Zur點k   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Antispyware Soft Virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder st鋘dig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu k鰊nen, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauensw黵dig ist und bis zur vollst鋘digen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.05.2010, 11:11   #1
Mashti
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Hier meine Logs:

Code:
ATTFilter
Logfile of random's system information tool 1.07 (written by random/random)
Run by at 2010-05-20 11:03:36
Microsoft Windows XP Professional Service Pack 3
System drive C: has 84 GB (27%) free of 305 GB
Total RAM: 2046 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:03:49, on 20.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\GEMEIN~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\GEMEIN~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Programme\McAfee\MPF\MPFSrv.exe
C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
C:\Programme\CDBurnerXP\NMSAccessU.exe
C:\Apps\Softex\OmniPass\Omniserv.exe
C:\Programme\Hama\Common\RalinkRegistryWriter.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Programme\TVersity\Media Server\MediaServer.exe
C:\Programme\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Apps\Softex\OmniPass\OPXPApp.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\mHotkey.exe
C:\Apps\Softex\OmniPass\scureapp.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Bo-Shot\Bo-Shot.exe
C:\Programme\Hama\Common\RaUI.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\explorer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Kamyar\Desktop\RSIT.exe
C:\Programme\trend micro\Kamyar.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://format.packardbell.com/cgi-bin/redirect/?country=GE&range=AD&phase=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [mHotkey] mHotkey.exe
O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programme\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [mcagent_exe] "C:\Programme\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ecukespo] C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx\hhooeiqtssd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ecukespo] C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx\hhooeiqtssd.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\DslMgr.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\DslMgr.exe (User 'Default user')
O4 - .DEFAULT Startup: T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (User 'Default user')
O4 - Global Startup: Bo-Shot.lnk = C:\Programme\Bo-Shot\Bo-Shot.exe
O4 - Global Startup: Hama Wireless LAN Utility.lnk = C:\Programme\Hama\Common\RaUI.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 謋fnen mit WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} - hxxp://itv.mop.com (file missing)
O9 - Extra 'Tools' menuitem: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} - hxxp://itv.mop.com (file missing)
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programme\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programme\Desktop Sidebar\sbhelp.dll
O9 - Extra button: In Blog ver鰂fentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog ver鰂fentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterst黷zen - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O9 - Extra 'Tools' menuitem: Unterst黷zung f黵 xp-AntiSpy - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\ger.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} (KooPlayer Control) - hxxp://www.euchannels.net/UKooPlayer.ocx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - hxxp://iptv.zgzcw.com/pCastCtl_1.0.0.89_20080808.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Programme\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\GEMEIN~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\GEMEIN~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programme\McAfee\MPF\MPFSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programme\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Programme\Hama\Common\RalinkRegistryWriter.exe
O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Programme\Gemeinsame Dateien\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Programme\Gemeinsame Dateien\Sonic Shared\RoxioUpnpService9.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: RoxMediaDB9 - Unknown owner - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (file missing)
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Unknown owner - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe
O23 - Service: DSL-Manager (TDslMgrService) - T-Systems Enterprise Services GmbH - C:\Programme\T-Online\DSL-Manager\DslMgrSvc.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Programme\TVersity\Media Server\MediaServer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Programme\Viewpoint\Common\ViewpointService.exe

--
End of file - 18417 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Klick-Wartung.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Erweiterte Garantie.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3469752352-2384856531-3581575452-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3469752352-2384856531-3581575452-1005UA.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{AEEF8A3A-1FD4-4FBA-BE69-1BE28D40AE85}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll [2007-03-20 803864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll [2007-03-20 803864]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Programme\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-06-08 259696]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-11-23 204048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-18 16207872]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"mHotkey"=C:\WINDOWS\mHotkey.exe [2006-06-19 559104]
"OmniPass"=C:\Apps\Softex\OmniPass\scureapp.exe [2006-06-21 2203648]
""= []
"D-Link AirPlus G"=C:\Programme\D-Link\AirPlus G\AirGCFG.exe [2005-11-23 1544192]
"ANIWZCS2Service"=C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2005-10-19 49152]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"mcagent_exe"=C:\Programme\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]
"TkBellExe"=C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2009-09-27 198160]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"AppleSyncNotifier"=C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-03-16 47392]
"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2010-03-26 142120]
"ecukespo"=C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx\hhooeiqtssd.exe [2010-05-19 264704]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-08 39408]
"Google Update"=C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2010-04-25 136176]
"ecukespo"=C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx\hhooeiqtssd.exe [2010-05-19 264704]

