| Crimson11 | 02.06.2012 09:35 |
AKM 50 euro virus
Hallo
Auch mich hat nun dieser AKM Virus erwischt. Nachdem ich mich
im Internet informiert habe, habe ich gesehen, dass ich hier diese
OTL.txt Datei machen und anhängen soll.
Ich hoffe Ihr könnt mir helfen mit meinem Problem. Code:
OTL logfile created on: 6/1/2012 11:41:05 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 465.66 Gb Total Space | 77.62 Gb Free Space | 16.67% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/02/03 00:17:10 | 000,202,752 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/24 04:06:45 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- D:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/11 05:58:23 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/02/16 11:49:36 | 000,066,872 | ---- | M] () [Auto] -- D:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/12/23 08:20:08 | 000,327,680 | ---- | M] () [Auto] -- D:\Program Files (x86)\3DataManager\WTGService.exe -- (WTGService)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 08:07:17 | 000,025,832 | ---- | M] (BioWare) [Auto] -- D:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/02/15 06:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/18 07:01:19 | 000,310,728 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/12/20 10:22:32 | 000,053,248 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_ecm_enum_filter.sys -- (zte_ecm_enum_filter)
DRV:64bit: - [2010/12/20 10:22:32 | 000,053,248 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_ecm_enum.sys -- (zte_ecm_enum)
DRV:64bit: - [2010/12/20 10:22:30 | 000,078,336 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_cdc_acm.sys -- (zte_cdc_acm)
DRV:64bit: - [2010/12/20 10:22:30 | 000,052,224 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_cdc_ecm.sys -- (zte_cdc_ecm)
DRV:64bit: - [2010/12/20 10:22:30 | 000,014,336 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_cpo.sys -- (zte_cpo)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/03/30 12:43:53 | 000,042,696 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010/02/03 00:55:18 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/02/03 00:55:18 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/02/02 23:23:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/11/27 12:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/26 11:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009/10/26 11:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/10/19 09:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/08/23 18:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- D:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/03/17 05:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2005/11/03 10:40:56 | 000,089,600 | ---- | M] (Protection Technology) [Kernel | Disabled] -- D:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2005/08/10 08:46:20 | 000,068,608 | ---- | M] (Protection Technology) [Kernel | Disabled] -- D:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005/05/16 09:21:16 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled] -- D:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Gary_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\Gary_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\Gary_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\Gary_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0D 5D 22 2F D6 EA CA 01 [binary data]
IE - HKU\Gary_ON_D\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKU\Gary_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Gary_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@virtools.com/3DviaPlayer: D:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Gary_ON_D\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] D:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ApnUpdater] D:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] D:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] D:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NUSB3MON] D:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKU\Gary_ON_D..\Run: [ApplePhotoStreams] D:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\Gary_ON_D..\Run: [com.apple.dav.bookmarks.daemon] D:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKU\Gary_ON_D..\Run: [Comrade.exe] D:\Program Files (x86)\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
O4 - HKU\Gary_ON_D..\Run: [EA Core] File not found
O4 - HKU\Gary_ON_D..\Run: [iCloudServices] D:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\Gary_ON_D..\Run: [MobileDocuments] D:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\Gary_ON_D..\Run: [RGSC] File not found
O4 - HKU\Gary_ON_D..\Run: [Steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] File not found
O4 - Startup: D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cs8v0k.exe.lnk ()
O4 - Startup: D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - Gary_ON_D\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15:64bit: - Gary_ON_D\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15:64bit: - Gary_ON_D\..Trusted Domains: soe.com ([]* in Trusted sites)
O15:64bit: - Gary_ON_D\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} hxxp://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab (EAFO3AXLauncher Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} hxxp://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{6d05b86b-af94-11df-a81a-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{6d05b86b-af94-11df-a81a-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{74b2b8cf-73b6-11df-a840-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{74b2b8cf-73b6-11df-a840-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{7b0886b2-3833-11df-8eb9-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{7b0886b2-3833-11df-8eb9-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{7b0886b7-3833-11df-8eb9-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{7b0886b7-3833-11df-8eb9-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{8bf4e953-376b-11df-9348-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{8bf4e953-376b-11df-9348-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a3c1375b-697f-11df-ab0f-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{a3c1375b-697f-11df-ab0f-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a3c13760-697f-11df-ab0f-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{a3c13760-697f-11df-ab0f-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{aa242fbb-3aa1-11df-8b66-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{aa242fbb-3aa1-11df-8b66-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c35a3aa3-6ec0-11e1-8017-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{c35a3aa3-6ec0-11e1-8017-6cf0497862d7}\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{c35a3ac2-6ec0-11e1-8017-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{c35a3ac2-6ec0-11e1-8017-6cf0497862d7}\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{c45d0e9b-d9ba-11dd-af87-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c45d0e9b-d9ba-11dd-af87-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\Diablo III Setup.exe"
