| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Kampf Musik im Desktop HintergrundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.08.2010, 14:09
| #16 |
 |  Kampf Musik im Desktop Hintergrund so habe ich getan da stand dann ok und mein Rechner hat neugestartet Lg Svensen89 |
|
07.08.2010, 14:15
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Kampf Musik im Desktop Hintergrund Lösche bitte die vorhandenen MBRCheck.txt
__________________
__________________ |
|
07.08.2010, 14:16
| #18 |
| | Kampf Musik im Desktop Hintergrund MBRCheck, version 1.2.3
__________________(c) 2010, AD Command-line: Windows Version: Windows 7 Ultimate Edition Windows Information: (build 7600), 32-bit Base Board Manufacturer: FUJITSU SIEMENS BIOS Manufacturer: American Megatrends Inc. System Manufacturer: FUJITSU SIEMENS System Product Name: G31T-M2 Logical Drives Mask: 0x00000ffc Kernel Drivers (total 204): 0x8303E000 \SystemRoot\system32\ntoskrnl.exe 0x83007000 \SystemRoot\system32\halmacpi.dll 0x80BBC000 \SystemRoot\system32\kdcom.dll 0x8C411000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x8C489000 \SystemRoot\system32\PSHED.dll 0x8C49A000 \SystemRoot\system32\BOOTVID.dll 0x8C4A2000 \SystemRoot\system32\CLFS.SYS 0x8C4E4000 \SystemRoot\system32\CI.dll 0x8C58F000 \SystemRoot\system32\drivers\Wdf01000.sys 0x8C600000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x8C60E000 \SystemRoot\System32\Drivers\spnz.sys 0x8C701000 \SystemRoot\System32\Drivers\WMILIB.SYS 0x8C70A000 \SystemRoot\System32\Drivers\SCSIPORT.SYS 0x8C730000 \SystemRoot\system32\DRIVERS\ACPI.sys 0x8C778000 \SystemRoot\system32\DRIVERS\vdrvroot.sys 0x8C783000 \SystemRoot\system32\DRIVERS\pci.sys 0x8C7AD000 \SystemRoot\system32\DRIVERS\msisadrv.sys 0x8C7B5000 \SystemRoot\System32\drivers\partmgr.sys 0x8C7C6000 \SystemRoot\system32\DRIVERS\volmgr.sys 0x8C819000 \SystemRoot\System32\drivers\volmgrx.sys 0x8C864000 \SystemRoot\system32\DRIVERS\intelide.sys 0x8C86B000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS 0x8C879000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x8C881000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x8C88C000 \SystemRoot\System32\drivers\mountmgr.sys 0x8C8A2000 \SystemRoot\system32\DRIVERS\atapi.sys 0x8C8AB000 \SystemRoot\system32\DRIVERS\ataport.SYS 0x8C8CE000 \SystemRoot\system32\DRIVERS\amdxata.sys 0x8C8D7000 \SystemRoot\system32\drivers\fltmgr.sys 0x8C90B000 \SystemRoot\system32\drivers\fileinfo.sys 0x8C91C000 \SystemRoot\System32\Drivers\Ntfs.sys 0x8CA4B000 \SystemRoot\System32\Drivers\msrpc.sys 0x8CA76000 \SystemRoot\System32\Drivers\ksecdd.sys 0x8CA89000 \SystemRoot\System32\Drivers\cng.sys 0x8CAE6000 \SystemRoot\System32\drivers\pcw.sys 0x8CAF4000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x8CAFD000 \SystemRoot\system32\drivers\ndis.sys 0x8CBB4000 \SystemRoot\system32\drivers\NETIO.SYS 0x8C7D6000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x8CC3F000 \SystemRoot\System32\drivers\tcpip.sys 0x8CD88000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x8CDB9000 \SystemRoot\system32\DRIVERS\vmstorfl.sys 0x8CDC2000 \SystemRoot\system32\DRIVERS\volsnap.sys 0x8CE01000 \SystemRoot\System32\Drivers\spldr.sys 0x8CE09000 \SystemRoot\System32\drivers\rdyboost.sys 0x8CE36000 \SystemRoot\System32\Drivers\mup.sys 0x8CE46000 \SystemRoot\System32\drivers\hwpolicy.sys 0x8CE4E000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x8CE80000 \SystemRoot\system32\DRIVERS\disk.sys 0x8CE91000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x8CEE8000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x8CF07000 \??\C:\Windows\system32\drivers\ACEDRV05.sys 0x8CF66000 \??\C:\Windows\system32\drivers\SSHDRV76.sys 0x8CF96000 \SystemRoot\System32\Drivers\Null.SYS 0x8CF9D000 \SystemRoot\System32\Drivers\Beep.SYS 0x8CFA4000 \SystemRoot\System32\drivers\vga.sys 0x8CFB0000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x8CFD1000 \SystemRoot\System32\drivers\watchdog.sys 0x8CFDE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x8CFE6000 \SystemRoot\system32\drivers\rdpencdd.sys 0x8CFEE000 \SystemRoot\system32\drivers\rdprefmp.sys 0x8CC00000 \SystemRoot\System32\Drivers\Msfs.SYS 0x8CC0B000 \SystemRoot\System32\Drivers\Npfs.SYS 0x8CC19000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8CC30000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x93C0F000 \SystemRoot\system32\drivers\afd.sys 0x93C69000 \SystemRoot\System32\DRIVERS\netbt.sys 0x93C9B000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x93CA2000 \SystemRoot\system32\DRIVERS\pacer.sys 0x93CC1000 \SystemRoot\system32\DRIVERS\vpcnfltr.sys 0x93CD1000 \SystemRoot\system32\DRIVERS\netbios.sys 0x93CDF000 \SystemRoot\system32\DRIVERS\serial.sys 0x93CF9000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x93D0C000 \SystemRoot\system32\drivers\vpcvmm.sys 0x93D53000 \SystemRoot\system32\DRIVERS\termdd.sys 0x93D63000 \SystemRoot\system32\DRIVERS\ssmdrv.sys 0x93D69000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 0x93D8B000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 0x93D91000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x93DD2000 \SystemRoot\system32\drivers\nsiproxy.sys 0x93DDC000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x93DE6000 \SystemRoot\System32\drivers\discache.sys 0x93DF2000 \SystemRoot\system32\drivers\csc.sys 0x93E56000 \SystemRoot\System32\Drivers\dfsc.sys 0x93E6E000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x93E7C000 \SystemRoot\system32\DRIVERS\avipbb.sys 0x93E98000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys 0x93E9A000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x93EBB000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x95411000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x95E8F000 \SystemRoot\system32\DRIVERS\nvBridge.kmd 0x95E91000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x95F48000 \SystemRoot\System32\drivers\dxgmms1.sys 0x95F81000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x95FA0000 \SystemRoot\system32\DRIVERS\Rt86win7.sys 0x95FE5000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x93ECD000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x95FF0000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x93F18000 \SystemRoot\system32\drivers\cmaudio.sys 0x93F70000 \SystemRoot\system32\drivers\portcls.sys 0x93F9F000 \SystemRoot\system32\drivers\drmk.sys 0x93FB8000 \SystemRoot\system32\drivers\ks.sys 0x9483D000 \SystemRoot\system32\DRIVERS\1394ohci.sys 0x94869000 \SystemRoot\system32\DRIVERS\serenum.sys 0x94873000 \SystemRoot\system32\DRIVERS\parport.sys 0x9488B000 \SystemRoot\System32\Drivers\abi8e5mk.SYS 0x948C4000 \SystemRoot\system32\DRIVERS\CompositeBus.sys 0x948D1000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x948E3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x948FB000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x94906000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x94928000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x94940000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x94957000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x9496E000 \SystemRoot\system32\DRIVERS\rdpbus.sys 0x94978000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x94985000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x94992000 \SystemRoot\system32\DRIVERS\swenum.sys 0x94994000 \SystemRoot\system32\DRIVERS\umbus.sys 0x949A2000 \SystemRoot\system32\DRIVERS\vpcusb.sys 0x949BA000 \SystemRoot\system32\DRIVERS\usbrpm.sys 0x949C7000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x949C9000 \SystemRoot\system32\DRIVERS\vpchbus.sys 0x949FF000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x94A43000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x96812000 \SystemRoot\system32\drivers\RTKVHDA.sys 0x96A0A000 \SystemRoot\System32\Drivers\crashdmp.sys 0x96A17000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x96A22000 \SystemRoot\System32\Drivers\dump_atapi.sys 0x96A2B000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x985A0000 \SystemRoot\System32\win32k.sys 0x96A3C000 \SystemRoot\System32\drivers\Dxapi.sys 0x96A46000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x96A5D000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x96A68000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x96A7B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x96A82000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x96A8E000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0x96AA5000 \SystemRoot\system32\DRIVERS\monitor.sys 0x96AB0000 \SystemRoot\system32\DRIVERS\KMWDFILTER.sys 0x96AB9000 \SystemRoot\system32\DRIVERS\whfltr2k.sys 0x96ABB000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x98400000 \SystemRoot\System32\TSDDD.dll 0x98430000 \SystemRoot\System32\cdd.dll 0x98450000 \SystemRoot\System32\ATMFD.DLL 0x96AC6000 \SystemRoot\system32\drivers\luafv.sys 0x96AE1000 \SystemRoot\system32\DRIVERS\avgntflt.sys 0x96AF5000 \SystemRoot\system32\drivers\WudfPf.sys 0x96B0F000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x96B1F000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x96B32000 \SystemRoot\system32\drivers\HTTP.sys 0x96BB7000 \SystemRoot\system32\DRIVERS\bowser.sys 0x96BD0000 \SystemRoot\System32\drivers\mpsdrv.sys 0x94A54000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x94A77000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x96BE2000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x96800000 \SystemRoot\system32\DRIVERS\parvdm.sys 0x96807000 \SystemRoot\System32\Drivers\TBPanel.SYS 0x94AB2000 \SystemRoot\system32\DRIVERS\atksgt.sys 0x96809000 \SystemRoot\system32\DRIVERS\lirsgt.sys 0x94AF5000 \SystemRoot\system32\drivers\peauth.sys 0x94B8C000 \SystemRoot\System32\Drivers\secdrv.SYS 0x94B96000 \SystemRoot\System32\DRIVERS\srvnet.sys 0xA4074000 \SystemRoot\System32\drivers\tcpipreg.sys 0xA4081000 \SystemRoot\System32\DRIVERS\srv2.sys 0xA40D0000 \SystemRoot\System32\DRIVERS\srv.sys 0xA4121000 \??\C:\Windows\system32\FsUsbExDisk.SYS 0xA412A000 \SystemRoot\system32\DRIVERS\WUDFRd.sys 0xA414B000 \SystemRoot\System32\drivers\ipnat.sys 0xA4171000 \??\C:\Windows\system32\drivers\mbam.sys 0x77D60000 \Windows\System32\ntdll.dll 0x48310000 \Windows\System32\smss.exe 0x77FA0000 \Windows\System32\apisetschema.dll 0x00260000 \Windows\System32\autochk.exe 0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll 0x77F40000 \Windows\System32\gdi32.dll 0x77F10000 \Windows\System32\imagehlp.dll 0x77CD0000 \Windows\System32\oleaut32.dll 0x77C00000 \Windows\System32\user32.dll 0x77F00000 \Windows\System32\nsi.dll 0x77B50000 \Windows\System32\msvcrt.dll 0x77A50000 \Windows\System32\wininet.dll 0x77EB0000 \Windows\System32\Wldap32.dll 0x779F0000 \Windows\System32\shlwapi.dll 0x77970000 \Windows\System32\comdlg32.dll 0x778E0000 \Windows\System32\clbcatq.dll 0x778A0000 \Windows\System32\ws2_32.dll 0x776A0000 \Windows\System32\iertutil.dll 0x77EA0000 \Windows\System32\lpk.dll 0x77600000 \Windows\System32\advapi32.dll 0x77520000 \Windows\System32\kernel32.dll 0x77480000 \Windows\System32\usp10.dll 0x77340000 \Windows\System32\urlmon.dll 0x77290000 \Windows\System32\rpcrt4.dll 0x77280000 \Windows\System32\psapi.dll 0x77260000 \Windows\System32\sechost.dll 0x770C0000 \Windows\System32\setupapi.dll 0x770B0000 \Windows\System32\normaliz.dll 0x77090000 \Windows\System32\imm32.dll 0x76440000 \Windows\System32\shell32.dll 0x76370000 \Windows\System32\msctf.dll 0x76210000 \Windows\System32\ole32.dll 0x761B0000 \Windows\System32\difxapi.dll 0x76190000 \Windows\System32\devobj.dll Processes (total 71): 0 System Idle Process 4 SYSTEM 296 C:\Windows\System32\smss.exe 440 csrss.exe 504 C:\Windows\System32\wininit.exe 516 csrss.exe 556 C:\Windows\System32\services.exe 584 C:\Windows\System32\lsass.exe 592 C:\Windows\System32\lsm.exe 652 C:\Windows\System32\winlogon.exe 740 C:\Windows\System32\svchost.exe 840 C:\Windows\System32\nvvsvc.exe 880 C:\Windows\System32\svchost.exe 964 C:\Windows\System32\svchost.exe 1012 C:\Windows\System32\svchost.exe 1040 C:\Windows\System32\svchost.exe 1148 C:\Windows\System32\audiodg.exe 1208 C:\Windows\System32\svchost.exe 1304 C:\Windows\System32\nvvsvc.exe 1348 C:\Windows\System32\svchost.exe 1468 C:\Windows\System32\LEXBCES.EXE 1516 C:\Windows\System32\LEXPPS.EXE 1552 C:\Windows\System32\spoolsv.exe 1628 C:\Program Files\Avira\AntiVir Desktop\sched.exe 1648 C:\Windows\System32\svchost.exe 1980 C:\Windows\System32\dwm.exe 124 C:\Windows\explorer.exe 332 C:\Windows\System32\taskhost.exe 1416 C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1908 C:\Windows\System32\svchost.exe 1892 C:\Windows\System32\FsUsbExService.Exe 1372 C:\Program Files\ICQ6Toolbar\ICQ Service.exe 2200 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe 2240 C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe 2296 C:\Windows\System32\PnkBstrA.exe 2320 C:\Windows\System32\PnkBstrB.exe 2344 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2420 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 2476 C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe 2676 C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe 2976 C:\Windows\RtHDVCpl.exe 3004 C:\Windows\mixer.exe 3012 C:\Xtreme Mouse\wh_exec.exe 3040 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 3116 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe 3168 C:\Program Files\EXPERTool\TBPANEL.exe 3324 C:\Program Files\ICQ7.2\ICQ.exe 3980 C:\Windows\servicing\TrustedInstaller.exe 4076 C:\Windows\System32\SearchIndexer.exe 1420 C:\Windows\System32\svchost.exe 1804 C:\Windows\System32\svchost.exe 3404 WUDFHost.exe 1764 C:\Windows\System32\svchost.exe 3800 C:\Program Files\Windows Media Player\wmpnetwk.exe 3408 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 1748 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 4148 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 4176 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 4184 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 4192 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 4200 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 4208 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 4420 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 4444 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe 4868 C:\Windows\System32\alg.exe 5592 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 4144 C:\Program Files\Windows Media Player\wmplayer.exe 5848 C:\Windows\System32\SearchProtocolHost.exe 1124 C:\Users\user\Desktop\MBRCheck (1).exe 5336 C:\Windows\System32\conhost.exe 5412 C:\Windows\System32\dllhost.exe \\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS) PhysicalDrive1 Model Number: ST3360320AS, Rev: 3.AAM PhysicalDrive0 Model Number: HitachiHDT721075SLA380, Rev: ST4OA31B Size Device Name MBR Status -------------------------------------------- 335 GB \\.\PhysicalDrive1 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 698 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 Done! Lg Svensen89 |
|
07.08.2010, 14:18
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kampf Musik im Desktop HintergrundZitat:
 Weiter gehts mit OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.08.2010, 14:23
| #20 |
| | Kampf Musik im Desktop Hintergrund OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.08.2010 15:19:51 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\user\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 335,35 Gb Total Space | 60,19 Gb Free Space | 17,95% Space Free | Partition Type: NTFS Drive D: | 698,63 Gb Total Space | 24,26 Gb Free Space | 3,47% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SVENSEN Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\user\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\EXPERTool\TBPANEL.exe (Gainward Co.) PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - c:\Programme\Windows Defender\MpCmdRun.