Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   50 mal TR/Click.AdClicer.c, Registy gesperrt , System Ordner weg.. (https://www.trojaner-board.de/80092-50-mal-tr-click-adclicer-c-registy-gesperrt-system-ordner-weg.html)

Big Brain 06.12.2009 14:31
50 mal TR/Click.AdClicer.c, Registy gesperrt , System Ordner weg..
 
Guten Tag zusammen....

wie in der überschrift steht hatte ich über 50 mal den "TR/Click.AdClicer.c"
und habe ihn mit meine Avira AntiVir entfern...jedoch können manche Programme, Setups und Spiele nicht mehr auf bestimmt Registy schlüssel und Ordner zugreiffen:(

einmal wurden meine ganzen autostart Programme(AntiVir,Firewall etc.) sogar ganz entfernt:dummguck:

z.b will Skype auch nicht starten bzw. kann es weder neu Installieren noch deinstallieren..

Beim Rootkit Tool GMER kommt folgende meldung:

C:\Windows\system32\config\system: Das system kann angegebene Datei nicht finden.

Computer Daten:

Windows Vista Home Premium 64Bit(alle Updates drin)
Standart Browser ist Firefox (Aktuelle)
AntiVir: Avira AntiVir Free
Firewall : ZoneAlarm Pro 2010
Spyware/Adaware: Windows Defender & Spybot S&D
ThreadFire als "beobachter"^^
Als Admin angemeldet.

Habe mit Avira mal kompletten Scann gemacht aber nicht gefunden....aber irgenwas stimmt immernoch nicht....PC ist auch langsamer geworden...

könnte jemand vlt. das Logfile überprüfen?

HijackThis Logfile:

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:42, on 06.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\SysWOW64\astsrv.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
C:\Windows\SysWOW64\PSIService.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files (x86)\ThreatFire\TFService.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ThreatFire\TFTray.exe
C:\Windows\CNYHKey.exe
C:\Windows\ModLEDKey.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlinkLinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\iepro.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ThreatFire] "C:\Program Files (x86)\ThreatFire\TFTray.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [MoLed] ModLEDKey.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{09120B94-6A41-4E09-B262-3DD3E23152BB}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{09120B94-6A41-4E09-B262-3DD3E23152BB}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\Windows\system32\astsrv.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Game Jackal service (GameJackalService) - Unknown owner - C:\Program Files (x86)\SlySoft\Game Jackal\Game Jackal\GJService.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files (x86)\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files (x86)\ThreatFire\TFService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14480 bytes
Und hier RSIT:

Code:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Akmal at 2009-12-06 14:38:49
Microsoft® Windows Vista™ Home Premium  Service Pack 2
System drive C: has 210 GB (41%) free of 513 GB
Total RAM: 4093 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:39:16, on 06.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\SysWOW64\astsrv.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
C:\Windows\SysWOW64\PSIService.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files (x86)\ThreatFire\TFService.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ThreatFire\TFTray.exe
C:\Windows\CNYHKey.exe
C:\Windows\ModLEDKey.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\CryptLoad\CryptLoad.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\xxx\Desktop\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\xxx.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\iepro.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ThreatFire] "C:\Program Files (x86)\ThreatFire\TFTray.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [MoLed] ModLEDKey.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{09120B94-6A41-4E09-B262-3DD3E23152BB}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{09120B94-6A41-4E09-B262-3DD3E23152BB}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\Windows\system32\astsrv.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Game Jackal service (GameJackalService) - Unknown owner - C:\Program Files (x86)\SlySoft\Game Jackal\Game Jackal\GJService.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files (x86)\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files (x86)\ThreatFire\TFService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14508 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files (x86)\IEPro\iepro.dll [2009-09-02 777392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll [2009-02-13 150032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-10-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll [2009-02-13 150032]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ThreatFire"=C:\Program Files (x86)\ThreatFire\TFTray.exe [2009-11-23 378128]
"ledpointer"=C:\Windows\CNYHKey.exe [2006-11-09 5585408]
"MoLed"=C:\Windows\ModLEDKey.exe [2006-11-09 53248]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2009-10-17 1037192]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
"UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"YouCam Mirror Tray icon"=C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2009-06-11 162912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1555968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=
"NoResolveTrack"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\IEPro\MiniDM.exe"="C:\Program Files (x86)\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files (x86)\Combat Arms EU\CombatArms.exe"="C:\Program Files (x86)\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Program Files (x86)\Combat Arms EU\Engine.exe"="C:\Program Files (x86)\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\Setup.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{11e3378f-d51e-11de-ad72-002243723cf9}]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9297beee-b7e7-11de-8101-002243723cf9}]
shell\AutoRun\command - H:\LaunchU3.exe -a


