Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Updateprobleme jeweder Software(Nach Internet Security 2011 befall)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.06.2011, 22:07   #1
Flow-De
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Moin alle zusammen nun führt mein weg doch wieder zurück zum Trojaner-Board.

Hatte letztens beim laden verschiedener Software das Problem der angehängten Software "Internet Security 2011".

Hab mich natürlich die krätze geärgert das mir das nach 4 Jahren sorglosem Surfen doch passiert.

Ich bin im abgesicherten Modus gestartet und der Sache auf den grund gegangen. Ich konnte komischerweise den Taskmanager starten und den prozess zu einer exe zurück verfolgen.

"kya.exe"

Mit der Datei suche konnte ich diese "exe" und eine "txt" datei identifizieren und entfernen. Danach öffnete sich nichts mehr von diesem Scareware Programm.


Nachdem habe ich mit Security Essentials (Microsoft), Malewarebytes und S&D alle restlichen viren/spyware/maleware entfernt.

Jedoch funktionieren seitdem keine Updates mehr, welches ein großes problem für mich ist.





Mit Combofix und OTL hab ich ein Log erstellt.


OTL EXTRAS Logfile:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.06.2011 22:54:15 - Run 1
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Justin\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,75 Gb Available Physical Memory | 79,18% Memory free
11,99 Gb Paging File | 10,58 Gb Available in Paging File | 88,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 90,75 Gb Free Space | 30,44% Space Free | Partition Type: NTFS
Drive D: | 1397,26 Gb Total Space | 617,24 Gb Free Space | 44,18% Space Free | Partition Type: NTFS
Drive F: | 465,66 Gb Total Space | 447,30 Gb Free Space | 96,06% Space Free | Partition Type: NTFS
 
Computer Name: JUSTINS-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %* File not found
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.113
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}" = ATI Stream SDK v2 Developer
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}" = ATI Catalyst Install Manager
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00B4-0407-1000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-003B-0000-1000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007D-0409-1000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit
"{95140000-007F-0407-1000-0000000FF1CE}" = Microsoft Outlook Hotmail Connector 64-Bit
"{AE0D971F-5430-8874-B09E-3F1C76E2F8FF}" = WMV9/VC-1 Video Playback
"{B24A47E5-F196-461E-A7A4-AADB72CB19DD}" = iTunes
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B49673F8-7AB6-4A14-8213-C8A7BE370010}" = UltraMon
"{CC7D4CC8-FE90-17E2-FAC6-3D14C93DCE09}" = AMD Drag and Drop Transcoding
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D29E5E5F-47CA-087E-DCBF-FB75171D5B2E}" = ccc-utility64
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client DE-DE Language Pack
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"CrystalDiskMark_is1" = CrystalDiskMark 3.0.1a
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Shrew Soft VPN Client" = Shrew Soft VPN Client
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{135F49F2-9071-F45A-4263-DF7D42FBF7DD}" = CCC Help English
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3F66C4BF-4BD9-FF9C-FA9F-4579F60A33B3}" = Catalyst Control Center Graphics Previews Vista
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{554E5DE9-4670-452D-8157-FCB81C502D65}" = ShadowProtect Desktop
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8850DEC8-22FD-4F05-A3AA-49B91200C24F}" = ShadowProtect Desktop
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A914AE85-1A36-0575-714C-BF996BDA20C7}" = ccc-core-static
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AE249BA3-2421-3996-5E9A-DF4A9F3551FC}" = Catalyst Control Center InstallProxy
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BC7BED89-618B-4E89-8ADF-75D47F276223}" = Pinnacle Studio 15 Ultimate Collection Plugins
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DB8B49A9-7CF1-34DB-6DF2-1EC41C0FE5E1}" = Catalyst Control Center Graphics Previews Common
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EF6E3398-7BB4-4A1C-B43A-D53ABEB1999F}" = HFM.NET 0.6.1.251
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F30787F6-EA4F-4BC8-0001-398BDCC33E1E}" = MovieSaver*3.0
"{FC030CB5-46A6-4229-AD6E-0AC869F509C8}" = Pinnacle Studio Bonus Content
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"APB Reloaded" = APB Reloaded
"BeyondCompare3_is1" = Beyond Compare Version 3.1.11
"BitTorrent" = BitTorrent
"FileZilla Client" = FileZilla Client 3.4.0
"Fraps" = Fraps (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.37.426
"HD Tune Pro_is1" = HD Tune Pro 3.10
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"JDownloader" = JDownloader
"Knoll Light Factory EZ Studio 15" = Knoll Light Factory EZ Studio 15
"Magic Bullet Looks Studio 15" = Magic Bullet Looks Studio 15
"Marvell Miniport Driver" = Marvell Miniport Driver
"Messenger Plus!" = Messenger Plus! 5
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"MyFreeCodec" = MyFreeCodec
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"Red Giant ToonIt Studio 15" = Red Giant ToonIt Studio 15
"RocketDock_is1" = RocketDock 1.3.5
"Simple Internet Meter" = Simple Internet Meter
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 41500" = Torchlight
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 630" = Alien Swarm
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"Trapcode 3DStroke Studio 15" = Trapcode 3DStroke Studio 15
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio 15" = Trapcode Shine Studio 15
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.9
"VMware_Workstation" = VMware Workstation
"WBFS Manager 3.0" = WBFS Manager 3.0
"Winmx Community 1" = Winmx Community 1
"winpcap-nmap" = winpcap-nmap 4.02
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"MyFreeCodec" = MyFreeCodec
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.06.2011 11:23:08 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23.06.2011 11:23:08 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7005
 
Error - 23.06.2011 11:23:08 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7005
 
Error - 23.06.2011 11:23:09 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23.06.2011 11:23:09 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8019
 
Error - 23.06.2011 11:23:09 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8019
 
Error - 23.06.2011 11:23:10 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 23.06.2011 11:23:10 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9017
 
Error - 23.06.2011 11:23:10 | Computer Name = Justins-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9017
 
Error - 23.06.2011 16:52:38 | Computer Name = Justins-PC | Source = Schedule | ID = 0
Description = 
 
[ System Events ]
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%801     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%801     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:26 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%801     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%801     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
Error - 23.06.2011 16:54:31 | Computer Name = Justins-PC | Source = Microsoft Antimalware | ID = 2001
Description = Fehler in %%860 beim Aktualisieren von Signaturen.     Neue Signaturversion:
      Vorherige Signaturversion: 0.0.0.0     Aktualisierungsquelle: %%851     Aktualisierungsstufe:
 %%852     Quellpfad: hxxp://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094
 
    Signaturtyp:
 %%800     Aktualisierungstyp: %%803     Benutzer: NT-AUTORITÄT\NETZWERKDIENST     Aktuelle Modulversion:
      Vorherige Modulversion: 0.0.0.0     Fehlercode: 0x80072ee7     Fehlerbeschreibung: Der Servername
 oder die Serveradresse konnte nicht verarbeitet werden. 
 
 
< End of report >
         
--- --- ---

--- --- ---

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.06.2011 22:57:54 - Run 1
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Justin\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,46 Gb Available Physical Memory | 74,44% Memory free
11,99 Gb Paging File | 10,26 Gb Available in Paging File | 85,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 90,74 Gb Free Space | 30,44% Space Free | Partition Type: NTFS
Drive D: | 1397,26 Gb Total Space | 617,24 Gb Free Space | 44,18% Space Free | Partition Type: NTFS
Drive F: | 465,66 Gb Total Space | 447,30 Gb Free Space | 96,06% Space Free | Partition Type: NTFS
 
Computer Name: JUSTINS-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.06.23 22:50:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
PRC - [2011.06.23 13:18:48 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.06.23 12:19:30 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.02 12:57:06 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011.03.25 23:51:46 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011.03.25 23:51:32 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011.03.25 23:51:20 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2010.11.16 23:31:48 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010.01.22 13:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.12.21 09:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.06.23 22:50:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010.02.14 03:53:56 | 000,210,432 | ---- | M] (Realtime Soft Ltd) -- C:\Programme\UltraMon\RTSUltraMonHookX32.dll
MOD - [2010.02.14 03:52:06 | 000,325,120 | ---- | M] (Realtime Soft Ltd) -- C:\Programme\UltraMon\UltraMonResButtons.dll
MOD - [2009.07.14 03:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009.07.14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010.10.08 07:18:46 | 000,697,616 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe -- (ipsecd)
SRV:64bit: - [2010.10.08 07:18:46 | 000,056,592 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ShrewSoft\VPN Client\dtpd.exe -- (dtpd)
SRV:64bit: - [2010.10.08 07:18:44 | 000,957,712 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ShrewSoft\VPN Client\iked.exe -- (iked)
SRV:64bit: - [2010.09.29 03:51:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.06.23 13:18:48 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.02 12:57:06 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.04.01 10:31:39 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.25 23:51:46 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011.03.25 23:51:32 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011.03.25 23:51:20 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011.03.25 22:27:40 | 000,539,248 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2011.01.07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.08.19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010.07.15 19:11:08 | 000,067,616 | ---- | M] (StorageCraft Technology Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\vsnapvss.exe -- (VSNAPVSS)
SRV - [2010.07.15 19:09:22 | 001,657,376 | ---- | M] (StorageCraft Technology Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe -- (ShadowProtectSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.03.25 23:52:38 | 000,068,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011.03.25 23:52:34 | 000,081,008 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011.03.25 23:50:52 | 000,031,856 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2011.03.25 23:50:44 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011.03.25 22:27:36 | 000,038,512 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011.03.25 20:04:58 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011.03.25 20:04:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.01.03 10:38:36 | 000,177,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.01.03 10:38:36 | 000,157,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011.01.03 10:38:36 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010.12.21 07:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.12.21 07:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010.12.21 07:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.11.09 08:52:33 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.10.25 11:10:22 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2010.10.25 11:03:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.10.15 16:23:41 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2010.09.29 04:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.09.29 03:14:48 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.09.02 09:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
DRV:64bit: - [2010.09.02 09:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
DRV:64bit: - [2010.08.16 12:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.07.15 18:48:20 | 000,217,632 | ---- | M] (StorageCraft Technology Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stcvsm.sys -- (stcvsm)
DRV:64bit: - [2010.07.09 14:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010.03.17 12:24:00 | 000,401,696 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010.03.02 20:30:20 | 001,301,504 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010.01.22 13:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.01.22 13:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.07.31 12:40:34 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMfilt64.sys -- (VMfilt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.09 17:56:06 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.15 22:13:08 | 000,040,464 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2005.09.23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV:64bit: - [2005.03.29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010.10.25 11:03:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2010.08.19 13:56:38 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2008.11.14 03:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE B8 37 63 9D E5 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Plasmoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6483
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.23 12:19:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.23 12:35:00 | 000,000,000 | ---D | M]
 