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA) PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA) PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Xtreme Mouse\wh_exec.exe () PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Windows\mixer.exe (C-Media Electronic Inc. (C-Media Electronics, Inc.)) ========== Modules (SafeList) ========== MOD - C:\Users\user\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) MOD - C:\Xtreme Mouse\wh_hook.dll () ========== Win32 Services (SafeList) ========== SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (UpdateCenterService) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA) SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) ========== Driver Services (SafeList) ========== DRV - (pccsmcfd) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys File not found DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek ) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek ) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation) DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation) DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation) DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation) DRV - (vpcuxd) -- C:\Windows\System32\drivers\vpcuxd.sys (Microsoft Corporation) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC-Seriellschnittstellentreiber (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) Brother MFC-WDM-Treiber (USB,seriell) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) Brother WDM-Treiber (seriell) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC) DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (ACEDRV05) -- C:\Windows\System32\drivers\ACEDRV05.sys (Protect Software GmbH) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net) DRV - (SSHDRV76) -- C:\Windows\System32\drivers\SSHDRV76.sys () DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (scramby_out) -- C:\Windows\System32\drivers\scramby_out.sys (RapidSolution Software AG) DRV - (TBPanel) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider) DRV - (Cardex) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider) DRV - (scramby) -- C:\Windows\System32\drivers\scramby.sys (RapidSolution Software AG) DRV - (whfltr2k) -- C:\Windows\System32\drivers\whfltr2k.sys () DRV - (cmpci) C-Media PCI Audio Driver (WDM) -- C:\Windows\System32\drivers\cmaudio.sys (C-Media Inc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = ICQ.com Suche [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = QIP.RU: ?????, ?????, ???????, ??????????, ??????, ???? ? ??????????? IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2010.07.19 17:14:20 | 000,001,282 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 gosredirector.ea.com O1 - Hosts: 127.0.0.1 gosredirector.ea.com O1 - Hosts: 127.0.0.1 blazeserver.blazeemu.org O1 - Hosts: 127.0.0.1 gosgvaprod-qos01.ea.com O1 - Hosts: 127.0.0.1 gosiadprod-qos01.ea.com O1 - Hosts: 127.0.0.1 gossjcprod-qos01.ea.com O1 - Hosts: 127.0.0.1 demangler.ea.com O1 - Hosts: 127.0.0.1 vmp.tools.gos.ea.com O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 activate.adobe.com O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [C-Media Mixer] C:\Windows\mixer.exe (C-Media Electronic Inc. (C-Media Electronics, Inc.)) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [WheelMouse] C:\Xtreme Mouse\wh_exec.exe () O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co.) O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [ISUSPM Startup] C:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_(Windows;_U;_Windows_NT_6.1;_en-US)_AppleWebKit\532.5_(KHTML,_like_Gecko)_Chrome\4.1.249.1042_Safari\532.5 - File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe () O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe () O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O24 - Desktop WallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\Shell - "" = AutoRun O33 - MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\Shell\AutoRun\command - "" = L:\AUTORUN.EXE -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.08.07 15:18:27 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe [2010.08.07 15:10:37 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\VA-Viva_Club_Rotation_Vol.46-2CD-2010-MST [2010.08.07 15:03:09 | 000,081,920 | ---- | C] (eSage Lab) -- C:\Windows\System32\remover.exe [2010.08.07 14:39:20 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Neuer Ordner [2010.08.05 15:46:53 | 000,081,920 | ---- | C] (eSage Lab) -- C:\Users\user\Desktop\remover.exe [2010.08.04 20:23:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com [2010.08.04 20:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2010.08.04 20:23:31 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2010.08.04 15:41:29 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes [2010.08.04 15:41:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.08.04 15:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.08.04 15:41:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.08.04 15:41:20 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.08.02 21:36:10 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\MAYDAY 10IN01 [2010.08.02 20:54:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.08.02 19:36:25 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Gentleman-Diversity-2CD-Deluxe_Edition-2010-NOiR [2010.08.01 20:38:48 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mfc42loc.dll [2010.07.31 01:46:25 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\StarCraft II [2010.07.21 16:33:02 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Singularity [2010.07.21 16:30:50 | 000,000,000 | ---D | C] -- C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP [2010.07.21 14:54:39 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2 [2010.07.21 12:46:38 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2010.07.21 12:46:38 | 011,008,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2010.07.21 12:46:38 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll [2010.07.21 12:46:38 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2010.07.21 12:46:38 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2010.07.21 12:46:36 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2010.07.21 12:46:36 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2010.07.21 12:46:36 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2010.07.21 12:46:36 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2010.07.21 12:46:36 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll [2010.07.21 12:46:36 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll [2010.07.19 20:49:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010.07.19 20:49:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Adobe Mini Bridge CS5 [2010.07.19 17:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2010.07.19 17:24:01 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Adobe Scripts [2010.07.19 17:19:11 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Media Player [2010.07.19 17:17:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe AIR [2010.07.09 16:20:08 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2010.07.09 16:20:06 | 013,939,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2010.07.09 16:20:06 | 001,881,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2010.07.09 16:20:06 | 001,469,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.08.07 15:22:41 | 005,767,168 | -HS- | M] () -- C:\Users\user\ntuser.dat [2010.08.07 15:18:29 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe [2010.08.07 15:11:02 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000UA.job [2010.08.07 15:10:15 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.08.07 15:10:15 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.08.07 15:05:13 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.08.07 15:05:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.08.07 15:04:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.08.07 15:04:52 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys [2010.08.07 14:31:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.08.07 14:12:08 | 001,932,432 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db [2010.08.06 03:57:02 | 000,080,384 | ---- | M] () -- C:\Users\user\Desktop\MBRCheck (1).exe [2010.08.05 00:11:03 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000Core.job [2010.08.04 21:27:18 | 000,000,758 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2010.08.04 20:23:32 | 000,001,961 | ---- | M] () -- C:\Users\user\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.08.04 15:41:24 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.03 20:08:27 | 011,091,990 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.08.03 20:08:27 | 000,719,440 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010.08.03 20:08:27 | 000,718,452 | ---- | M] () -- C:\Windows\System32\perfh00A.dat [2010.08.03 20:08:27 | 000,714,494 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010.08.03 