Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Antivirus Software Alert -Virus

Antivirus Software Alert -Virus


Plagegeister aller Art und deren Bekämpfung: Antivirus Software Alert -Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 06.08.2010, 02:30   #1
foxx1
 
Antivirus Software Alert -Virus - Standard

Antivirus Software Alert -Virus


Hallo,

ich habe mir den Antivirus Software Alert eingefangen wie in folgendem Thread von einem anderen User auch beschrieben: http://www.trojaner-board.de/88043-w...are-alert.html

CCleaner konnte ich leider nicht starten.

Malwarebytes hat 4 infizierte Dateien "SolutionPro" entdeckt. Hier der Log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4396

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

06.08.2010 03:07:07
mbam-log-2010-08-06 (03-07-07).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Durchsuchte Objekte: 260543
Laufzeit: 25 Minute(n), 0 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\SolutionAV (Rogue.AntivirSolutionPro) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tenyelrj (Rogue.AntivirSolutionPro) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Dominik\AppData\Local\srbdlsivi\uxpqmobtssd.exe (Rogue.AntivirSolutionPro) -> No action taken.
C:\Users\Dominik\AppData\Local\Temp\0.1372056070756883.exe (Rogue.AntivirSolutionPro) -> No action taken.

Nach dem Neustart ist das Problem nicht mehr aufgetreten, ich habe aber trotzdem noch OTL Scan ausgeführt, wie im geposteten Thread vorgegeben. Hier der Log:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 06.08.2010 03:14:22 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Dominik\Downloads
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 70,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687,13 Gb Total Space | 633,12 Gb Free Space | 92,14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 244,28 Gb Total Space | 144,46 Gb Free Space | 59,14% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DOMEEEESPC
Current User Name: Dominik
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Dominik\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\MagicTune Premium\GammaTray.exe ()
PRC - C:\Windows\SysWOW64\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\SysWOW64\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Dominik\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (NMSAccess) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ha20x22k) -- C:\Windows\SysNative\drivers\ha20x22k.sys (Creative Technology Ltd)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (MagicTune) -- C:\Windows\SysNative\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (RushTopDevice_J) -- C:\Program Files (x86)\MSI\OverclockingCenter\RushJ64.sys (Your Corporation)
DRV - (DualCoreCenter) -- C:\Program Files (x86)\MSI\OverclockingCenter\NTGLM7X64.sys (MICRO-STAR INT'L CO., LTD.)
DRV - (RushTopDevice2) -- C:\Program Files (x86)\MSI\OverclockingCenter\RushTop64.sys (Your Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-163978163-1987638889-572582206-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-163978163-1987638889-572582206-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-163978163-1987638889-572582206-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F5 0B 7C 6D 75 11 CB 01  [binary data]
IE - HKU\S-1-5-21-163978163-1987638889-572582206-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-163978163-1987638889-572582206-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-163978163-1987638889-572582206-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "hxxp://www.wettportal.com/quotenvergleich/surebets/"
FF - prefs.js..extensions.enabledItems: firefoxextensions@keynote.com:17.0.12.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1
FF - prefs.js..extensions.enabledItems: {c07d1a49-9894-49ff-a594-38960ede8fb9}:3.1.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.0.232
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.0.232
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.25 14:22:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 14:22:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.07.21 19:10:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.07.01 14:13:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010.08.06 01:14:25 | 000,000,000 | ---D | M]
 