[2010.11.09 08:58:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\mozilla\Extensions
[2011.05.01 00:02:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\mozilla\Firefox\Profiles\58gc5y1s.default\extensions
[2011.05.01 00:02:15 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Justin\AppData\Roaming\mozilla\Firefox\Profiles\58gc5y1s.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.01 00:02:18 | 000,000,000 | ---D | M] (Plasmoo Search Engine) -- C:\Users\Justin\AppData\Roaming\mozilla\Firefox\Profiles\58gc5y1s.default\extensions\engine@plasmoo.com
[2011.04.28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\58gc5y1s.default\searchplugins\plasmoo.xml
[2011.03.19 16:52:43 | 000,001,583 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\58gc5y1s.default\searchplugins\web-search.xml
[2011.06.21 22:09:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.11.09 23:09:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.09 14:03:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011.06.23 12:19:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.06.23 22:45:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Justin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Justin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.23 22:24:36 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.23 22:52:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.06.23 22:50:15 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2011.06.23 22:46:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.06.23 22:43:26 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011.06.23 22:39:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.06.23 22:39:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.06.23 22:39:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.06.23 22:39:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.06.23 22:39:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.06.23 22:38:15 | 004,135,090 | R--- | C] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2011.06.23 22:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011.06.23 22:24:23 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group
[2011.06.23 22:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.06.23 22:18:48 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\PackageAware
[2011.06.23 12:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.06.23 12:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.06.23 12:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.06.23 12:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011.06.21 22:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011.06.21 22:15:08 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2011.06.21 18:52:52 | 000,000,000 | ---D | C] -- C:\Users\Justin\Documents\ICQ
[2011.06.21 11:07:36 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{AEC54154-E298-420C-A62F-65063180C5A8}
[2011.06.20 18:18:45 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{CF0E8247-F42B-4A51-892E-2486920F1522}
[2011.06.20 17:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2011.06.20 12:44:28 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{08FF1306-6C83-4A00-812F-64BEAF6035B0}
[2011.06.20 03:17:41 | 000,000,000 | ---D | C] -- C:\avktmp
[2011.06.20 00:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\nE28247HgJmF28247
[2011.06.19 23:45:12 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{3B49D928-1761-44FE-B5B1-819147491BC0}
[2011.06.19 11:44:45 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{765EC9CA-2B70-4E60-8472-93EB2F03D312}
[2011.06.19 01:50:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011.06.18 15:16:50 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{9458BF69-934D-485C-9E06-69768D52B77E}
[2011.06.17 10:30:33 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{0BEF3957-B07A-402A-94DB-EAEADE8B76D9}
[2011.06.16 11:46:42 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{A2A7DF3F-3095-471B-997C-297E5993AA49}
[2011.06.15 23:46:17 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{1C077B33-3059-4718-959D-A9F0FB4F3647}
[2011.06.15 11:45:53 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{DD28D64C-99FD-495C-9701-FC4FA281B470}
[2011.06.14 23:45:28 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{9F50A274-932B-428A-89FC-941540AECDFF}
[2011.06.14 11:45:16 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{52EDC7F5-E92D-4C26-8D0F-D38856C8492A}
[2011.06.13 23:44:51 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{F810E773-FC2D-4658-8AB0-E5CAD996447B}
[2011.06.13 17:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark
[2011.06.13 17:01:50 | 000,000,000 | ---D | C] -- C:\Programme\CrystalDiskMark
[2011.06.13 16:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
[2011.06.13 16:56:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune Pro
[2011.06.13 16:56:43 | 000,000,000 | ---D | C] -- C:\Users\Justin\Desktop\hd tune pro
[2011.06.13 15:42:13 | 000,000,000 | ---D | C] -- C:\Users\Justin\Desktop\Vogel
[2011.06.13 11:44:26 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{9B15E19D-4575-4204-B61A-6656935099F2}
[2011.06.12 11:37:38 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{18D9A83C-2AC4-4250-ABA5-6592202529E0}
[2011.06.11 21:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011.06.11 18:56:39 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{B7CEDDBB-ECA3-49CA-890F-49C258851B20}
[2011.06.09 16:40:11 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{49737F2E-56A7-43A9-B94F-31167011EAEE}
[2011.06.08 18:21:58 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{77838E10-8757-4A04-85BE-77E46522557B}
[2011.06.07 16:34:13 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{E7CFA76D-2785-4D05-B71E-AF152773AE4F}
[2011.06.06 16:17:12 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{8B517B1C-4C64-486C-9A20-5281FDD0CE88}
[2011.06.05 22:39:38 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{62BD8C7B-95CF-4B49-BAE7-CE2EE89CD45E}
[2011.06.05 10:39:17 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{E28171D1-15C0-4AEF-91EE-F01908D8B40B}
[2011.06.04 10:24:57 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{F92890FF-1BAE-45D4-871A-15A4DAE9C0DB}
[2011.06.03 23:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DNA
[2011.06.03 17:27:58 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{D8333509-A29D-4ED3-8E12-99E312B5E1BA}
[2011.06.02 23:31:57 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{75922FCE-02E2-4ED0-80F0-9BFDDC191F29}
[2011.06.02 23:29:06 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\PunkBuster
[2011.06.02 21:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011.06.02 21:24:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2011.06.02 21:24:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2011.06.02 11:31:45 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{13102B78-EA9B-4276-B9CE-74866B568C53}
[2011.06.01 20:57:52 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\Artisteer
[2011.06.01 20:54:21 | 000,000,000 | ---D | C] -- C:\Users\Justin\Desktop\Artisteer
[2011.06.01 18:58:45 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{6B492914-CDD5-452C-9E51-C4D644E1AB49}
[2011.05.31 21:52:25 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{E349716F-38C2-45CE-BF80-A6CF311A63CE}
[2011.05.30 20:54:53 | 000,000,000 | ---D | C] -- C:\Users\Justin\Documents\gegl-0.0
[2011.05.30 20:54:53 | 000,000,000 | ---D | C] -- C:\Users\Justin\.gimp-2.6
[2011.05.30 20:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2011.05.30 20:54:35 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0
[2011.05.30 19:50:06 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{8CC7172A-B917-40F7-AE2A-6C99E49BD72B}
[2011.05.29 22:29:04 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{A00A899C-9050-45F5-8281-D9D21A2F82C9}
[2011.05.29 10:29:12 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{38035D52-CDD8-4DAF-82F1-B3BA68C95FB8}
[2011.05.28 16:50:00 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{AB44ACBB-2F7A-4F63-8315-331A3879312E}
[2011.05.27 19:31:57 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{E14A3A57-57B8-4B5E-8586-5C5C0D9751D7}
[2011.05.26 15:03:51 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{D75FD3FD-58C1-4577-ADCD-0CE98DB56DF4}
[2011.05.25 20:14:52 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Local\{07164B29-CFFE-45F4-92D1-3603DCFBFB35}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Justin\Desktop\*.tmp files -> C:\Users\Justin\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.23 22:52:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.23 22:52:22 | 535,433,215 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.23 22:51:10 | 000,000,020 | ---- | M] () -- C:\Users\Justin\defogger_reenable
[2011.06.23 22:50:16 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2011.06.23 22:50:04 | 000,050,477 | ---- | M] () -- C:\Users\Justin\Desktop\Defogger.exe
[2011.06.23 22:45:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.06.23 22:39:00 | 004,135,090 | R--- | M] (Swearware) -- C:\Users\Justin\Desktop\ComboFix.exe
[2011.06.23 22:24:36 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2011.06.23 16:10:43 | 000,013,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.23 16:10:43 | 000,013,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.23 13:23:49 | 000,270,632 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.06.23 13:23:49 | 000,270,632 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.23 13:18:56 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.06.23 13:18:48 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.23 12:25:28 | 000,000,036 | ---- | M] () -- C:\Users\Justin\AppData\Local\housecall.guid.cache
[2011.06.23 11:27:27 | 000,067,879 | ---- | M] () -- C:\Users\Justin\Desktop\006.jpg
[2011.06.23 11:26:40 | 000,033,622 | ---- | M] () -- C:\Users\Justin\Desktop\dm_8000_0.jpg
[2011.06.23 09:47:39 | 001,513,152 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.23 09:47:39 | 000,658,712 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.06.23 09:47:39 | 000,620,594 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.23 09:47:39 | 000,132,010 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.06.23 09:47:39 | 000,108,400 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.21 22:15:45 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.06.21 22:15:16 | 001,534,178 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.20 17:28:12 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.06.20 03:04:46 | 000,013,012 | -HS- | M] () -- C:\Users\Justin\AppData\Local\0tu10km5tq8
[2011.06.20 03:04:46 | 000,013,012 | -HS- | M] () -- C:\ProgramData\0tu10km5tq8
[2011.06.19 22:29:16 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.06.19 22:25:27 | 000,005,120 | ---- | M] () -- C:\Users\Justin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.16 13:37:10 | 000,030,253 | ---- | M] () -- C:\Users\Justin\Desktop\617koh.jpg
[2011.06.16 10:06:28 | 000,482,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.06.14 16:41:58 | 000,002,022 | -H-- | M] () -- C:\Users\Justin\Documents\Default.rdp
[2011.06.13 17:13:39 | 000,000,079 | ---- | M] () -- C:\Users\Justin\AppData\Local\CrystalDiskMark30.ini
[2011.06.13 17:01:51 | 000,001,794 | ---- | M] () -- C:\Users\Justin\Desktop\CrystalDiskMark.lnk
[2011.06.13 15:41:49 | 002,830,916 | ---- | M] () -- C:\Users\Justin\Desktop\Vogel.rar
[2011.06.02 22:09:37 | 3805,508,496 | ---- | M] () -- C:\Users\Justin\Client1.5.0.562750.7z
[2011.05.30 20:54:49 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Justin\Desktop\*.tmp files -> C:\Users\Justin\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.06.23 22:51:10 | 000,000,020 | ---- | C] () -- C:\Users\Justin\defogger_reenable
[2011.06.23 22:50:03 | 000,050,477 | ---- | C] () -- C:\Users\Justin\Desktop\Defogger.exe
[2011.06.23 22:39:36 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.06.23 22:39:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.06.23 22:39:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.06.23 22:39:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.06.23 22:39:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.06.23 22:24:36 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2011.06.23 12:35:00 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.06.23 12:25:28 | 000,000,036 | ---- | C] () -- C:\Users\Justin\AppData\Local\housecall.guid.cache
[2011.06.23 11:27:27 | 000,067,879 | ---- | C] () -- C:\Users\Justin\Desktop\006.jpg
[2011.06.23 11:26:39 | 000,033,622 | ---- | C] () -- C:\Users\Justin\Desktop\dm_8000_0.jpg
[2011.06.22 11:10:27 | 000,270,632 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.22 11:10:26 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.21 22:15:09 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.06.20 17:28:12 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011.06.20 04:37:17 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.06.20 00:53:02 | 000,013,012 | -HS- | C] () -- C:\Users\Justin\AppData\Local\0tu10km5tq8
[2011.06.20 00:53:02 | 000,013,012 | -HS- | C] () -- C:\ProgramData\0tu10km5tq8
[2011.06.16 13:37:08 | 000,030,253 | ---- | C] () -- C:\Users\Justin\Desktop\617koh.jpg
[2011.06.13 17:01:53 | 000,000,079 | ---- | C] () -- C:\Users\Justin\AppData\Local\CrystalDiskMark30.ini
[2011.06.13 17:01:51 | 000,001,794 | ---- | C] () -- C:\Users\Justin\Desktop\CrystalDiskMark.lnk
[2011.06.13 15:41:47 | 002,830,916 | ---- | C] () -- C:\Users\Justin\Desktop\Vogel.rar
[2011.06.02 23:29:09 | 000,270,632 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.06.02 23:26:02 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.06.02 21:28:30 | 3805,508,496 | ---- | C] () -- C:\Users\Justin\Client1.5.0.562750.7z
[2011.05.30 20:54:49 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.12 19:18:42 | 000,005,120 | ---- | C] () -- C:\Users\Justin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.08 14:41:06 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.03.08 14:41:04 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.03.08 14:41:04 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.03.08 14:41:04 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.03.08 14:41:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.02.27 13:13:41 | 000,372,736 | ---- | C] () -- C:\Windows\SysWow64\RSLSP.dll
[2011.02.04 22:24:55 | 000,000,022 | ---- | C] () -- C:\Windows\simpwt.dat
[2011.01.21 13:30:06 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2010.12.29 02:35:00 | 000,004,758 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\Cabos.plist
[2010.11.27 21:32:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.09 09:33:25 | 001,534,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.08 17:14:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.11.08 16:59:13 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.06.16 00:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.10.06 09:16:00 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.03.15 22:13:10 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== LOP Check ==========
 
[2011.06.23 22:45:08 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\AIMP
[2011.06.01 20:57:52 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Artisteer
[2011.06.14 13:00:11 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\BitTorrent
[2010.12.29 02:35:00 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Cabos
[2010.11.20 20:09:43 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Canneverbe Limited
[2011.06.20 13:59:50 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\DNA
[2011.05.01 00:02:15 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.27 13:22:57 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Engelmann Media
[2011.06.02 23:13:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\FileZilla
[2010.11.26 16:53:18 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Folding@home-x86
[2010.12.21 17:57:20 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\HFM
[2011.06.22 22:34:06 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\ICQ
[2010.12.29 03:11:07 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\LimeWire
[2011.02.21 22:22:46 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\LockHunter
[2011.05.14 10:12:34 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\runic games
[2010.12.12 15:26:11 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Samsung
[2010.11.09 10:29:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Scooter Software
[2011.02.27 14:02:37 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Sytexis Software
[2011.04.12 17:29:10 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TeamViewer
[2011.03.30 20:39:20 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Thinstall
[2010.11.12 11:43:34 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TightVNC
[2011.05.18 10:38:25 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TS3Client
[2011.06.23 22:52:38 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:618D0840
 
