AKM 50 euro virus

Crimson11 · 02.06.2012, 09:35

Hallo

Auch mich hat nun dieser AKM Virus erwischt. Nachdem ich mich
im Internet informiert habe, habe ich gesehen, dass ich hier diese
OTL.txt Datei machen und anhängen soll.

Ich hoffe Ihr könnt mir helfen mit meinem Problem.

Code:

ATTFilter

 OTL logfile created on: 6/1/2012 11:41:05 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 465.66 Gb Total Space | 77.62 Gb Free Space | 16.67% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/02/03 00:17:10 | 000,202,752 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/24 04:06:45 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- D:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/11 05:58:23 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/02/16 11:49:36 | 000,066,872 | ---- | M] () [Auto] -- D:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/12/23 08:20:08 | 000,327,680 | ---- | M] () [Auto] -- D:\Program Files (x86)\3DataManager\WTGService.exe -- (WTGService)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 08:07:17 | 000,025,832 | ---- | M] (BioWare) [Auto] -- D:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/02/15 06:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/18 07:01:19 | 000,310,728 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/12/20 10:22:32 | 000,053,248 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_ecm_enum_filter.sys -- (zte_ecm_enum_filter)
DRV:64bit: - [2010/12/20 10:22:32 | 000,053,248 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_ecm_enum.sys -- (zte_ecm_enum)
DRV:64bit: - [2010/12/20 10:22:30 | 000,078,336 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_cdc_acm.sys -- (zte_cdc_acm)
DRV:64bit: - [2010/12/20 10:22:30 | 000,052,224 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_cdc_ecm.sys -- (zte_cdc_ecm)
DRV:64bit: - [2010/12/20 10:22:30 | 000,014,336 | ---- | M] (ZTE) [Kernel | On_Demand] -- D:\Windows\System32\drivers\zte_cpo.sys -- (zte_cpo)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/03/30 12:43:53 | 000,042,696 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010/02/03 00:55:18 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/02/03 00:55:18 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/02/02 23:23:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/11/27 12:45:06 | 000,295,424 | ---- | M] (Realtek                                            ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/26 11:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009/10/26 11:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/10/19 09:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/08/23 18:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- D:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/03/17 05:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2005/11/03 10:40:56 | 000,089,600 | ---- | M] (Protection Technology) [Kernel | Disabled] -- D:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2005/08/10 08:46:20 | 000,068,608 | ---- | M] (Protection Technology) [Kernel | Disabled] -- D:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005/05/16 09:21:16 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled] -- D:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Gary_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\Gary_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\Gary_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\Gary_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0D 5D 22 2F D6 EA CA 01  [binary data]
IE - HKU\Gary_ON_D\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKU\Gary_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Gary_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@virtools.com/3DviaPlayer: D:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: D:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Gary_ON_D\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [amd_dc_opt] D:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ApnUpdater] D:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] D:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] D:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NUSB3MON] D:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKU\Gary_ON_D..\Run: [ApplePhotoStreams] D:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\Gary_ON_D..\Run: [com.apple.dav.bookmarks.daemon] D:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKU\Gary_ON_D..\Run: [Comrade.exe] D:\Program Files (x86)\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
O4 - HKU\Gary_ON_D..\Run: [EA Core]  File not found
O4 - HKU\Gary_ON_D..\Run: [iCloudServices] D:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\Gary_ON_D..\Run: [MobileDocuments] D:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\Gary_ON_D..\Run: [RGSC]  File not found
O4 - HKU\Gary_ON_D..\Run: [Steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - Startup: D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cs8v0k.exe.lnk ()
O4 - Startup: D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - Gary_ON_D\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15:64bit: - Gary_ON_D\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15:64bit: - Gary_ON_D\..Trusted Domains: soe.com ([]* in Trusted sites)