======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-06 13:40:55 ----D---- C:\rsit
2009-12-06 13:15:51 ----D---- C:\Program Files (x86)\Trend Micro
2009-12-06 13:09:07 ----D---- C:\Program Files (x86)\Skype
2009-12-05 23:55:11 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2009-12-05 23:38:50 ----A---- C:\Windows\game.ini
2009-12-05 22:51:53 ----D---- C:\Program Files (x86)\Activision
2009-12-05 22:46:03 ----A---- C:\Program Files (x86)\fff-ea201.exe
2009-12-05 22:45:55 ----SHD---- C:\Windows\ftpcache
2009-12-05 13:51:16 ----D---- C:\Program Files (x86)\3D-Fahrschule
2009-12-05 11:52:30 ----D---- C:\Program Files (x86)\IDM Computer Solutions
2009-12-04 20:54:53 ----D---- C:\Program Files (x86)\Westwood Chat
2009-12-04 16:22:18 ----A---- C:\Windows\ntbtlog.txt
2009-12-03 22:49:48 ----D---- C:\Program Files (x86)\Resource Hacker
2009-12-02 22:27:07 ----D---- C:\Windows\Sun
2009-12-02 22:02:29 ----D---- C:\Program Files (x86)\Elaborate Bytes
2009-12-02 20:38:48 ----D---- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2009-12-02 19:09:33 ----D---- C:\Program Files (x86)\JDownloader
2009-12-02 18:06:30 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-12-02 18:06:30 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-12-02 18:06:28 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-12-02 18:00:15 ----D---- C:\Program Files (x86)\Codemasters
2009-11-29 18:48:45 ----D---- C:\Program Files (x86)\Alien Trilogy
2009-11-29 11:31:05 ----D---- C:\Program Files (x86)\WinPcap
2009-11-29 10:33:15 ----A---- C:\Windows\system32\NPSExec.exe
2009-11-29 10:33:15 ----A---- C:\Windows\system32\MSVCP50.DLL
2009-11-29 10:31:46 ----A---- C:\Windows\IsUninst.exe
2009-11-27 19:41:35 ----D---- C:\Program Files (x86)\Common Files\Steam
2009-11-27 19:41:34 ----D---- C:\Program Files (x86)\Steam
2009-11-26 19:12:25 ----D---- C:\Program Files (x86)\Disk_1_unpacked
2009-11-25 17:30:18 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 17:29:45 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 17:29:45 ----A---- C:\Windows\system32\msxml3.dll
2009-11-24 20:55:37 ----D---- C:\Program Files (x86)\oZone3D
2009-11-24 19:11:51 ----A---- C:\Windows\system32\bassmod.dll
2009-11-23 07:26:02 ----D---- C:\Windows\Minidump
2009-11-22 17:22:26 ----A---- C:\Windows\system32\XAudio2_5.dll
2009-11-22 17:22:25 ----A---- C:\Windows\system32\xactengine3_5.dll
2009-11-22 17:22:22 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2009-11-22 17:22:19 ----A---- C:\Windows\system32\d3dcsx_42.dll
2009-11-22 17:22:17 ----A---- C:\Windows\system32\d3dx11_42.dll
2009-11-22 17:22:16 ----A---- C:\Windows\system32\d3dx10_42.dll
2009-11-22 17:22:14 ----A---- C:\Windows\system32\D3DX9_42.dll
2009-11-22 17:22:11 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-11-22 17:22:11 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-11-22 17:22:08 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-11-22 17:22:07 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-11-22 17:22:07 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-11-22 17:22:06 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-11-22 17:22:05 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-11-22 17:22:02 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-11-22 17:22:02 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-11-22 17:22:00 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-11-22 17:21:58 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-11-22 17:21:58 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-11-22 17:21:57 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-11-22 17:21:56 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-11-22 17:21:54 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-11-22 17:21:54 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-11-22 17:21:51 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-11-22 17:21:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-11-22 17:21:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-11-22 17:21:40 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-11-22 17:21:39 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-11-22 10:10:00 ----D---- C:\Program Files (x86)\AutoHotkey
2009-11-21 15:17:07 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-11-21 15:17:07 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-11-21 15:17:06 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-11-21 13:40:49 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-11-21 13:40:49 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-11-21 13:40:49 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-11-21 13:40:47 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-11-21 13:40:47 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-11-21 13:40:46 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-11-21 13:40:45 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-11-21 13:40:43 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-11-21 13:40:43 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-11-21 13:40:41 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-11-21 13:40:40 ----A---- C:\Windows\system32\xactengine2_9.dll
2009-11-21 13:40:39 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-11-21 13:40:39 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-11-21 13:40:33 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-11-21 13:40:32 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-11-21 13:40:32 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-11-21 13:40:30 ----A---- C:\Windows\system32\d3dx10_34.dll
2009-11-21 13:40:30 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2009-11-21 13:40:27 ----A---- C:\Windows\system32\xinput1_3.dll
2009-11-21 13:40:27 ----A---- C:\Windows\system32\d3dx9_34.dll
2009-11-21 13:40:26 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-11-21 13:40:25 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-11-21 13:40:25 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-11-21 13:40:23 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-11-21 13:40:22 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-11-21 13:40:21 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-11-21 13:40:20 ----A---- C:\Windows\system32\d3dx10.dll
2009-11-21 13:40:18 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-11-21 13:40:17 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-11-21 13:40:17 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-11-21 13:40:16 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-11-21 13:40:16 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-11-21 13:40:15 ----A---- C:\Windows\system32\xinput1_2.dll
2009-11-21 13:40:14 ----A---- C:\Windows\system32\xinput1_1.dll
2009-11-21 13:40:14 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-11-21 13:40:13 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-11-21 13:40:05 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-11-21 13:40:04 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-11-21 13:40:04 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-11-21 13:40:03 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-11-21 13:40:02 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-11-21 13:40:01 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-11-21 13:40:00 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-11-21 13:39:57 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-11-20 16:55:15 ----A---- C:\Windows\system32\wksprtPS.dll
2009-11-20 16:55:15 ----A---- C:\Windows\system32\tsgqec.dll
2009-11-20 16:55:15 ----A---- C:\Windows\system32\mstscax.dll
2009-11-20 16:55:15 ----A---- C:\Windows\system32\mstsc.exe
2009-11-20 16:55:15 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2009-11-20 16:55:15 ----A---- C:\Windows\system32\aaclient.dll
2009-11-20 16:51:51 ----A---- C:\Windows\system32\winrsmgr.dll
2009-11-20 16:51:49 ----A---- C:\Windows\system32\wsmplpxy.dll
2009-11-20 16:51:49 ----A---- C:\Windows\system32\winrssrv.dll
2009-11-20 16:51:46 ----A---- C:\Windows\system32\pwrshplugin.dll
2009-11-20 16:51:41 ----A---- C:\Windows\system32\WsmRes.dll
2009-11-20 16:51:41 ----A---- C:\Windows\system32\wsmprovhost.exe
2009-11-20 16:51:41 ----A---- C:\Windows\system32\winrshost.exe
2009-11-20 16:51:41 ----A---- C:\Windows\system32\winrs.exe
2009-11-20 16:51:41 ----A---- C:\Windows\system32\wevtfwd.dll
2009-11-20 16:51:41 ----A---- C:\Windows\system32\wecutil.exe
2009-11-20 16:51:41 ----A---- C:\Windows\system32\wecapi.dll
2009-11-20 16:51:39 ----A---- C:\Windows\system32\winrm.vbs
2009-11-20 16:51:38 ----A---- C:\Windows\system32\WsmWmiPl.dll
2009-11-20 16:51:38 ----A---- C:\Windows\system32\WsmSvc.dll
2009-11-20 16:51:38 ----A---- C:\Windows\system32\WsmAuto.dll
2009-11-20 16:51:38 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2009-11-20 16:51:38 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2009-11-20 16:51:38 ----A---- C:\Windows\system32\winrscmd.dll
2009-11-20 16:49:47 ----A---- C:\Windows\system32\slcinst.dll
2009-11-20 16:48:06 ----A---- C:\Windows\system32\bitsperf.dll
2009-11-20 16:48:05 ----A---- C:\Windows\system32\qmgrprxy.dll
2009-11-20 16:48:05 ----A---- C:\Windows\system32\bitsprx6.dll
2009-11-20 16:48:05 ----A---- C:\Windows\system32\bitsprx5.dll
2009-11-20 16:48:05 ----A---- C:\Windows\system32\bitsprx4.dll
2009-11-20 16:48:05 ----A---- C:\Windows\system32\bitsprx3.dll
2009-11-20 16:48:05 ----A---- C:\Windows\system32\bitsprx2.dll
2009-11-19 20:59:24 ----D---- C:\Program Files (x86)\Electronic Arts
2009-11-18 17:19:39 ----D---- C:\Windows\system32\URTTEMP
2009-11-17 20:20:12 ----D---- C:\Windows\San Andreas Mod Installer
2009-11-17 20:20:12 ----D---- C:\Program Files (x86)\San Andreas Mod Installer
2009-11-16 15:36:19 ----D---- C:\Documents and Settings\ReleaseEngineer.MACROVISION\Application Data\skypePM
2009-11-16 15:36:04 ----D---- C:\Program Files (x86)\MSXML 4.0
2009-11-15 22:14:00 ----D---- C:\Program Files (x86)\Corel
2009-11-15 22:14:00 ----D---- C:\Program Files (x86)\Common Files\Corel
2009-11-15 19:41:46 ----A---- C:\Windows\system32\xvidvfw.dll
2009-11-15 19:41:46 ----A---- C:\Windows\system32\xvidcore.dll
2009-11-15 19:41:46 ----A---- C:\Windows\system32\mpg4c32.dll
2009-11-15 19:41:46 ----A---- C:\Windows\system32\mcdvd_32.dll
2009-11-11 06:39:39 ----SHD---- C:\Windows\system32\%APPDATA%
2009-11-11 06:36:41 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-08 13:56:37 ----A---- C:\Windows\system32\uxtuneup.dll
2009-11-08 13:56:35 ----A---- C:\Windows\system32\authuitu.dll
2009-11-08 13:56:03 ----D---- C:\Program Files (x86)\TuneUp Utilities 2009
2009-11-07 18:21:13 ----N---- C:\Windows\Setup1.exe
2009-11-07 18:21:04 ----A---- C:\Windows\ST6UNST.EXE
2009-11-07 12:19:48 ----D---- C:\Program Files (x86)\Acronis
2009-11-07 12:19:46 ----D---- C:\Program Files (x86)\Common Files\Acronis

