----a-w- c:\windows\system32\nvcodins.dll
2009-11-21 02:34:54 182888 ----a-w- c:\windows\system32\nvcod.dll
2009-11-21 02:34:54 13602816 ----a-w- c:\windows\system32\nvoglnt.dll
2009-11-21 02:34:54 1056768 ----a-w- c:\windows\system32\nvapi.dll
2009-11-21 02:34:54 10235968 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-11-02 13:03:26 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-11-02 12:48:02 831488 ----a-w- c:\windows\RtlExUpd.dll
2009-11-02 11:42:21 16384 ----a-w- c:\windows\system32\lgfwunis.exe
2009-10-21 09:22:00 364544 ----a-w- c:\windows\system32\yk51x86.dll
2009-10-21 09:22:00 298752 ----a-w- c:\windows\system32\drivers\yk51x86.sys
2009-10-11 03:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-05 15:26:12 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-10-05 14:54:16 26216 ----a-w- c:\windows\system32\msddf44.dll

============= FINISH: 22:00:12,18 ===============

big_kelly · 18.12.2009, 22:01

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 16.07.2009 22:23:57
System Uptime: 18.12.2009 20:25:04 (2 hours ago)

Motherboard: Foxconn | | 9657AA
Processor: Intel(R) Pentium(R) D CPU 2.66GHz | Socket 775 | 2678/133mhz
Processor: Intel(R) Pentium(R) D CPU 2.66GHz | Socket 775 | 2678/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 932 GiB total, 454,26 GiB free.
D: is CDROM ()
E: is Removable
F: is CDROM ()
G: is CDROM ()
I: is Removable
J: is Removable
K: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standardtastatur (101/102 Tasten) oder Microsoft Natural Keyboard (PS/2)
Device ID: ACPI\PNP0303\4&6CD354D&0
Manufacturer: (Standardtastaturen)
Name: Standardtastatur (101/102 Tasten) oder Microsoft Natural Keyboard (PS/2)
PNP Device ID: ACPI\PNP0303\4&6CD354D&0
Service: i8042prt

==== System Restore Points ===================

RP1: 08.12.2009 08:26:52 - Systemprüfpunkt
RP2: 08.12.2009 08:38:10 - Driver Detective wurde installiert.
RP3: 08.12.2009 09:07:50 - Konfiguriert JMicron JMB36X Driver
RP4: 08.12.2009 09:09:15 - Installiert Realtek High Definition Audio Driver
RP5: 11.12.2009 22:39:11 - Systemprüfpunkt
RP6: 12.12.2009 00:39:57 - Installed Logitech Gaming Software
RP7: 12.12.2009 21:50:51 - Steam wird entfernt
RP8: 13.12.2009 01:03:56 - DirectX wurde installiert
RP9: 13.12.2009 01:05:30 - Steam wird installiert
RP10: 14.12.2009 00:01:41 - Installiert NVIDIA nTune
RP11: 14.12.2009 00:20:45 - Removed Adobe Photoshop Lightroom 2.
RP12: 14.12.2009 00:29:28 - Driver Detective wurde entfernt.
RP13: 14.12.2009 00:35:17 - Removed QUAD RegistryCleaner
RP14: 14.12.2009 01:38:59 - Steam wird entfernt
RP15: 15.12.2009 01:57:20 - Systemprüfpunkt
RP16: 17.12.2009 02:37:24 - Systemprüfpunkt
RP17: 17.12.2009 23:41:33 - Entfernt Call of Juarez - Bound in Blood
RP18: 17.12.2009 23:52:53 - TuneUp Utilities wird installiert
RP19: 18.12.2009 04:04:01 - TuneUp Utilities 2006 wird entfernt
RP20: 18.12.2009 04:07:18 - Wiederherstellungspunkt mit 18.12.2009
RP21: 18.12.2009 21:22:50 - Software Distribution Service 3.0