< End of report >
         
--- --- ---

Geändert von Flow-De (23.06.2011 um 22:36 Uhr)

Alt 24.06.2011, 09:57   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Zitat:
[2011.06.23 22:39:12 | 000,000,000 | ---D | C] -- C:\Qoobox
Einen ganz klaren Hinweis gibt es auch zu http://www.trojaner-board.de/95175-combofix.html
Zitat:

Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
Poste wenigstens das Log von CF!
__________________

__________________

Alt 24.06.2011, 13:09   #3
Flow-De
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Code:
ATTFilter
ComboFix 11-06-23.01 - Justin 23.06.2011  22:40:16.1.4 - x64
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.6142.4307 [GMT 2:00]
ausgeführt von:: c:\users\Justin\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\timer2tray
c:\users\Justin\APB_Reloaded_Installer.exe
c:\users\Justin\AppData\Roaming\Adobe\plugs
c:\users\Justin\AppData\Roaming\Adobe\shed
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-05-23 bis 2011-06-23  ))))))))))))))))))))))))))))))
.
.
2011-06-23 20:44 . 2011-06-23 20:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-06-23 20:25 . 2011-06-23 20:25	--------	d-----w-	c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-06-23 20:24 . 2011-06-23 20:24	--------	d-----w-	c:\program files\Enigma Software Group
2011-06-23 20:23 . 2011-06-23 20:43	--------	d-----w-	c:\windows\1226A4C56F274C4EAE372B5512DE125A.TMP
2011-06-23 20:23 . 2011-06-23 20:23	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2011-06-23 20:18 . 2011-06-23 20:25	--------	dc-h--w-	c:\programdata\~0
2011-06-23 20:18 . 2011-06-23 20:18	--------	d-----w-	c:\users\Justin\AppData\Local\PackageAware
2011-06-23 10:34 . 2011-06-23 10:35	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2011-06-23 10:27 . 2011-06-23 10:55	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2011-06-23 10:27 . 2011-06-23 10:55	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2011-06-23 10:19 . 2011-06-23 10:19	2106216	----a-w-	c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-06-23 10:19 . 2011-06-23 10:19	1998168	----a-w-	c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-06-22 09:10 . 2011-06-23 11:23	270632	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2011-06-22 09:10 . 2011-06-23 11:18	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2011-06-21 21:40 . 2011-06-21 21:46	--------	d-----w-	c:\users\test
2011-06-21 20:15 . 2011-06-21 20:15	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2011-06-21 20:15 . 2011-06-21 20:15	--------	d-----w-	c:\program files\Microsoft Security Client
2011-06-21 09:07 . 2011-06-21 09:07	--------	d-----w-	c:\users\Justin\AppData\Local\{AEC54154-E298-420C-A62F-65063180C5A8}
2011-06-20 16:18 . 2011-06-20 16:18	--------	d-----w-	c:\users\Justin\AppData\Local\{CF0E8247-F42B-4A51-892E-2486920F1522}
2011-06-20 15:28 . 2011-06-20 15:28	--------	d-----w-	c:\program files (x86)\TeamSpeak 3 Client
2011-06-20 10:44 . 2011-06-20 10:44	--------	d-----w-	c:\users\Justin\AppData\Local\{08FF1306-6C83-4A00-812F-64BEAF6035B0}
2011-06-20 02:35 . 2010-04-09 11:06	374664	----a-w-	c:\windows\system32\drivers\netio.sys
2011-06-20 01:17 . 2011-06-20 01:17	--------	d-----w-	C:\avktmp
2011-06-19 22:52 . 2011-06-20 02:14	--------	d-----w-	c:\programdata\nE28247HgJmF28247
2011-06-19 21:45 . 2011-06-19 21:45	--------	d-----w-	c:\users\Justin\AppData\Local\{3B49D928-1761-44FE-B5B1-819147491BC0}
2011-06-19 09:44 . 2011-06-19 09:44	--------	d-----w-	c:\users\Justin\AppData\Local\{765EC9CA-2B70-4E60-8472-93EB2F03D312}
2011-06-18 23:50 . 2011-06-18 23:50	--------	d-----w-	c:\windows\system32\EventProviders
2011-06-18 13:16 . 2011-06-18 13:17	--------	d-----w-	c:\users\Justin\AppData\Local\{9458BF69-934D-485C-9E06-69768D52B77E}
2011-06-17 08:32 . 2011-05-09 22:00	8718160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1D42E87-0FE9-444A-AECB-F5A9B8D403D9}\mpengine.dll
2011-06-17 08:30 . 2011-06-17 08:30	--------	d-----w-	c:\users\Justin\AppData\Local\{0BEF3957-B07A-402A-94DB-EAEADE8B76D9}
2011-06-16 09:46 . 2011-06-16 09:46	--------	d-----w-	c:\users\Justin\AppData\Local\{A2A7DF3F-3095-471B-997C-297E5993AA49}
2011-06-15 21:46 . 2011-06-15 21:46	--------	d-----w-	c:\users\Justin\AppData\Local\{1C077B33-3059-4718-959D-A9F0FB4F3647}
2011-06-15 19:58 . 2011-04-27 02:57	102400	----a-w-	c:\windows\system32\drivers\dfsc.sys
2011-06-15 19:58 . 2011-04-25 05:32	1896832	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-06-15 19:58 . 2011-04-25 02:44	499712	----a-w-	c:\windows\system32\drivers\afd.sys
2011-06-15 19:58 . 2011-05-04 02:51	287744	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 19:58 . 2011-05-04 02:51	157696	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-06-15 19:58 . 2011-05-04 02:51	126464	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 19:58 . 2011-05-28 03:07	3133952	----a-w-	c:\windows\system32\win32k.sys
2011-06-15 19:57 . 2011-01-17 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-06-15 19:57 . 2011-01-17 05:38	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-06-15 19:57 . 2011-04-29 03:13	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-06-15 19:57 . 2011-04-29 03:12	399872	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-06-15 19:57 . 2011-04-29 03:12	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-06-15 19:57 . 2010-12-18 06:13	861184	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-15 19:57 . 2010-12-18 05:31	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2011-06-15 19:57 . 2011-05-03 05:21	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-15 19:57 . 2011-05-03 04:50	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-06-15 09:45 . 2011-06-15 09:46	--------	d-----w-	c:\users\Justin\AppData\Local\{DD28D64C-99FD-495C-9701-FC4FA281B470}
2011-06-14 21:45 . 2011-06-14 21:45	--------	d-----w-	c:\users\Justin\AppData\Local\{9F50A274-932B-428A-89FC-941540AECDFF}
2011-06-14 09:45 . 2011-06-14 09:45	--------	d-----w-	c:\users\Justin\AppData\Local\{52EDC7F5-E92D-4C26-8D0F-D38856C8492A}
2011-06-13 21:44 . 2011-06-13 21:45	--------	d-----w-	c:\users\Justin\AppData\Local\{F810E773-FC2D-4658-8AB0-E5CAD996447B}
2011-06-13 15:01 . 2011-06-13 15:01	--------	d-----w-	c:\program files\CrystalDiskMark
2011-06-13 14:56 . 2011-06-13 14:56	--------	d-----w-	c:\program files (x86)\HD Tune Pro
2011-06-13 09:44 . 2011-06-13 09:44	--------	d-----w-	c:\users\Justin\AppData\Local\{9B15E19D-4575-4204-B61A-6656935099F2}
2011-06-12 09:37 . 2011-06-12 09:37	--------	d-----w-	c:\users\Justin\AppData\Local\{18D9A83C-2AC4-4250-ABA5-6592202529E0}
2011-06-11 19:01 . 2011-06-11 19:01	--------	d-----w-	c:\programdata\Hewlett-Packard
2011-06-11 19:01 . 2009-07-14 01:41	230400	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2011-06-11 16:56 . 2011-06-11 16:56	--------	d-----w-	c:\users\Justin\AppData\Local\{B7CEDDBB-ECA3-49CA-890F-49C258851B20}
2011-06-09 16:06 . 2009-07-14 01:41	258048	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2011-06-09 14:40 . 2011-06-09 14:40	--------	d-----w-	c:\users\Justin\AppData\Local\{49737F2E-56A7-43A9-B94F-31167011EAEE}
2011-06-08 16:21 . 2011-06-08 16:22	--------	d-----w-	c:\users\Justin\AppData\Local\{77838E10-8757-4A04-85BE-77E46522557B}
2011-06-07 14:34 . 2011-06-07 14:34	--------	d-----w-	c:\users\Justin\AppData\Local\{E7CFA76D-2785-4D05-B71E-AF152773AE4F}
2011-06-06 14:17 . 2011-06-06 14:17	--------	d-----w-	c:\users\Justin\AppData\Local\{8B517B1C-4C64-486C-9A20-5281FDD0CE88}
2011-06-06 10:55 . 2011-06-06 10:55	183696	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-06-06 10:55 . 2011-06-06 10:55	183696	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-06-05 20:39 . 2011-06-05 20:39	--------	d-----w-	c:\users\Justin\AppData\Local\{62BD8C7B-95CF-4B49-BAE7-CE2EE89CD45E}
2011-06-05 08:39 . 2011-06-05 08:39	--------	d-----w-	c:\users\Justin\AppData\Local\{E28171D1-15C0-4AEF-91EE-F01908D8B40B}
2011-06-04 08:24 . 2011-06-04 08:25	--------	d-----w-	c:\users\Justin\AppData\Local\{F92890FF-1BAE-45D4-871A-15A4DAE9C0DB}
2011-06-03 21:45 . 2011-06-03 21:45	--------	d-----w-	c:\program files (x86)\DNA
2011-06-03 15:27 . 2011-06-03 15:28	--------	d-----w-	c:\users\Justin\AppData\Local\{D8333509-A29D-4ED3-8E12-99E312B5E1BA}
2011-06-02 21:31 . 2011-06-02 21:32	--------	d-----w-	c:\users\Justin\AppData\Local\{75922FCE-02E2-4ED0-80F0-9BFDDC191F29}
2011-06-02 21:29 . 2011-06-23 11:23	270632	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2011-06-02 21:29 . 2011-06-02 21:29	--------	d-----w-	c:\users\Justin\AppData\Local\PunkBuster
2011-06-02 21:26 . 2011-06-23 11:18	189248	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2011-06-02 19:24 . 2011-06-02 19:24	--------	d-----w-	c:\program files (x86)\Pando Networks
2011-06-02 19:24 . 2011-06-23 11:05	--------	d-----w-	c:\program files (x86)\GamersFirst
2011-06-02 09:31 . 2011-06-02 09:31	--------	d-----w-	c:\users\Justin\AppData\Local\{13102B78-EA9B-4276-B9CE-74866B568C53}
2011-06-01 18:57 . 2011-06-01 18:57	--------	d-----w-	c:\users\Justin\AppData\Roaming\Artisteer
2011-06-01 16:58 . 2011-06-01 16:58	--------	d-----w-	c:\users\Justin\AppData\Local\{6B492914-CDD5-452C-9E51-C4D644E1AB49}
2011-05-31 19:52 . 2011-05-31 19:52	--------	d-----w-	c:\users\Justin\AppData\Local\{E349716F-38C2-45CE-BF80-A6CF311A63CE}
2011-05-30 18:54 . 2011-05-30 19:52	--------	d-----w-	c:\users\Justin\.gimp-2.6
2011-05-30 18:54 . 2011-05-30 18:54	--------	d-----w-	c:\program files\GIMP-2.0
2011-05-30 17:50 . 2011-05-30 17:50	--------	d-----w-	c:\users\Justin\AppData\Local\{8CC7172A-B917-40F7-AE2A-6C99E49BD72B}
2011-05-29 20:29 . 2011-05-29 20:29	--------	d-----w-	c:\users\Justin\AppData\Local\{A00A899C-9050-45F5-8281-D9D21A2F82C9}
2011-05-29 08:29 . 2011-05-29 08:29	--------	d-----w-	c:\users\Justin\AppData\Local\{38035D52-CDD8-4DAF-82F1-B3BA68C95FB8}
2011-05-28 14:50 . 2011-05-28 14:51	--------	d-----w-	c:\users\Justin\AppData\Local\{AB44ACBB-2F7A-4F63-8315-331A3879312E}
2011-05-27 17:31 . 2011-05-27 17:34	--------	d-----w-	c:\users\Justin\AppData\Local\{E14A3A57-57B8-4B5E-8586-5C5C0D9751D7}
2011-05-26 13:03 . 2011-05-26 13:04	--------	d-----w-	c:\users\Justin\AppData\Local\{D75FD3FD-58C1-4577-ADCD-0CE98DB56DF4}
2011-05-25 18:17 . 2011-04-22 20:18	27008	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-05-25 18:14 . 2011-05-25 18:15	--------	d-----w-	c:\users\Justin\AppData\Local\{07164B29-CFFE-45F4-92D1-3603DCFBFB35}
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-19 18:00 . 2011-05-15 07:52	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-29 07:11 . 2010-11-26 10:45	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-05-07 21:57 . 2011-05-07 21:57	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-05-07 21:57 . 2011-05-07 21:57	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-07 21:57 . 2011-05-07 21:57	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-07 21:57 . 2011-05-07 21:57	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-05-07 21:57 . 2011-05-07 21:57	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-05-07 21:57 . 2011-05-07 21:57	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-05-07 21:57 . 2011-05-07 21:57	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-05-07 21:57 . 2011-05-07 21:57	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-05-07 21:57 . 2011-05-07 21:57	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-05-07 21:57 . 2011-05-07 21:57	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-05-07 21:57 . 2011-05-07 21:57	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-05-07 21:57 . 2011-05-07 21:57	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-05-07 21:57 . 2011-05-07 21:57	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-05-07 21:57 . 2011-05-07 21:57	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-05-07 21:57 . 2011-05-07 21:57	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-05-07 21:57 . 2011-05-07 21:57	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-05-07 21:57 . 2011-05-07 21:57	448512	----a-w-	c:\windows\system32\html.iec
2011-05-07 21:57 . 2011-05-07 21:57	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-05-07 21:57 . 2011-05-07 21:57	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-05-07 21:57 . 2011-05-07 21:57	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-05-07 21:57 . 2011-05-07 21:57	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-05-07 21:57 . 2011-05-07 21:57	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-05-07 21:57 . 2011-05-07 21:57	222208	----a-w-	c:\windows\system32\msls31.dll
2011-05-07 21:57 . 2011-05-07 21:57	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-05-07 21:57 . 2011-05-07 21:57	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-05-07 21:57 . 2011-05-07 21:57	160256	----a-w-	c:\windows\system32\wextract.exe
2011-05-07 21:57 . 2011-05-07 21:57	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-05-07 21:57 . 2011-05-07 21:57	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-05-07 21:57 . 2011-05-07 21:57	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-05-07 21:57 . 2011-05-07 21:57	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-05-07 21:57 . 2011-05-07 21:57	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-05-07 21:57 . 2011-05-07 21:57	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-05-07 21:57 . 2011-05-07 21:57	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-05-07 21:57 . 2011-05-07 21:57	12288	----a-w-	c:\windows\system32\mshta.exe
2011-05-07 21:57 . 2011-05-07 21:57	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-05-07 21:57 . 2011-05-07 21:57	114176	----a-w-	c:\windows\system32\admparse.dll
2011-05-07 21:57 . 2011-05-07 21:57	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-05-07 21:57 . 2011-05-07 21:57	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-04-09 16:55 . 2011-04-09 16:55	15453336	----a-w-	c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55	13642904	----a-w-	c:\windows\SysWow64\xlivefnt.dll
2011-04-09 06:58 . 2011-05-19 11:05	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-04-09 06:45 . 2011-05-11 20:18	5509504	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-11 20:18	3957632	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 20:18	3901824	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-19 11:05	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2011-03-25 21:52 . 2011-05-19 08:01	68720	----a-w-	c:\windows\system32\drivers\vmx86.sys
2011-03-25 21:52 . 2011-05-19 08:01	968816	----a-w-	c:\windows\system32\vnetlib64.dll
2011-03-25 21:52 . 2011-05-19 08:01	81008	----a-w-	c:\windows\system32\drivers\vmci.sys
2011-03-25 21:51 . 2011-05-19 08:01	334448	----a-w-	c:\windows\SysWow64\vmnetdhcp.exe
2011-03-25 21:51 . 2011-05-19 08:01	404080	----a-w-	c:\windows\SysWow64\vmnat.exe
2011-03-25 21:50 . 2011-05-19 08:00	31856	----a-w-	c:\windows\system32\drivers\VMkbd.sys
2011-03-25 21:50 . 2011-05-19 08:01	30320	----a-w-	c:\windows\system32\drivers\vmnetuserif.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-16 1242448]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico [2010-11-15 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ALSysIO;ALSysIO;c:\users\Justin\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz130;cpuz130;c:\users\Justin\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 DIRECTIO;DIRECTIO;c:\program files (x86)\PerformanceTest\DirectIo.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-10-25 16392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys [x]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 dtpd;ShrewSoft DNS Proxy Daemon;c:\program files\ShrewSoft\VPN Client\dtpd.exe [2010-10-08 56592]
R4 iked;ShrewSoft IKE Daemon;c:\program files\ShrewSoft\VPN Client\iked.exe [2010-10-08 957712]
R4 ipsecd;ShrewSoft IPSEC Daemon;c:\program files\ShrewSoft\VPN Client\ipsecd.exe [2010-10-08 697616]
R4 ShadowProtectSvc;ShadowProtect Service;c:\program files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [2010-07-15 1657376]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-01 2271608]
R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
R4 VSNAPVSS;StorageCraft Shadow Copy Provider;c:\windows\SysWOW64\vsnapvss.exe [2010-07-15 67616]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 stcvsm;StorageCraft Volume Snapshot Driver;c:\windows\system32\DRIVERS\stcvsm.sys [x]
S1 sbmount;StorageCraft Image Mount Driver; [x]
S1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 VMfilt;VMfilt;c:\windows\system32\drivers\VMfilt64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ESGIGUARD
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-07-09 408584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Justin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: windowsupdate.com
TCP: Interfaces\{B2FA24B3-6AA5-4134-B690-9474E9EE74B0}: NameServer = 172.16.10.16
TCP: Interfaces\{E94CCF6C-A2FB-4C0A-A7D6-C60261E95A92}: NameServer = 192.168.2.1
FF - ProfilePath - c:\users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\58gc5y1s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://plasmoo.com/index.htm?SearchMashine=true&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BF3FB61-2747-78C2-26D8-DC4CD658160B}*]
"iahbkgmgalimnhpgmp"=hex:6a,61,6c,61,65,63,64,66,64,69,6d,62,62,6f,65,6b,61,6a,
   6c,6c,00,ed
"habbajmnegncmejp"=hex:6a,61,6c,61,65,63,64,66,64,69,6d,62,62,6f,65,6b,61,6a,
   6c,6c,00,7b
.
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CEDD38C2-232B-99BE-57AA-C19FA123AFC6}*]
"maficcaeembonmclkhnnhgmbmn"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,6c,
   6b,69,6a,68,64,00,ed
"nalgibjbknjlmbhfchmoobdccado"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,
   6c,6b,69,6a,68,64,00,02
"ialgibjbknjlmbhfch"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,6c,6b,69,6a,
   68,64,00,00
"haficcaeembonmcl"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,6c,6b,69,6a,
   68,64,00,00
.
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\SecuROM\License information*]
"datasecu"=hex:9d,dc,b2,84,47,89,af,b4,a5,31,90,c6,14,09,0f,fc,6f,17,29,d9,0d,
   93,8a,7d,24,eb,2d,c2,d5,0c,0d,28,03,68,e2,e4,fb,be,85,c4,e9,31,d0,41,cf,8a,\
"rkeysecu"=hex:7d,49,f8,a2,ad,e2,f2,ab,f8,15,62,7e,51,d6,fe,50
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-06-23  22:46:25
ComboFix-quarantined-files.txt  2011-06-23 20:46
.
Vor Suchlauf: 12 Verzeichnis(se), 97.496.489.984 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 97.342.078.976 Bytes frei
.
- - End Of File - - 44257F9F029E132B12EF396B698F2D9A
         