C:\Dokumente und Einstellungen\All Users\Startmen黒Programme\Autostart
Bo-Shot.lnk - C:\Programme\Bo-Shot\Bo-Shot.exe
Hama Wireless LAN Utility.lnk - C:\Programme\Hama\Common\RaUI.exe
Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OPXPGina]
C:\Apps\Softex\OmniPass\opxpgina.dll [2006-06-21 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\32b1b0db2a0d98f3]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\32b1b0db2a0d98f3]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\LimeWire\LimeWire.exe"="C:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Programme\ICQLite\ICQLite.exe"="C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Programme\PPMate\ppmnet.exe"="C:\Programme\PPMate\ppmnet.exe:*:Enabled:PPMate"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Programme\DNA\btdna.exe"="C:\Programme\DNA\btdna.exe:*:Enabled:DNA"
"C:\Programme\BitTorrent\bittorrent.exe"="C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Programme\eMule\emule.exe"="C:\Programme\eMule\emule.exe:*:Enabled:eMule"
"C:\Programme\Winamp Remote\bin\Orb.exe"="C:\Programme\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Programme\Winamp Remote\bin\OrbTray.exe"="C:\Programme\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Programme\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Programme\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"C:\Programme\PPMate\ppamnet.exe"="C:\Programme\PPMate\ppamnet.exe:*:Enabled:PPMate"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Programme\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2"
"C:\Programme\TVersity\Media Server\MediaServer.exe"="C:\Programme\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Programme\Gemeinsame Dateien\McAfee\MNA\McNASvc.exe"="C:\Programme\Gemeinsame Dateien\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Programme\SopCast\adv\SopAdver.exe"="C:\Programme\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Programme\SopCast\SopCast.exe"="C:\Programme\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:iexplore"
"C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour""
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programme\TVUPlayer\TVUPlayer.exe"="C:\Programme\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\asam.exe"="C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\asam.exe:*:Enabled:enable"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\APPS\AOL 9.0\waol.exe"="C:\APPS\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\autorun6e.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98186912-feb3-11de-a785-00179a76cc9e}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1864092-922f-11dd-a3fe-00179a76cc9e}]
shell\AutoRun\command - F:\menu.exe


======List of files/folders created in the last 1 months======

2010-05-20 11:03:36 ----D---- C:\rsit
2010-05-20 11:03:36 ----D---- C:\Programme\trend micro
2010-05-20 10:55:22 ----D---- C:\Programme\CCleaner
2010-05-16 02:12:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2010-05-12 13:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-02 18:22:42 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TVU Networks
2010-05-02 18:21:18 ----D---- C:\Programme\TVUPlayer

======List of files/folders modified in the last 1 months======

2010-05-20 11:03:36 ----D---- C:\Programme
2010-05-20 10:55:56 ----D---- C:\WINDOWS\Debug
2010-05-20 10:55:56 ----D---- C:\WINDOWS
2010-05-20 10:55:55 ----D---- C:\WINDOWS\Minidump
2010-05-20 10:55:54 ----D---- C:\WINDOWS\Temp
2010-05-20 00:18:46 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-05-20 00:15:49 ----D---- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\vlc
2010-05-20 00:07:21 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
2010-05-19 23:57:05 ----A---- C:\WINDOWS\NeroDigital.ini
2010-05-19 22:04:21 ----D---- C:\WINDOWS\Prefetch
2010-05-19 22:01:47 ----D---- C:\WINDOWS\system32\drivers
2010-05-19 21:40:51 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-05-19 21:19:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-05-19 20:41:17 ----D---- C:\WINDOWS\system32
2010-05-19 19:20:07 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-19 19:00:43 ----SD---- C:\WINDOWS\Tasks
2010-05-19 18:23:48 ----SHD---- C:\System Volume Information
2010-05-19 15:48:49 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-05-19 15:20:47 ----D---- C:\Programme\jdownloader
2010-05-17 18:28:34 ----D---- C:\Programme\Mozilla Firefox
2010-05-16 23:18:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS
2010-05-16 23:17:32 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-05-16 02:48:08 ----D---- C:\Programme\Full Tilt Poker
2010-05-15 21:34:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-13 23:25:45 ----D---- C:\Programme\PokerStars
2010-05-13 23:22:36 ----A---- C:\WINDOWS\win.ini
2010-05-13 23:22:32 ----D---- C:\Programme\Everest Poker
2010-05-13 22:43:31 ----D---- C:\Downloads
2010-05-12 13:32:45 ----SHD---- C:\WINDOWS\Installer
2010-05-12 13:28:23 ----HD---- C:\WINDOWS\inf
2010-05-12 13:28:17 ----D---- C:\Programme\Outlook Express
2010-05-12 11:50:56 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-06 23:05:34 ----D---- C:\WINDOWS\system32\wbem
2010-05-06 23:05:19 ----SD---- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Microsoft
2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-29 19:04:33 ----D---- C:\Programme\Messenger Plus! Live

