Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Zeus 2 auf meinem pc

Zeus 2 auf meinem pc


Plagegeister aller Art und deren Bekämpfung: Zeus 2 auf meinem pc

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.07.2010, 19:01   #1
ivonn81
 
Zeus 2 auf meinem pc - Standard

Zeus 2 auf meinem pc


Hi,

ich habe seit circa 3 wochen probleme mit meinem banking. am dienstag hat mir die 3. bank mein onlinekonto gesperrt. begründung ich habe zeus 2 auf meinem pc.

habe sämtliche programme drüber laufen lassen

wer kann mir helfen ausser formatierung

Alt 23.07.2010, 19:08   #2
ivonn81
 
Zeus 2 auf meinem pc - Standard

Zeus 2 auf meinem pc


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.07.2010 19:56:55 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Ivonne\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 152,71 Gb Total Space | 95,85 Gb Free Space | 62,76% Space Free | Partition Type: NTFS
Drive D: | 149,10 Gb Total Space | 147,17 Gb Free Space | 98,71% Space Free | Partition Type: NTFS
Drive E: | 10,00 Gb Total Space | 8,03 Gb Free Space | 80,30% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 135,21 Gb Total Space | 78,83 Gb Free Space | 58,30% Space Free | Partition Type: NTFS
Drive I: | 74,44 Gb Total Space | 30,08 Gb Free Space | 40,41% Space Free | Partition Type: NTFS
 
Computer Name: IVONNE-PC
Current User Name: Ivonne
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ivonne\Downloads\OTL.exe (OldTimer Tools)
PRC - E:\mozilla\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Programme\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
PRC - C:\Programme\IncrediMail\bin\ImApp.exe (IncrediMail, Ltd.)
PRC - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - c:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
PRC - C:\Windows\System32\drivers\CDAC11BA.EXE (C-Dilla Ltd)
PRC - C:\Programme\Registry Mechanic\RMTray.exe (PC Tools  )
PRC - C:\Programme\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Programme\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
PRC - C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\McAfee\MSK\msksrver.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\Programme\AskBarDis\bar\bin\AskService.exe ()
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - E:\office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\AAVUpdateManager\aavus.exe ()
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Programme\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Programme\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\Programme\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Ivonne\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (mcmscsvc) -- C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (0051821279904358mcinstcleanup) McAfee Application Installer Cleanup (0051821279904358) -- C:\Windows\Temp\0051821279904358mcinst.exe (McAfee, Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (C-DillaCdaC11BA) -- C:\Windows\System32\drivers\CDAC11BA.EXE (C-Dilla Ltd)
SRV - (PCToolsSSDMonitorSvc) -- C:\Programme\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\stacsv.exe (IDT, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (ASKUpgrade) -- C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (ASKService) -- C:\Programme\AskBarDis\bar\bin\AskService.exe ()
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (Creative Labs Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe (Creative Labs)
SRV - (Microsoft Office Groove Audit Service) -- E:\office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (AAV UpdateService) -- C:\Program Files\AAVUpdateManager\aavus.exe ()
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (PzWDM) -- C:\Windows\system32\Drivers\PzWDM.sys (Prassi Technology)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (VWiFiFlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (OA001Vid) -- C:\Windows\System32\drivers\OA001Vid.sys (Creative Technology Ltd.)
DRV - (OA001Ufd) -- C:\Windows\System32\drivers\OA001Ufd.sys (Creative Technology Ltd.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (acehlp10) -- C:\Windows\System32\drivers\acehlp10.sys (Protect Software GmbH)
DRV - (acedrv10) -- C:\Windows\System32\drivers\ACEDRV10.sys (Protect Software GmbH)
DRV - (RT73) -- C:\Windows\System32\drivers\Dr71WU.sys (Ralink Technology, Corp.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
IE - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ober&type=gamenextus"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ober&type=gamenextus"
FF - prefs.js..browser.search.selectedEngine: "Winload Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:2.5.8.6
FF - prefs.js..keyword.URL: "hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://mystart.hiyo.com/?loc=ff_address&search="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: E:\mozilla\components [2010.07.23 07:02:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: E:\mozilla\plugins [2010.07.23 07:02:42 | 000,000,000 | ---D | M]
 