Erlich gesagt hielt ich es persönlich für richtig ComboFix auszuführen trotz der anleitung. Hoffe das mir das nicht übel genommen wird :x
__________________

Alt 24.06.2011, 14:02   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:
ATTFilter
Regnull::
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BF3FB61-2747-78C2-26D8-DC4CD658160B}*]
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CEDD38C2-232B-99BE-57AA-C19FA123AFC6}*]
         
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.



6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.06.2011, 18:15   #5
Flow-De
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Moin,

wenn es dir nicht soviel umstand macht, würde ich gerne wissen was dieses script bewirken soll? Laut Combofix sollen noch Antivir Guard etc. aktiviert sein, aber dieses Programm ist schon längere zeit deinstalliert. Wohlmöglich reste in der Registry... was mich aber stört ist das Combofix sagt es wird ausgeführt. Unter den Prozessen konnte ich nichts von Antivir finden. Durch 2-3 mal ok klicken lief Combofix trotzdem.

Der Rechner hat auch nicht neugestartet. Hier das Log:

Code:
ATTFilter
ComboFix 11-06-23.01 - Justin 26.06.2011  18:54:39.2.4 - x64
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.6142.4729 [GMT 2:00]
ausgeführt von:: c:\users\Justin\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Justin\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-05-26 bis 2011-06-26  ))))))))))))))))))))))))))))))
.
.
2011-06-26 16:59 . 2011-06-26 16:59	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-06-23 21:54 . 2011-05-29 07:11	39984	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-23 21:54 . 2011-06-23 21:54	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-23 20:25 . 2011-06-23 20:25	--------	d-----w-	c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-06-23 20:24 . 2011-06-23 20:24	--------	d-----w-	c:\program files\Enigma Software Group
2011-06-23 20:23 . 2011-06-23 20:43	--------	d-----w-	c:\windows\1226A4C56F274C4EAE372B5512DE125A.TMP
2011-06-23 20:23 . 2011-06-23 20:23	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2011-06-23 20:18 . 2011-06-23 20:18	--------	d-----w-	c:\users\Justin\AppData\Local\PackageAware
2011-06-23 10:34 . 2011-06-23 10:35	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2011-06-23 10:27 . 2011-06-23 10:55	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2011-06-23 10:27 . 2011-06-23 10:55	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2011-06-23 10:19 . 2011-06-23 10:19	2106216	----a-w-	c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-06-23 10:19 . 2011-06-23 10:19	1998168	----a-w-	c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-06-22 09:10 . 2011-06-24 07:55	270632	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2011-06-22 09:10 . 2011-06-23 11:18	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2011-06-21 21:40 . 2011-06-21 21:46	--------	d-----w-	c:\users\test
2011-06-21 20:15 . 2011-06-21 20:15	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2011-06-21 20:15 . 2011-06-21 20:15	--------	d-----w-	c:\program files\Microsoft Security Client
2011-06-21 09:07 . 2011-06-21 09:07	--------	d-----w-	c:\users\Justin\AppData\Local\{AEC54154-E298-420C-A62F-65063180C5A8}
2011-06-20 16:18 . 2011-06-20 16:18	--------	d-----w-	c:\users\Justin\AppData\Local\{CF0E8247-F42B-4A51-892E-2486920F1522}
2011-06-20 15:28 . 2011-06-20 15:28	--------	d-----w-	c:\program files (x86)\TeamSpeak 3 Client
2011-06-20 10:44 . 2011-06-20 10:44	--------	d-----w-	c:\users\Justin\AppData\Local\{08FF1306-6C83-4A00-812F-64BEAF6035B0}
2011-06-20 02:35 . 2010-04-09 11:06	374664	----a-w-	c:\windows\system32\drivers\netio.sys
2011-06-20 01:17 . 2011-06-20 01:17	--------	d-----w-	C:\avktmp
2011-06-19 22:52 . 2011-06-20 02:14	--------	d-----w-	c:\programdata\nE28247HgJmF28247
2011-06-19 21:45 . 2011-06-19 21:45	--------	d-----w-	c:\users\Justin\AppData\Local\{3B49D928-1761-44FE-B5B1-819147491BC0}
2011-06-19 09:44 . 2011-06-19 09:44	--------	d-----w-	c:\users\Justin\AppData\Local\{765EC9CA-2B70-4E60-8472-93EB2F03D312}
2011-06-18 23:50 . 2011-06-18 23:50	--------	d-----w-	c:\windows\system32\EventProviders
2011-06-18 13:16 . 2011-06-18 13:17	--------	d-----w-	c:\users\Justin\AppData\Local\{9458BF69-934D-485C-9E06-69768D52B77E}
2011-06-17 08:32 . 2011-05-09 22:00	8718160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1D42E87-0FE9-444A-AECB-F5A9B8D403D9}\mpengine.dll
2011-06-17 08:30 . 2011-06-17 08:30	--------	d-----w-	c:\users\Justin\AppData\Local\{0BEF3957-B07A-402A-94DB-EAEADE8B76D9}
2011-06-16 09:46 . 2011-06-16 09:46	--------	d-----w-	c:\users\Justin\AppData\Local\{A2A7DF3F-3095-471B-997C-297E5993AA49}
2011-06-15 21:46 . 2011-06-15 21:46	--------	d-----w-	c:\users\Justin\AppData\Local\{1C077B33-3059-4718-959D-A9F0FB4F3647}
2011-06-15 19:58 . 2011-04-27 02:57	102400	----a-w-	c:\windows\system32\drivers\dfsc.sys
2011-06-15 19:58 . 2011-04-25 05:32	1896832	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-06-15 19:58 . 2011-04-25 02:44	499712	----a-w-	c:\windows\system32\drivers\afd.sys
2011-06-15 19:58 . 2011-05-04 02:51	287744	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 19:58 . 2011-05-04 02:51	157696	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-06-15 19:58 . 2011-05-04 02:51	126464	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 19:58 . 2011-05-28 03:07	3133952	----a-w-	c:\windows\system32\win32k.sys
2011-06-15 19:57 . 2011-01-17 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-06-15 19:57 . 2011-01-17 05:38	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-06-15 19:57 . 2011-04-29 03:13	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-06-15 19:57 . 2011-04-29 03:12	399872	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-06-15 19:57 . 2011-04-29 03:12	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-06-15 19:57 . 2010-12-18 06:13	861184	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-15 19:57 . 2010-12-18 05:31	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2011-06-15 19:57 . 2011-05-03 05:21	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-15 19:57 . 2011-05-03 04:50	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-06-15 09:45 . 2011-06-15 09:46	--------	d-----w-	c:\users\Justin\AppData\Local\{DD28D64C-99FD-495C-9701-FC4FA281B470}
2011-06-14 21:45 . 2011-06-14 21:45	--------	d-----w-	c:\users\Justin\AppData\Local\{9F50A274-932B-428A-89FC-941540AECDFF}
2011-06-14 09:45 . 2011-06-14 09:45	--------	d-----w-	c:\users\Justin\AppData\Local\{52EDC7F5-E92D-4C26-8D0F-D38856C8492A}
2011-06-13 21:44 . 2011-06-13 21:45	--------	d-----w-	c:\users\Justin\AppData\Local\{F810E773-FC2D-4658-8AB0-E5CAD996447B}
2011-06-13 15:01 . 2011-06-13 15:01	--------	d-----w-	c:\program files\CrystalDiskMark
2011-06-13 14:56 . 2011-06-13 14:56	--------	d-----w-	c:\program files (x86)\HD Tune Pro
2011-06-13 09:44 . 2011-06-13 09:44	--------	d-----w-	c:\users\Justin\AppData\Local\{9B15E19D-4575-4204-B61A-6656935099F2}
2011-06-12 09:37 . 2011-06-12 09:37	--------	d-----w-	c:\users\Justin\AppData\Local\{18D9A83C-2AC4-4250-ABA5-6592202529E0}
2011-06-11 19:01 . 2011-06-11 19:01	--------	d-----w-	c:\programdata\Hewlett-Packard
2011-06-11 19:01 . 2009-07-14 01:41	230400	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2011-06-11 16:56 . 2011-06-11 16:56	--------	d-----w-	c:\users\Justin\AppData\Local\{B7CEDDBB-ECA3-49CA-890F-49C258851B20}
2011-06-09 16:06 . 2009-07-14 01:41	258048	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2011-06-09 14:40 . 2011-06-09 14:40	--------	d-----w-	c:\users\Justin\AppData\Local\{49737F2E-56A7-43A9-B94F-31167011EAEE}
2011-06-08 16:21 . 2011-06-08 16:22	--------	d-----w-	c:\users\Justin\AppData\Local\{77838E10-8757-4A04-85BE-77E46522557B}
2011-06-07 14:34 . 2011-06-07 14:34	--------	d-----w-	c:\users\Justin\AppData\Local\{E7CFA76D-2785-4D05-B71E-AF152773AE4F}
2011-06-06 14:17 . 2011-06-06 14:17	--------	d-----w-	c:\users\Justin\AppData\Local\{8B517B1C-4C64-486C-9A20-5281FDD0CE88}
2011-06-06 10:55 . 2011-06-06 10:55	183696	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-06-06 10:55 . 2011-06-06 10:55	183696	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-06-05 20:39 . 2011-06-05 20:39	--------	d-----w-	c:\users\Justin\AppData\Local\{62BD8C7B-95CF-4B49-BAE7-CE2EE89CD45E}
2011-06-05 08:39 . 2011-06-05 08:39	--------	d-----w-	c:\users\Justin\AppData\Local\{E28171D1-15C0-4AEF-91EE-F01908D8B40B}
2011-06-04 08:24 . 2011-06-04 08:25	--------	d-----w-	c:\users\Justin\AppData\Local\{F92890FF-1BAE-45D4-871A-15A4DAE9C0DB}
2011-06-03 21:45 . 2011-06-03 21:45	--------	d-----w-	c:\program files (x86)\DNA
2011-06-03 15:27 . 2011-06-03 15:28	--------	d-----w-	c:\users\Justin\AppData\Local\{D8333509-A29D-4ED3-8E12-99E312B5E1BA}
2011-06-02 21:31 . 2011-06-02 21:32	--------	d-----w-	c:\users\Justin\AppData\Local\{75922FCE-02E2-4ED0-80F0-9BFDDC191F29}
2011-06-02 21:29 . 2011-06-24 07:55	270632	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2011-06-02 21:29 . 2011-06-02 21:29	--------	d-----w-	c:\users\Justin\AppData\Local\PunkBuster
2011-06-02 21:26 . 2011-06-23 11:23	270632	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2011-06-02 19:24 . 2011-06-02 19:24	--------	d-----w-	c:\program files (x86)\Pando Networks
2011-06-02 19:24 . 2011-06-23 11:05	--------	d-----w-	c:\program files (x86)\GamersFirst
2011-06-02 09:31 . 2011-06-02 09:31	--------	d-----w-	c:\users\Justin\AppData\Local\{13102B78-EA9B-4276-B9CE-74866B568C53}
2011-06-01 18:57 . 2011-06-01 18:57	--------	d-----w-	c:\users\Justin\AppData\Roaming\Artisteer
2011-06-01 16:58 . 2011-06-01 16:58	--------	d-----w-	c:\users\Justin\AppData\Local\{6B492914-CDD5-452C-9E51-C4D644E1AB49}
2011-05-31 19:52 . 2011-05-31 19:52	--------	d-----w-	c:\users\Justin\AppData\Local\{E349716F-38C2-45CE-BF80-A6CF311A63CE}
2011-05-30 18:54 . 2011-05-30 19:52	--------	d-----w-	c:\users\Justin\.gimp-2.6
2011-05-30 18:54 . 2011-05-30 18:54	--------	d-----w-	c:\program files\GIMP-2.0
2011-05-30 17:50 . 2011-05-30 17:50	--------	d-----w-	c:\users\Justin\AppData\Local\{8CC7172A-B917-40F7-AE2A-6C99E49BD72B}
