TR/Patched.Gen2Hallo erstmal :) und zwar gehts um folgendes, als ich gestern mein Computer startete

Whatzup · 29.11.2010, 14:29

Hallo erstmal

und zwar gehts um folgendes, als ich gestern mein Computer startete und das Spiel "LastChaos" spielen wollte, kamm eine Meldung von AntiVir,

Ich habe hier zwar schon einiges gelesen aber nichts was mir wirklich weiter hilft, ist formatieren jetzt meine einzige Möglichkeit? Kenn mich damit kaum aus.

Danke im vorraus.

lg Whatzup

cosinus · 29.11.2010, 21:20

Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

Whatzup · 29.11.2010, 21:40

OTL- Protokoll ->

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 29.11.2010 21:30:34 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\Dustin\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 283,09 Gb Free Space | 62,40% Space Free | Partition Type: NTFS
 
Computer Name: DUSTINS-PC | User Name: Dustin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Dustin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
PRC - C:\Windows\SysWOW64\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\guardhlp.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe ()
PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Dustin\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (Akamai) -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_4176eef.dll ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (bgsvcgen) -- C:\Windows\SysWOW64\bgsvcgen.exe (B.H.A Corporation)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (Greg_Service) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (OMSI download service) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (AdobeActiveFileMonitor7.0) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (SEIKO EPSON CORPORATION)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV - (cdrbsdrv) -- C:\Windows\SysWow64\drivers\CDRBSDRV.SYS (B.H.A Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=easynote_tm86&r=27360510d525l0474z145f45j2a338
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=easynote_tm86&r=27360510d525l0474z145f45j2a338
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=easynote_tm86&r=27360510d525l0474z145f45j2a338
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=easynote_tm86&r=27360510d525l0474z145f45j2a338
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=easynote_tm86&r=27360510d525l0474z145f45j2a338
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=easynote_tm86&r=27360510d525l0474z145f45j2a338
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.13.184
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.3&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.10.10 22:20:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.30 17:44:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.11.19 17:33:14 | 000,000,000 | ---D | M]
 