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-11 12920]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2009-09-16 214664]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2009-07-16 120136]
R1 SSHDRV62;SSHDRV62; \??\C:\WINDOWS\system32\drivers\SSHDRV62.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterst黷zungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-04-19 21361]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2009-01-04 16512]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-18 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-18 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-18 9400]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-11 51768]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-12-14 15440]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2006-12-14 11984]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA-Bustreiber f黵 High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-16 4275712]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-09-16 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-09-16 35272]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2009-09-16 40552]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2008-07-30 619136]
R3 TSMPacket;DSL-Manager Service; C:\WINDOWS\system32\DRIVERS\tsmpkt.sys [2007-06-26 13824]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Miniporttreiber f黵 erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Miniporttreiber f黵 universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2006-07-25 53408]
S3 aq73zbf8;aq73zbf8; C:\WINDOWS\system32\drivers\aq73zbf8.sys []
S3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2006-06-21 130048]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 BWNDIS5;BWNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\BWNDIS5.SYS []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 dsltestSp5;dsltestSp5 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\dsltestSp5.sys [2007-09-12 26816]
S3 DTV_Capture_2X0;DVB2GO mini DVB-T USB Receiver Driver; C:\WINDOWS\System32\Drivers\DTV_Capture_2X0.sys [2004-09-06 18432]
S3 DTV_Loader_2X0;DTV_Loader_2X0 Loader; C:\WINDOWS\System32\Drivers\DTV_Loader_2X0.sys [2005-03-28 19456]
S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-06-12 43008]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-04-11 20496]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-04-11 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-04-11 79376]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 MHNDRV;MHN-Treiber; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETFWDSL;AVM FRITZ!web DSL PPP; C:\WINDOWS\system32\DRIVERS\NETFWDSL.SYS []
S3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PDNMp50;PDNMp50 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\PDNMp50.sys []
S3 PDNSp50;PDNSp50 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\PDNSp50.sys []
S3 QV2KUX;Casio-Digitalkamera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 RT73;D-Link USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Dr71WU.sys [2005-11-03 245504]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\WINDOWS\system32\DRIVERS\wg111v3.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-10-16 41472]
S3 usbohci;Miniporttreiber f黵 Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2007-05-10 66656]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2006-07-25 9264]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2007-05-10 100640]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2006-07-25 100672]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2006-07-25 84960]
S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2006-09-20 50688]
S4 sr;Filtertreiber f黵 Systemwiederherstellung; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AOL ACS;AOL Connectivity Service; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [2004-11-09 1140312]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-03-19 144672]
R2 Bonjour Service;Dienst "Bonjour"; C:\Programme\Bonjour\mDNSResponder.exe [2010-02-12 345376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Programme\McAfee\SiteAdvisor\McSACore.exe [2009-12-08 93320]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-09-17 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\GEMEIN~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\GEMEIN~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Programme\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NMSAccessU;NMSAccessU; C:\Programme\CDBurnerXP\NMSAccessU.exe [2009-11-12 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
R2 omniserv;Softex OmniPass Service; C:\Apps\Softex\OmniPass\Omniserv.exe [2006-06-21 32768]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Programme\Hama\Common\RalinkRegistryWriter.exe [2008-05-12 69632]
R2 SeaPort;SeaPort; C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-12-06 604488]
R2 TVersityMediaServer;TVersityMediaServer; C:\Programme\TVersity\Media Server\MediaServer.exe [2009-05-23 851968]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Programme\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2010-03-26 545576]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-09-16 606736]
S2 ANIWZCSdService;ANIWZCSd Service; C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2005-10-19 49152]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Programme\Gemeinsame Dateien\Sonic Shared\RoxioUpnpService9.exe []
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe []
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe []
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 de_serv;AVM FRITZ!web Routing Service; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Family Safety-Dienst; C:\Programme\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-08 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-09-16 365072]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Programme\Gemeinsame Dateien\Sonic Shared\RoxioUPnPRenderer9.exe []
S3 RoxMediaDB9;RoxMediaDB9; C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe []
S3 stllssvr;stllssvr; C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 TDslMgrService;DSL-Manager; C:\Programme\T-Online\DSL-Manager\DslMgrSvc.exe [2007-11-26 294912]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-12-06 361288]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
         

Alt 20.05.2010, 12:16   #2
cosinus
/// Winkelfunktion
/// TB-S點h-Tiger™
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausf黨ren" w鋒len
  • Oben findest Du ein K鋝tchen mit Output. W鋒le bitte Minimal Output
  • Unter Extra Registry, w鋒le bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 20.05.2010, 19:18   #3
Mashti
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Code:
ATTFilter
OTL logfile created on: 20.05.2010 18:49:29 - Run 1
OTL by OldTimer - Version 3.2.5.0     Folder = C:\Dokumente und Einstellungen\Kamyar\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298,08 Gb Total Space | 80,07 Gb Free Space | 26,86% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 66,08 Gb Free Space | 22,17% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive M: | 7,54 Gb Total Space | 3,88 Gb Free Space | 51,43% Space Free | Partition Type: FAT32
 