2011-05-29 20:29 . 2011-05-29 20:29	--------	d-----w-	c:\users\Justin\AppData\Local\{A00A899C-9050-45F5-8281-D9D21A2F82C9}
2011-05-29 08:29 . 2011-05-29 08:29	--------	d-----w-	c:\users\Justin\AppData\Local\{38035D52-CDD8-4DAF-82F1-B3BA68C95FB8}
2011-05-28 14:50 . 2011-05-28 14:51	--------	d-----w-	c:\users\Justin\AppData\Local\{AB44ACBB-2F7A-4F63-8315-331A3879312E}
2011-05-27 17:31 . 2011-05-27 17:34	--------	d-----w-	c:\users\Justin\AppData\Local\{E14A3A57-57B8-4B5E-8586-5C5C0D9751D7}
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-19 18:00 . 2011-05-15 07:52	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-29 07:11 . 2010-11-26 10:45	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-05-07 21:57 . 2011-05-07 21:57	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-05-07 21:57 . 2011-05-07 21:57	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-07 21:57 . 2011-05-07 21:57	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-07 21:57 . 2011-05-07 21:57	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-05-07 21:57 . 2011-05-07 21:57	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-05-07 21:57 . 2011-05-07 21:57	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-05-07 21:57 . 2011-05-07 21:57	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-05-07 21:57 . 2011-05-07 21:57	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-05-07 21:57 . 2011-05-07 21:57	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-05-07 21:57 . 2011-05-07 21:57	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-05-07 21:57 . 2011-05-07 21:57	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-05-07 21:57 . 2011-05-07 21:57	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-05-07 21:57 . 2011-05-07 21:57	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-05-07 21:57 . 2011-05-07 21:57	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-05-07 21:57 . 2011-05-07 21:57	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-05-07 21:57 . 2011-05-07 21:57	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-05-07 21:57 . 2011-05-07 21:57	448512	----a-w-	c:\windows\system32\html.iec
2011-05-07 21:57 . 2011-05-07 21:57	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-05-07 21:57 . 2011-05-07 21:57	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-05-07 21:57 . 2011-05-07 21:57	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-05-07 21:57 . 2011-05-07 21:57	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-05-07 21:57 . 2011-05-07 21:57	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-05-07 21:57 . 2011-05-07 21:57	222208	----a-w-	c:\windows\system32\msls31.dll
2011-05-07 21:57 . 2011-05-07 21:57	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-05-07 21:57 . 2011-05-07 21:57	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-05-07 21:57 . 2011-05-07 21:57	160256	----a-w-	c:\windows\system32\wextract.exe
2011-05-07 21:57 . 2011-05-07 21:57	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-05-07 21:57 . 2011-05-07 21:57	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-05-07 21:57 . 2011-05-07 21:57	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-05-07 21:57 . 2011-05-07 21:57	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-05-07 21:57 . 2011-05-07 21:57	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-05-07 21:57 . 2011-05-07 21:57	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-05-07 21:57 . 2011-05-07 21:57	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-05-07 21:57 . 2011-05-07 21:57	12288	----a-w-	c:\windows\system32\mshta.exe
2011-05-07 21:57 . 2011-05-07 21:57	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-05-07 21:57 . 2011-05-07 21:57	114176	----a-w-	c:\windows\system32\admparse.dll
2011-05-07 21:57 . 2011-05-07 21:57	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-05-07 21:57 . 2011-05-07 21:57	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-04-22 20:18 . 2011-05-25 18:17	27008	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-04-09 16:55 . 2011-04-09 16:55	15453336	----a-w-	c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55	13642904	----a-w-	c:\windows\SysWow64\xlivefnt.dll
2011-04-09 06:58 . 2011-05-19 11:05	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-04-09 06:45 . 2011-05-11 20:18	5509504	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-11 20:18	3957632	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 20:18	3901824	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-19 11:05	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-06-23_20.45.04   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-08 15:16 . 2011-06-26 16:46	79742              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-26 16:46	45176              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-08 15:16 . 2011-06-26 16:46	20214              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-911968414-3850360206-3924130046-1000_UserData.bin
+ 2010-11-08 14:26 . 2011-06-23 20:58	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-08 14:26 . 2011-06-23 10:32	16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-08 14:26 . 2011-06-23 20:58	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-11-08 14:26 . 2011-06-23 10:32	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-23 10:32	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-23 20:58	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-06-23 14:03 . 2011-06-23 14:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-26 16:41 . 2011-06-26 16:41	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-26 16:41 . 2011-06-26 16:41	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-23 14:03 . 2011-06-23 14:03	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-06-23 12:13	414768              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-06-24 12:34	414768              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-05-18 21:24 . 2011-06-23 20:51	1921440              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-4096.dat
- 2011-05-18 21:24 . 2011-05-25 22:06	1921440              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-4096.dat
+ 2010-12-12 14:45 . 2011-06-24 12:34	1270420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-12288.dat
- 2010-12-12 14:45 . 2011-06-23 12:13	1270420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-12288.dat
+ 2010-11-09 22:23 . 2011-06-24 12:34	13418396              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-911968414-3850360206-3924130046-1000-8192.dat
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-16 1242448]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico [2010-11-15 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ALSysIO;ALSysIO;c:\users\Justin\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz130;cpuz130;c:\users\Justin\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 DIRECTIO;DIRECTIO;c:\program files (x86)\PerformanceTest\DirectIo.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-10-25 16392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys [x]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 dtpd;ShrewSoft DNS Proxy Daemon;c:\program files\ShrewSoft\VPN Client\dtpd.exe [2010-10-08 56592]
R4 iked;ShrewSoft IKE Daemon;c:\program files\ShrewSoft\VPN Client\iked.exe [2010-10-08 957712]
R4 ipsecd;ShrewSoft IPSEC Daemon;c:\program files\ShrewSoft\VPN Client\ipsecd.exe [2010-10-08 697616]
R4 ShadowProtectSvc;ShadowProtect Service;c:\program files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [2010-07-15 1657376]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-01 2271608]
R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
R4 VSNAPVSS;StorageCraft Shadow Copy Provider;c:\windows\SysWOW64\vsnapvss.exe [2010-07-15 67616]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 stcvsm;StorageCraft Volume Snapshot Driver;c:\windows\system32\DRIVERS\stcvsm.sys [x]
S1 sbmount;StorageCraft Image Mount Driver; [x]
S1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 VMfilt;VMfilt;c:\windows\system32\drivers\VMfilt64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-07-09 408584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Justin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: windowsupdate.com
TCP: Interfaces\{B2FA24B3-6AA5-4134-B690-9474E9EE74B0}: NameServer = 172.16.10.16
TCP: Interfaces\{E94CCF6C-A2FB-4C0A-A7D6-C60261E95A92}: NameServer = 192.168.2.1
FF - ProfilePath - c:\users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\58gc5y1s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://plasmoo.com/index.htm?SearchMashine=true&q=
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BF3FB61-2747-78C2-26D8-DC4CD658160B}*]
"iahbkgmgalimnhpgmp"=hex:6a,61,6c,61,65,63,64,66,64,69,6d,62,62,6f,65,6b,61,6a,
   6c,6c,00,ed
"habbajmnegncmejp"=hex:6a,61,6c,61,65,63,64,66,64,69,6d,62,62,6f,65,6b,61,6a,
   6c,6c,00,7b
.
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{CEDD38C2-232B-99BE-57AA-C19FA123AFC6}*]
"maficcaeembonmclkhnnhgmbmn"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,6c,
   6b,69,6a,68,64,00,ed
"nalgibjbknjlmbhfchmoobdccado"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,
   6c,6b,69,6a,68,64,00,02
"ialgibjbknjlmbhfch"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,6c,6b,69,6a,
   68,64,00,00
"haficcaeembonmcl"=hex:6a,61,68,67,6b,64,62,6f,63,69,70,67,70,6c,6c,6b,69,6a,
   68,64,00,00
.
[HKEY_USERS\S-1-5-21-911968414-3850360206-3924130046-1000\Software\SecuROM\License information*]
"datasecu"=hex:9d,dc,b2,84,47,89,af,b4,a5,31,90,c6,14,09,0f,fc,6f,17,29,d9,0d,
   93,8a,7d,24,eb,2d,c2,d5,0c,0d,28,03,68,e2,e4,fb,be,85,c4,e9,31,d0,41,cf,8a,\
"rkeysecu"=hex:7d,49,f8,a2,ad,e2,f2,ab,f8,15,62,7e,51,d6,fe,50
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-06-26  19:00:55
ComboFix-quarantined-files.txt  2011-06-26 17:00
ComboFix2.txt  2011-06-23 20:46
.
Vor Suchlauf: 15 Verzeichnis(se), 96.710.262.784 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 96.601.128.960 Bytes frei
.
- - End Of File - - 7F22F70917E693955B03875F37D84B0E
         