[2009.10.12 16:37:05 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\mozilla\Extensions
[2009.10.11 21:34:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\mozilla\Firefox\extensions
[2009.10.11 21:34:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ivonne\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.07.22 19:02:37 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\mozilla\Firefox\Profiles\0dlxe9zy.default\extensions
[2010.04.30 14:24:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ivonne\AppData\Roaming\mozilla\Firefox\Profiles\0dlxe9zy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.05 16:48:52 | 000,000,000 | ---D | M] (Winload Toolbar) -- C:\Users\Ivonne\AppData\Roaming\mozilla\Firefox\Profiles\0dlxe9zy.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2010.02.18 18:18:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Ivonne\AppData\Roaming\mozilla\Firefox\Profiles\0dlxe9zy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.11.11 12:34:38 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\mozilla\Firefox\Profiles\0dlxe9zy.default\extensions\moveplayer@movenetworks.com
[2010.03.24 16:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Ivonne\AppData\Roaming\Mozilla\FireFox\Profiles\0dlxe9zy.default\searchplugins\conduit.xml
[2009.12.12 22:24:02 | 000,002,055 | ---- | M] () -- C:\Users\Ivonne\AppData\Roaming\Mozilla\FireFox\Profiles\0dlxe9zy.default\searchplugins\daemon-search.xml
[2010.06.17 19:00:26 | 000,002,149 | ---- | M] () -- C:\Users\Ivonne\AppData\Roaming\Mozilla\FireFox\Profiles\0dlxe9zy.default\searchplugins\MyStart Search.xml
 