20:08:27 | 000,714,490 | ---- | M] () -- C:\Windows\System32\perfh010.dat [2010.08.03 20:08:27 | 000,700,280 | ---- | M] () -- C:\Windows\System32\perfh019.dat [2010.08.03 20:08:27 | 000,688,456 | ---- | M] () -- C:\Windows\System32\prfh0416.dat [2010.08.03 20:08:27 | 000,683,956 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.08.03 20:08:27 | 000,646,996 | ---- | M] () -- C:\Windows\System32\perfh005.dat [2010.08.03 20:08:27 | 000,639,934 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.08.03 20:08:27 | 000,472,036 | ---- | M] () -- C:\Windows\System32\perfh014.dat [2010.08.03 20:08:27 | 000,458,156 | ---- | M] () -- C:\Windows\System32\perfh001.dat [2010.08.03 20:08:27 | 000,457,436 | ---- | M] () -- C:\Windows\System32\perfh00B.dat [2010.08.03 20:08:27 | 000,419,450 | ---- | M] () -- C:\Windows\System32\perfh012.dat [2010.08.03 20:08:27 | 000,396,560 | ---- | M] () -- C:\Windows\System32\prfh0404.dat [2010.08.03 20:08:27 | 000,380,258 | ---- | M] () -- C:\Windows\System32\prfh0804.dat [2010.08.03 20:08:27 | 000,376,050 | ---- | M] () -- C:\Windows\System32\perfh00D.dat [2010.08.03 20:08:27 | 000,148,924 | ---- | M] () -- C:\Windows\System32\perfc00A.dat [2010.08.03 20:08:27 | 000,146,642 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010.08.03 20:08:27 | 000,143,584 | ---- | M] () -- C:\Windows\System32\perfc019.dat [2010.08.03 20:08:27 | 000,142,744 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.08.03 20:08:27 | 000,141,290 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010.08.03 20:08:27 | 000,139,422 | ---- | M] () -- C:\Windows\System32\prfc0416.dat [2010.08.03 20:08:27 | 000,138,480 | ---- | M] () -- C:\Windows\System32\perfc010.dat [2010.08.03 20:08:27 | 000,133,028 | ---- | M] () -- C:\Windows\System32\perfc005.dat [2010.08.03 20:08:27 | 000,116,702 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.08.03 20:08:27 | 000,114,990 | ---- | M] () -- C:\Windows\System32\perfc012.dat [2010.08.03 20:08:27 | 000,114,562 | ---- | M] () -- C:\Windows\System32\prfc0804.dat [2010.08.03 20:08:27 | 000,109,648 | ---- | M] () -- C:\Windows\System32\prfc0404.dat [2010.08.03 20:08:27 | 000,093,544 | ---- | M] () -- C:\Windows\System32\perfc00B.dat [2010.08.03 20:08:27 | 000,089,298 | ---- | M] () -- C:\Windows\System32\perfc001.dat [2010.08.03 20:08:27 | 000,087,704 | ---- | M] () -- C:\Windows\System32\perfc014.dat [2010.08.03 20:08:27 | 000,079,408 | ---- | M] () -- C:\Windows\System32\perfc00D.dat [2010.08.03 19:29:19 | 000,524,288 | -HS- | M] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TMContainer00000000000000000002.regtrans-ms [2010.08.03 19:29:19 | 000,524,288 | -HS- | M] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TMContainer00000000000000000001.regtrans-ms [2010.08.03 19:29:19 | 000,065,536 | -HS- | M] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TM.blf [2010.08.02 20:29:22 | 000,000,101 | ---- | M] () -- C:\Windows\CMMIXER.INI [2010.08.02 19:04:07 | 000,000,761 | ---- | M] () -- C:\Windows\eReg.dat [2010.08.02 19:04:00 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 1942.lnk [2010.08.01 20:54:39 | 000,001,753 | ---- | M] () -- C:\Users\user\Desktop\DivX Movies.lnk [2010.08.01 20:38:57 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield Vietnam.lnk [2010.07.29 23:36:14 | 000,000,856 | ---- | M] () -- C:\Users\user\Programme.lnk [2010.07.29 10:11:32 | 000,002,260 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk [2010.07.21 19:50:20 | 000,081,920 | ---- | M] (eSage Lab) -- C:\Windows\System32\remover.exe [2010.07.21 19:50:20 | 000,081,920 | ---- | M] (eSage Lab) -- C:\Users\user\Desktop\remover.exe [2010.07.21 16:30:57 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Singularity(TM).lnk [2010.07.21 14:55:09 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.07.21 12:52:35 | 003,652,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.07.19 17:23:52 | 000,065,032 | ---- | M] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT [2010.07.17 11:12:52 | 010,798,576 | ---- | M] () -- C:\Users\user\Desktop\Eminem feat. Rihanna - Love the Way You Lie (Explicit Version).mp3 [2010.07.15 14:38:43 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.07.13 01:58:23 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk [2010.07.10 00:37:00 | 014,092,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2010.07.10 00:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2010.07.10 00:37:00 | 010,267,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2010.07.10 00:37:00 | 009,818,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2010.07.10 00:37:00 | 005,107,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2010.07.10 00:37:00 | 004,553,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2010.07.10 00:37:00 | 002,892,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2010.07.10 00:37:00 | 002,506,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2010.07.10 00:37:00 | 001,625,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2010.07.10 00:37:00 | 000,604,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe [2010.07.10 00:37:00 | 000,314,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll [2010.07.10 00:37:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll [2010.07.10 00:37:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll [2010.07.10 00:37:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2010.07.10 00:37:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2010.07.10 00:37:00 | 000,009,596 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2010.07.09 16:20:08 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2010.07.09 16:20:06 | 013,939,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2010.07.09 16:20:06 | 001,881,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2010.07.09 16:20:06 | 001,469,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.08.07 15:04:05 | 000,065,007 | ---- | C] () -- C:\Users\user\bootkit_remover_debug_log.txt [2010.08.06 03:57:02 | 000,080,384 | ---- | C] () -- C:\Users\user\Desktop\MBRCheck (1).exe [2010.08.04 20:23:32 | 000,001,961 | ---- | C] () -- C:\Users\user\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.08.04 15:41:24 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.04 03:35:53 | 010,798,576 | ---- | C] () -- C:\Users\user\Desktop\Eminem feat. Rihanna - Love the Way You Lie (Explicit Version).mp3 [2010.08.03 18:19:33 | 000,524,288 | -HS- | C] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TMContainer00000000000000000002.regtrans-ms [2010.08.03 18:19:33 | 000,524,288 | -HS- | C] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TMContainer00000000000000000001.regtrans-ms [2010.08.03 18:19:33 | 000,065,536 | -HS- | C] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TM.blf [2010.08.02 19:04:00 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 1942.lnk [2010.08.02 03:26:44 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.08.02 03:26:43 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.08.01 20:41:08 | 000,000,761 | ---- | C] () -- C:\Windows\eReg.dat [2010.08.01 20:38:57 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield Vietnam.lnk [2010.07.31 01:46:25 | 000,000,758 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2010.07.29 23:36:04 | 000,000,856 | ---- | C] () -- C:\Users\user\Programme.lnk [2010.07.21 16:30:57 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Singularity(TM).lnk [2010.07.21 14:55:09 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk [2010.05.22 17:27:24 | 000,000,101 | ---- | C] () -- C:\Windows\CMMIXER.INI [2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010.02.17 02:16:11 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll [2010.02.17 02:16:11 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll [2010.02.14 19:03:15 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini [2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009.11.09 19:00:41 | 000,000,859 | ---- | C] () -- C:\Windows\client.config.ini [2009.10.15 16:18:02 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI [2009.10.01 15:19:34 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2009.10.01 15:19:34 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2009.09.18 17:22:38 | 000,138,920 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.05.29 15:32:37 | 000,000,039 | ---- | C] () -- C:\Windows\nap.ini [2009.05.19 13:29:26 | 000,000,025 | ---- | C] () -- C:\Windows\mixerdef.ini [2009.05.19 13:25:59 | 000,000,199 | ---- | C] () -- C:\Windows\CMISETUP.INI [2009.05.19 13:25:59 | 000,000,026 | ---- | C] () -- C:\Windows\CMCDPLAY.INI [2009.02.03 23:33:56 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll [2008.12.28 18:59:44 | 004,377,500 | ---- | C] () -- C:\Windows\System32\libavcodec.dll [2008.12.28 17:51:00 | 000,239,247 | ---- | C] () -- C:\Windows\System32\ff_theora.dll [2008.12.28 17:50:50 | 000,145,609 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2008.12.28 17:49:08 | 000,560,802 | ---- | C] () -- C:\Windows\System32\libmplayer.dll [2008.12.20 16:48:52 | 000,000,101 | ---- | C] () -- C:\Windows\lexstat.ini [2008.12.12 18:57:38 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2008.12.09 20:57:26 | 000,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2008.12.09 20:57:18 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2008.12.09 20:57:02 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2008.12.09 20:56:42 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll [2008.12.09 20:56:34 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2008.12.09 20:56:22 | 000,485,888 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll [2008.12.08 15:37:04 | 000,884,237 | ---- | C] () -- C:\Windows\System32\ff_x264.dll [2008.12.08 15:34:42 | 000,791,742 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008.12.08 14:53:40 | 000,093,184 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2008.12.08 14:53:32 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2008.11.26 21:55:22 | 000,683,520 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll [2008.11.26 20:49:10 | 000,238,080 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2008.10.22 22:39:49 | 000,000,041 | ---- | C] () -- C:\Windows\SIERRA.INI [2008.10.06 18:22:08 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2008.10.06 18:22:08 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2008.09.22 10:49:24 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll [2008.09.22 10:49:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll [2008.09.04 15:55:42 | 000,000,120 | ---- | C] () -- C:\Windows\disney.ini [2008.09.01 15:10:37 | 000,053,760 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV76.sys [2008.08.21 23:28:41 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2008.08.21 22:39:06 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2008.08.21 20:13:04 | 000,000,182 | ---- | C] () -- C:\Windows\NeroDigital.ini [2008.07.10 10:44:23 | 000,007,718 | ---- | C] () -- C:\Windows\cadx2.ini [2008.03.29 17:42:22 | 000,245,248 | ---- | C] () -- C:\Windows\System32\dxr.dll [2008.03.29 17:42:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll [2008.03.29 17:42:14 | 000,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll [2008.03.29 17:42:08 | 000,148,992 | ---- | C] () -- C:\Windows\System32\mkx.dll [2008.03.29 17:42:04 | 000,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll [2008.03.29 17:42:04 | 000,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll [2008.03.29 17:42:02 | 000,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll [2008.03.29 17:42:00 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll [2008.03.29 17:41:54 | 000,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll [2008.03.29 17:41:52 | 000,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll [2008.03.29 17:41:52 | 000,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll [2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007.10.13 11:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini [2007.07.10 19:10:12 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2007.06.28 20:54:10 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2007.01.26 00:45:02 | 000,006,784 | ---- | C] () -- C:\Windows\System32\drivers\whfltr2k.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 55920 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM @Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:CF61CE5A @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:EEB25EAE @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:3E06C78F @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FDDD8917 @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:70E897B5 < End of report > |
|
07.08.2010, 14:23
| #21 |
| | Kampf Musik im Desktop Hintergrund OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 07.08.2010 15:19:51 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\user\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 335,35 Gb Total Space | 60,19 Gb Free Space | 17,95% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 24,26 Gb Free Space | 3,47% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SVENSEN
Current User Name: user
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D15456-F679-4AD4-8BD2-56450D4C3F72}" = WarRock
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01590C21-E8BF-444D-8FC4-DBD132CA1962}" = Windows Vista Upgrade Advisor
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0AEA6DF2-CD5A-4EAC-9C6B-44477994E2F1}" = Battlefield Bad Company 2 Command Center
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{13AD0F5B-FF8C-4625-851D-A83D4BE74716}" = Smart Menus (Windows Live Toolbar)
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{28526951-55EF-4901-A0CA-B9AC966D1DD1}" = Split/Second
"{289338AE-2213-4509-AED2-450414C1260C}_is1" = ICQ Update Patch 1.5
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2B54B4B6-5834-494D-81E6-79AC3955EEE5}_is1" = SnowBound Online v2.0
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3A75BDE6-418E-4DB9-8601-C9E5225E0059}" = Feederkennung (Windows Live Toolbar)
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6293F2-53DA-45A1-B7F4-1843CA3B2658}" = Darkest of Days
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5AD05333-600A-4CD8-88C6-BF22A3BE9767}_is1" = Multi-ICQ 1.2
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = Saboteur™
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{6266BA75-45FA-4B1A-B21F-E04A90C273E5}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7C3D8108-8D99-427F-A1C2-D8E0D25A469C}" = Tom Clancy's EndWar
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{82842B3D-5BD9-463E-8F57-462A4D680A88}" = Stereoscopic Player
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888DD888-82BE-4D85-BCB2-2E042CD3E844}" = Tom Clancy's Splinter Cell Chaos Theory
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis(TM) 2009
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = Die Siedler 7
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A398D0A0-EE68-4CA6-8984-78AEF841CDE7}" = SBK(TM)09
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B32D6CE8-D6C1-4615-8FC4-4EE822F7BD4B}" = SBK(TM)09
"{B975F4A1-63B6-11D4-BFEC-005004AF2D32}" = Monopoly Tycoon
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}" = MotoGP 08
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C1A80F67-656F-4DF3-A6C4-DE18A47477C5}_is1" = ICQ Away Reader 1.4
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CCD90636-D97D-4130-A44A-3AD4E63B9220}" = OpenOffice.org 2.4
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D07643A3-CE41-4286-8C78-EB9C83E76DDB}" = PunkBuster für Battlefield Vietnam
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}" = Alpha Protocol
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAB0D352-00D9-4795-9FBE-EC4791ABA44A}" = Section 8 PCW
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEC41CA8-C30F-4F70-9AEE-1B3EEB4A3B62}_is1" = ICQ Language
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8C02517-4AC3-4026-8292-ACF23E98A7D7}" = Activision(R)
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"2B92EA9865777B996CE7FFF8BD7A40F883C18BE0" = Windows-Treiberpaket - Das (Siudi-Stick) USB (02/13/2009 1.1.0)
"3A66BC15DC4D478459742138077230185DB7DAEB" = Windows-Treiberpaket - Das (Siudi) USB (02/13/2009 1.5.1)
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Mythology 1.0" = Age of Mythology
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced) 7.2.0
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Zone - Special Forces/DE-German_is1" = Combat Zone: Special Forces