Computer Name: HOME
Current User Name: Kamyar
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Kamyar\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - c:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Programme\VideoLAN\VLC\vlc.exe ()
PRC - c:\Programme\Gemeinsame Dateien\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - c:\Programme\Gemeinsame Dateien\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\TVersity\Media Server\MediaServer.exe ()
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\Hama\Common\RaUI.exe (Hama GmbH & Co KG)
PRC - C:\Programme\Hama\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\WinRAR\WinRAR.exe ()
PRC - C:\Programme\Viewpoint\Viewpoint Manager\ViewMgr.exe (Viewpoint Corporation)
PRC - C:\Programme\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\APPS\Softex\OmniPass\ScureApp.exe ()
PRC - C:\APPS\Softex\OmniPass\OmniServ.exe (Softex Inc.)
PRC - C:\APPS\Softex\OmniPass\OPXPApp.exe ()
PRC - C:\WINDOWS\mHotkey.exe ()
PRC - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (America Online, Inc.)
PRC - C:\Programme\Bo-Shot\Bo-Shot.exe (BoSoft)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Kamyar\Desktop\OTL.exe (OldTimer Tools)
MOD - c:\Programme\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - C:\Programme\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\APPS\Softex\OmniPass\scuredll.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (RoxWatch9) --  File not found
SRV - (RoxMediaDB9) --  File not found
SRV - (RoxLiveShare9) --  File not found
SRV - (Roxio Upnp Server 9) --  File not found
SRV - (Roxio UPnP Renderer 9) --  File not found
SRV - (de_serv) --  File not found
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (MpfService) -- C:\Programme\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (McProxy) -- c:\Programme\Gemeinsame Dateien\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\Programme\Gemeinsame Dateien\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (TVersityMediaServer) -- C:\Programme\TVersity\Media Server\MediaServer.exe ()
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (RalinkRegistryWriter) -- C:\Programme\Hama\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (TDslMgrService) -- C:\Programme\T-Online\DSL-Manager\DslMgrSvc.exe (T-Systems Enterprise Services GmbH)
SRV - (Viewpoint Manager Service) -- C:\Programme\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (stllssvr) -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (omniserv) -- C:\APPS\Softex\OmniPass\OmniServ.exe (Softex Inc.)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ANIWZCSdService) -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Alpha Networks Inc.)
SRV - (AOL ACS) -- C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe (America Online, Inc.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (StarOpen) -- C:\WINDOWS\system32\drivers\StarOpen.sys ()
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (MPFP) -- C:\WINDOWS\system32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.)
DRV - (Changer) -- C:\WINDOWS\system32\drivers\changer.sys (Microsoft Corporation)
DRV - (lbrtfdc) -- C:\WINDOWS\system32\drivers\lbrtfdc.sys (Toshiba Corp.)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (dsltestSp5) -- C:\WINDOWS\system32\drivers\dsltestsp5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (TSMPacket) -- C:\WINDOWS\system32\drivers\tsmpkt.sys (T-Systems)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (zebrmdm) Sony Ericsson Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdm.sys (MCCI)
DRV - (zebrbus) -- C:\WINDOWS\system32\drivers\zebrbus.sys (MCCI)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\lmouke.sys (Logitech Inc.)
DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\l8042mou.sys (Logitech Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\l8042kbd.sys (Logitech Inc.)
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\WINDOWS\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.)
DRV - (SSHDRV62) -- C:\WINDOWS\system32\drivers\SSHDRV62.sys ()
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ElbyDelay) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (RxFilter) -- C:\WINDOWS\system32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (zebrsce) -- C:\WINDOWS\system32\drivers\zebrsce.sys (MCCI)
DRV - (zebrmdmc) Sony Ericsson mRouter Port (WDM) -- C:\WINDOWS\system32\drivers\zebrmdmc.sys (MCCI)
DRV - (zebrmdfl) -- C:\WINDOWS\system32\drivers\zebrmdfl.sys (MCCI)
DRV - (zebrceb) Sony Ericsson Cable Emulation Bus (WDM) -- C:\WINDOWS\system32\drivers\zebrceb.sys (MCCI)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (ViaIde) -- C:\WINDOWS\system32\DRIVERS\viaidexp.sys (VIA Technologies, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (ANIO) -- C:\WINDOWS\system32\ANIO.sys (Alpha Networks Inc.)
DRV - (RT73) -- C:\WINDOWS\system32\drivers\dr71wu.sys (Ralink Technology, Corp.)
DRV - (DTV_Loader_2X0) -- C:\WINDOWS\system32\drivers\dtv_loader_2x0.sys (WideView Technology Inc.)
DRV - (DTV_Capture_2X0) -- C:\WINDOWS\system32\drivers\dtv_capture_2x0.sys (Computer & Entertainment, Inc.)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\cvirta.sys (Cisco Systems, Inc.)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (QV2KUX) -- C:\WINDOWS\system32\drivers\qv2kux.sys (Microsoft Corporation)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.plusnetwork.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.0.5
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.3
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.4.7amo
FF - prefs.js..extensions.enabledItems: {CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.0.1
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:6.6.5.0
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Programme\McAfee\SiteAdvisor [2010.04.09 10:53:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.20 11:06:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.05.16 23:17:33 | 000,000,000 | ---D | M]
 