O1 HOSTS File: ([2010.07.02 13:47:33 | 000,411,423 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 14218 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [GrooveMonitor] E:\office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MBBalloon] C:\Programme\HOTALBUMMyBOX\MBBalloon.exe (PLANNING Co., Ltd.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SSDMonitor] C:\Programme\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe (PC Tools  )
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2172064567-3978960140-2262966222-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - E:\office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.03.05 06:50:09 | 000,000,000 | ---D | M] - I:\Autoschieber Tycoon -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.22 20:22:19 | 000,000,000 | ---D | C] -- C:\Programme\Trojancheck 6
[2010.07.22 19:03:16 | 000,000,000 | ---D | C] -- C:\Users\Ivonne\AppData\Roaming\Malwarebytes
[2010.07.22 19:03:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.07.22 19:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.22 19:03:04 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.07.22 19:03:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.21 14:53:22 | 000,000,000 | ---D | C] -- C:\Programme\KaM - The Shattered Kingdom
[2010.07.15 21:09:27 | 000,000,000 | ---D | C] -- C:\Programme\Apoint2K
[2010.07.15 20:49:31 | 000,000,000 | ---D | C] -- C:\Users\Ivonne\AppData\Roaming\DeviceDoctorSoftware
[2010.07.15 20:49:28 | 000,000,000 | ---D | C] -- C:\Programme\Device Doctor
[2010.07.14 15:02:03 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010.07.05 16:52:28 | 000,000,000 | ---D | C] -- C:\Programme\Datamatec
[2010.07.05 16:48:54 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.07.05 16:48:53 | 000,000,000 | ---D | C] -- C:\Programme\Winload
[2010.07.04 15:50:10 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010.07.04 15:50:07 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.07.04 15:35:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.07.04 15:35:00 | 000,000,000 | ---D | C] -- C:\Programme\Lavasoft
[2010.07.04 15:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.07.04 15:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010.07.03 09:45:31 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.07.03 09:45:30 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.07.03 09:45:30 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.07.02 19:40:10 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2010.07.02 13:20:37 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2010.07.02 13:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.07.02 13:03:40 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.07.02 13:03:39 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.07.02 13:03:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.07.02 13:03:39 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.23 19:59:29 | 008,388,608 | -HS- | M] () -- C:\Users\Ivonne\ntuser.dat
[2010.07.23 19:55:13 | 000,010,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.23 19:55:13 | 000,010,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.23 19:48:05 | 000,034,697 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010.07.23 19:47:38 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.23 19:47:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.23 19:47:29 | 2411,900,928 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.23 19:46:40 | 000,985,473 | -H-- | M] () -- C:\Users\Ivonne\AppData\Local\IconCache.db
[2010.07.22 19:03:11 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.21 14:32:55 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.07.21 14:32:55 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.07.21 14:32:55 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.07.21 14:32:55 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.07.21 14:32:55 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.07.18 12:57:06 | 000,524,288 | -HS- | M] () -- C:\Users\Ivonne\ntuser.dat{d517e4d8-91e4-11df-b25f-002219df49ed}.TMContainer00000000000000000002.regtrans-ms
[2010.07.18 12:57:06 | 000,524,288 | -HS- | M] () -- C:\Users\Ivonne\ntuser.dat{d517e4d8-91e4-11df-b25f-002219df49ed}.TMContainer00000000000000000001.regtrans-ms
[2010.07.18 12:57:06 | 000,065,536 | -HS- | M] () -- C:\Users\Ivonne\ntuser.dat{d517e4d8-91e4-11df-b25f-002219df49ed}.TM.blf
[2010.07.18 11:31:12 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010.07.18 11:31:12 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010.07.17 23:04:39 | 000,000,587 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.07.15 20:49:29 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Device Doctor.lnk
[2010.07.15 15:18:22 | 000,130,424 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys
[2010.07.05 16:52:30 | 000,002,084 | ---- | M] () -- C:\Users\Public\Desktop\Datamatec Tilgungsrechner.lnk
[2010.07.05 16:52:30 | 000,000,254 | ---- | M] () -- C:\Windows\win.ini
[2010.07.05 15:24:34 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.04 15:50:00 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.07.04 15:49:52 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010.07.04 15:48:08 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010.07.04 15:35:26 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.07.03 17:20:10 | 000,000,375 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010.07.02 19:39:47 | 000,001,406 | ---- | M] () -- C:\Windows\wininit.ini