[2010.02.25 04:46:47 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions
[2010.02.25 04:46:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominik\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.08.06 02:37:31 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\mz3ed2ju.default\extensions
[2010.06.28 20:52:32 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\mz3ed2ju.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.06.28 20:52:32 | 000,000,000 | ---D | M] (Update Scanner) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\mz3ed2ju.default\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}
[2010.06.28 20:52:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Dominik\AppData\Roaming\mozilla\Firefox\Profiles\mz3ed2ju.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.06 01:14:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.17 14:26:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\firefoxextensions@keynote.com
[2010.08.06 01:14:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010.08.06 01:14:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010.05.17 14:26:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\firefoxextensions@keynote.com\components
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.07.22 23:53:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.22 23:53:25 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.22 23:53:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.22 23:53:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.22 23:53:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [MagicTuneEngine] C:\Program Files (x86)\MagicTune Premium\MagicTuneLauncher.exe ()
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DelReg] C:\Program Files (x86)\MSI\OverclockingCenter\DelReg.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\.DEFAULT..\Run: [CtxfiReg] C:\Windows\SysWow64\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-18..\Run: [CtxfiReg] C:\Windows\SysWow64\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{489784e9-2ed7-11df-af89-002421e42826}\Shell - "" = AutoRun
O33 - MountPoints2\{489784e9-2ed7-11df-af89-002421e42826}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{d0a20aaf-2168-11df-8faa-002421e42826}\Shell - "" = AutoRun
O33 - MountPoints2\{d0a20aaf-2168-11df-8faa-002421e42826}\Shell\AutoRun\command - "" = E:\laucher.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\laucher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^Users^Dominik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FeedExpress.exe - C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FeedExpress.exe - File not found
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - e:\steam\steam.exe (Valve Corporation)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {228DA4C3-AF41-BA99-2BB5-3680A22321C1} - .NET Framework
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.06 02:39:02 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Malwarebytes
[2010.08.06 02:38:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.06 02:38:42 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.06 02:38:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.06 02:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.06 01:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.08.06 01:14:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010.08.06 01:14:17 | 000,560,216 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010.08.06 01:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010.08.05 23:47:29 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\srbdlsivi
[2010.08.05 00:47:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.08.05 00:47:26 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Google
[2010.08.04 19:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\LCDGAMMA
[2010.08.04 19:40:55 | 000,023,096 | ---- | C] (Samsung Electronics, Inc. ) -- C:\Windows\SysNative\drivers\MTiCtwl.sys
[2010.08.04 19:40:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicTune Premium
[2010.08.04 19:40:15 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\InstallShield
[2010.08.04 19:12:57 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.08.03 03:12:43 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
[2010.07.30 20:22:55 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Cisco
[2010.07.30 20:22:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2010.07.30 20:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco
[2010.07.24 01:19:10 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Documents\ArmA 2 OA Demo Other Profiles
[2010.07.24 01:15:57 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Documents\ArmA 2 OA Demo
[2010.07.24 01:15:57 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\ArmA 2 OA DEMO
[2010.07.24 01:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive
[2010.07.20 18:24:57 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Desktop\Neuer Ordner (3)
[2010.07.14 22:29:59 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Desktop\Neuer Ordner (2)
[2010.07.14 16:27:05 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Documents\Scanned Documents
[2010.07.14 16:27:04 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Documents\Fax
[2010.07.14 15:09:37 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010.07.11 18:16:24 | 000,000,000 | ---D | C] -- C:\Users\Dominik\Documents\NFS SHIFT
[2009.07.14 00:30:56 | 000,014,336 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Dominik\*.tmp files -> C:\Users\Dominik\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.06 03:16:47 | 002,359,296 | ---- | M] () -- C:\Users\Dominik\ntuser.dat
[2010.08.06 03:16:34 | 000,015,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.06 03:16:34 | 000,015,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.06 03:13:56 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.06 03:13:56 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.08.06 03:13:56 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.06 03:13:56 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.08.06 03:13:56 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.06 03:09:39 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.06 03:09:25 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2010.08.06 03:09:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.06 03:09:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.06 03:09:14 | 3219,841,024 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.06 03:08:39 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000001-00000000-00000000-00001102-0000000B-00421102}.rfx