======List of files/folders modified in the last 1 months======

2009-12-06 14:39:05 ----D---- C:\Windows\Temp
2009-12-06 14:30:43 ----D---- C:\Windows\Prefetch
2009-12-06 13:49:28 ----SHD---- C:\Windows\Installer
2009-12-06 13:49:27 ----SHD---- C:\Config.Msi
2009-12-06 13:48:56 ----D---- C:\Windows\Internet Logs
2009-12-06 13:47:51 ----D---- C:\Program Files (x86)\SSS
2009-12-06 13:15:51 ----RD---- C:\Program Files (x86)
2009-12-06 12:34:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2009-12-06 08:46:47 ----D---- C:\Windows\System32
2009-12-06 08:46:46 ----D---- C:\Windows\inf
2009-12-05 23:55:19 ----D---- C:\Windows\system32\drivers
2009-12-05 23:55:16 ----HD---- C:\ProgramData
2009-12-05 23:38:50 ----AD---- C:\Windows
2009-12-05 23:38:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-12-05 15:25:15 ----D---- C:\Program Files (x86)\Common Files
2009-12-05 14:09:28 ----D---- C:\Program Files (x86)\Cyberlink
2009-12-05 14:08:29 ----D---- C:\Windows\winsxs
2009-12-05 11:48:34 ----D---- C:\Windows\SysWOW64
2009-12-05 11:48:34 ----A---- C:\Windows\system32\H@tKeysH@@k.DLL
2009-12-04 22:16:39 ----RD---- C:\Program Files
2009-12-04 20:33:58 ----D---- C:\Program Files (x86)\EA Games
2009-12-03 20:02:20 ----D---- C:\Program Files (x86)\Sierra
2009-12-03 19:57:15 ----D---- C:\Program Files (x86)\Serials 2005
2009-12-02 21:59:48 ----D---- C:\Program Files (x86)\SlySoft
2009-12-02 18:06:01 ----RSD---- C:\Windows\assembly
2009-12-01 19:31:56 ----D---- C:\Program Files (x86)\ThreatFire
2009-12-01 13:41:09 ----D---- C:\Windows\Microsoft.NET
2009-11-30 18:58:35 ----D---- C:\Windows\Registration
2009-11-30 18:40:21 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2009-11-27 16:03:50 ----D---- C:\Program Files (x86)\CAPCOM
2009-11-27 14:10:06 ----D---- C:\Windows\system32\RTCOM
2009-11-27 13:56:27 ----D---- C:\Program Files (x86)\DriverGenius
2009-11-26 19:00:11 ----RSD---- C:\Windows\Fonts
2009-11-26 15:31:56 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2009-11-26 14:24:51 ----D---- C:\Windows\rescache
2009-11-25 23:16:56 ----D---- C:\Windows\system32\de-DE
2009-11-25 20:42:57 ----D---- C:\Program Files (x86)\Croteam
2009-11-24 19:38:37 ----SHD---- C:\System Volume Information
2009-11-23 22:17:21 ----D---- C:\Windows\Help
2009-11-23 21:31:03 ----D---- C:\Windows\system32\ZoneLabs
2009-11-22 17:18:32 ----D---- C:\Program Files (x86)\Ubisoft
2009-11-22 10:10:01 ----D---- C:\Windows\ShellNew
2009-11-21 22:02:43 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-11-21 17:01:17 ----D---- C:\Program Files (x86)\ArtMoney
2009-11-20 23:55:34 ----D---- C:\Program Files (x86)\Combat Arms EU
2009-11-20 17:21:03 ----D---- C:\Windows\system32\en-US
2009-11-20 17:21:02 ----D---- C:\Windows\system32\wbem
2009-11-20 17:20:42 ----D---- C:\Windows\PolicyDefinitions
2009-11-19 20:18:15 ----D---- C:\Program Files (x86)\Eidos Interactive
2009-11-19 06:37:14 ----D---- C:\Program Files (x86)\Internet Explorer
2009-11-16 15:36:19 ----RD---- C:\Users
2009-11-15 22:21:19 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2009-11-15 22:15:36 ----SD---- C:\Windows\Downloaded Program Files
2009-11-15 22:15:36 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2009-11-15 19:49:30 ----D---- C:\Program Files (x86)\AVS4YOU
2009-11-15 19:48:54 ----D---- C:\Program Files (x86)\Common Files\AVSMedia
2009-11-12 22:24:31 ----SHD---- C:\Boot
2009-11-12 20:48:14 ----D---- C:\Windows\Debug
2009-11-11 06:38:57 ----D---- C:\Program Files (x86)\Windows Mail
2009-11-11 06:35:20 ----D---- C:\Program Files (x86)\McAfee
2009-11-08 15:41:18 ----A---- C:\Windows\EuBcd.ini
2009-11-08 14:06:01 ----D---- C:\Windows\Tasks
2009-11-08 13:40:24 ----D---- C:\Program Files (x86)\Messenger Plus! Live
2009-11-08 13:30:30 ----D---- C:\Program Files (x86)\Vidalia Bundle
2009-11-08 12:51:31 ----D---- C:\Program Files (x86)\Common Files\DVDVideoSoft
2009-11-07 18:33:54 ----D---- C:\Program Files (x86)\Serials World Portable
2009-11-07 16:46:17 ----D---- C:\Program Files (x86)\Left 4 Dead