[2010.07.02 13:47:33 | 000,411,423 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.07.02 12:41:01 | 000,524,288 | -HS- | M] () -- C:\Users\Ivonne\ntuser.dat{29561bb4-85c6-11df-a5f9-cf730bac82e8}.TMContainer00000000000000000002.regtrans-ms
[2010.07.02 12:41:01 | 000,524,288 | -HS- | M] () -- C:\Users\Ivonne\ntuser.dat{29561bb4-85c6-11df-a5f9-cf730bac82e8}.TMContainer00000000000000000001.regtrans-ms
[2010.07.02 12:41:01 | 000,065,536 | -HS- | M] () -- C:\Users\Ivonne\ntuser.dat{29561bb4-85c6-11df-a5f9-cf730bac82e8}.TM.blf
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.07.22 19:03:11 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.17 22:56:11 | 000,524,288 | -HS- | C] () -- C:\Users\Ivonne\ntuser.dat{d517e4d8-91e4-11df-b25f-002219df49ed}.TMContainer00000000000000000002.regtrans-ms
[2010.07.17 22:56:11 | 000,524,288 | -HS- | C] () -- C:\Users\Ivonne\ntuser.dat{d517e4d8-91e4-11df-b25f-002219df49ed}.TMContainer00000000000000000001.regtrans-ms
[2010.07.17 22:56:11 | 000,065,536 | -HS- | C] () -- C:\Users\Ivonne\ntuser.dat{d517e4d8-91e4-11df-b25f-002219df49ed}.TM.blf
[2010.07.15 20:49:29 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Device Doctor.lnk
[2010.07.05 16:52:30 | 000,002,084 | ---- | C] () -- C:\Users\Public\Desktop\Datamatec Tilgungsrechner.lnk
[2010.07.04 17:18:29 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010.07.04 15:35:26 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.07.02 15:05:15 | 000,001,406 | ---- | C] () -- C:\Windows\wininit.ini
[2010.07.02 12:41:01 | 000,524,288 | -HS- | C] () -- C:\Users\Ivonne\ntuser.dat{29561bb4-85c6-11df-a5f9-cf730bac82e8}.TMContainer00000000000000000002.regtrans-ms
[2010.07.02 12:41:01 | 000,524,288 | -HS- | C] () -- C:\Users\Ivonne\ntuser.dat{29561bb4-85c6-11df-a5f9-cf730bac82e8}.TMContainer00000000000000000001.regtrans-ms
[2010.07.02 12:41:01 | 000,065,536 | -HS- | C] () -- C:\Users\Ivonne\ntuser.dat{29561bb4-85c6-11df-a5f9-cf730bac82e8}.TM.blf
[2009.11.04 19:39:50 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.11.04 19:39:50 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.11.04 19:39:50 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.10.23 15:03:55 | 000,290,919 | ---- | C] () -- C:\Windows\System32\pythoncom21.dll
[2009.10.23 15:03:55 | 000,057,344 | ---- | C] () -- C:\Windows\System32\PyWinTypes21.dll
[2009.10.23 14:59:48 | 000,096,768 | ---- | C] () -- C:\Windows\SlantAdj.dll
[2009.10.23 14:59:48 | 000,000,072 | ---- | C] () -- C:\Windows\System32\epDPE.ini
[2009.10.23 14:54:00 | 000,000,025 | ---- | C] () -- C:\Windows\CDE CX5400G.ini
[2009.10.16 11:56:56 | 000,000,364 | ---- | C] () -- C:\Windows\SIERRA.INI
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.01 15:32:20 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.07.01 15:32:19 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.05.27 17:52:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.22 15:51:45 | 000,016,098 | ---- | C] () -- C:\Windows\German2.ini
[2009.04.01 18:53:00 | 000,000,387 | ---- | C] () -- C:\Windows\wiso.ini
[2009.03.08 14:15:47 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.02.26 18:14:28 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009.02.26 18:14:28 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2009.02.26 18:14:28 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2010.04.12 13:54:25 | 000,000,000 | -HSD | M] -- C:\Users\Ivonne\AppData\Roaming\.#
[2010.06.06 12:47:01 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Alawar
[2009.11.24 12:54:41 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Azureus
[2009.10.11 21:33:57 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Buhl Data Service
[2010.06.30 19:15:21 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Cemiy
[2009.10.11 21:33:57 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010.04.13 17:17:26 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Cornelsen
[2009.04.08 19:38:01 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\DAEMON Tools
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\DAEMON Tools Lite
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\DAEMON Tools Pro
[2010.07.15 20:49:31 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\DeviceDoctorSoftware
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\EPSON
[2010.05.30 13:28:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\EscapeFromParadise2
[2009.12.12 22:41:13 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\FarmingSimulator2008
[2009.11.07 10:50:50 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\FILEminimizerPictures
[2010.06.05 20:16:42 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Friday's games
[2010.01.23 14:49:00 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\FUJIFILM
[2010.07.09 21:54:21 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\ICAClient
[2010.07.18 18:28:29 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\ICQ
[2010.04.14 14:25:53 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\InterTrust
[2009.11.07 10:52:31 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\IrfanView
[2009.11.03 10:02:32 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Smart Panel
[2010.04.08 13:25:48 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\TeamViewer
[2009.10.11 21:34:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Template
[2009.10.11 21:34:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Ubisoft
[2009.11.23 17:01:43 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Uniblue
[2009.02.26 19:05:16 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2009.09.01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2010.06.11 20:36:14 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.04.12 13:54:25 | 000,000,000 | -HSD | M] -- C:\Users\Ivonne\AppData\Roaming\.#