Alt 27.06.2011, 09:49   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Zitat:
wenn es dir nicht soviel umstand macht, würde ich gerne wissen was dieses script bewirken soll?
Es wurden Registryeinträge damit gelöscht, die die sog. NULL-Zeichen enthalten. Ich hab die vorsorglich mal löschen lassen.

Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
--> Updateprobleme jeweder Software(Nach Internet Security 2011 befall)

Alt 27.06.2011, 09:59   #7
Flow-De
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Code:
ATTFilter
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows 7 Professional
Windows Information:		 (build 7600), 64-bit
Base Board Manufacturer:	ASUSTeK Computer INC.
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		System manufacturer
System Product Name:		System Product Name
Logical Drives Mask:		0x000000bc

Kernel Drivers (total 200):
  0x02E5B000 \SystemRoot\system32\ntoskrnl.exe
  0x02E12000 \SystemRoot\system32\hal.dll
  0x00BD2000 \SystemRoot\system32\kdcom.dll
  0x00CE6000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
  0x00CF3000 \SystemRoot\system32\PSHED.dll
  0x00D07000 \SystemRoot\system32\CLFS.SYS
  0x00C00000 \SystemRoot\system32\CI.dll
  0x00E44000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00EE8000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x0106C000 \SystemRoot\System32\Drivers\splp.sys
  0x011A0000 \SystemRoot\System32\Drivers\WMILIB.SYS
  0x011A9000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
  0x01000000 \SystemRoot\system32\DRIVERS\ACPI.sys
  0x01057000 \SystemRoot\system32\DRIVERS\msisadrv.sys
  0x011D8000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
  0x00EF7000 \SystemRoot\system32\DRIVERS\pci.sys
  0x011E5000 \SystemRoot\System32\drivers\partmgr.sys
  0x00F2A000 \SystemRoot\system32\DRIVERS\volmgr.sys
  0x00F3F000 \SystemRoot\System32\drivers\volmgrx.sys
  0x01061000 \SystemRoot\system32\DRIVERS\pciide.sys
  0x00F9B000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
  0x00FAB000 \SystemRoot\System32\drivers\mountmgr.sys
  0x00FC5000 \SystemRoot\system32\DRIVERS\atapi.sys
  0x00FCE000 \SystemRoot\system32\DRIVERS\ataport.SYS
  0x00E00000 \SystemRoot\system32\drivers\amdxata.sys
  0x00D65000 \SystemRoot\system32\drivers\fltmgr.sys
  0x00E0B000 \SystemRoot\system32\drivers\fileinfo.sys
  0x00DB1000 \SystemRoot\system32\DRIVERS\stcvsm.sys
  0x01242000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x01463000 \SystemRoot\System32\Drivers\msrpc.sys
  0x014C1000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x014DB000 \SystemRoot\System32\Drivers\cng.sys
  0x0154E000 \SystemRoot\System32\drivers\pcw.sys
  0x0155F000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x016DC000 \SystemRoot\system32\drivers\ndis.sys
  0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
  0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01800000 \SystemRoot\System32\drivers\tcpip.sys
  0x0168B000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x017CE000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
  0x01569000 \SystemRoot\system32\DRIVERS\volsnap.sys
  0x017DE000 \SystemRoot\System32\Drivers\spldr.sys
  0x015B5000 \SystemRoot\System32\drivers\rdyboost.sys
  0x017E6000 \SystemRoot\System32\Drivers\mup.sys
  0x015EF000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x01400000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x0143A000 \SystemRoot\system32\DRIVERS\disk.sys
  0x01200000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
  0x02CB8000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x02CE2000 \SystemRoot\system32\DRIVERS\MpFilter.sys
  0x02D13000 \SystemRoot\System32\Drivers\Null.SYS
  0x02D1C000 \SystemRoot\System32\Drivers\Beep.SYS
  0x02D23000 \SystemRoot\System32\drivers\vga.sys
  0x02D31000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x02D56000 \SystemRoot\System32\drivers\watchdog.sys
  0x02D66000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x02D6F000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x02D78000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x02D81000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x02D8C000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x02D9D000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x02DBB000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x02C00000 \SystemRoot\system32\drivers\afd.sys
  0x03E23000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x03E68000 \SystemRoot\system32\drivers\ws2ifsl.sys
  0x03E73000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x03E7C000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x03EA2000 \SystemRoot\system32\DRIVERS\vfilter.sys
  0x03EAC000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x03EBB000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x03ED6000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x03EEA000 \SystemRoot\System32\Drivers\sbmount.SYS
  0x03F0A000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x03F5B000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x03F67000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x03F72000 \SystemRoot\System32\drivers\discache.sys
  0x04010000 \SystemRoot\system32\drivers\csc.sys
  0x04093000 \SystemRoot\System32\Drivers\dfsc.sys
  0x040B1000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x040C2000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x040E8000 \SystemRoot\system32\DRIVERS\amdppm.sys
  0x040FD000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x0482A000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x042E8000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x04200000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x04246000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x0426A000 \SystemRoot\system32\DRIVERS\1394ohci.sys
  0x04148000 \SystemRoot\system32\DRIVERS\yk62x64.sys
  0x042A8000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
  0x042D8000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x042DA000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x043DC000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x03F81000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x043E7000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x043F8000 \SystemRoot\system32\DRIVERS\ASACPI.sys
  0x041AD000 \SystemRoot\System32\Drivers\atthorsy.SYS
  0x04800000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
  0x04809000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
  0x03FD7000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x02C89000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x04819000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x02DC8000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x03E00000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x00E1F000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x00CC0000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x041F0000 \SystemRoot\system32\DRIVERS\rdpbus.sys
  0x04000000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x03FED000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x04825000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x0508D000 \SystemRoot\system32\DRIVERS\ks.sys
  0x050D0000 \SystemRoot\system32\drivers\LGBusEnum.sys
  0x050D4000 \SystemRoot\system32\DRIVERS\MarvinBus64.sys
  0x05118000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x0512A000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
  0x05142000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x0519C000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x051B1000 \SystemRoot\system32\drivers\AtihdW76.sys
  0x05000000 \SystemRoot\system32\drivers\portcls.sys
  0x0503D000 \SystemRoot\system32\drivers\drmk.sys
  0x0505F000 \SystemRoot\system32\drivers\ksthunk.sys
  0x05E35000 \SystemRoot\system32\drivers\viahduaa.sys
  0x05FE6000 \SystemRoot\system32\drivers\VMfilt64.sys
  0x05E00000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x05E0E000 \SystemRoot\System32\Drivers\dump_dumpata.sys
  0x05E1A000 \SystemRoot\System32\Drivers\dump_atapi.sys
  0x05065000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x051D1000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x013E4000 \SystemRoot\system32\drivers\usbaudio.sys
  0x000A0000 \SystemRoot\System32\win32k.sys
  0x05E23000 \SystemRoot\System32\drivers\Dxapi.sys
  0x051EE000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x06072000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x0608B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x06094000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x060A1000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0x060AF000 \??\C:\Windows\system32\drivers\VMkbd.sys
  0x060BA000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x004E0000 \SystemRoot\System32\TSDDD.dll
  0x00770000 \SystemRoot\System32\cdd.dll
  0x060C8000 \SystemRoot\system32\drivers\luafv.sys
  0x060EB000 \SystemRoot\system32\drivers\WudfPf.sys
  0x0610C000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x0613D000 \SystemRoot\system32\DRIVERS\vmnetbridge.sys
  0x0614D000 \SystemRoot\system32\DRIVERS\VMNET.SYS
  0x06157000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x0616C000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x074F6000 \SystemRoot\system32\drivers\HTTP.sys
  0x075BE000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x075DC000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x07400000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x0742D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x0747B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x0749E000 \??\C:\Windows\system32\drivers\hcmon.sys
  0x074AA000 \??\C:\Windows\system32\drivers\vmci.sys
  0x0783C000 \??\C:\Windows\system32\drivers\vmx86.sys
  0x07912000 \??\C:\Windows\system32\drivers\cpuz134_x64.sys
  0x0791B000 \SystemRoot\system32\drivers\npf.sys
  0x07928000 \SystemRoot\system32\drivers\peauth.sys
  0x079CE000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x07800000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x079D9000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x079EB000 \??\C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
  0x079F4000 \??\C:\Windows\system32\drivers\vmnetuserif.sys
  0x0782D000 \??\C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
  0x06184000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x07CD5000 \SystemRoot\System32\DRIVERS\srv.sys
  0x07DDB000 \SystemRoot\system32\DRIVERS\asyncmac.sys
  0x775F0000 \Windows\System32\ntdll.dll
  0x48000000 \Windows\System32\smss.exe
  0xFF910000 \Windows\System32\apisetschema.dll
  0xFFE60000 \Windows\System32\autochk.exe
  0x774A0000 \Windows\System32\urlmon.dll
  0xFF880000 \Windows\System32\shlwapi.dll
  0x777C0000 \Windows\System32\psapi.dll
  0xFF810000 \Windows\System32\gdi32.dll
  0x77380000 \Windows\System32\kernel32.dll
  0xFF740000 \Windows\System32\usp10.dll
  0xFF710000 \Windows\System32\imm32.dll
  0xFE980000 \Windows\System32\shell32.dll
  0xFE8E0000 \Windows\System32\clbcatq.dll
  0xFE6D0000 \Windows\System32\ole32.dll
  0xFE4F0000 \Windows\System32\setupapi.dll
  0xFE4D0000 \Windows\System32\imagehlp.dll
  0xFE430000 \Windows\System32\msvcrt.dll
  0xFE320000 \Windows\System32\msctf.dll
  0x77280000 \Windows\System32\user32.dll
  0xFE240000 \Windows\System32\advapi32.dll
  0xFE1C0000 \Windows\System32\difxapi.dll
  0xFE120000 \Windows\System32\comdlg32.dll
  0x777B0000 \Windows\System32\normaliz.dll
  0xFDFF0000 \Windows\System32\rpcrt4.dll
  0xFDFA0000 \Windows\System32\Wldap32.dll
  0x77120000 \Windows\System32\wininet.dll
  0xFDEC0000 \Windows\System32\oleaut32.dll
  0x76F10000 \Windows\System32\iertutil.dll
  0xFDEA0000 \Windows\System32\sechost.dll
  0xFDE50000 \Windows\System32\ws2_32.dll
  0xFDE40000 \Windows\System32\lpk.dll
  0xFDE30000 \Windows\System32\nsi.dll
  0xFDE10000 \Windows\System32\devobj.dll