O33 - MountPoints2\{cbb3996d-6985-11df-84b3-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{cbb3996d-6985-11df-84b3-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/05/30 03:03:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/05/30 03:03:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\QuickTime
[2012/05/29 04:27:07 | 000,000,000 | ---D | C] -- D:\Users\Gary\AppData\Local\mcpatcher
[2012/05/27 11:36:05 | 000,000,000 | ---D | C] -- D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/27 11:36:05 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/16 04:26:08 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/05/16 04:26:08 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Diablo III
[2012/05/16 04:23:54 | 000,000,000 | ---D | C] -- D:\ProgramData\Battle.net
[2012/05/13 14:49:12 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TGC - The Games Company
[2012/05/13 11:19:16 | 000,000,000 | ---D | C] -- D:\Users\Gary\AppData\Roaming\.minecraft
[2012/05/11 05:58:17 | 008,769,696 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/11 05:47:15 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/11 05:46:59 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes
[2012/05/11 05:46:59 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\iTunes
[2012/05/11 05:46:59 | 000,000,000 | ---D | C] -- D:\Program Files\iPod
[2012/05/11 05:45:53 | 001,544,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2012/05/11 05:45:53 | 001,077,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2012/05/11 05:45:50 | 005,559,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntoskrnl.exe
[2012/05/11 05:45:49 | 003,968,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/11 05:45:48 | 003,913,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntoskrnl.exe
[2 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/01 16:18:59 | 000,000,915 | ---- | M] () -- D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cs8v0k.exe.lnk
[2012/06/01 16:18:46 | 000,001,102 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/01 16:13:42 | 000,065,536 | ---- | M] () -- D:\Windows\System32\Ikeext.etl
[2012/06/01 16:13:38 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/06/01 16:13:33 | 3220,037,632 | -HS- | M] () -- D:\hiberfil.sys
[2012/06/01 06:35:13 | 000,015,664 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/01 06:35:13 | 000,015,664 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/01 06:27:01 | 000,001,106 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/01 06:26:47 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/30 03:03:24 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/05/29 18:12:05 | 000,721,588 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2012/05/29 18:12:05 | 000,671,508 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/05/29 18:12:05 | 000,158,312 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2012/05/29 18:12:05 | 000,127,960 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/05/27 11:36:05 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/23 15:02:23 | 499,065,041 | ---- | M] () -- D:\Windows\MEMORY.DMP
[2012/05/16 04:40:58 | 000,000,000 | R--D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2012/05/16 04:40:56 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/05/13 14:49:12 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TGC - The Games Company
[2012/05/11 21:25:47 | 000,415,112 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2012/05/11 05:58:22 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2012/05/11 05:58:22 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/11 05:58:17 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/11 05:47:15 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/31 15:49:56 | 000,000,915 | ---- | C] () -- D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cs8v0k.exe.lnk
[2012/03/22 18:42:46 | 000,142,120 | -H-- | C] () -- D:\Windows\SysWow64\mlfcache.dat
[2011/08/02 13:59:39 | 000,040,960 | ---- | C] () -- D:\Windows\SysWow64\psfind.dll
[2011/07/03 17:17:55 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2011/02/09 07:08:06 | 000,000,092 | ---- | C] () -- D:\Users\Gary\AppData\Local\fusioncache.dat
[2010/06/13 17:51:20 | 000,103,736 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrB.exe
[2010/06/13 17:51:16 | 000,669,184 | ---- | C] () -- D:\Windows\SysWow64\pbsvc.exe
[2010/06/13 17:51:16 | 000,066,872 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrA.exe
[2009/10/26 15:06:06 | 000,001,035 | ---- | C] () -- D:\Windows\SysWow64\atipblag.dat
[2009/07/14 11:15:00 | 000,178,432 | ---- | C] () -- D:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
[2009/01/01 12:24:46 | 001,700,674 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2009/01/01 12:00:44 | 000,000,000 | ---- | C] () -- D:\Windows\ativpsrm.bin
[2008/10/07 03:13:30 | 000,197,912 | ---- | C] () -- D:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelFrench.dll
========== LOP Check ==========
[2010/04/22 05:23:33 | 000,000,000 | ---D | M] -- D:\ProgramData\3DVIA
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2011/10/23 13:55:58 | 000,000,000 | ---D | M] -- D:\ProgramData\Ask
[2012/05/16 04:24:24 | 000,000,000 | ---D | M] -- D:\ProgramData\Battle.net
[2011/04/20 04:35:21 | 000,000,000 | ---D | M] -- D:\ProgramData\BioWare
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2011/09/19 17:57:21 | 000,000,000 | ---D | M] -- D:\ProgramData\Divinity 2
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/05/24 12:41:11 | 000,000,000 | ---D | M] -- D:\ProgramData\Electronic Arts
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2010/03/24 15:08:36 | 000,000,000 | ---D | M] -- D:\ProgramData\GRAW2
[2012/03/15 16:12:21 | 000,000,000 | ---D | M] -- D:\ProgramData\PMB Files
[2011/04/10 16:18:38 | 000,000,000 | ---D | M] -- D:\ProgramData\POPWWPROFILES
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2011/09/08 12:26:23 | 000,000,000 | ---D | M] -- D:\ProgramData\Ubisoft
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2011/05/27 13:17:47 | 000,000,000 | ---D | M] -- D:\ProgramData\WinZip
[2009/01/01 12:25:55 | 000,000,000 | ---D | M] -- D:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/04/18 16:38:35 | 000,000,000 | ---D | M] -- D:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/25 07:48:30 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
lg |