O15:64bit: - Gary_ON_D\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} hxxp://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab (EAFO3AXLauncher Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} hxxp://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{6d05b86b-af94-11df-a81a-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{6d05b86b-af94-11df-a81a-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{74b2b8cf-73b6-11df-a840-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{74b2b8cf-73b6-11df-a840-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{7b0886b2-3833-11df-8eb9-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{7b0886b2-3833-11df-8eb9-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{7b0886b7-3833-11df-8eb9-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{7b0886b7-3833-11df-8eb9-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{8bf4e953-376b-11df-9348-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{8bf4e953-376b-11df-9348-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a3c1375b-697f-11df-ab0f-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{a3c1375b-697f-11df-ab0f-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a3c13760-697f-11df-ab0f-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{a3c13760-697f-11df-ab0f-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{aa242fbb-3aa1-11df-8b66-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{aa242fbb-3aa1-11df-8b66-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c35a3aa3-6ec0-11e1-8017-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{c35a3aa3-6ec0-11e1-8017-6cf0497862d7}\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{c35a3ac2-6ec0-11e1-8017-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{c35a3ac2-6ec0-11e1-8017-6cf0497862d7}\Shell\AutoRun\command - "" = E:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{c45d0e9b-d9ba-11dd-af87-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c45d0e9b-d9ba-11dd-af87-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\Diablo III Setup.exe"
O33 - MountPoints2\{cbb3996d-6985-11df-84b3-6cf0497862d7}\Shell - "" = AutoRun
O33 - MountPoints2\{cbb3996d-6985-11df-84b3-6cf0497862d7}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/05/30 03:03:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/05/30 03:03:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\QuickTime
[2012/05/29 04:27:07 | 000,000,000 | ---D | C] -- D:\Users\Gary\AppData\Local\mcpatcher
[2012/05/27 11:36:05 | 000,000,000 | ---D | C] -- D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/27 11:36:05 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/16 04:26:08 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/05/16 04:26:08 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Diablo III
[2012/05/16 04:23:54 | 000,000,000 | ---D | C] -- D:\ProgramData\Battle.net
[2012/05/13 14:49:12 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TGC - The Games Company
[2012/05/13 11:19:16 | 000,000,000 | ---D | C] -- D:\Users\Gary\AppData\Roaming\.minecraft
[2012/05/11 05:58:17 | 008,769,696 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/11 05:47:15 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/11 05:46:59 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes
[2012/05/11 05:46:59 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\iTunes
[2012/05/11 05:46:59 | 000,000,000 | ---D | C] -- D:\Program Files\iPod
[2012/05/11 05:45:53 | 001,544,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2012/05/11 05:45:53 | 001,077,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2012/05/11 05:45:50 | 005,559,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntoskrnl.exe
[2012/05/11 05:45:49 | 003,968,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/11 05:45:48 | 003,913,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntoskrnl.exe
[2 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/01 16:18:59 | 000,000,915 | ---- | M] () -- D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cs8v0k.exe.lnk
[2012/06/01 16:18:46 | 000,001,102 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/01 16:13:42 | 000,065,536 | ---- | M] () -- D:\Windows\System32\Ikeext.etl
[2012/06/01 16:13:38 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2012/06/01 16:13:33 | 3220,037,632 | -HS- | M] () -- D:\hiberfil.sys
[2012/06/01 06:35:13 | 000,015,664 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/01 06:35:13 | 000,015,664 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/01 06:27:01 | 000,001,106 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/01 06:26:47 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/30 03:03:24 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/05/29 18:12:05 | 000,721,588 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2012/05/29 18:12:05 | 000,671,508 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2012/05/29 18:12:05 | 000,158,312 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2012/05/29 18:12:05 | 000,127,960 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2012/05/27 11:36:05 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/05/23 15:02:23 | 499,065,041 | ---- | M] () -- D:\Windows\MEMORY.DMP
[2012/05/16 04:40:58 | 000,000,000 | R--D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2012/05/16 04:40:56 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/05/13 14:49:12 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TGC - The Games Company
[2012/05/11 21:25:47 | 000,415,112 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2012/05/11 05:58:22 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2012/05/11 05:58:22 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/11 05:58:17 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/11 05:47:15 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/05/31 15:49:56 | 000,000,915 | ---- | C] () -- D:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cs8v0k.exe.lnk
[2012/03/22 18:42:46 | 000,142,120 | -H-- | C] () -- D:\Windows\SysWow64\mlfcache.dat
[2011/08/02 13:59:39 | 000,040,960 | ---- | C] () -- D:\Windows\SysWow64\psfind.dll
[2011/07/03 17:17:55 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2011/02/09 07:08:06 | 000,000,092 | ---- | C] () -- D:\Users\Gary\AppData\Local\fusioncache.dat
[2010/06/13 17:51:20 | 000,103,736 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrB.exe
[2010/06/13 17:51:16 | 000,669,184 | ---- | C] () -- D:\Windows\SysWow64\pbsvc.exe
[2010/06/13 17:51:16 | 000,066,872 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrA.exe
[2009/10/26 15:06:06 | 000,001,035 | ---- | C] () -- D:\Windows\SysWow64\atipblag.dat
[2009/07/14 11:15:00 | 000,178,432 | ---- | C] () -- D:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
[2009/01/01 12:24:46 | 001,700,674 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2009/01/01 12:00:44 | 000,000,000 | ---- | C] () -- D:\Windows\ativpsrm.bin
[2008/10/07 03:13:30 | 000,197,912 | ---- | C] () -- D:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelFrench.dll
 