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Die 15 beliebtesten Kartenspiele_is1" = Die 15 beliebtesten Kartenspiele
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"EXPERTool_is1" = EXPERTool 7.6
"Full Spectrum Warrior" = Full Spectrum Warrior (remove only)
"GameSpy Arcade" = GameSpy Arcade
"Gaming Mouse" = Gaming Mouse
"Guild Wars" = GUILD WARS
"Hamachi" = Hamachi 1.0.3.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{DAB0D352-00D9-4795-9FBE-EC4791ABA44A}" = Section 8 PCW
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OPERATION7" = OPERATION7
"PartyPoker" = PartyPoker
"PartyPokerNet" = PartyPoker.net
"Patch-Master" = Patch-Master
"PCI Audio Driver" = PCI Audio Driver
"PhotoScape" = PhotoScape
"PunkBusterSvc" = PunkBuster Services
"Puzzle Quest1.01" = Puzzle Quest
"RiseOfNationsExpansion 1.0" = Rise of Nations
"Sacraboar_is1" = Sacraboar
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"StarCraft II" = StarCraft II
"Steam App 30" = Day of Defeat
"Steamless Counter Strike Source Pack" = Steamless Counter Strike Source Pack
"Steamless Left4Dead2 Pack" = Steamless Left4Dead2 Pack
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WheelMouse" = Xtreme Mouse 6.0.0.005
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
07.08.2010, 14:31
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kampf Musik im Desktop Hintergrund Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
DRV - (pccsmcfd) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O33 - MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\Shell - "" = AutoRun
O33 - MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\Shell\AutoRun\command - "" = L:\AUTORUN.EXE -- File not found
[2010.07.21 16:30:50 | 000,000,000 | ---D | C] -- C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
@Alternate Data Stream - 55920 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:CF61CE5A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:EEB25EAE
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:3E06C78F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:70E897B5
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.08.2010, 14:47
| #23 |
| | Kampf Musik im Desktop Hintergrund All processes killed ========== OTL ========== Service pccsmcfd stopped successfully! Service pccsmcfd deleted successfully! File C:\Windows\System32\DRIVERS\pccsmcfd.sys File not found not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{142b14d8-31ab-11df-824d-001bb9f8e668}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{142b14d8-31ab-11df-824d-001bb9f8e668}\ not found. File L:\AUTORUN.EXE not found. C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP folder moved successfully. ADS C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM deleted successfully. ADS C:\ProgramData\TEMP:CF61CE5A deleted successfully. ADS C:\ProgramData\TEMP:EEB25EAE deleted successfully. ADS C:\ProgramData\TEMP:3E06C78F deleted successfully. ADS C:\ProgramData\TEMP:FDDD8917 deleted successfully. ADS C:\ProgramData\TEMP:70E897B5 deleted successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: user ->Temp folder emptied: 18394269 bytes ->Temporary Internet Files folder emptied: 50469941 bytes ->Java cache emptied: 45028379 bytes ->Google Chrome cache emptied: 331661890 bytes ->Flash cache emptied: 6101032 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1982464 bytes %systemroot%\System32 .tmp files removed: 3221600 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 66890309 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 500,00 mb OTL by OldTimer - Version 3.2.9.1 log created on 08072010_153755 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Lg Svensen89 |
|
07.08.2010, 15:01
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kampf Musik im Desktop Hintergrund Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.08.2010, 18:14
| #25 |
| | Kampf Musik im Desktop Hintergrund Combofix Logfile: Code:
ATTFilter ComboFix 10-08-06.03 - user 07.08.2010 18:53:21.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.3327.2368 [GMT 2:00]
ausgeführt von:: c:\users\user\Downloads\cofi.exe.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Install.exe
c:\users\user\AppData\Roaming\.#
c:\users\user\AppData\Roaming\Desktopicon
c:\users\user\AppData\Roaming\Desktopicon\config.ini
D:\install.exe
.
((((((((((((((((((((((( Dateien erstellt von 2010-07-07 bis 2010-08-07 ))))))))))))))))))))))))))))))
.
2010-08-07 17:04 . 2010-08-07 17:04 -------- d-----w- c:\users\user\AppData\Local\temp
2010-08-07 17:04 . 2010-08-07 17:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-07 16:45 . 2010-08-07 16:46 -------- d-----w- C:\32788R22FWJFW
2010-08-07 16:37 . 2010-08-07 16:37 -------- d-----w- c:\program files\CCleaner
2010-08-07 13:37 . 2010-08-07 13:37 -------- d-----w- C:\_OTL
2010-08-07 13:03 . 2010-07-21 17:50 81920 ----a-w- c:\windows\system32\remover.exe
2010-08-04 18:23 . 2010-08-04 18:23 -------- d-----w- c:\users\user\AppData\Roaming\SUPERAntiSpyware.com
2010-08-04 18:23 . 2010-08-04 18:23 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-08-04 18:23 . 2010-08-04 18:23 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-08-04 13:41 . 2010-08-04 13:41 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2010-08-04 13:41 . 2010-04-29 10:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-04 13:41 . 2010-08-04 13:41 -------- d-----w- c:\programdata\Malwarebytes
2010-08-04 13:41 . 2010-08-04 13:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-04 13:41 . 2010-04-29 10:19 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-01 18:41 . 2010-08-02 17:04 761 ----a-w- c:\windows\eReg.dat
2010-08-01 18:38 . 1998-06-17 15:07 57344 ----a-w- c:\windows\system32\Mfc42loc.dll
2010-07-21 12:54 . 2010-07-21 12:55 -------- d-----w- c:\program files\ICQ7.2
2010-07-21 10:46 . 2010-07-09 22:37 56936 ----a-w- c:\windows\system32\OpenCL.dll
2010-07-21 10:46 . 2010-07-09 22:37 314984 ----a-w- c:\windows\system32\nvdecodemft.dll
2010-07-21 10:46 . 2010-07-09 22:37 14092904 ----a-w- c:\windows\system32\nvoglv32.dll
2010-07-21 10:46 . 2010-07-09 22:37 11008040 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-07-21 10:46 . 2010-07-09 22:37 4553832 ----a-w- c:\windows\system32\nvcuda.dll
2010-07-21 10:46 . 2010-07-09 22:37 2892904 ----a-w- c:\windows\system32\nvcuvid.dll
2010-07-21 10:46 . 2010-07-09 22:37 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-07-21 10:46 . 2010-07-09 22:37 236136 ----a-w- c:\windows\system32\nvcod1922.dll
2010-07-21 10:46 . 2010-07-09 22:37 236136 ----a-w- c:\windows\system32\nvcod.dll
2010-07-21 10:46 . 2010-07-09 22:37 10267240 ----a-w- c:\windows\system32\nvcompiler.dll
2010-07-19 18:49 . 2010-07-19 18:49 -------- d-----w- c:\users\user\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-07-19 18:49 . 2010-07-19 18:49 -------- d-----w- c:\users\user\AppData\Roaming\Adobe Mini Bridge CS5
2010-07-19 15:24 . 2010-07-19 15:24 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-07-19 15:19 . 2010-07-19 15:19 -------- d-----w- c:\program files\Adobe Media Player
2010-07-19 15:17 . 2010-07-19 15:17 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-09 14:20 . 2010-07-09 14:20 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-09 14:20 . 2010-07-09 14:20 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-07-09 14:20 . 2010-07-09 14:20 1469544 ----a-w- c:\windows\system32\nvsvc.dll
2010-07-09 14:20 . 2010-07-09 14:20 13939816 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-09 14:20 . 2010-07-09 14:20 129640 ----a-w- c:\windows\system32\nvvsvc.exe
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-07 16:47 . 2010-02-15 17:44 -------- d-----w- c:\programdata\NVIDIA
2010-08-07 16:46 . 2009-10-14 21:39 -------- d-----w- c:\users\user\AppData\Roaming\ICQ
2010-08-07 12:22 . 2009-12-26 23:51 -------- d-----w- c:\program files\JDownloader
2010-08-04 19:27 . 2010-07-30 23:58 47364 ----a-w- c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-08-04 18:24 . 2010-08-04 18:24 63488 ----a-w- c:\users\user\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-08-04 18:24 . 2010-08-04 18:24 52224 ----a-w- c:\users\user\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-08-04 18:24 . 2010-08-04 18:24 117760 ----a-w- c:\users\user\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-08-03 18:56 . 2008-11-03 16:48 -------- d-----w- c:\program files\EXPERTool