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys []
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys []
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Treiber\vmm.sys []
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2009-10-17 440520]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/10/02 20:29:19]; \??\C:\Program Files (x86)\HomeCinema\PowerDVD9\000.fcl [2009-09-01 146928]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys []
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2009-11-04 121280]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032e.sys []
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 pbfilter;pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [2009-09-28 19544]
R3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys []
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys []
R3 ZSMC301b;Vimicro USB PC Camera (ZC0301PL); C:\Windows\System32\Drivers\usbVM31b.sys []
S3 cpuz130;cpuz130; \??\C:\Users\xxx\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 DCamUSBVM;Lenovo Q350 USB PC Camera; C:\Windows\System32\Drivers\usbVM31b.sys []
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2009-02-25 9728]
S3 esihdrv;esihdrv; \??\C:\Users\xxx\AppData\Local\Temp\esihdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2009-02-25 3072]
S3 GPUTool;GPUTool; \??\C:\Users\xxx\AppData\Local\Temp\GPUTool.sys []
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2004-02-03 32768]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vsdatant7;vsdatant7; C:\Windows\System32\drivers\vsdatant.win7.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2008-09-15 743192]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 astcc;AST Service; C:\Windows\system32\astsrv.exe [2009-02-13 57344]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-01-27 73728]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-02-11 210216]
R2 nHancer;nHancer Support; C:\Program Files\nHancer\nHancerService.exe [2009-10-04 39424]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PnkBstrA;PunkBuster; C:\Program Files (x86)\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe [2008-11-03 63040]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-02-25 247152]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 ThreatFire;ThreatFire; C:\Program Files (x86)\ThreatFire\TFService.exe [2009-11-23 70928]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2009-10-17 2384240]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 2297216]
S2 GameJackalService;Game Jackal service; C:\Program Files (x86)\SlySoft\Game Jackal\Game Jackal\GJService.exe []
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-29 89920]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 544768]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-10-20 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-20 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 660256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-09-04 3347280]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2004-02-03 86016]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]

-----------------EOF-----------------
Bericht von Malware folgt noch....

MfG

und Danke!

kira 07.12.2009 16:19
Hallo und Herzlich Willkommen! :)

dein Log sieht gut aus, zumindest "malwaremäßig"...
ich würde an deiner Stelle sofort v. folgende Programme trennen:

1.
Hauptproblem Nr.1
- zwei gleichzeitig installierte und aktivierte Antivirenprogramme: AntiVir Personal Edition Classic & McAfee
Beide Scanner haben nämlich nur ein Ziel, dein System sinnvoll gegen Schädlingen zu prüfen/schützen. Damit sie behindern sich gegenseitig und eine Doppelbelastung ist im System, ie Folge kann ein Crash sein, oder im schlechtesten fall, kannst Du über eine komplette Neuinstallation freuen! Mehr AV Programme bedeutet nicht mehr Sicherheit!
Deinstalliere also eines der AV-Programme und lass nur noch eins auf deinem PC laufen!!
wenn Du Avira behalten möchtest, MC Affee zu deinstallieren:
vielleicht unter dem Link findest du Tipps und Infos zum Thema McAfee
McAfee-Consumer-Products-Removal-Tool

2.
Messenger Plus! Live...
Zitat:
Der *Messenger Plus* enthält einige Komponenten, die deinen Rechner ausspionieren (Trojaner) deshalb wird von diesem Programm abgeraten. - finanziert sich über eine Adware -Komponente

Bei der Deinstallation *achte aber darauf, ob da etwas beim Deinstallieren mit da steht, wie "Partner/Sponsorenprogramme entfernen"!*

Wenn du unbedingt möchtest (es ist besser ein Spy- und Adware freies Messenger Tool einzusetzen - wie Trillian,kann man in der Basisversion von Trillian die Instant Messenger ICQ, AIM, Yahoo! Messenger, Windows Live Messenger (MSN) und IRC vereinen) oder Miranda ),kannst du nochmal installieren,aber alles genau durchlesen, und Partnerprogrammen,Sponsoren etc musst du abwählen!
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.