[2009.10.23 14:55:37 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\ABBYY
[2009.10.11 21:33:54 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Adobe
[2010.06.06 12:47:01 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Alawar
[2010.04.10 18:49:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Apple Computer
[2009.10.23 15:09:31 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\ArcSoft
[2009.10.11 21:33:54 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\ATI
[2009.11.24 12:54:41 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Azureus
[2009.10.11 21:33:57 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Buhl Data Service
[2010.06.30 19:15:21 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Cemiy
[2009.10.11 21:33:57 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010.04.13 17:17:26 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Cornelsen
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Creative
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\CyberLink
[2009.04.08 19:38:01 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\DAEMON Tools
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\DAEMON Tools Lite
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\DAEMON Tools Pro
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Dell
[2010.07.15 20:49:31 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\DeviceDoctorSoftware
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\DivX
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\EPSON
[2010.05.30 13:28:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\EscapeFromParadise2
[2009.12.12 22:41:13 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\FarmingSimulator2008
[2010.01.21 17:48:32 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\FastStone
[2009.11.07 10:50:50 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\FILEminimizerPictures
[2010.06.05 20:16:42 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Friday's games
[2010.01.23 14:49:00 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\FUJIFILM
[2010.07.09 21:54:21 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\ICAClient
[2010.07.18 18:28:29 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\ICQ
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Identities
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\InstallShield
[2010.04.14 14:25:53 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\InterTrust
[2009.11.07 10:52:31 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\IrfanView
[2009.10.11 21:33:58 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Macromedia
[2010.07.22 19:03:16 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Media Center Programs
[2010.03.29 14:54:09 | 000,000,000 | --SD | M] -- C:\Users\Ivonne\AppData\Roaming\Microsoft
[2009.10.11 21:34:13 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Microsoft Games
[2009.10.11 21:34:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Move Networks
[2009.10.12 16:37:05 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Mozilla
[2009.10.11 21:34:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Roxio
[2009.10.11 21:34:14 | 000,000,000 | RH-D | M] -- C:\Users\Ivonne\AppData\Roaming\SecuROM
[2009.11.03 10:02:32 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Smart Panel
[2010.06.22 13:02:20 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\SUPERAntiSpyware.com
[2010.04.08 13:25:48 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\TeamViewer
[2009.10.11 21:34:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Template
[2009.10.11 21:34:14 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Ubisoft
[2009.11.23 17:01:43 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\Uniblue
[2009.11.10 08:32:27 | 000,000,000 | ---D | M] -- C:\Users\Ivonne\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2009.04.01 18:43:58 | 007,114,736 | ---- | M] () -- C:\Users\Ivonne\AppData\Roaming\Azureus\plugins\azemp\azmplay.exe
[2010.06.19 13:46:31 | 000,010,134 | R--- | M] () -- C:\Users\Ivonne\AppData\Roaming\Microsoft\Installer\{86C527CC-4AF2-903C-7BFF-5975272CC645}\ARPPRODUCTICON.exe
[2010.07.18 11:32:25 | 000,119,808 | R--- | M] () -- C:\Users\Ivonne\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
[2009.11.28 14:08:07 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Ivonne\AppData\Roaming\Microsoft\Installer\{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}\ARPPRODUCTICON.exe
[2009.06.13 15:20:45 | 000,010,134 | R--- | M] () -- C:\Users\Ivonne\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.06.19 09:32:33 | 000,073,728 | R--- | M] () -- C:\Users\Ivonne\AppData\Roaming\Microsoft\Installer\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}\ARPICON.exe
[2010.06.19 09:32:33 | 000,073,728 | R--- | M] () -- C:\Users\Ivonne\AppData\Roaming\Microsoft\Installer\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}\liteico.exe.827545C6_7013_4DE1_8E6C_DAEE4C57F54A.exe
[2009.02.12 20:37:34 | 000,097,144 | ---- | M] () -- C:\Users\Ivonne\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2009.09.18 07:35:11 | 000,034,062 | ---- | M] () -- C:\Users\Ivonne\AppData\Roaming\Move Networks\ie_bin\Uninst.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.07.14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009.07.14 03:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msvbvm60.dll
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:9AB338B9
< End of report >
--- --- ---
__________________
Alt 23.07.2010, 19:08   #3
ivonn81
 