[2008.06.18 13:48:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Extensions
[2010.05.17 18:28:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\extensions
[2010.05.17 18:28:30 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.05.17 18:28:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.17 18:28:16 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2010.05.17 18:28:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010.05.17 18:28:29 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.01.15 16:43:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\extensions\firefox@tvunetworks.com
[2010.05.17 18:28:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\extensions\SkipScreen@SkipScreen
[2010.05.17 18:28:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\extensions\smarterwiki@wikiatic.com
[2010.01.22 12:59:42 | 000,001,681 | ---- | M] () -- C:\Dokumente und Einstellungen\Kamyar\Anwendungsdaten\Mozilla\Firefox\Profiles\jimg0m7p.default\searchplugins\ask.uk.xml
[2010.05.17 18:28:37 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2008.09.04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npbittorrent.dll
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2007.07.15 12:36:58 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [D-Link AirPlus G] C:\Programme\D-Link\AirPlus G\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [ecukespo] C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx\hhooeiqtssd.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mHotkey] C:\WINDOWS\mHotkey.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OmniPass] C:\APPS\Softex\OmniPass\ScureApp.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ecukespo] C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx\hhooeiqtssd.exe ()
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmen黒Programme\Autostart\Bo-Shot.lnk = C:\Programme\Bo-Shot\Bo-Shot.exe (BoSoft)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmen黒Programme\Autostart\Hama Wireless LAN Utility.lnk = C:\Programme\Hama\Common\RaUI.exe (Hama GmbH & Co KG)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmen黒Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: 謋fnen mit WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra Button: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} -  File not found
O9 - Extra 'Tools' menuitem : 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} -  File not found
O9 - Extra Button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programme\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra 'Tools' menuitem : Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programme\Desktop Sidebar\sbhelp.dll (Idea2)
O9 - Extra Button: In Blog ver鰂fentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog ver鰂fentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe ()
O9 - Extra 'Tools' menuitem : Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: 77.221.133.173 ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Domains: 77.221.153.180 ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Domains: av2check.net ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Domains: zig4sis.net ([]http in Lokales Intranet)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (Checkers Class)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab (DLM Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} hxxp://www.euchannels.net/UKooPlayer.ocx (KooPlayer Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab (Solitaire Showdown Class)
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} hxxp://iptv.zgzcw.com/pCastCtl_1.0.0.89_20080808.cab (pCastPanel Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Apps\Softex\OmniPass\opxpgina.dll - C:\APPS\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.02 19:25:48 | 000,000,100 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2006.09.09 13:50:55 | 000,000,000 | R--D | M] - I:\autorun -- [ UDF ]
O32 - AutoRun File - [2006.07.21 11:29:01 | 000,000,051 | R--- | M] () - I:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2006.08.31 14:11:38 | 000,002,648 | R--- | M] () - I:\autorun.xml -- [ UDF ]
O32 - AutoRun File - [2006.08.11 04:30:10 | 000,126,976 | R--- | M] () - I:\autorun6e.exe -- [ UDF ]
O33 - MountPoints2\{98186912-feb3-11de-a785-00179a76cc9e}\Shell - "" = AutoRun
O33 - MountPoints2\{98186912-feb3-11de-a785-00179a76cc9e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98186912-feb3-11de-a785-00179a76cc9e}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a1864092-922f-11dd-a3fe-00179a76cc9e}\Shell\AutoRun\command - "" = F:\menu.exe -- File not found
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\setupSNK.exe -- [2008.04.14 08:53:06 | 000,028,672 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\autorun6e.exe -- [2006.08.11 04:30:10 | 000,126,976 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.05.20 18:46:56 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Kamyar\Desktop\OTL.exe
[2010.05.20 11:03:36 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.05.20 11:03:36 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.20 11:03:25 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Kamyar\Recent
[2010.05.20 10:55:22 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.05.20 10:24:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2010.05.20 10:24:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2010.05.19 19:29:09 | 006,153,648 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Kamyar\Desktop\mbam-setup.exe
[2010.05.19 15:46:21 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010.05.19 15:46:21 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010.05.19 15:44:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\changer.sys
[2010.05.19 15:44:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010.05.19 15:42:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx
[2010.05.02 18:22:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TVU Networks
[2010.05.02 18:21:18 | 000,000,000 | ---D | C] -- C:\Programme\TVUPlayer
[2010.04.25 11:48:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\Temp
[2006.09.14 11:32:20 | 000,028,672 | R--- | C] ( ) -- C:\WINDOWS\System32\DivXGraphBuilderCallback.dll
[2004.11.24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[24 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.20 18:53:01 | 000,001,212 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3469752352-2384856531-3581575452-1005UA.job
[2010.05.20 18:46:57 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Kamyar\Desktop\OTL.exe
[2010.05.20 18:45:12 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AEEF8A3A-1FD4-4FBA-BE69-1BE28D40AE85}.job
[2010.05.20 18:30:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Erweiterte Garantie.job
[2010.05.20 18:00:09 | 000,000,494 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2010.05.20 17:39:34 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.05.20 17:39:25 | 000,050,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.20 16:40:49 | 000,238,205 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.05.20 16:40:13 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.20 16:39:57 | 000,023,779 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010.05.20 16:39:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.20 16:39:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.20 13:03:42 | 014,680,064 | ---- | M] () -- C:\Dokumente und Einstellungen\Kamyar\NTUSER.DAT
[2010.05.20 13:03:42 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Kamyar\ntuser.ini
[2010.05.20 11:53:00 | 000,001,160 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3469752352-2384856531-3581575452-1005Core.job
[2010.05.20 11:01:41 | 000,674,596 | ---- | M] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\cc_20100520_110125.reg