3.
Zone Alarm...Gescmacksache. Sie verlangsamt das System erheblich, macht oft auch Probleme. Meiner Meinung nach reicht die Windows eigene Firewall für den Otto-normal-Verbraucher auch aus!

4.
Code:
TuneUp Utilities & Ashampoo
Empfehle ich dir die folgende Artikel zu lesen:
TuneUp: Wundermittel oder Placebo?/derfisch.de & „Schlangenöl“ für den Speicher
- Sogenannte Optimierungstool wie Tuneup, Ashampoo & Co, gibt es viele! Die Hersteller versprechen weitaus mehr, als letztlich wirklich halten können.
Windows beschleunigen/optimieren, kostet nur wenig Mühe, alles von Hand zu erledigen, ohne Zusatz-Tool besser - ansonst ist am Ende der Schrecken groß, wenn auf einmal das System nicht mehr startet oder Daten verloren sind. ;)Lieber einmal alle 3 Jahre den Rechner komplett neu formatieren und installieren um ihn wieder flott zu bekommen!
stört unter gewissen Umständen das Setup von Avira

5.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool ccleaner herunter
installieren ("Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du:[code]
hier kommt dein Logfile rein
→ dahinter:[/code]
gruß
Coverflow

Big Brain 09.12.2009 18:44
Guten Abend....
Vielen Dank schonmal.......

1. Von McAffe habe ich nur den SiteAdvisor für Firefox..

2. "TuneUp Utilities & Ashampoo" benutze ich nur einige Funktionen.....

3. naja....ich bin nicht so ganz ein Otto-normal User...;)

4. Die Ccleaner Liste:
(Ist OK ,dass ich die als anhang hochgeladen habe? weißt ja bestimmt wareum;)

Big Brain 09.12.2009 19:51
oh..leider bisschen zu spät gemerkt...

tut mir leid....:o

also hier die CCleaner Liste:


Code:
3D-Fahrschule                04.12.2009        146,5MB       
3DMark Vantage        Futuremark Corporation        02.10.2009        596,9MB        1.0.2.1
7-Zip 4.65 (x64 edition)        Igor Pavlov        01.10.2009        3,98MB        4.65.00.0
ABBYY FineReader 9.0 Professional Edition        ABBYY        09.10.2009        303,7MB        9.00.724.5507
Acrobat.com        Adobe Systems Incorporated        19.10.2009        1,70MB        1.2.443
Acronis*True*Image*Home        Acronis        06.11.2009        145,4MB        12.0.9551
Adobe AIR        Adobe Systems Inc.        14.11.2009                1.1.0.5790
Adobe Creative Suite 4 Master Collection        Adobe Systems Incorporated        14.11.2009        9.155,1MB        4.0
Adobe Flash Player 10 ActiveX        Adobe Systems, Inc.        19.10.2009        1,96MB        10.0.2.54
Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        30.11.2009                10.0.32.18
Adobe Media Player        Adobe Systems Incorporated        19.10.2009        2,95MB        1.1
Adobe Shockwave Player 11.5        Adobe Systems, Inc.        29.10.2009                11.5.2.602
Alien Trilogy                08.12.2009        52,1MB       
Allok 3GP PSP MP4 iPod Video Converter 6.2.0603        Allok Soft Inc        15.10.2009        16,0MB       
Allok AVI DivX MPEG to DVD Converter 2.5.0609        Allok Soft Inc.        15.10.2009        22,7MB       
Allok AVI MPEG Converter 4.4.0725        Allok Soft Inc.        15.10.2009        21,4MB       
Allok AVI to DVD SVCD VCD Converter 3.9.0725        Allok Soft .Inc        15.10.2009        22,8MB       
Allok MOV Converter 4.4.0725        Allok Soft Inc.        15.10.2009        16,4MB       
Allok MPEG4 Converter 6.2.0603        Allok Soft Inc        15.10.2009        16,1MB       
Allok QuickTime to AVI MPEG DVD Converter 3.4.0725        Allok Soft Inc.        15.10.2009        21,0MB       
Allok RM RMVB to AVI MPEG DVD Converter 3.4.0725        Allok Soft Inc.        15.10.2009        18,8MB       
Allok Video Converter 4.4.0725        Allok Soft Inc.        15.10.2009        25,5MB       
Allok Video Joiner 4.4.0725        Allok Soft Inc.        15.10.2009        26,2MB       
Allok Video Splitter 3.1.0609        Allok Soft Inc.        15.10.2009        37,3MB       
Allok Video to 3GP Converter 6.2.0603        Allok Soft .Inc        15.10.2009        16,0MB       
Allok Video to DVD Burner 2.5.0609        Allok Soft Inc        15.10.2009        25,1MB       
Allok Video to FLV Converter 6.2.0603        Allok Soft .Inc        15.10.2009        16,0MB       
Allok Video to iPod Converter 6.2.0603        Allok Soft Inc        15.10.2009        15,9MB       
Allok Video to MP4 Converter 6.2.0603        Allok Soft Inc        15.10.2009        16,0MB       
Allok Video to PSP Converter 6.2.0603        Allok Soft .Inc        15.10.2009        15,9MB       
Apple Application Support        Apple Inc.        03.10.2009        32,2MB        1.0
Apple Mobile Device Support        Apple Inc.        01.10.2009                2.6.0.32
Apple Software Update        Apple Inc.        03.10.2009        2,16MB        2.1.1.116
ArtMoney SE v7.31        System SoftLab        17.10.2009        17,0MB        7.31
Ashampoo WinOptimizer 6.50        Ashampoo GmbH & Co. KG        03.10.2009        45,2MB        6.5.0
Assassin's Creed                07.12.2009        6.849,2MB        1.0
Audacity 1.3.9 (Unicode)        Audacity Team        02.10.2009        30,4MB       
AutoHotkey 1.0.48.05        Chris Mallett        21.11.2009        2,59MB        1.0.48.05
Autostart-Manager 2006        Wirth New Media Sarl        04.10.2009        0,77MB        6.00.0000
Avira AntiVir Personal - Free Antivirus        Avira GmbH        02.10.2009        74,5MB       
AVS Audio Converter version 5.1        Online Media Technologies Ltd.        14.11.2009        2,55MB       
AVS Audio Editor version 4.2        Online Media Technologies Ltd.        14.11.2009        3,21MB       
AVS Audio Recorder version 3.9        Online Media Technologies Ltd.        14.11.2009        2,20MB       
AVS Cover Editor 1.3.1.96 (AVS4YOU)        Online Media Technologies Ltd.        14.11.2009        66,8MB       
AVS Disc Creator version 3.5        Online Media Technologies Ltd.        14.11.2009        5,67MB       
AVS DVD Authoring        Online Media Technologies Ltd.        14.11.2009        12,0MB       
AVS DVD Copy version 4.1.1        Online Media Technologies Ltd.        14.11.2009        2,57MB       
AVS Media Player 3.1        Online Media Technologies Ltd.        14.11.2009        16,9MB       
AVS Registry Cleaner version 1.1        Online Media Technologies Ltd.        14.11.2009        2,62MB       
AVS Ringtone Maker version 1.6        Online Media Technologies Ltd.        14.11.2009        2,51MB       
AVS System Info        Online Media Technologies Ltd.        14.11.2009        11,3MB       
AVS TV Recorder 2.0.1        Online Media Technologies Ltd.        14.11.2009        3,16MB       
AVS Update Manager 1.0        Online Media Technologies Ltd.        14.11.2009        9,55MB       
AVS Video Converter 6        Online Media Technologies Ltd.        14.11.2009        34,1MB       
AVS Video Editor 4 4.2.1.166        Online Media Technologies Ltd.        14.11.2009        27,7MB       
AVS Video Recorder 2.4 (Service Version)        Online Media Technologies Ltd.        14.11.2009        3,38MB       
AVS4YOU Software Navigator 1.3        Online Media Technologies Ltd.        14.11.2009        8,84MB       
Badaboom 1.2.1.7        Elemental Technologies        01.10.2009        34,3MB        1.2.1.7
Bonjour        Apple Inc.        01.10.2009                1.0.106
Call of Duty(R) 4 - Modern Warfare(TM)        Activision        04.12.2009        6.392,5MB        1.7
CCleaner        Piriform        06.12.2009        2,70MB       
Cellfactor Revolution        Timeline Interactive        01.10.2009               
CloneCD        SlySoft        05.11.2009        4,67MB       
CloneDVD2        Elaborate Bytes        05.11.2009        8,81MB       
Corel MediaOne        Corel Corporation        14.11.2009        179,8MB        2.100.0000
CorelDRAW Essential Edition 3        Corel Corporation        14.11.2009        229,7MB       
CPUID CPU-Z 1.52.2                25.10.2009               
Crysis(R)        Electronic Arts        10.10.2009        2.304,7MB        1.21.0000
Crysis(R) Tournament Map Pack        Crytek        22.10.2009        201,3MB        1.00.0000
CyberLink LabelPrint        CyberLink Corp.        01.10.2009        126,8MB        2.5.1616
CyberLink MediaShow        CyberLink Corp.        01.10.2009        182,6MB        4.1.2609
CyberLink PhotoNow        CyberLink Corp.        01.10.2009        21,8MB        1.1.5615
CyberLink Power2Go        CyberLink Corp.        01.10.2009        102,7MB        6.1.2806
CyberLink PowerDirector        CyberLink Corp.        01.10.2009        322,4MB        7.0.2718
CyberLink PowerDVD 9        CyberLink Corp.        01.10.2009        240,3MB        9.0.1531
CyberLink PowerDVD Copy        CyberLink Corp.        01.10.2009        11,5MB        1.0.5611
CyberLink PowerProducer        CyberLink Corp.        01.10.2009        164,8MB        5.0.1.1412
CyberLink YouCam        CyberLink Corp.        04.12.2009        126,5MB        3.0.1811.7429
DivX Codec        DivX, Inc.        06.12.2009        1,31MB        6.9.1
DivX Converter        DivX, Inc.        06.12.2009        45,3MB        7.1.0
DivX Player        DivX, Inc.        06.12.2009        8,43MB        7.2.0
DivX Plus DirectShow Filters        DivX, Inc.        06.12.2009        1,58MB       
DivX Plus Web Player        DivX,Inc.        06.12.2009        2,83MB        2.0.0
Doom Collector's Edition                08.12.2009        66,7MB       
Driver Genius Professional                01.10.2009        17,2MB       
Driver Genius Professional Edition v9.0.0.182                26.11.2009        18,3MB       
Driver Sweeper 2.0.5        Phyxion.net        10.10.2009        142,4MB       
Dune                08.12.2009        383,8MB       
Dune II                22.11.2009        12,5MB       
EA Network Play System                28.11.2009        1,37MB       
EASEUS Partition Master 3.5 Unlimited Edition        EASEUS        16.10.2009        70,9MB       
EasyBCD 1.7.2        NeoSmart Technologies        11.10.2009        1,54MB        1.7.2
Empire Earth                05.10.2009        5,77MB       
Empire Earth III        Sierra Entertainment        05.10.2009        5.013,0MB        1.00.0000
EVEREST Ultimate Edition v5.30        Lavalys, Inc.        07.10.2009        15,7MB        5.30
Fraps (remove only)                24.10.2009        2,20MB       
Free Studio version 4.2        DVDVideoSoft Limited.        07.11.2009        67,9MB       
Futuremark SystemInfo        Futuremark Corporation        02.10.2009        4,51MB        3.20.1.2
HijackThis 2.0.2        TrendMicro        05.12.2009        0,77MB        2.0.2
HLSW v1.3.2.1        Timo Stripf        05.12.2009        35,2MB       
HyperCam 2                22.10.2009        4,14MB       