[2010.08.06 03:08:39 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000001-00000000-00000000-00001102-0000000B-00421102}.rfx
[2010.08.06 03:08:39 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000001-00000000-00000000-00001102-0000000B-00421102}.rfx
[2010.08.06 03:08:08 | 001,698,048 | -H-- | M] () -- C:\Users\Dominik\AppData\Local\IconCache.db
[2010.08.06 02:52:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.06 02:38:47 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.06 01:14:47 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010.08.06 01:14:47 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010.08.06 01:14:17 | 000,560,216 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010.08.06 00:15:40 | 000,000,128 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Temp$$_temp.ldb
[2010.08.06 00:15:18 | 000,110,592 | ---- | M] () -- C:\Users\Dominik\AppData\Local\Temp$$_temp.mdb
[2010.08.05 23:03:12 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.08.05 23:03:12 | 000,218,808 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.08.05 22:14:06 | 000,048,761 | ---- | M] () -- C:\Users\Dominik\Desktop\Trainingslog.rtf
[2010.08.05 20:44:04 | 000,543,577 | ---- | M] () -- C:\Users\Dominik\Desktop\135449_HausaufgabeBACH.docx
[2010.08.05 04:02:29 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm
[2010.08.05 04:02:29 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settings.sfm
[2010.08.04 19:40:21 | 000,001,690 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.exe.lnk
[2010.08.04 19:40:21 | 000,001,672 | ---- | M] () -- C:\Users\Public\Desktop\MagicTunePremuim.lnk
[2010.08.03 03:13:51 | 000,001,131 | ---- | M] () -- C:\Windows\SysNative\ctdnlstr.dat
[2010.08.03 02:46:56 | 000,758,838 | ---- | M] () -- C:\Users\Dominik\Desktop\DSC33412.jpg
[2010.08.02 23:18:53 | 000,144,750 | ---- | M] () -- C:\Users\Dominik\Desktop\gruenes_klassenzimmer_zweite_ag_280809_g.jpg
[2010.08.02 23:15:13 | 000,115,634 | ---- | M] () -- C:\Users\Dominik\Desktop\vorher01.jpg
[2010.08.02 23:15:06 | 000,258,702 | ---- | M] () -- C:\Users\Dominik\Desktop\nachher01.jpg
[2010.07.27 16:53:38 | 000,377,886 | ---- | M] () -- C:\Users\Dominik\Desktop\135449_fulltext.pdf
[2010.07.20 21:12:19 | 000,232,984 | ---- | M] () -- C:\Users\Dominik\Documents\nagel.jpg
[2010.07.12 17:49:33 | 000,000,396 | ---- | M] () -- C:\Users\Dominik\Desktop\Need for Speed™ SHIFT - Verknüpfung.lnk
[2010.07.12 01:19:08 | 000,578,322 | ---- | M] () -- C:\Users\Dominik\Desktop\Unbenannt.jpg
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Dominik\*.tmp files -> C:\Users\Dominik\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.06 02:38:47 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.06 01:14:47 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2010.08.06 01:14:47 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2010.08.06 00:15:13 | 000,110,592 | ---- | C] () -- C:\Users\Dominik\AppData\Local\Temp$$_temp.mdb
[2010.08.06 00:15:13 | 000,000,128 | ---- | C] () -- C:\Users\Dominik\AppData\Local\Temp$$_temp.ldb
[2010.08.05 00:47:29 | 000,001,110 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.05 00:47:28 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.04 19:40:21 | 000,001,690 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.exe.lnk
[2010.08.04 19:40:21 | 000,001,672 | ---- | C] () -- C:\Users\Public\Desktop\MagicTunePremuim.lnk
[2010.08.03 03:12:53 | 000,062,308 | ---- | C] () -- C:\Windows\SysNative\BMXState-{00000001-00000000-00000000-00001102-0000000B-00421102}.rfx
[2010.08.03 03:12:53 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settingsbkup.sfm
[2010.08.03 03:12:53 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settings.sfm
[2010.08.03 03:12:53 | 000,000,820 | ---- | C] () -- C:\Windows\SysNative\DVCState-{00000001-00000000-00000000-00001102-0000000B-00421102}.rfx
[2010.08.03 02:46:56 | 000,758,838 | ---- | C] () -- C:\Users\Dominik\Desktop\DSC33412.jpg
[2010.08.02 23:18:53 | 000,144,750 | ---- | C] () -- C:\Users\Dominik\Desktop\gruenes_klassenzimmer_zweite_ag_280809_g.jpg
[2010.08.02 23:15:13 | 000,115,634 | ---- | C] () -- C:\Users\Dominik\Desktop\vorher01.jpg
[2010.08.02 23:15:05 | 000,258,702 | ---- | C] () -- C:\Users\Dominik\Desktop\nachher01.jpg
[2010.07.27 16:53:37 | 000,377,886 | ---- | C] () -- C:\Users\Dominik\Desktop\135449_fulltext.pdf
[2010.07.27 16:51:52 | 000,543,577 | ---- | C] () -- C:\Users\Dominik\Desktop\135449_HausaufgabeBACH.docx
[2010.07.20 21:12:18 | 000,232,984 | ---- | C] () -- C:\Users\Dominik\Documents\nagel.jpg
[2010.07.12 17:49:33 | 000,000,396 | ---- | C] () -- C:\Users\Dominik\Desktop\Need for Speed™ SHIFT - Verknüpfung.lnk
[2010.07.12 01:19:08 | 000,578,322 | ---- | C] () -- C:\Users\Dominik\Desktop\Unbenannt.jpg
[2010.06.29 17:10:59 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth2.dll
[2010.06.29 17:10:59 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth1.dll
[2010.06.29 17:10:59 | 000,000,100 | ---- | C] () -- C:\Windows\SysWow64\prsgrc.dll
[2010.06.29 17:07:57 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2010.06.29 17:07:57 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2010.05.22 15:06:11 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.03.07 19:19:01 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010.02.24 18:51:41 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2010.02.24 17:05:36 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.02.24 17:05:36 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.02.24 17:05:24 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2010.02.24 17:04:55 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.14 01:14:20 | 000,027,839 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2009.07.14 00:28:04 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.05.26 12:12:38 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
 