Zeus 2 auf meinem pc - Standard

Zeus 2 auf meinem pc


OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.07.2010 19:56:55 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Ivonne\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 152,71 Gb Total Space | 95,85 Gb Free Space | 62,76% Space Free | Partition Type: NTFS
Drive D: | 149,10 Gb Total Space | 147,17 Gb Free Space | 98,71% Space Free | Partition Type: NTFS
Drive E: | 10,00 Gb Total Space | 8,03 Gb Free Space | 80,30% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 135,21 Gb Total Space | 78,83 Gb Free Space | 58,30% Space Free | Partition Type: NTFS
Drive I: | 74,44 Gb Total Space | 30,08 Gb Free Space | 40,41% Space Free | Partition Type: NTFS
 
Computer Name: IVONNE-PC
Current User Name: Ivonne
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2172064567-3978960140-2262966222-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\mozilla\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "E:\office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- E:\office\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@CHIPTOOL_is1" = Beck @CHIPTOOL V5.9.9.1
"{03CFDC67-5B03-EE5C-4176-F545B0D2F485}" = CCC Help Korean
"{048DB60B-5AD7-40D3-ACDA-6E8B233829FA}" = Logitech Harmony Remote Software 7
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0A2AC888-61DC-CD55-5969-8602A7E9716D}" = CCC Help Italian
"{0CF884B6-C6D8-EB7B-D2BF-2877C6F49EBC}" = CCC Help Swedish
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID-Anmelde-Assistent
"{185CC275-907C-0D83-B0C2-7B065C5108D8}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.00
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2ED967AD-FBB0-5355-F5F2-E7A03AAD4F71}" = Catalyst Control Center Localization All
"{2FBC726B-4E5E-4FAE-B222-C3D343E50015}" = EPSON Photo Print
"{30FA0F5C-B1A9-39EB-8148-3D574C0C8332}" = Catalyst Control Center Graphics Previews Common
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{35852FDE-7263-23EA-435F-44E4B61996D0}" = CCC Help Japanese
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{445F6C1F-C48F-0CC9-A030-040D3EA42C93}" = Catalyst Control Center Graphics Full New
"{46E08E5F-02B4-E854-CD4F-ED3E4FEBE122}" = CCC Help French
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5A841BCF-1C5B-E3DA-9475-892CA6576425}" = CCC Help Finnish
"{5B8741B6-4BEA-47D3-DB77-959C7FF35B39}" = Catalyst Control Center Graphics Full Existing
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5FA16D15-FA5B-7F0F-7CBB-369E1E2937C9}" = CCC Help Spanish
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{61F27C5E-5274-0DB8-67CC-5253C6CF2B93}" = CCC Help Dutch
"{63CFD835-FF50-4F8B-91CD-5662A8C640F8}" = Photo Transport
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{6625CE8F-6E89-561F-D828-1B8535DEEBB6}" = Catalyst Control Center Core Implementation
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6C5D7191-140A-11D6-B5A0-0050DA208A93}" = ArcSoft PhotoImpression
"{6CF47FD1-3CF8-4206-BA24-A2B1E43D8CCA}" = IncrediMail
"{6D2CCC4B-007D-EEE7-3E69-578B178A7B91}" = Catalyst Control Center Graphics Previews Vista
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{71E3D92F-2C51-B4E9-F2B6-EAF89C33E580}" = CCC Help Portuguese
"{7299052B-02A4-4627-81F2-1818DA5D550D}" = Microsoft Visual C++ 2005 Redistributable
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A27764B-5434-4DAA-BD43-3ACF4FFCD7FE}" = SweetIM Toolbar for Internet Explorer 3.8
"{7EABB309-64F7-11D7-B796-0050BFE4DB80}" = Restaurant Empire
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{86C527CC-4AF2-903C-7BFF-5975272CC645}" = Catalyst Control Center InstallProxy
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8DDFDDE9-C206-F32E-66AD-D17558D7677E}" = CCC Help German
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A2A4AC67-DC60-A92B-DD50-65BEE8FA8D71}" = CCC Help Russian
"{A505FBE1-7175-61A6-FFD4-3273998ACBFE}" = ccc-utility
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9
"{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}" = ABBYY FineReader 6.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility
"{B9C5005C-56CA-38E4-A093-79F22ECA0427}" = CCC Help Norwegian
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus
"{D575FBAA-D6D6-4221-A2C4-67541DB7AB5E}_is1" = Device Doctor 1.0.0.1
"{DC93F14E-D2C9-D6D1-31B6-D31AC2AD3BB0}" = Catalyst Control Center Graphics Light
"{DC9A14D9-EC38-4BF4-B529-A69D91D0DEDA}" = HOT ALBUM MYBOX
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.6600
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E6E0F53B-B7B8-E052-5C32-76C885536A3E}" = CCC Help Danish
"{E7D293C9-732D-4E22-905D-2615FED321A4}" = BILD-Steuer 2010
"{EB68307E-4E70-0C63-2CEE-62FA85C88CA6}" = ATI Catalyst Install Manager
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7FE3C6E-ECB8-0853-584F-BE19BA05B1B8}" = CCC Help Chinese Standard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FCC49808-C684-FEFA-3C02-46A04A7C9EBD}" = CCC Help English
"{FFCB1B04-5B1C-4A17-AA60-CA6F00BA50F9}" = StarMoney
"8461-7759-5462-8226" = Vuze
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ask Toolbar_is1" = Vuze Toolbar
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309)  
"EADM" = EA Download Manager
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"ESCX5400 Kopierhandbuch" = ESCX5400 Kopierhandbuch
"ESCX5400 Referenzhandbuch" = ESCX5400 Referenzhandbuch
"ESCX5400 Softwarehandbuch" = ESCX5400 Softwarehandbuch
"IncrediMail" = IncrediMail 2.0
"InstallShield_{DC9A14D9-EC38-4BF4-B529-A69D91D0DEDA}" = HOT ALBUM MYBOX
"KaM - The Shattered Kingdom" = KaM - The Shattered Kingdom
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MSC" = McAfee SecurityCenter
"Pharao" = Pharao
"Pharaoh" = Pharao
"PhotoMail" = PhotoMail Maker
"Registry Mechanic_is1" = Registry Mechanic 9.0
"Restaurant Empire II" = Restaurant Empire II
"SSC Service Utility_is1" = SSC Service Utility v4.30
"Tilgungsrechner_is1" = Datamatec Tilgungsrechner 4.30
"Trojancheck_is1" = Trojancheck 6
"WinLiveSuite_Wave3" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"WinRAR archiver" = WinRAR
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2172064567-3978960140-2262966222-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"f031ef6ac137efc5" = Dell Driver Download Manager - 1 
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---
__________________
Antwort