HyperSnap 6        Hyperionics Technology LLC        09.10.2009        11,0MB        6.40.04
IE7Pro        IE7Pro Team        02.10.2009        8,45MB        2.4.7
Intel(R) Network Connections 14.6.7.0        Intel        04.12.2009                14.6.7.0
Intel® Matrix Storage Manager        Intel Corporation        01.10.2009               
iTunes        Apple Inc.        01.10.2009                9.0.1.8
Java(TM) 6 Update 16        Sun Microsystems, Inc.        11.10.2009        97,7MB        6.0.160
JDownloader        AppWork UG (haftungsbeschränkt)        01.12.2009        52,9MB        0.89
K-Lite Mega Codec Pack 5.4.4                06.12.2009        46,6MB        5.4.4
LightScribe System Software        LightScribe        01.10.2009        23,0MB        1.18.1.1
LockHunter version 1.0 beta 3, 64 bit edition        Crystal Rich, Ltd        08.11.2009               
LogMeIn Hamachi        LogMeIn, Inc.        05.12.2009        3,55MB        2.0.1.66
M.A.X.                08.12.2009        375,7MB       
Malwarebytes' Anti-Malware        Malwarebytes Corporation        04.12.2009        4,12MB       
McAfee SiteAdvisor        McAfee, Inc.        07.11.2009        7,06MB        3.0.152
MCE Software Encoder 1.1        CyberLink Corporation        01.10.2009        1,51MB        1.1.0.1918
Medal of Honor Allied Assault                24.11.2009        3,13MB       
Mercenaries 2: World in Flames(tm)        Electronic Arts        25.11.2009        1.856,8MB        2.0.1.0
Microsoft .NET Framework 1.1                18.11.2009               
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        01.10.2009               
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        01.10.2009               
Microsoft Games for Windows - LIVE        Microsoft Corporation        25.11.2009        8,31MB        3.1.186.0
Microsoft Games for Windows - LIVE Redistributable        Microsoft Corporation        25.11.2009        32,3MB        3.1.99.0
Microsoft Office Enterprise 2007        Microsoft Corporation        08.12.2009        786,3MB        12.0.6425.1000
Microsoft Office Live Add-in 1.4        Microsoft Corporation        02.10.2009        0,49MB        2.0.3008.0
Microsoft Office Project Professional 2007        Microsoft Corporation        14.11.2009        786,3MB        12.0.6425.1000
Microsoft Office Visio Professional 2007        Microsoft Corporation        14.11.2009        786,3MB        12.0.6425.1000
Microsoft Reader                25.10.2009        1,76MB       
Microsoft Reader Text-to-Speech deutsch        Microsoft Corporation        25.10.2009        2,29MB        01.00.0000
Microsoft Silverlight        Microsoft Corporation        03.10.2009        26,9MB        3.0.40818.0
Microsoft Virtual PC 2007        Microsoft Corporation        01.10.2009        36,9MB        6.0.156.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053        Microsoft Corporation        01.10.2009        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        02.10.2009        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        04.12.2009        0,41MB        8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64)        Microsoft Corporation        01.10.2009        0,69MB        8.0.56336
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        02.10.2009        0,19MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218        Microsoft Corporation        01.10.2009        0,76MB        9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        15.11.2009        0,57MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        02.10.2009        0,58MB        9.0.30729
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU        Microsoft Corporation        01.10.2009               
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu        Microsoft Corporation        01.10.2009        5,74MB        3.5.30729
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32        Microsoft Corporation        01.10.2009        2,61MB        6.1.5295.17011
Microsoft WSE 3.0 Runtime        Microsoft Corp.        02.10.2009        0,92MB        3.0.5305.0
Mirror's Edge™        Electronic Arts        02.10.2009        3.204,2MB        1.0.1.0
Mozilla Firefox (3.5.5)        Mozilla        07.11.2009        30,4MB        3.5.5 (de)
MSXML 4.0 SP2 (KB927978)        Microsoft Corporation        15.11.2009        1,24MB        4.20.9841.0
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        15.11.2009        1,28MB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        24.11.2009        1,34MB        4.20.9876.0
Need For Speed High Stakes                28.11.2009        449,6MB       
Need for Speed™ Most Wanted                12.10.2009        2.820,8MB       
Need for Speed™ Undercover        Electronic Arts        20.11.2009        2.396,8MB        1.0.1.0
Neverball 1.5.4                16.10.2009        188,3MB        1.5.4
NFS HS Stock Pack                28.11.2009               
NFS4                01.10.2009               
nHancer        KSE        01.10.2009        7,93MB        2.5.0700
NTREGOPT 1.1j        Lars Hederer        13.10.2009        0,25MB       
NVIDIA Drivers        NVIDIA Corporation        01.10.2009                1.10
NVIDIA PhysX        NVIDIA Corporation        01.10.2009        120,1MB        9.09.0814
OF Dragon Rising        Codemasters        01.12.2009        5.202,5MB        1.00.0000
oZone3D.Net FurMark v1.7.0        oZone3D.Net        23.11.2009        3,16MB       
PC SECURITY TEST 2009        AxBx        05.10.2009        3,50MB       
PCMark Vantage        Futuremark Corporation        02.10.2009        784,2MB        1.0.1.1
PeerBlock 1.0.0 (r181)        PeerBlock, LLC        03.10.2009                1.0.0.181
Polipo 1.0.4                07.11.2009        1,02MB       
Postal 2 Apocalypse Weekend Expansion Pack                09.10.2009        817,5MB       
Postal 2 Share The Pain                09.10.2009        2.637,6MB       
PowerISO                01.10.2009        3,03MB       
Privoxy 3.0.6                02.10.2009        2,04MB       
PureBasic 4.31  (64 bit)        Fantaisie Software        04.12.2009               
QuickTime        Apple Inc.        03.10.2009        76,5MB        7.64.17.73
Ralink RT2870 Wireless LAN Card        Ralink        26.11.2009        2,41MB        1.5.4.0
RAR Password Unlocker 3.0        Password Unlocker, Inc.        12.10.2009        10,0MB       
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        26.11.2009        10,6MB        6.0.1.5953
Revo Uninstaller 1.83        VS Revo Group        02.10.2009        2,59MB        1.83
RocketDock 1.3.5        Punk Software        13.10.2009        18,6MB       
SimpleScreenshot 1.30                05.10.2009               
Skype™ 4.1                06.12.2009        31,1MB       
Spybot - Search & Destroy        Safer Networking Limited        11.10.2009        54,2MB        1.6.2
Steam        Valve Corporation        26.11.2009        0,35MB        1.0.0.0
Steamless Left4Dead Pack        Steamless        01.10.2009        6.729,0MB        1.0
TeamViewer 5        TeamViewer GmbH        07.12.2009        16,6MB        5.0.7418
ThreatFire        PC Tools        03.10.2009        19,2MB       
Tor 0.2.1.20                07.11.2009        6,91MB       
TuneUp Utilities 2009        TuneUp Software        07.11.2009        47,1MB        8.0.3300.1
UltraEdit 15.20        IDM Computer Solutions, Inc.        04.12.2009        44,1MB        15.20.23
Uninstall 1.0.0.1                07.11.2009        36,9MB       
Universal Extractor 1.6        Jared Breland        03.10.2009        11,7MB        1.6
USB Wireless Keyboard Driver        My Company Name        05.11.2009        1,03MB        V1.1
Vidalia 0.2.5                07.11.2009        30,9MB       
Virtual DJ - Atomix Productions                02.10.2009        21,9MB       
VirtualCloneDrive        Elaborate Bytes        01.12.2009        2,24MB       
Warmonger                11.10.2009        1.631,1MB       
Westwood Chat 4.221                03.12.2009        2,56MB       
Winamp        Nullsoft, Inc        18.10.2009        13,8MB        5.56
Windows 7 Upgrade Advisor        Microsoft Corporation        01.12.2009        9,53MB        2.0.5000.0
Windows Live Essentials        Microsoft Corporation        02.10.2009        44,1MB        14.0.8089.0726
Windows Live ID-Anmelde-Assistent        Microsoft Corporation        01.10.2009        8,12MB        6.500.3146.0
Windows Live-Uploadtool        Microsoft Corporation        03.10.2009        0,22MB        14.0.8014.1029
WinPcap 3.1 beta        Politecnico di Torino        28.11.2009        0,38MB       
WinRAR                01.10.2009               
WinUHA 2.0 RC1 (2005.02.27)        Klaimsoft        02.10.2009        2,15MB       
WMV to AVI MPEG DVD WMV Converter 4.4.0725        Allok Soft Inc.        15.10.2009        18,3MB       
Wolfenstein 3D                08.12.2009        5,61MB       
WORLD IN CONFLICT        Massive Entertainment AB        20.11.2009        4.940,6MB        1.0.0.0
ZoneAlarm Pro        Check Point, Inc        22.11.2009        17,7MB        9.1.008.000
µTorrent                04.10.2009        0,37MB        1.8.1