========== LOP Check ==========
 
[2010.05.22 15:06:25 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Canneverbe Limited
[2010.05.11 19:02:46 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Canon
[2010.03.14 02:40:39 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
[2010.06.28 20:52:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Feedreader
[2010.06.28 20:52:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\GetRightToGo
[2010.06.28 20:52:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\HLSW
[2010.06.28 20:52:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\IrfanView
[2010.05.17 14:26:05 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Keynote Systems
[2010.03.20 22:26:04 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Miranda
[2010.06.28 20:52:32 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Mp3 Ripper
[2010.07.02 19:42:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Need for Speed World
[2010.07.19 22:16:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Smart Recorder
[2010.06.28 20:52:32 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Thunderbird
[2010.06.17 23:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TS3Client
[2010.03.25 17:44:46 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TuneUp Software
[2010.03.17 22:27:09 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Ubisoft
[2010.03.05 20:02:31 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\UpdatePatrol
[2010.06.16 14:55:29 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(41).TXT
[2010.06.16 14:55:29 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.02.25 00:48:33 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Adobe
[2010.02.24 16:57:31 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ATI
[2010.05.22 15:06:25 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Canneverbe Limited
[2010.05.11 19:02:46 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Canon
[2010.03.07 21:28:47 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Creative
[2010.03.14 02:40:39 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
[2010.03.24 04:50:57 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\dvdcss
[2010.06.28 20:52:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Feedreader
[2010.06.28 20:52:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\GetRightToGo
[2010.06.28 20:52:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\HLSW
[2010.02.24 16:36:49 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Identities
[2010.08.04 19:40:15 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\InstallShield
[2010.06.28 20:52:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\IrfanView
[2010.05.17 14:26:05 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Keynote Systems
[2010.02.24 20:18:25 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Macromedia
[2010.08.06 02:39:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:34 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Media Center Programs
[2010.07.01 14:19:03 | 000,000,000 | --SD | M] -- C:\Users\Dominik\AppData\Roaming\Microsoft
[2010.03.20 22:26:04 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Miranda
[2010.02.24 18:25:06 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Mozilla
[2010.06.28 20:52:32 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Mp3 Ripper
[2010.07.02 19:42:51 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Need for Speed World
[2010.03.15 20:03:11 | 000,000,000 | RH-D | M] -- C:\Users\Dominik\AppData\Roaming\SecuROM
[2010.08.06 03:08:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Skype
[2010.08.06 01:52:34 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\skypePM
[2010.07.19 22:16:50 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Smart Recorder
[2010.06.28 20:52:32 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Thunderbird
[2010.06.17 23:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TS3Client
[2010.03.25 17:44:46 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TuneUp Software
[2010.03.17 22:27:09 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Ubisoft
[2010.03.05 20:02:31 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\UpdatePatrol
[2010.06.28 20:52:32 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Ventrilo
[2010.08.04 03:10:07 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\vlc
[2010.06.28 20:52:32 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Winamp
[2010.02.24 22:00:18 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.02.26 23:47:48 | 000,010,134 | R--- | M] () -- C:\Users\Dominik\AppData\Roaming\Microsoft\Installer\{3D6A24EA-A543-6C84-351E-D7646E7AB86E}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\msvbvm60.dll
 