Themen zu Zeus 2 auf meinem pc
ausser, begründung, dienstag, formatierung, laufe, laufen, probleme, programme, sämtliche, woche, wochen, zeus 2


« Trojana - Win32.AutRun.tmp | C:\WINDOWS\system32\ChCfhelp.dll - TR/Spy.Browse.A »


Ähnliche Themen: Zeus 2 auf meinem pc


  1. Zeus ZBot Infektion
    Log-Analyse und Auswertung - 03.07.2015 (18)
  2. Zeus Bot anscheinend auf PC// Brief von Telekom
    Plagegeister aller Art und deren Bekämpfung - 10.06.2015 (21)
  3. Windows XP lt. Provider Virus Zeus auf meinem PC
    Log-Analyse und Auswertung - 22.01.2015 (7)
  4. Kontakte aus meinem Yahoo Adressbuch erhalten Spam-Emails von meinem Account
    Plagegeister aller Art und deren Bekämpfung - 23.06.2014 (11)
  5. Auf meinem Server wird meine webseite befallen, evtl. liegt das an meinem Computer / Befall?
    Plagegeister aller Art und deren Bekämpfung - 01.05.2014 (27)
  6. Zeus, forschen
    Mülltonne - 21.04.2014 (1)
  7. 1 und 1 - Warnung vor Zeus
    Plagegeister aller Art und deren Bekämpfung - 03.03.2013 (24)
  8. ZeuS/ZBot...was tun?
    Plagegeister aller Art und deren Bekämpfung - 18.01.2013 (15)
  9. Zeus Virus eingefangen
    Log-Analyse und Auswertung - 14.01.2013 (9)
  10. web.de meldet zeus trojaner
    Log-Analyse und Auswertung - 14.12.2012 (7)
  11. GMX Nachricht: ich bin infiziert mit Zeus
    Plagegeister aller Art und deren Bekämpfung - 06.12.2012 (24)
  12. Zeus Trojaner??
    Plagegeister aller Art und deren Bekämpfung - 10.11.2012 (27)
  13. Trojaner Zeus 2 - Was ist alles zu tun?
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (13)
  14. Trojaner Zeus
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (37)
  15. Zeus Virus durch web?
    Plagegeister aller Art und deren Bekämpfung - 16.01.2011 (51)
  16. Trojaner - Zeus 2
    Plagegeister aller Art und deren Bekämpfung - 06.09.2010 (9)
  17. Trojaner Zeus entdeckt
    Plagegeister aller Art und deren Bekämpfung - 08.07.2010 (27)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Zeus 2 auf meinem pc - Hi, ich habe seit circa 3 wochen probleme mit meinem banking. am dienstag hat mir die 3. bank mein onlinekonto gesperrt. begründung ich habe zeus 2 auf meinem pc. habe - Zeus 2 auf meinem pc...
Archiv
Du betrachtest: Zeus 2 auf meinem pc auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131