2010-08-03 18:56 . 2008-08-18 20:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-03 18:56 . 2008-08-22 12:04 -------- d-----w- c:\programdata\InstallShield
2010-08-03 01:26 . 2008-09-02 08:15 -------- d-----w- c:\program files\Google
2010-08-02 19:22 . 2008-08-21 15:51 1 ----a-w- c:\users\user\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2010-08-02 19:21 . 2008-08-21 15:50 -------- d-----w- c:\users\user\AppData\Roaming\OpenOffice.org2
2010-08-02 18:57 . 2010-01-12 22:01 -------- d-----w- c:\program files\rondomedia
2010-08-02 18:55 . 2009-12-28 21:13 -------- d-----w- c:\program files\Purplehills
2010-08-02 18:53 . 2010-04-24 11:17 -------- d-----w- c:\program files\Alawar
2010-08-02 18:52 . 2009-11-23 22:48 -------- d-----w- c:\program files\PokerStars.NET
2010-08-02 18:52 . 2009-04-06 18:37 -------- d-----w- c:\program files\PC Connectivity Solution
2010-08-02 18:50 . 2008-08-23 08:03 -------- d-----w- c:\programdata\Napster
2010-08-02 18:49 . 2009-12-03 21:47 -------- d-----w- c:\program files\DEUTSCHLAND SPIELT
2010-08-02 18:45 . 2010-06-21 16:44 -------- d-----w- c:\program files\Groschengrab Deluxe
2010-08-02 18:44 . 2010-03-20 15:00 -------- d-----w- c:\program files\Galileo FamilyQuiz
2010-08-02 18:42 . 2010-04-01 18:42 -------- d-----w- c:\program files\Die grosse Wimmelbildbox 2
2010-08-02 16:56 . 2008-08-23 16:35 -------- d-----w- c:\program files\EA GAMES
2010-07-30 23:58 . 2009-09-24 21:38 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-07-30 23:52 . 2009-04-11 11:53 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-07-22 10:57 . 2008-09-23 21:41 -------- d-----w- c:\program files\ICQ6Toolbar
2010-07-21 14:30 . 2008-10-08 23:17 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-21 12:54 . 2008-09-23 21:41 -------- d-----w- c:\programdata\ICQ
2010-07-21 10:47 . 2010-02-15 17:44 -------- d-----w- c:\program files\NVIDIA Corporation
2010-07-19 15:23 . 2010-02-15 19:07 65032 ----a-w- c:\users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-19 15:21 . 2008-07-14 11:44 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-17 00:03 . 2009-10-28 19:01 -------- d-----w- c:\users\user\AppData\Roaming\Winamp
2010-07-13 00:06 . 2010-05-11 13:41 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-13 00:06 . 2010-05-11 13:38 -------- d-----w- c:\programdata\DivX
2010-07-12 23:58 . 2010-07-12 23:58 57715 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-07-12 23:58 . 2010-07-12 23:58 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-12 23:58 . 2008-09-23 18:16 -------- d-----w- c:\program files\DivX
2010-07-12 23:58 . 2010-07-12 23:58 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-07-12 23:57 . 2010-05-11 13:40 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-07-12 23:57 . 2010-05-11 13:40 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-07-09 22:37 . 2010-07-21 10:46 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2010-07-09 22:37 . 2010-04-28 19:02 5107816 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-07-09 22:37 . 2010-04-28 19:02 9818728 ----a-w- c:\windows\system32\nvd3dum.dll
2010-07-09 22:37 . 2010-04-28 19:02 1625192 ----a-w- c:\windows\system32\nvapi.dll
2010-07-09 22:37 . 2009-09-27 14:12 604776 ----a-w- c:\windows\system32\nvudisp.exe
2010-07-07 11:46 . 2009-01-24 21:41 604776 ----a-w- c:\windows\system32\nvuninst.exe
2010-06-26 01:01 . 2010-06-26 01:01 -------- d-----w- c:\program files\Microsoft.NET
2010-06-21 16:42 . 2010-02-23 08:58 -------- d-----w- c:\program files\Aliens Vs Predator
2010-06-21 16:37 . 2010-04-08 15:26 -------- d-----w- c:\program files\Steamless CounterStrikeSource Pack
2010-06-04 09:26 . 2010-06-04 09:26 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-06-04 09:26 . 2010-06-04 09:26 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-06-04 09:26 . 2010-06-04 09:26 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-06-04 09:26 . 2010-06-04 09:26 54644 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-06-04 09:26 . 2010-06-04 09:26 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-05-27 07:24 . 2010-06-09 18:14 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-09 18:14 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 17:03 . 2010-05-26 17:02 10210514 ----a-w- c:\users\user\AppData\Roaming\bizarre creations\blur\BizUpdaterPack_EFIGS_57670_to_58755.exe
2010-05-22 01:04 . 2010-05-25 05:11 232040 ----a-w- c:\windows\system32\nvcod1920.dll
2010-05-21 12:14 . 2009-10-14 02:21 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-21 05:18 . 2010-06-09 18:14 977920 ----a-w- c:\windows\system32\wininet.dll
2010-05-13 10:17 . 2008-09-03 18:30 20720 ----a-w- c:\users\user\AppData\Roaming\Patch-Master.exe.dat
2010-05-13 09:45 . 2008-09-03 18:20 27892 ----a-w- c:\users\user\AppData\Roaming\Patch-Master.exe3.dat
2010-05-13 09:45 . 2008-09-03 18:20 46342 ----a-w- c:\users\user\AppData\Roaming\Patch-Master.exe2.dat
2010-05-13 09:45 . 2008-09-03 18:20 44756 ----a-w- c:\users\user\AppData\Roaming\Patch-Master.exe0.dat
2010-05-13 09:45 . 2008-09-03 18:20 157763 ----a-w- c:\users\user\AppData\Roaming\Patch-Master.exe1.dat
2010-05-12 22:09 . 2009-02-16 08:10 65536 ----a-w- c:\windows\IFinst27.exe
2010-05-12 17:02 . 2008-08-18 21:41 189472 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-05-11 13:39 . 2010-05-11 13:39 84040 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 57609 ----a-w- c:\programdata\DivX\MFComponents\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2009-10-05 2174976]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-07-21 133368]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-02-26 4939776]
"C-Media Mixer"="Mixer.exe" [2001-11-15 1216512]
"WheelMouse"="c:\xtreme~1\wh_exec.exe" [2008-10-08 98304]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Manager.lnk]
backup=c:\windows\pss\Desktop Manager.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Manager.lnk
[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Alaplaya Launcher.lnk]
backup=c:\windows\pss\Alaplaya Launcher.lnk.Startup
backupExtension=.Startup
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alaplaya Launcher.lnk
[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Need for Speed™ Undercover Registration.lnk]
backup=c:\windows\pss\Need for Speed™ Undercover Registration.lnk.Startup
backupExtension=.Startup
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Need for Speed™ Undercover Registration.lnk
[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]
backup=c:\windows\pss\OpenOffice.org 2.4.lnk.Startup
backupExtension=.Startup
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk
[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ubisoft register.lnk]
backup=c:\windows\pss\Ubisoft register.lnk.Startup
backupExtension=.Startup
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ubisoft register.lnk
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-02 16:05 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-09-25 09:07 133104 ----atw- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PatchMaster]
2008-08-06 16:21 3471360 ----a-w- c:\program files\Patch-Master\Patch-Master.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
2008-12-15 22:19 306088 ----a-w- c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-07 12:38 1238352 ----a-w- c:\program files\Valve\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-12-24 12:46 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-07-19 17:50 2403568 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 135664]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-05-03 3604720]
R3 scramby_out;Scramby Output;c:\windows\system32\drivers\scramby_out.sys [2007-08-08 23840]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-03-27 23064]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2008-09-18 25600]
R3 vpcuxd;USB-Virtualisierungsstubdienst;c:\windows\system32\DRIVERS\vpcuxd.sys [2009-09-23 12800]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-02-19 691696]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S1 SSHDRV76;SSHDRV76;c:\windows\system32\drivers\SSHDRV76.sys [2008-09-01 53760]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-03-31 233472]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784]
.