========== LOP Check ==========
 
[2010/04/22 05:23:33 | 000,000,000 | ---D | M] -- D:\ProgramData\3DVIA
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2011/10/23 13:55:58 | 000,000,000 | ---D | M] -- D:\ProgramData\Ask
[2012/05/16 04:24:24 | 000,000,000 | ---D | M] -- D:\ProgramData\Battle.net
[2011/04/20 04:35:21 | 000,000,000 | ---D | M] -- D:\ProgramData\BioWare
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2011/09/19 17:57:21 | 000,000,000 | ---D | M] -- D:\ProgramData\Divinity 2
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/05/24 12:41:11 | 000,000,000 | ---D | M] -- D:\ProgramData\Electronic Arts
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2010/03/24 15:08:36 | 000,000,000 | ---D | M] -- D:\ProgramData\GRAW2
[2012/03/15 16:12:21 | 000,000,000 | ---D | M] -- D:\ProgramData\PMB Files
[2011/04/10 16:18:38 | 000,000,000 | ---D | M] -- D:\ProgramData\POPWWPROFILES
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2011/09/08 12:26:23 | 000,000,000 | ---D | M] -- D:\ProgramData\Ubisoft
[2010/03/24 13:31:27 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2011/05/27 13:17:47 | 000,000,000 | ---D | M] -- D:\ProgramData\WinZip
[2009/01/01 12:25:55 | 000,000,000 | ---D | M] -- D:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/04/18 16:38:35 | 000,000,000 | ---D | M] -- D:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/05/25 07:48:30 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

lg

cosinus · 03.06.2012, 15:44

Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung?

Abgesicherter Modus zur Bereinigung

Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

Crimson11 · 03.06.2012, 21:48

Hallo

Danke für die rasche Antwort.

Mein PC lässt sich zwar im Abgesicherten Modus starten aber mein
Internet funktioniert dort nicht.

cosinus · 04.06.2012, 10:06

Zitat:

aber mein Internet funktioniert dort nicht.

So eine Problembeschreibung hab ich jetzt nicht erhofft. Das ist schon etwas dürftig oder kannst du mir erklären wie ich daraus erkenne, ob du auch wirklich den abgesicherten Modus mit Netzwerktreibern genommen hast? Und woher weiß ich wie genau du ins Internet gehst? UMTS, Kabel, DSL? WLAN oder per Netzwerkkabel? Router oder doch kein Router, reine Modemverbindung?

Crimson11 · 04.06.2012, 11:12

Sorry, dass das so dürftig ist, weiß nicht genau was du so benötigst.

Also habe meinen PC so gestartet, wie du es beschrieben hast. Er hat ganz
normal den "abgesicherten Modus" gestartet, ohne, dass sich dieses Fenster wieder geöffnet hat.

Beim starten meines Internets wurde das Data Stick Modem (ich hoffe du weißt was ich damit meine, weiß nicht ob das so heißt) aber nicht gefunden und ich konnte nicht ins Internet.

cosinus · 04.06.2012, 16:01

Zitat:

normal den "abgesicherten Modus" gestartet,

Und der "normale" abgesicherte Modus ist schon mal Quatsch
Du solltest den abgesicherten Modus mit Netzwerktreibern nehmen

Crimson11 · 04.06.2012, 16:23

Mit normal war gemeint wie in der Beschreibung: "abgesicherter Modus mit Netzwerktreibern".

cosinus · 04.06.2012, 16:35

Kannst du nur über diesen komischen (UMTS?) Stick ins Internet? Kein Router da? Kein Netzwerkkabel?

03.06.2012, 15:44	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AKM 50 euro virus Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung? Abgesicherter Modus zur Bereinigung Windows mit F8-Taste beim Start in den abgesicherten Modus bringen. Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern: __________________ __________________

04.06.2012, 16:35	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AKM 50 euro virus Kannst du nur über diesen komischen (UMTS?) Stick ins Internet? Kein Router da? Kein Netzwerkkabel? __________________ Logfiles bitte immer in CODE-Tags posten

AKM 50 euro virus

Plagegeister aller Art und deren Bekämpfung: AKM 50 euro virus

AKM 50 euro virus

AKM 50 euro virus

AKM 50 euro virus

AKM 50 euro virus

AKM 50 euro virus

AKM 50 euro virus

AKM 50 euro virus

AKM 50 euro virus

Ähnliche Themen: AKM 50 euro virus

03.06.2012, 21:48	#3
Crimson11	AKM 50 euro virus Hallo Danke für die rasche Antwort. Mein PC lässt sich zwar im Abgesicherten Modus starten aber mein Internet funktioniert dort nicht. __________________

04.06.2012, 16:23	#7
Crimson11	AKM 50 euro virus Mit normal war gemeint wie in der Beschreibung: "abgesicherter Modus mit Netzwerktreibern".