[2010.05.20 10:56:37 | 000,824,681 | ---- | M] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\RSIT.exe
[2010.05.20 10:55:28 | 000,001,515 | ---- | M] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\CCleaner.lnk
[2010.05.19 21:40:51 | 000,000,679 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.19 19:31:24 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Kamyar\Desktop\mbam-setup.exe
[2010.05.19 19:24:54 | 000,363,520 | ---- | M] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\rkill.scr
[2010.05.19 19:23:53 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.05.19 18:25:25 | 000,059,648 | ---- | M] () -- C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\syssvc.exe
[2010.05.16 02:12:58 | 000,463,938 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.05.16 02:12:58 | 000,444,478 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.16 02:12:58 | 000,086,510 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.05.16 02:12:58 | 000,072,354 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.15 21:34:43 | 001,078,396 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.13 23:22:36 | 000,001,578 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.05.11 10:43:21 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.05.05 13:33:48 | 000,229,588 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.05.02 18:21:35 | 000,000,669 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TVUPlayer.lnk
[2010.04.30 09:53:47 | 000,002,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\Google Chrome.lnk
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[24 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.05.20 11:01:28 | 000,674,596 | ---- | C] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\cc_20100520_110125.reg
[2010.05.20 10:56:36 | 000,824,681 | ---- | C] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\RSIT.exe
[2010.05.20 10:55:27 | 000,001,515 | ---- | C] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\CCleaner.lnk
[2010.05.19 21:10:52 | 000,000,679 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.19 20:50:46 | 000,363,520 | ---- | C] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\rkill.scr
[2010.05.19 19:23:52 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.05.19 18:25:25 | 000,059,648 | ---- | C] () -- C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\syssvc.exe
[2010.05.02 18:21:35 | 000,000,669 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TVUPlayer.lnk
[2010.04.25 11:48:46 | 000,002,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Kamyar\Desktop\Google Chrome.lnk
[2010.04.25 11:48:06 | 000,001,212 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3469752352-2384856531-3581575452-1005UA.job
[2010.04.25 11:48:06 | 000,001,160 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3469752352-2384856531-3581575452-1005Core.job
[2010.02.07 22:00:15 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010.01.26 16:36:19 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009.12.15 13:34:10 | 000,000,038 | ---- | C] () -- C:\WINDOWS\countdwn.INI
[2009.12.15 13:17:24 | 000,000,125 | ---- | C] () -- C:\WINDOWS\HSCOUNT.INI
[2009.11.25 13:31:34 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.03.02 18:50:36 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.02.14 13:51:20 | 000,000,117 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.02.14 13:44:01 | 000,000,486 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.12.19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.12.11 12:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.12.10 14:11:18 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008.10.30 15:51:07 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.10.28 23:47:33 | 000,000,060 | ---- | C] () -- C:\WINDOWS\IniFile1.ini
[2008.05.13 03:53:16 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.05.13 03:50:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008.05.13 03:50:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008.05.13 03:50:08 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\divx_xx0a.dll
[2008.05.13 03:49:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008.04.07 16:43:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2008.03.25 19:47:25 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\spacklsp.dll
[2008.03.19 16:47:39 | 000,000,169 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.03.19 16:39:15 | 000,000,111 | ---- | C] () -- C:\WINDOWS\telephon.ini
[2007.12.03 19:04:55 | 000,003,208 | ---- | C] () -- C:\WINDOWS\tm.ini
[2007.09.09 11:43:17 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007.09.09 11:43:17 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007.06.10 12:33:40 | 000,139,288 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2007.05.13 11:11:44 | 000,000,071 | ---- | C] () -- C:\WINDOWS\EPSONCD.INI
[2007.04.30 14:56:28 | 000,000,420 | ---- | C] () -- C:\WINDOWS\goldwave.ini
[2007.04.30 14:56:05 | 000,006,367 | ---- | C] () -- C:\WINDOWS\Gwpreset.ini
[2007.03.31 13:41:11 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll
[2007.02.12 17:33:42 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2007.02.07 22:50:01 | 000,000,379 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2007.01.14 19:57:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.01.13 19:01:48 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007.01.13 18:58:37 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE SPR265DEFGIPS.ini
[2007.01.06 14:12:04 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV62.sys
[2006.12.23 15:58:55 | 000,000,218 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006.12.23 15:58:35 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2006.12.23 15:58:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2006.12.23 15:57:46 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2006.11.10 13:10:11 | 000,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006.10.16 20:46:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.10.16 20:33:20 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2006.10.16 20:30:17 | 000,000,626 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2006.10.16 20:29:17 | 000,006,929 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2006.10.16 20:18:46 | 000,294,912 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2006.10.16 20:18:20 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.10.16 20:17:33 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.16 20:17:33 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.16 20:17:31 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.16 20:17:30 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.16 20:17:30 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.16 20:17:30 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.09.21 13:23:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006.09.19 01:00:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2006.09.13 13:06:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\gtapi.dll
[2006.02.26 17:08:28 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006.01.12 15:37:38 | 000,005,968 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.08.05 14:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.06.17 05:41:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2005.04.26 03:05:50 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbzlib.dll
[2004.10.20 10:02:45 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll
[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2003.10.02 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003.10.02 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003.02.20 21:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000037.DLL
[1999.01.22 11:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 353 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8CEFE51A
< End of report >
         




warebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20.05.2010 18:45:10
mbam-log-2010-05-20 (18-45-10).txt

Art des Suchlaufs: Vollst鋘diger Suchlauf (C:\|D:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|)
Durchsuchte Objekte: 249153
Laufzeit: 1 Stunde(n), 23 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschl黶sel: 4
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine b鰏artigen Objekte gefunden)

Infizierte Speichermodule:
(Keine b鰏artigen Objekte gefunden)

Infizierte Registrierungsschl黶sel:
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine b鰏artigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine b鰏artigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine b鰏artigen Objekte gefunden)

Infizierte Dateien:
(Keine b鰏artigen Objekte gefunden)
__________________

Alt 20.05.2010, 20:32   #4
cosinus
/// Winkelfunktion
/// TB-S點h-Tiger™
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Zitat:
Datenbank Version: 4052
Du hast Malwarebytes vorher nicht aktualisiert. Bitte die Datenbanken updaten und den Vollscan wiederholen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung f黵 einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterst黷zen
Warum Linux besser als Windows ist!

Alt 21.05.2010, 17:36   #5
Mashti
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4123

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21.05.2010 17:32:08
mbam-log-2010-05-21 (17-32-08).txt

Art des Suchlaufs: Vollst鋘diger Suchlauf (C:\|D:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|)
Durchsuchte Objekte: 254965
Laufzeit: 1 Stunde(n), 36 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschl黶sel: 4
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine b鰏artigen Objekte gefunden)

Infizierte Speichermodule:
(Keine b鰏artigen Objekte gefunden)

Infizierte Registrierungsschl黶sel:
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine b鰏artigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine b鰏artigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine b鰏artigen Objekte gefunden)

Infizierte Dateien:
(Keine b鰏artigen Objekte gefunde


Alt 21.05.2010, 21:27   #6
cosinus
/// Winkelfunktion
/// TB-S點h-Tiger™
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
SRV - (RoxWatch9) --  File not found
SRV - (RoxMediaDB9) --  File not found
SRV - (RoxLiveShare9) --  File not found
SRV - (Roxio Upnp Server 9) --  File not found
SRV - (Roxio UPnP Renderer 9) --  File not found
SRV - (de_serv) --  File not found
O4 - HKLM..\Run: [ecukespo] C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx\hhooeiqtssd.exe ()
O4 - HKCU..\Run: [ecukespo] C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx\hhooeiqtssd.exe ()
O9 - Extra Button: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E} -  File not found
O9 - Extra 'Tools' menuitem : 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E} -  File not found
O15 - HKCU\..Trusted Domains: 77.221.133.173 ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Domains: 77.221.153.180 ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Domains: av2check.net ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Domains: zig4sis.net ([]http in Lokales Intranet)
O32 - AutoRun File - [2009.11.02 19:25:48 | 000,000,100 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2006.09.09 13:50:55 | 000,000,000 | R--D | M] - I:\autorun -- [ UDF ]
O32 - AutoRun File - [2006.07.21 11:29:01 | 000,000,051 | R--- | M] () - I:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2006.08.31 14:11:38 | 000,002,648 | R--- | M] () - I:\autorun.xml -- [ UDF ]
O32 - AutoRun File - [2006.08.11 04:30:10 | 000,126,976 | R--- | M] () - I:\autorun6e.exe -- [ UDF ]
O33 - MountPoints2\{98186912-feb3-11de-a785-00179a76cc9e}\Shell - "" = AutoRun
O33 - MountPoints2\{98186912-feb3-11de-a785-00179a76cc9e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98186912-feb3-11de-a785-00179a76cc9e}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a1864092-922f-11dd-a3fe-00179a76cc9e}\Shell\AutoRun\command - "" = F:\menu.exe -- File not found
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\setupSNK.exe -- [2008.04.14 08:53:06 | 000,028,672 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\autorun6e.exe -- [2006.08.11 04:30:10 | 000,126,976 | R--- | M] ()
@Alternate Data Stream - 353 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8CEFE51A
:Files
C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\lnnplijwx
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann auf den Button Run Fixes!
Das Logfile m黶ste ge鰂fnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
--> Antispyware Soft Virus

Alt 22.05.2010, 17:46   #7
Mashti
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Irgendwie ist was ganz komisches passiert.

Hab alles gemacht wie du es gesagt hast und nachdem ich den Rechner neu gestartet habe war auf jeden fall schon mal das Antispy Ware Symbol unten rechts (wo auch die Uhr ist) weg.
Aber auch OTL ist komplett weg und hab auch keine Logfile.

Alt 23.05.2010, 12:35   #8
Mashti
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Und ich hab jetzt noch ein Problem.

Ich kann keine Dateien mehr l鰏chen. Weder mit der rechten Maustaste, noch mit der Entf Taste oder sonst wie. Ich bekomme dann immer die Meldung, dass Explorere.exe ein Problem festgestellt hat und beendet werden muss.

Hat das was mit dem Virus zu tun? Vorher hatte ich das Problem nicht.