Processes (total 64):
       0 System Idle Process
       4 System
     380 C:\Windows\System32\smss.exe
     504 csrss.exe
     572 C:\Windows\System32\wininit.exe
     596 csrss.exe
     632 C:\Windows\System32\services.exe
     648 C:\Windows\System32\lsass.exe
     656 C:\Windows\System32\lsm.exe
     720 C:\Windows\System32\winlogon.exe
     804 C:\Windows\System32\svchost.exe
     884 C:\Windows\System32\svchost.exe
     956 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
     124 C:\Windows\System32\atiesrxx.exe
     428 C:\Windows\System32\svchost.exe
     760 C:\Windows\System32\svchost.exe
     996 C:\Windows\System32\svchost.exe
         

ok danke für die Informationen Ein bisschen kenne ich michaus mit Rechnern/Software/Viren.

Alt 27.06.2011, 10:30   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Log ist unvollständig...
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.06.2011, 11:21   #9
Flow-De
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Code:
ATTFilter
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows 7 Professional
Windows Information:		 (build 7600), 64-bit
Base Board Manufacturer:	ASUSTeK Computer INC.
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		System manufacturer
System Product Name:		System Product Name
Logical Drives Mask:		0x000000bc

Kernel Drivers (total 200):
  0x02E5B000 \SystemRoot\system32\ntoskrnl.exe
  0x02E12000 \SystemRoot\system32\hal.dll
  0x00BD2000 \SystemRoot\system32\kdcom.dll
  0x00CE6000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
  0x00CF3000 \SystemRoot\system32\PSHED.dll
  0x00D07000 \SystemRoot\system32\CLFS.SYS
  0x00C00000 \SystemRoot\system32\CI.dll
  0x00E44000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00EE8000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x0106C000 \SystemRoot\System32\Drivers\splp.sys
  0x011A0000 \SystemRoot\System32\Drivers\WMILIB.SYS
  0x011A9000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
  0x01000000 \SystemRoot\system32\DRIVERS\ACPI.sys
  0x01057000 \SystemRoot\system32\DRIVERS\msisadrv.sys
  0x011D8000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
  0x00EF7000 \SystemRoot\system32\DRIVERS\pci.sys
  0x011E5000 \SystemRoot\System32\drivers\partmgr.sys
  0x00F2A000 \SystemRoot\system32\DRIVERS\volmgr.sys
  0x00F3F000 \SystemRoot\System32\drivers\volmgrx.sys
  0x01061000 \SystemRoot\system32\DRIVERS\pciide.sys
  0x00F9B000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
  0x00FAB000 \SystemRoot\System32\drivers\mountmgr.sys
  0x00FC5000 \SystemRoot\system32\DRIVERS\atapi.sys
  0x00FCE000 \SystemRoot\system32\DRIVERS\ataport.SYS
  0x00E00000 \SystemRoot\system32\drivers\amdxata.sys
  0x00D65000 \SystemRoot\system32\drivers\fltmgr.sys
  0x00E0B000 \SystemRoot\system32\drivers\fileinfo.sys
  0x00DB1000 \SystemRoot\system32\DRIVERS\stcvsm.sys
  0x01242000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x01463000 \SystemRoot\System32\Drivers\msrpc.sys
  0x014C1000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x014DB000 \SystemRoot\System32\Drivers\cng.sys
  0x0154E000 \SystemRoot\System32\drivers\pcw.sys
  0x0155F000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x016DC000 \SystemRoot\system32\drivers\ndis.sys
  0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
  0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01800000 \SystemRoot\System32\drivers\tcpip.sys
  0x0168B000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x017CE000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
  0x01569000 \SystemRoot\system32\DRIVERS\volsnap.sys
  0x017DE000 \SystemRoot\System32\Drivers\spldr.sys
  0x015B5000 \SystemRoot\System32\drivers\rdyboost.sys
  0x017E6000 \SystemRoot\System32\Drivers\mup.sys
  0x015EF000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x01400000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x0143A000 \SystemRoot\system32\DRIVERS\disk.sys
  0x01200000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
  0x02CB8000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x02CE2000 \SystemRoot\system32\DRIVERS\MpFilter.sys
  0x02D13000 \SystemRoot\System32\Drivers\Null.SYS
  0x02D1C000 \SystemRoot\System32\Drivers\Beep.SYS
  0x02D23000 \SystemRoot\System32\drivers\vga.sys
  0x02D31000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x02D56000 \SystemRoot\System32\drivers\watchdog.sys
  0x02D66000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x02D6F000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x02D78000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x02D81000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x02D8C000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x02D9D000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x02DBB000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x02C00000 \SystemRoot\system32\drivers\afd.sys
  0x03E23000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x03E68000 \SystemRoot\system32\drivers\ws2ifsl.sys
  0x03E73000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x03E7C000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x03EA2000 \SystemRoot\system32\DRIVERS\vfilter.sys
  0x03EAC000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x03EBB000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x03ED6000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x03EEA000 \SystemRoot\System32\Drivers\sbmount.SYS
  0x03F0A000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x03F5B000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x03F67000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x03F72000 \SystemRoot\System32\drivers\discache.sys
  0x04010000 \SystemRoot\system32\drivers\csc.sys
  0x04093000 \SystemRoot\System32\Drivers\dfsc.sys
  0x040B1000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x040C2000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x040E8000 \SystemRoot\system32\DRIVERS\amdppm.sys
  0x040FD000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x0482A000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x042E8000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x04200000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x04246000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x0426A000 \SystemRoot\system32\DRIVERS\1394ohci.sys
  0x04148000 \SystemRoot\system32\DRIVERS\yk62x64.sys
  0x042A8000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
  0x042D8000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x042DA000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x043DC000 \SystemRoot\system32\DRIVERS\usbohci.sys
  0x03F81000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x043E7000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x043F8000 \SystemRoot\system32\DRIVERS\ASACPI.sys
  0x041AD000 \SystemRoot\System32\Drivers\atthorsy.SYS
  0x04800000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
  0x04809000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
  0x03FD7000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x02C89000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x04819000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x02DC8000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x03E00000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x00E1F000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x00CC0000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x041F0000 \SystemRoot\system32\DRIVERS\rdpbus.sys
  0x04000000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x03FED000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x04825000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x0508D000 \SystemRoot\system32\DRIVERS\ks.sys
  0x050D0000 \SystemRoot\system32\drivers\LGBusEnum.sys
  0x050D4000 \SystemRoot\system32\DRIVERS\MarvinBus64.sys
  0x05118000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x0512A000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
  0x05142000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x0519C000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x051B1000 \SystemRoot\system32\drivers\AtihdW76.sys
  0x05000000 \SystemRoot\system32\drivers\portcls.sys
  0x0503D000 \SystemRoot\system32\drivers\drmk.sys
  0x0505F000 \SystemRoot\system32\drivers\ksthunk.sys
  0x05E35000 \SystemRoot\system32\drivers\viahduaa.sys
  0x05FE6000 \SystemRoot\system32\drivers\VMfilt64.sys
  0x05E00000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x05E0E000 \SystemRoot\System32\Drivers\dump_dumpata.sys
  0x05E1A000 \SystemRoot\System32\Drivers\dump_atapi.sys
  0x05065000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x051D1000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0x013E4000 \SystemRoot\system32\drivers\usbaudio.sys
  0x000A0000 \SystemRoot\System32\win32k.sys
  0x05E23000 \SystemRoot\System32\drivers\Dxapi.sys
  0x051EE000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x06072000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x0608B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x06094000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x060A1000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0x060AF000 \??\C:\Windows\system32\drivers\VMkbd.sys
  0x060BA000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x004E0000 \SystemRoot\System32\TSDDD.dll
  0x00770000 \SystemRoot\System32\cdd.dll
  0x060C8000 \SystemRoot\system32\drivers\luafv.sys
  0x060EB000 \SystemRoot\system32\drivers\WudfPf.sys
  0x0610C000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x0613D000 \SystemRoot\system32\DRIVERS\vmnetbridge.sys
  0x0614D000 \SystemRoot\system32\DRIVERS\VMNET.SYS
  0x06157000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x0616C000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x074F6000 \SystemRoot\system32\drivers\HTTP.sys
  0x075BE000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x075DC000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x07400000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x0742D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x0747B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x0749E000 \??\C:\Windows\system32\drivers\hcmon.sys
  0x074AA000 \??\C:\Windows\system32\drivers\vmci.sys
  0x0783C000 \??\C:\Windows\system32\drivers\vmx86.sys
  0x07912000 \??\C:\Windows\system32\drivers\cpuz134_x64.sys
  0x0791B000 \SystemRoot\system32\drivers\npf.sys
  0x07928000 \SystemRoot\system32\drivers\peauth.sys
  0x079CE000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x07800000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x079D9000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x079EB000 \??\C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
  0x079F4000 \??\C:\Windows\system32\drivers\vmnetuserif.sys
  0x0782D000 \??\C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
  0x06184000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x07CD5000 \SystemRoot\System32\DRIVERS\srv.sys
  0x07DDB000 \SystemRoot\system32\DRIVERS\asyncmac.sys
  0x775F0000 \Windows\System32\ntdll.dll
  0x48000000 \Windows\System32\smss.exe
  0xFF910000 \Windows\System32\apisetschema.dll
  0xFFE60000 \Windows\System32\autochk.exe
  0x774A0000 \Windows\System32\urlmon.dll
  0xFF880000 \Windows\System32\shlwapi.dll
  0x777C0000 \Windows\System32\psapi.dll
  0xFF810000 \Windows\System32\gdi32.dll
  0x77380000 \Windows\System32\kernel32.dll
  0xFF740000 \Windows\System32\usp10.dll
  0xFF710000 \Windows\System32\imm32.dll
  0xFE980000 \Windows\System32\shell32.dll
  0xFE8E0000 \Windows\System32\clbcatq.dll
  0xFE6D0000 \Windows\System32\ole32.dll
  0xFE4F0000 \Windows\System32\setupapi.dll
  0xFE4D0000 \Windows\System32\imagehlp.dll
  0xFE430000 \Windows\System32\msvcrt.dll
  0xFE320000 \Windows\System32\msctf.dll
  0x77280000 \Windows\System32\user32.dll
  0xFE240000 \Windows\System32\advapi32.dll
  0xFE1C0000 \Windows\System32\difxapi.dll
  0xFE120000 \Windows\System32\comdlg32.dll
  0x777B0000 \Windows\System32\normaliz.dll
  0xFDFF0000 \Windows\System32\rpcrt4.dll
  0xFDFA0000 \Windows\System32\Wldap32.dll
  0x77120000 \Windows\System32\wininet.dll
  0xFDEC0000 \Windows\System32\oleaut32.dll
  0x76F10000 \Windows\System32\iertutil.dll
  0xFDEA0000 \Windows\System32\sechost.dll
  0xFDE50000 \Windows\System32\ws2_32.dll
  0xFDE40000 \Windows\System32\lpk.dll
  0xFDE30000 \Windows\System32\nsi.dll
  0xFDE10000 \Windows\System32\devobj.dll