==== Installed Programs ======================

1500
1500_Help
1500Trb
Adobe Acrobat 8 Professional - English, Français, Deutsch
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Recommended Settings
Adobe Color JA Extra Settings
Adobe Color NA Extra Settings
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe OnLocation CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Setup
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Stock Photos CS3
Adobe Type Support
Adobe Ultra CS3
Adobe Ultra CS3 - MSL Legacy Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server {ko_KR}
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
AiO_Scan
AiOSoftware
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArtMoney SE v7.31
avast! Antivirus
AviSynth 2.5
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
BD/HD Advisor 1.0
Bonjour
BufferChm
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CustomerResearchQFolder
CyberLink Hi-Def Suite
CyberLink PowerDVD
DAEMON Tools Toolbar
Destinations
DeviceManagementQFolder
DocProc
Driver Genius Professional Edition
DualCoreCenter
eSupportQFolder
Exact Audio Copy 0.99pb4
Fax
Firstload Ikarus
FLAC 1.2.1b (remove only)
FOX DMI
FOX LOGO
FOX ONE
Free Video Converter V 2.3
FTDI USB Serial Converter Drivers
FW LiveUpdate
Game Booster
Golden Records Vinyl to CD Converter
GoodMEM
Google Gears
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB926239)
HP Extended Capabilities 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP Product Assistant
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3
HP Update
HPProductAssistant
ICQ Toolbar
ICQ6.5
IncrediMail
iPhone-Konfigurationsprogramm
iTunes
Java(TM) 6 Update 17
JMicron JMB36X Driver
K-Lite Codec Pack 5.0.0 (Basic)
LabelPrint
LG ODD Auto Firmware Update
LightScribe Optical Disc Kit
LightScribe System Software
LockBox
Logitech Gaming Software
MarketResearch
Marvell Miniport Driver
MediaBar 2.0
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu
Microsoft .NET Framework 3.5 SP1
Microsoft Baseline Security Analyzer 1.2.1
Microsoft Office Access MUI (German) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office Groove MUI (German) 2007
Microsoft Office InfoPath MUI (German) 2007
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Software Update for Web Folders (German) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Miles Sound Tools
MobileMe Control Panel
MozBackup 1.4.9
Mozilla Firefox (3.5.6)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
Need for Speed™ SHIFT
Nero Suite
NewCopy
NVIDIA Drivers
NVIDIA nTune
NVIDIA nView Desktop Manager
NVIDIA PhysX
O&O DiskImage Professional
O&O DiskRecovery
O&O SafeErase
O&O UnErase
OLYMPUS Master 2
OLYMPUS Raw Codec
OLYMPUS Studio 2
oZone3D.Net FurMark v1.7.0
PC SpeedScan Pro
PDF Settings
Power2Go 5.0
PowerBackup
PowerProducer
Prism Video Converter
ProductContext
QuickPar 0.9
QuickTime
Readme
RealPlayer
Realtek High Definition Audio Driver
Safari
Scan
ScannerCopy
SecureDoc
Skype™ 4.1
SolutionCenter
Status
Steam
System Requirements Lab
TrayApp
TuneUp Utilities
TuneUp Utilities Language Pack (de-DE)
Uninstall 1.0.0.1
Unload
Update für Windows XP (KB898461)
VLC media player 1.0.3
Vuze
Vuze Toolbar
WebFldrs XP
WebReg
Windows-Treiberpaket - OLYMPUS IMAGING CORP. (OlyFirCam) OlyFirCam (06/28/2007 2.2.0.0)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. (OlyUsbCam) OlyUsbCam (12/28/2006 1.0.0.0)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
WinRAR
WinSCP 4.1.9
WinZip 12.1
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Xvid 1.2.2 final uninstall

==== Event Viewer Messages From Past Week ========

12.12.2009 20:51:04, Informationen: Windows File Protection [64002] - Es wurde versucht, die geschützte Systemdatei nv4_mini.sys zu ersetzen. Diese Datei wurde von der Originalversion wiederhergestellt, um die Systemstabilität zu gewährleisten. Die Dateiversion der Systemdatei ist 6.14.10.5673.
12.12.2009 20:51:04, Informationen: Windows File Protection [64002] - Es wurde versucht, die geschützte Systemdatei nv4_disp.dll zu ersetzen. Diese Datei wurde von der Originalversion wiederhergestellt, um die Systemstabilität zu gewährleisten. Die Dateiversion der Systemdatei ist 6.14.10.5673.
12.12.2009 20:50:43, Informationen: Windows File Protection [64002] - Es wurde versucht, die geschützte Systemdatei nv4_mini.sys zu ersetzen. Diese Datei wurde von der Originalversion wiederhergestellt, um die Systemstabilität zu gewährleisten. Die Dateiversion der Systemdatei ist 6.14.10.5673.
12.12.2009 20:50:43, Informationen: Windows File Protection [64002] - Es wurde versucht, die geschützte Systemdatei nv4_disp.dll zu ersetzen. Diese Datei wurde von der Originalversion wiederhergestellt, um die Systemstabilität zu gewährleisten. Die Dateiversion der Systemdatei ist 6.14.10.5673.

==== End Of File ===========================

Win32:Rootkit-gen Virus was soll ich tun??!!??

Plagegeister aller Art und deren Bekämpfung: Win32:Rootkit-gen Virus was soll ich tun??!!??