[2010.05.27 13:20:01 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\mozilla\Extensions
[2010.11.26 11:56:33 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\mozilla\Firefox\Profiles\sx6wv0vn.default\extensions
[2010.05.27 13:32:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dustin\AppData\Roaming\mozilla\Firefox\Profiles\sx6wv0vn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.07.14 21:18:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dustin\AppData\Roaming\mozilla\Firefox\Profiles\sx6wv0vn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.07.30 00:37:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dustin\AppData\Roaming\mozilla\Firefox\Profiles\sx6wv0vn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.11.08 23:31:07 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\mozilla\Firefox\Profiles\sx6wv0vn.default\extensions\toolbar@ask.com
[2010.06.23 09:04:57 | 000,000,687 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icq-search.xml
[2010.07.23 15:50:40 | 000,000,950 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin-1.xml
[2010.07.28 11:23:16 | 000,000,950 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin-2.xml
[2010.09.08 21:07:48 | 000,000,950 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin-3.xml
[2010.09.10 11:37:45 | 000,000,950 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin-4.xml
[2010.09.19 22:56:43 | 000,000,950 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin-5.xml
[2010.10.24 11:47:32 | 000,000,950 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin-6.xml
[2010.10.30 17:44:27 | 000,000,950 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin-7.xml
[2010.05.27 13:32:05 | 000,000,168 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin.gif
[2010.05.27 13:32:05 | 000,000,618 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin.src
[2010.06.30 11:16:33 | 000,000,950 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\sx6wv0vn.default\searchplugins\icqplugin.xml
[2010.11.19 17:33:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.11.19 17:33:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.19 17:33:00 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.09.19 22:56:23 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.19 22:56:23 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.09.19 22:56:23 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.09.19 22:56:23 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.19 22:56:23 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [EPSON Stylus DX7400 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATICDE.EXE File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Dustin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Dustin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d3ec5436-9cbe-11df-ace3-705ab64ba9a1}\Shell - "" = AutoRun
O33 - MountPoints2\{d3ec5436-9cbe-11df-ace3-705ab64ba9a1}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.29 21:25:05 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Malwarebytes
[2010.11.29 21:24:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.29 21:24:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.29 21:24:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.29 21:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.29 02:29:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.11.29 00:17:11 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Eternia Games
[2010.11.28 23:27:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.11.28 23:19:16 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Avira
[2010.11.19 18:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010.11.19 18:31:33 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Microsoft Help
[2010.11.19 17:33:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.11.19 17:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.11.19 17:33:14 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.11.19 17:33:14 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.11.19 17:33:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.11.19 17:33:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.11.19 17:32:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.11.19 17:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2010.11.19 17:14:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2010.11.14 20:55:10 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2010.11.14 18:59:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2010.11.12 11:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2010.11.11 11:12:22 | 000,000,000 | ---D | C] -- C:\Windows\Profiles
[2010.11.11 11:12:20 | 000,000,000 | ---D | C] -- C:\Users\Dustin\Documents\My eBooks
[2010.11.11 11:12:20 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\InterTrust
[2010.11.11 11:12:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010.11.11 11:12:16 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2010.11.08 02:51:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eternia Games
[2010.11.08 02:41:29 | 649,283,663 | ---- | C] (Eternia Games) -- C:\Users\Dustin\Desktop\EGLastChaos.exe
[2010.11.08 00:50:45 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Xfire
[2010.11.08 00:50:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010.11.08 00:50:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2010.11.08 00:47:35 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\CrashRpt
[2010.11.08 00:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games
[2010.11.08 00:23:17 | 490,405,407 | ---- | C] (Z8Games.com                                                 ) -- C:\Users\Dustin\CrossFire_Setup_v1052.exe
[2010.11.07 20:19:59 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\ElevatedDiagnostics
[2010.11.07 19:53:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outspark
[2010.11.07 19:18:29 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\PMB Files
[2010.11.07 19:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010.11.07 19:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2010.10.31 12:52:35 | 000,000,000 | ---D | C] -- C:\Users\Dustin\Desktop\Neuer Ordner (9)
[2010.10.27 16:39:39 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe685B.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.29 21:25:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.29 21:24:10 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.29 18:46:02 | 000,000,500 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Dustin.job
[2010.11.29 18:07:04 | 000,022,083 | ---- | M] () -- C:\Users\Dustin\Desktop\sadfsafsafd.png
[2010.11.29 17:47:10 | 000,062,704 | ---- | M] () -- C:\Users\Dustin\Desktop\Unbenannt.png
[2010.11.29 17:37:38 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\Play EterniaLC.lnk
[2010.11.29 16:46:31 | 000,030,269 | ---- | M] () -- C:\Users\Dustin\Desktop\fasfasggawgeg.png
[2010.11.29 16:11:45 | 000,147,935 | ---- | M] () -- C:\Users\Dustin\Desktop\asfasf.png
[2010.11.29 14:28:13 | 000,016,668 | ---- | M] () -- C:\Users\Dustin\Desktop\Paint.png
[2010.11.29 14:04:14 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.29 14:04:14 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.29 14:04:14 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.29 14:04:14 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.29 14:04:14 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.29 13:48:40 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.29 13:48:40 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.29 13:40:59 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.29 13:40:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.29 13:40:08 | 3113,308,160 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.22 23:31:55 | 000,446,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.11.22 12:03:42 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.11.19 18:58:14 | 000,294,912 | ---- | M] () -- C:\Users\Dustin\Documents\Datenbank1.accdb
[2010.11.19 17:33:47 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.11.19 17:32:58 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.11.19 17:32:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.11.19 17:32:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.11.19 17:32:57 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.11.17 18:23:59 | 000,021,067 | ---- | M] () -- C:\Users\Dustin\Desktop\luffy.jpg
[2010.11.16 23:31:10 | 000,035,498 | ---- | M] () -- C:\Users\Dustin\Desktop\asterixObeliIdefix.jpg
[2010.11.15 02:24:08 | 000,000,503 | ---- | M] () -- C:\Users\Public\Desktop\R.O.H.A.N. Vendetta.lnk
[2010.11.11 11:14:05 | 000,001,267 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk
[2010.11.08 01:58:02 | 000,001,916 | ---- | M] () -- C:\Users\Public\Desktop\Fists of Fu.lnk
[2010.11.08 00:50:16 | 000,001,152 | ---- | M] () -- C:\Users\Dustin\Desktop\CrossFire.lnk
[2010.11.08 00:37:21 | 490,405,407 | ---- | M] (Z8Games.com                                                 ) -- C:\Users\Dustin\CrossFire_Setup_v1052.exe
[2010.11.03 22:11:49 | 000,021,236 | ---- | M] () -- C:\Users\Dustin\Documents\-..-.docx
 