kira 10.12.2009 09:20
hi

nun mal so zur Info...
1.
Thema ZoneAlarm & Firewall allgemein:
- der Angreifer kann sich jeder Zeit erhöhte Rechte verschaffen, Antiviren-, Firewall- und andere Schutzprogramme einfach abschalten...http://www.world-of-smilies.com/wos_computer/254.gif
"in diesem Sinne"...
- Je mehr verschiedene Programme man als Nutzer installiert um so mehr muss man sich mit Probleme begeben
Ausserdem heutige Anwendungen sind so komplex, dass nicht mehr garantiert werden kann, dass sie fehlerfrei sind. Man geht in der Regel sogar davon aus, dass zahlreiche Fehler enthalten sind. Also darunter eine spezielle Mauer, `Firewall` auch!
Generell ist je weniger offene Ports, ist ein System um so sicherer!
- McAfee für den IE schützt dich genauso wenig!
- mit div. Optimizer Tools kann man das System leicht kaputt optimieren ;)

** Ergebnis von Malwarebytes' Anti-Malware bitte posten!

Big Brain 10.12.2009 11:45
hi,

hier Malware Bericht:

Code:
Malwarebytes' Anti-Malware 1.42
Datenbank Version: 3308
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

10.12.2009 11:37:33
mbam-log-2009-12-10 (11-07-33).txt

Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 269345
Laufzeit: 32 minute(s), 57 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
ich habe nur 1ne Firewall und 1 AntiVir..?

ZoneAlarm...weil man damit auch programmen alles mögliche verbieten und erlauben kann z.b den Internet Zugriff...kann bei der Windows Firewall hat nicht und ich brauche diese Funktion.......und nur ein AntiVir Proggi von Avira...die Free Edition...ich weiß,dass sich mehere Security Tools gegenseitig umlegen^^

ThreadFire ist weder eine Firewall noch ein AntiVir Proggi..es achtet nur auf das Verhalten von Programmen...

was tunig angeht...reichen mir die Bootmittel: Datenträger...und defrag...

mit den Tools stelle ich nur einige sachen wie z.b das aussehen ein^^

mfg

kira 12.12.2009 18:11
hi

1.
alle Anwendungen schließen → Ordner für temporäre Dateien bitte leeren
**Lösche nur den Inhalt der Ordner, nicht die Ordner selbst! - Dateien, die noch in Benutzung sind,nicht löschbar.
  • `Start → ausführen` "cleanmgr" reinschreiben (ohne "") → "ok" - die Temporary Files, Temporary Internet Files, und der Papierkorb (Recycle Bin) müssen geleert werden→ "Ok"
  • `Start → ausführen` → %temp% reinschreiben (ohne "")→ "Ok" - - Ordnerinhalt überall markieren und löschen
  • für jedes Benutzerkonto bitte durchführen
  • anschließend den Papierkorb leeren

2.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

3.
- Bitte unbedingt alle vorhandenen externen Laufwerke inkl. evtl. vorhandener USB-Sticks an den Rechner anschließen, aber dabei die Shift-Taste gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird.
- Führe dann einen Komplett-Systemcheck mit Nod32 - die Scanergebnis als *.txt Dateien speichern)
- (ESET Online Scanner
Vor dem Scan Einstellungen im Internet Explorer:
- "Extras→ Internetoptionen→ Sicherheit":
- alles auf Standardstufe stellen
- Active X erlauben

- berichte genau wie es dein Rechner geht


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:40 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131