Processes (total 63):
       0 System Idle Process
       4 System
     380 C:\Windows\System32\smss.exe
     504 csrss.exe
     572 C:\Windows\System32\wininit.exe
     596 csrss.exe
     632 C:\Windows\System32\services.exe
     648 C:\Windows\System32\lsass.exe
     656 C:\Windows\System32\lsm.exe
     720 C:\Windows\System32\winlogon.exe
     804 C:\Windows\System32\svchost.exe
     884 C:\Windows\System32\svchost.exe
     956 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
     124 C:\Windows\System32\atiesrxx.exe
     428 C:\Windows\System32\svchost.exe
     760 C:\Windows\System32\svchost.exe
     996 C:\Windows\System32\svchost.exe
    1096 C:\Windows\System32\audiodg.exe
    1188 C:\Windows\System32\svchost.exe
    1364 WUDFHost.exe
    1516 C:\Windows\System32\atieclxx.exe
    1564 WUDFHost.exe
    1632 C:\Windows\System32\svchost.exe
    1740 C:\Windows\System32\spoolsv.exe
    1768 C:\Windows\System32\svchost.exe
    1876 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    1920 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    2028 C:\Windows\SysWOW64\PnkBstrA.exe
    1088 C:\Windows\System32\svchost.exe
    1340 C:\Windows\SysWOW64\vmnat.exe
    1500 C:\Windows\SysWOW64\vmnetdhcp.exe
    1288 C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
    2628 C:\Windows\System32\dwm.exe
    2684 C:\Windows\explorer.exe
    2864 C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    2904 C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
    2944 C:\Program Files\Microsoft Security Client\msseces.exe
    2952 C:\Program Files (x86)\Steam\Steam.exe
    2960 C:\Program Files (x86)\RocketDock\RocketDock.exe
    2968 C:\Program Files\Windows Sidebar\sidebar.exe
    1440 C:\Program Files\UltraMon\UltraMon.exe
    2748 C:\Program Files\UltraMon\UltraMonTaskbar.exe
    1708 C:\Windows\System32\svchost.exe
    3032 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    1020 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    3216 C:\Windows\System32\SearchIndexer.exe
    3252 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    3432 C:\Program Files\Windows Media Player\wmpnetwk.exe
    3684 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    4036 C:\Windows\System32\svchost.exe
    2936 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    2068 C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
    2524 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    1960 C:\Program Files (x86)\AIMP2\AIMP2.exe
    4116 C:\Program Files\UltraMon\UltraMonUiAcc.exe
    4148 C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
    3592 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    4844 C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE
    2360 C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
     700 C:\Users\Justin\Desktop\MBRCheck.exe
    3848 C:\Windows\System32\conhost.exe
    5100 C:\Windows\System32\dllhost.exe
    4404 <unknown>

\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000  (NTFS)
\\.\D: --> \\.\PhysicalDrive2 at offset 0x00000000`00100000  (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000  (NTFS)

PhysicalDrive1 Model Number: WDCWD3200AAJS-00RYA0, Rev: 12.01B01
PhysicalDrive2 Model Number: SAMSUNGHD154UI, Rev: 1AG01118
PhysicalDrive0 Model Number: SAMSUNGHD501LJ, Rev: CR100-13

      Size  Device Name          MBR Status
  --------------------------------------------
    298 GB  \\.\PhysicalDrive1   Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
   1397 GB  \\.\PhysicalDrive2   Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
    465 GB  \\.\PhysicalDrive0   Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!
         
Soory :/

Alt 27.06.2011, 12:02   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.06.2011, 14:48   #11
Flow-De
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5191

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

26.11.2010 12:16:18
mbam-log-2010-11-26 (12-16-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Durchsuchte Objekte: 264822
Laufzeit: 29 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
D:\Musik, Filme, Programme\Programme\Autodata_3_24_DVD\autodata_and_info\adatadrv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
         
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 06/27/2011 at 02:01 PM

Application Version : 4.54.1000

Core Rules Database Version : 7329
Trace Rules Database Version: 5141

Scan type       : Complete Scan
Total Scan Time : 00:45:31

Memory items scanned      : 799
Memory threats detected   : 0
Registry items scanned    : 14484
Registry threats detected : 0
File items scanned        : 40650
File threats detected     : 77

Adware.Tracking Cookie
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@at.atwola[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@bs.serving-sys[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@vdwp.solution.weborama[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@atdmt[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@advertising[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@ad.ad-srv[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@traffictrack[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@atwola[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@weborama[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@ad.yieldmanager[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@2o7[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@revsci[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@zanox[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@ad3.adfarm1.adition[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@atdmt.combing[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@de.sitestat[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@adxpose[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@www.active-tracking[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@invitemedia[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@ad.adserver01[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@zanox-affiliate[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@serving-sys[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@adtech[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@adfarm1.adition[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@content.yieldmanager[3].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@ad.zanox[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@www.zanox-affiliate[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@tacoda.at.atwola[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@questionmarket[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@de.sitestat[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@ad2.adfarm1.adition[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@content.yieldmanager[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@yieldmanager[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@adserver.adtechus[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@xiti[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@imrworldwide[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@ad4.adfarm1.adition[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@doubleclick[1].txt
	akamai.smartadserver.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	countdownpage.createyourcountdown.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	counter.cam-content.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	ia.media-imdb.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	imagesrv.adition.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	imgs.adverticum.net [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	media.mtvnservices.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	media1.break.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	objects.tremormedia.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	s0.2mdn.net [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	secure-us.imrworldwide.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	www.adservercentral.info [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	www.deinsexdate.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	www.pornme.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	www.sexkiste.com [ C:\Users\Justin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\XBCUALQP ]
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@atdmt[3].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@atdmt[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\justin@serving-sys[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@ad.zanox[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@serving-sys[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@tradedoubler[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@adx.chip[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@ad.ad-srv[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@ad.yieldmanager[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@zanox[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@smartadserver[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@statcounter[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@doubleclick[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@2o7[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@content.yieldmanager[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@tracking.mindshare[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@weborama[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@liveperson[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@zedo[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@atdmt[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@msnportal.112.2o7[1].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@liveperson[3].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@bs.serving-sys[2].txt
	C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies\Low\justin@server.lon.liveperson[1].txt
         

Alt 27.06.2011, 14:55   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Zitat:
Malwarebytes' Anti-Malware 1.46
Datenbank Version: 5191
Was für eine Uraltversion nimmst du denn da??
Bitte die aktuelle Programmversion nehmen und die Signaturen nochmal updaten! Anschließend den Vollscan wiederholen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.06.2011, 15:16   #13
Flow-De
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Tut mir leid, ist mir in dem falle nicht aufgefallen da der log ja auch nicht von heute ist. Aber siehe Threadtitel keine Updates möglich. MBAM wurde nun neuheruntergeladen und momentan läuft nochmal ein komplett scan.

Alt 27.06.2011, 15:23   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Ups sry das hab ich ja völlig übersehen
Ich hab gelesen 26.06.2011 und nicht 26.10.2010
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.06.2011, 17:23   #15
Flow-De
 
Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Standard

Updateprobleme jeweder Software(Nach Internet Security 2011 befall)



Code:
ATTFilter
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6959

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

27.06.2011 17:38:19
mbam-log-2011-06-27 (17-38-19).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Durchsuchte Objekte: 381786
Laufzeit: 1 Stunde(n), 23 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
Eset läuft noch.

Antwort

Themen zu Updateprobleme jeweder Software(Nach Internet Security 2011 befall)
32-bit, adobe, alternate, black, c:\windows\system32\rundll32.exe, call of duty, combofix, converter, cpu-z, device driver, document, enigma, error, excel, excel.exe, exe, fehler, flash player, format, grand theft auto, internet, jdownloader, langs, launch, logfile, microsoft office word, microsoft security, mozilla, mp3, nodrives, problem, prozess, registry, rundll, scan, searchplugins, security, server, shell32.dll, shortcut, software, sptd.sys, start menu, studio, syswow64, taskmanager, teamspeak, usb, usb 3.0, windows



Ähnliche Themen: Updateprobleme jeweder Software(Nach Internet Security 2011 befall)


  1. Bitdefender Internet Security 2011 Kostenlos für 365 Tage
    Antiviren-, Firewall- und andere Schutzprogramme - 18.12.2011 (10)
  2. Avira-Scan von Desinfect 2011 meldet Adware.Gen in G-Data Internet Security
    Plagegeister aller Art und deren Bekämpfung - 02.08.2011 (4)
  3. Win 7 Internet Security 2011 -Virus
    Log-Analyse und Auswertung - 21.06.2011 (15)
  4. Avg Free Edition 2011 vs. AVG Internet Security 2011
    Antiviren-, Firewall- und andere Schutzprogramme - 24.05.2011 (8)
  5. Kaspersky Internet Security 2011 speichert keine Regeln mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 23.05.2011 (6)
  6. WIN7 Internet Security 2011 VIRUS! Vollständig entfernt?
    Plagegeister aller Art und deren Bekämpfung - 17.05.2011 (5)
  7. Win 7 Internet Security 2011 entfernen
    Log-Analyse und Auswertung - 15.05.2011 (18)
  8. Win 7 Internet Security 2011 -> Fake! Wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 15.05.2011 (23)
  9. kaspersky internet security 2011
    Plagegeister aller Art und deren Bekämpfung - 05.05.2011 (13)
  10. XP Internet Security 2011
    Plagegeister aller Art und deren Bekämpfung - 21.04.2011 (13)
  11. win 7 internet security 2011 <-- wie grieg ich den troyaner weg?
    Plagegeister aller Art und deren Bekämpfung - 31.03.2011 (5)
  12. XP Anti-Spyware 2011, Vista Security 2011, Win 7 Internet Security 2011 entfernen
    Anleitungen, FAQs & Links - 18.02.2011 (2)
  13. Probleme mit Kaspersky Internet Security 2011
    Antiviren-, Firewall- und andere Schutzprogramme - 25.01.2011 (2)
  14. Personal Internet Security 2011 entfernen
    Anleitungen, FAQs & Links - 29.12.2010 (2)
  15. Internet Security 2011 entfernen
    Anleitungen, FAQs & Links - 20.12.2010 (2)
  16. Kaspersky 2011: Internet Security als Kostprobe
    Nachrichten - 11.05.2010 (0)
  17. Nach Befall mit Internet Security 2010: Treiber für LAN, WLAN, Bluetooth defekt
    Plagegeister aller Art und deren Bekämpfung - 25.01.2010 (1)

Zum Thema Updateprobleme jeweder Software(Nach Internet Security 2011 befall) - Moin alle zusammen nun führt mein weg doch wieder zurück zum Trojaner-Board. Hatte letztens beim laden verschiedener Software das Problem der angehängten Software "Internet Security 2011". Hab mich natürlich die - Updateprobleme jeweder Software(Nach Internet Security 2011 befall)...
Archiv
Du betrachtest: Updateprobleme jeweder Software(Nach Internet Security 2011 befall) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.