========== Files Created - No Company Name ==========
 
[2010.11.29 21:24:10 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.29 18:07:04 | 000,022,083 | ---- | C] () -- C:\Users\Dustin\Desktop\sadfsafsafd.png
[2010.11.29 17:47:10 | 000,062,704 | ---- | C] () -- C:\Users\Dustin\Desktop\Unbenannt.png
[2010.11.29 17:37:38 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\Play EterniaLC.lnk
[2010.11.29 16:46:31 | 000,030,269 | ---- | C] () -- C:\Users\Dustin\Desktop\fasfasggawgeg.png
[2010.11.29 16:11:45 | 000,147,935 | ---- | C] () -- C:\Users\Dustin\Desktop\asfasf.png
[2010.11.29 14:21:56 | 000,016,668 | ---- | C] () -- C:\Users\Dustin\Desktop\Paint.png
[2010.11.19 18:56:52 | 000,294,912 | ---- | C] () -- C:\Users\Dustin\Documents\Datenbank1.accdb
[2010.11.19 17:33:47 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.11.17 18:23:55 | 000,021,067 | ---- | C] () -- C:\Users\Dustin\Desktop\luffy.jpg
[2010.11.16 23:31:01 | 000,035,498 | ---- | C] () -- C:\Users\Dustin\Desktop\asterixObeliIdefix.jpg
[2010.11.15 02:24:08 | 000,000,503 | ---- | C] () -- C:\Users\Public\Desktop\R.O.H.A.N. Vendetta.lnk
[2010.11.14 15:00:26 | 000,000,097 | ---- | C] () -- C:\Users\Dustin\bewerben.txt
[2010.11.11 11:12:25 | 000,001,267 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk
[2010.11.08 01:58:02 | 000,001,916 | ---- | C] () -- C:\Users\Public\Desktop\Fists of Fu.lnk
[2010.11.08 00:50:16 | 000,001,152 | ---- | C] () -- C:\Users\Dustin\Desktop\CrossFire.lnk
[2010.11.08 00:27:25 | 000,000,027 | ---- | C] () -- C:\Users\Dustin\readme.txt
[2010.11.07 19:56:00 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.11.07 19:56:00 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2010.11.03 22:11:48 | 000,021,236 | ---- | C] () -- C:\Users\Dustin\Documents\-..-.docx
[2010.08.09 18:11:23 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.08.09 01:26:21 | 000,005,632 | ---- | C] () -- C:\Users\Dustin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.13 13:36:22 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2010.06.08 21:17:46 | 000,000,164 | ---- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}
[2010.03.26 20:04:54 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006.11.06 14:30:38 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll

< End of report >

--- --- ---

cosinus · 29.11.2010, 21:51

Ich wollte erst den Vollscan von Malwarebytes sehen...

Whatzup · 29.11.2010, 21:52

Der ist ja grade noch in Arbeit, kommt aber danach sofort... Sorry

Whatzup · 29.11.2010, 22:32

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 5214

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

29.11.2010 22:31:32
mbam-log-2010-11-29 (22-31-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 346832
Laufzeit: 1 Stunde(n), 3 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Dustin\Downloads\ocr\netload.in\asmCaptcha\test.exe (Malware.Packer) -> Quarantined and deleted successfully.
C:\Users\Dustin\Downloads\router\FRITZ!Box\nc.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.

cosinus · 29.11.2010, 22:35

Weitere Logs von MBAM gibt es nicht? Wie oft hast du es jetzt scannen lassen?

Whatzup · 29.11.2010, 22:37

Nein das wars, einmal kompletter scan, ging eine Stunde.

Aber der eig fehler wegen dem ich mich gemeldet habe findet der garnicht.

cosinus · 30.11.2010, 18:55

Sieht soweit unauffällig aus.

Verrat mir aber mal was du mit den ganzen bescheuerten Toolbars willst! Nero-, Google, ICQ und ASK-Toolbar?! Das braucht doch kein Mensch diesen Unsinn!

Zitat:

und das Spiel "LastChaos" spielen wollte, kamm eine Meldung von AntiVir,

Aus welcher Quelle genau ist dieses Spiel?

Acid303 · 05.12.2010, 18:52

cosinus · 05.12.2010, 19:10

Zitat:

Zitat von Acid303

Wenn ich nur wüsste was

29.11.2010, 21:51	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	TR/Patched.Gen2Hallo erstmal :) und zwar gehts um folgendes, als ich gestern mein Computer startete Ich wollte erst den Vollscan von Malwarebytes sehen... __________________ Logfiles bitte immer in CODE-Tags posten

29.11.2010, 22:35	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	TR/Patched.Gen2Hallo erstmal :) und zwar gehts um folgendes, als ich gestern mein Computer startete Weitere Logs von MBAM gibt es nicht? Wie oft hast du es jetzt scannen lassen? __________________ Logfiles bitte immer in CODE-Tags posten

TR/Patched.Gen2Hallo erstmal :) und zwar gehts um folgendes, als ich gestern mein Computer startete

Antiviren-, Firewall- und andere Schutzprogramme: TR/Patched.Gen2Hallo erstmal :) und zwar gehts um folgendes, als ich gestern mein Computer startete