Inhalt des "geplante Tasks" Ordners
2010-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 01:26]
2010-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 01:26]
2010-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-25 09:07]
2010-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-25 09:07]
2009-01-17 c:\windows\Tasks\NSSstub.job
- c:\windows\System32\Adobe\Shockwave 11\nssstub.exe [2009-01-15 16:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
uSearchURL,(Default) = hxxp://go.1und1.de/suchbox/1und1suche?su=%s
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-NPSStartup - (no file)
MSConfigStartUp-Alamandi tray notifier - c:\program files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-GameTracker - c:\program files\GameTracker\GTLite.exe
MSConfigStartUp-Lexmark X6100 Series - c:\program files\Lexmark X6100 Series\lxbfbmgr.exe
MSConfigStartUp-MsnMsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe
MSConfigStartUp-NapsterShell - c:\program files\Napster\napster.exe
MSConfigStartUp-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-Nokia - c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe
MSConfigStartUp-Pando Media Booster - c:\program files\Pando Networks\Media Booster\PMB.exe
MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe
MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
MSConfigStartUp-SweetIM - c:\program files\SweetIM\Messenger\SweetIM.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSConfigStartUp-WEB.DE_WEB - c:\program files\WEB.DE\WEB.DE MultiMessenger\MESSENGR.EXE
MSConfigStartUp-Yahoo! Pager - c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,ee,2e,83,c5,48,5a,44,82,6b,db,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,ee,2e,83,c5,48,5a,44,82,6b,db,\
[HKEY_USERS\S-1-5-21-422482940-1233743548-968030833-1000\Software\SecuROM\License information*]
"datasecu"=hex:90,59,91,25,fd,d7,87,c9,93,55,a4,19,e3,3d,a6,4b,49,e0,b5,ce,41,
c2,3b,54,54,fb,d6,52,46,b0,d0,73,22,61,fd,47,d7,57,f4,7c,20,a6,3a,5e,24,fd,\
"rkeysecu"=hex:0b,7c,3a,fe,2c,de,01,1d,ab,0d,b4,88,20,ce,50,55
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2010-08-07 19:13:41
ComboFix-quarantined-files.txt 2010-08-07 17:13
Vor Suchlauf: 23 Verzeichnis(se), 64.446.869.504 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 64.130.273.280 Bytes frei
- - End Of File - - B416694EDD69A2FC9D6626C82FFBC447
|
|
07.08.2010, 18:27
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kampf Musik im Desktop Hintergrund Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.08.2010, 18:39
| #27 |
| | Kampf Musik im Desktop Hintergrund OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 Online Solutions. Complex Protection for Information Systems Saved at 19:36:13 on 07.08.2010 OS: Windows 7 Ultimate Edition (Build 7600), 32-bit Default Browser: Google Inc. Google Chrome 0.0.0.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000Core.job" - "Google Inc." - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000UA.job" - "Google Inc." - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe "NSSstub.job" - "Symantec Corporation" - C:\Windows\System32\Adobe\Shockwave 11\nssstub.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl "ISUSPM.cpl" - "InstallShield Software Corporation" - C:\Windows\system32\ISUSPM.cpl "nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl "vp6dec_settings.cpl" - ? - C:\Windows\system32\vp6dec_settings.cpl (File found, but it contains no detailed information) "vp7dec_settings.cpl" - ? - C:\Windows\system32\vp7dec_settings.cpl (File found, but it contains no detailed information) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ACEDRV05" (ACEDRV05) - "Protect Software GmbH" - C:\Windows\system32\drivers\ACEDRV05.sys "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "Cardex" (Cardex) - "Windows (R) 2000 DDK provider" - C:\Windows\system32\drivers\TBPANEL.SYS "catchme" (catchme) - ? - C:\Users\user\AppData\Local\Temp\catchme.sys (File not found) "ENTECH" (ENTECH) - "EnTech Taiwan" - C:\Windows\system32\DRIVERS\ENTECH.sys "FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS (File found, but it contains no detailed information) "Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys "kwddypog" (kwddypog) - ? - C:\Users\user\AppData\Local\Temp\kwddypog.sys (Hidden registry entry, rootkit activity | File not found) "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS "SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS "SSHDRV76" (SSHDRV76) - ? - C:\Windows\system32\drivers\SSHDRV76.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "TBPanel" (TBPanel) - "Windows (R) 2000 DDK provider" - C:\Windows\system32\drivers\TBPanel.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Windows\system32\mmfinfo.dll (File found, but it contains no detailed information) {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {7D4D6379-F301-4311-BEBA-E26EB0561882} "{7D4D6379-F301-4311-BEBA-E26EB0561882}" - ? - (File not found | COM-object registry key not found) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Windows\system32\mmfinfo.dll (File found, but it contains no detailed information) {5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\Windows\system32\mmfinfo.dll (File found, but it contains no detailed information) {327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\Windows\system32\mmfinfo.dll (File found, but it contains no detailed information) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll {B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler" - ? - (File not found | COM-object registry key not found) {7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler" - ? - (File not found | COM-object registry key not found) {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll (File found, but it contains no detailed information) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll <binary data> "DAEMON Tools Toolbar" - ? - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll <binary data> "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll "PartyPoker.com" - ? - C:\Programs\PartyGaming\PartyPoker\RunApp.exe "PartyPoker.net" - ? - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll <binary data> "DAEMON Tools Toolbar" - ? - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll {855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "GAINWARD" - "Gainward Co." - C:\Program Files\EXPERTool\TBPanel.exe /A "ICQ" - "ICQ, LLC." - "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 "ISUSPM Startup" - "InstallShield Software Corporation" - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce )----- "Shockwave Updater" - "Adobe Systems, Inc." - C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1042_Safari/532.5" -"hxxp://www.coolespiele.com/game.php?url=hxxp://richmedia.coolespiele.com/games/Bowling_Game.dcr&breite=640&hoehe=480" -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "WheelMouse" - ? - C:\XTREME~1\wh_exec.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Lexmark Network Port" - "Lexmark International, Inc." - C:\Windows\system32\LEXLMPM.DLL [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "FsUsbExService" (FsUsbExService) - "Teruten" - C:\Windows\system32\FsUsbExService.Exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "ICQ Service" (ICQ Service) - ? - C:\Program Files\ICQ6Toolbar\ICQ Service.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "LexBce Server" (LexBceS) - "Lexmark International, Inc." - C:\Windows\System32\LEXBCES.EXE "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe "nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe "Performance Service" (nTuneService) - "NVIDIA" - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe "PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe (File found, but it contains no detailed information) "PnkBstrB" (PnkBstrB) - ? - C:\Windows\system32\PnkBstrB.exe (File found, but it contains no detailed information) "SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe "SwitchBoard" (SwitchBoard) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe "Update Center Service" (UpdateCenterService) - "NVIDIA" - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit Online Solutions :: Index |
|
| Themen zu Kampf Musik im Desktop Hintergrund |
| anti-malware, dateien, desktop, erfolgreich, explorer, files, gefährliche, gestoppt, hallo zusammen, heute, hintergrund, kampf, morgen, musik, rechts, spiel, temp, tmp, version, webseite, werbung, zugang, zusammen, öffnet |
Linear-Darstellung