Alt 23.05.2010, 19:01   #9
Hundskrippl
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Das gleiche wie bei mir - ich kann auch seit dem Virus nichts mehr l鰏chen.

Nur hilft mir irgendwie in meinem Thread dazu keiner weiter, ich poste da lustig allein vor mich hin....

Alt 25.05.2010, 10:11   #10
Mashti
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Kann mir hier keiner mehr helfen? Die Internetgeschwindigkeit hat sich auch um einiges verringert.

Alt 25.05.2010, 10:43   #11
cosinus
/// Winkelfunktion
/// TB-S點h-Tiger™
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Schau mal in den Ordner C:\_OTL - da sollte das Logfile nach dem Fix mit OTL sein.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung f黵 einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterst黷zen
Warum Linux besser als Windows ist!

Alt 25.05.2010, 13:16   #12
Mashti
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Hab meinen PC danach suchen lassen, aber er hat nix gefunden.

Kann ich noch irgendetwas machen?

Vielen Dank f黵 deine Hilfe und dass du dir so viel Zeit nimmst.

Gru
Mashti

Alt 25.05.2010, 13:29   #13
cosinus
/// Winkelfunktion
/// TB-S點h-Tiger™
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Siehst Du da 黚erhaupt einen Ordner der sich so nennt? (C:\_OTL)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung f黵 einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterst黷zen
Warum Linux besser als Windows ist!

Alt 25.05.2010, 23:37   #14
Mashti
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Sorry, dass ich so sp鋞 anworte, aber hab bis 23 Uhr gearbeitet.

Ne, so einen Ordner gibt es nicht.

Alt 26.05.2010, 14:09   #15
cosinus
/// Winkelfunktion
/// TB-S點h-Tiger™
 
Antispyware Soft Virus - Standard

Antispyware Soft Virus



Dann probier den Schritt mitdem OTL-Fix bitte nochmal.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung f黵 einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterst黷zen
Warum Linux besser als Windows ist!

Antwort

Themen zu Antispyware Soft Virus
adobe, bho, browseui preloader, cdburnerxp, desktop, device driver, einstellungen, fontcache, google, hier meine logs, hijack, hkus\s-1-5-18, internet, internet explorer, media center, mozilla, netgear, object, realtek, remote software, rogue.antivirussuite, rundll, server, siteadvisor, skype.exe, software, staropen, system, torrent.exe, virus, vista, windows, windows xp, wireless lan



膆nliche Themen: Antispyware Soft Virus


  1. Antispyware Soft Infektion
    Plagegeister aller Art und deren Bek鋗pfung - 18.06.2010 (32)
  2. Problem mit Antispyware Soft
    Log-Analyse und Auswertung - 01.06.2010 (7)
  3. Antispyware Soft Demo
    Plagegeister aller Art und deren Bek鋗pfung - 27.05.2010 (4)
  4. Antispyware Soft / Antivirus Soft -- auf einem Benutzerkonto weg / auf dem anderen da
    Log-Analyse und Auswertung - 26.05.2010 (0)
  5. Antispyware Soft
    Log-Analyse und Auswertung - 21.05.2010 (7)
  6. Antispyware Soft entdeckt
    Plagegeister aller Art und deren Bek鋗pfung - 16.05.2010 (1)
  7. Antispyware soft
    Log-Analyse und Auswertung - 11.05.2010 (7)
  8. Antispyware Soft Demo VIRUS!
    Plagegeister aller Art und deren Bek鋗pfung - 08.05.2010 (2)
  9. Antispyware-Soft ...
    Plagegeister aller Art und deren Bek鋗pfung - 07.05.2010 (1)
  10. Antispyware soft demo eingefangen Virus
    Plagegeister aller Art und deren Bek鋗pfung - 06.05.2010 (1)
  11. AntiSpyWare Soft
    Plagegeister aller Art und deren Bek鋗pfung - 06.05.2010 (23)
  12. AntiSpyWare Soft, blockiert Probleml鰏ungen
    Plagegeister aller Art und deren Bek鋗pfung - 06.05.2010 (3)
  13. AntiSpyWare Soft kommt wieder
    Plagegeister aller Art und deren Bek鋗pfung - 06.05.2010 (1)
  14. was tun bei 凙ntispyware soft
    Plagegeister aller Art und deren Bek鋗pfung - 03.05.2010 (7)
  15. was tun bei 凙ntispyware soft
    M黮ltonne - 03.05.2010 (18)
  16. Habe ANTISPYWARE SOFT ?????
    Plagegeister aller Art und deren Bek鋗pfung - 02.05.2010 (1)
  17. Antispyware Soft entfernen
    Anleitungen, FAQs & Links - 25.04.2010 (2)

Zum Thema Antispyware Soft Virus - Hier meine Logs: Code: Alles ausw鋒len Aufklappen ATTFilter Logfile of random's system information tool 1.07 (written by random/random) Run by at 2010-05-20 11:03:36 Microsoft Windows XP Professional Service Pack 3 - Antispyware Soft Virus...
Archiv
Du betrachtest: Antispyware Soft Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.