< 5. Klicke "Scan" >
 
< 6. 2 reporte werden erstellt: >
 
< OTL.Txt >
 
< Extras.Txt >
< End of report >
--- --- ---


Ist das noch irgendwas Verdächtiges zu erkennen? Um was genau handelt es sich eigentlich bei dem Virus? Ist das was brandgefährliches oder will es nur dazu verleiten diese eine Software zu kaufen?

Für Hilfe bin ich sehr dankbar

Grüße foxx

 

Themen zu Antivirus Software Alert -Virus
.dll, 4d36e972-e325-11ce-bfc1-08002be10318, adblock, adobe, alert, antivirus, autorun, avp.exe, bho, c:\windows\system32\rundll32.exe, cdburnerxp, components, error, explorer, extras.txt, firefox, firefox.exe, format, infizierte, infizierte dateien, internet security 2011, kaspersky, langs, local\temp, location, logfile, media center, mozilla, mozilla thunderbird, mp3, need for speed, neustart, nvstor.sys, oldtimer, otl scan, otl.exe, otl.txt, plug-in, problem, programdata, realtek, registry, rundll, scan, scan ausgeführt, searchplugins, skype.exe, software, sptd.sys, staropen, start menu, syswow64, tastatur, temp, webcheck, wrapper


« Alureon.H mit CF gelöscht | Trojaner unter Java »


Ähnliche Themen: Antivirus Software Alert -Virus


  1. AntiVirus Software Alert / Windows Security Alert
    Plagegeister aller Art und deren Bekämpfung - 15.01.2011 (19)
  2. Windows Security Alert / AV Security Suite / Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 08.01.2011 (1)
  3. Windows antivirus software alert
    Log-Analyse und Auswertung - 30.12.2010 (15)
  4. Antivirus software alert/windows sacurity alert
    Plagegeister aller Art und deren Bekämpfung - 14.12.2010 (3)
  5. Meldung Windows Security Alert / AV Security Suite / Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 17.09.2010 (26)
  6. Windows Security Alert / AV Security Suite / Antivirus Software Alert / gefakter AV lähmt PC
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (3)
  7. Mcafee antivirus software alert
    Plagegeister aller Art und deren Bekämpfung - 31.08.2010 (5)
  8. selbe problem mit Windows Security Alert - Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 15.08.2010 (3)
  9. Windows Security Alert / AV Security Suite / Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 26.07.2010 (21)
  10. nochmal Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 24.07.2010 (4)
  11. Rechner versäucht - Animalware Doctor, Antivirus software alert unterbinden alles
    Plagegeister aller Art und deren Bekämpfung - 22.07.2010 (30)
  12. Windows Security Alert / AV Security Suite / Antivirus Software Alert// Ohne Internet
    Plagegeister aller Art und deren Bekämpfung - 21.07.2010 (1)
  13. Virus - Security Warning/Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 20.07.2010 (3)
  14. Hilfe ! Warning - Security alert ! Install Anti Spyware Software !
    Log-Analyse und Auswertung - 18.12.2008 (0)
  15. Antivirus 2009 Alert
    Plagegeister aller Art und deren Bekämpfung - 24.10.2008 (8)
  16. Vista AntiVirus 2008 - Virus Alert in der Taskleiste
    Plagegeister aller Art und deren Bekämpfung - 10.08.2008 (46)
  17. VIRUS ALERT!, Vista Antivirus 2008, kein Taskmanager, ...
    Log-Analyse und Auswertung - 17.07.2008 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Antivirus Software Alert -Virus - Hallo, ich habe mir den Antivirus Software Alert eingefangen wie in folgendem Thread von einem anderen User auch beschrieben: http://www.trojaner-board.de/88043-w...are-alert.html CCleaner konnte ich leider nicht starten. Malwarebytes hat 4 infizierte - Antivirus Software Alert -Virus...
Archiv
Du betrachtest: Antivirus Software Alert -Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131