Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: Flash Desinfector für x64

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 10.07.2010, 15:22   #1
Profpatsch
 
Flash Desinfector für x64 - Unglücklich

Flash Desinfector für x64



Hallo Leute,

Ich habe ein ziemlich großes Problem:

Keine **** Antimalware Lösung scheint Rücksicht darauf zu nehmen, dass es "seit neuestem" (schon seit Jahren) auch x64 Betriebssysteme gibt. Ich habe z.B. einen USB-Virus auf dem PC und es gibt keine Chance, ihn von meinem x64 System zu bekommen, weil kein nützliches Programm darauf funktioniert .

Jetzt wollte ich den FlashDesinfector benutzen und er funktioniert auch nicht.
Kennt irgendjemand eine Lösung für x64 Systeme?

Danke im Vorraus,
Profpatsch

Alt 12.07.2010, 17:58   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Flash Desinfector für x64 - Standard

Flash Desinfector für x64



Bei 64-Bit-Systemen muss man anders ran. Der Flash-Disinfector wurde auch nicht entwickelt, um das infizierte Windows zu säubern, sondern nur um infizierte USB-Sticks und Speicherkarten zu entseuchen!!

Bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 13.07.2010, 22:42   #3
Profpatsch
 
Flash Desinfector für x64 - Standard

Flash Desinfector für x64



Hier das kommt das Gewünschte (Mache ich mit diesen Informationen nicht quasi die Tore für alle Hacker auf?):

Malwarebyte:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4052

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

13.07.2010 22:03:28
mbam-log-2010-07-13 (22-03-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|)
Durchsuchte Objekte: 558618
Laufzeit: 2 Stunde(n), 46 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
OTL:

otl.txt:

Code:
ATTFilter
OTL logfile created on: 13.07.2010 22:06:03 - Run 1
OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\Installationskonto\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 28,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,04 Gb Total Space | 8,99 Gb Free Space | 4,49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 100,00 Gb Total Space | 21,40 Gb Free Space | 21,40% Space Free | Partition Type: NTFS
Drive F: | 78,90 Gb Total Space | 1,13 Gb Free Space | 1,43% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PHILIPHOMECOMP2
Current User Name: Installationskonto
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Installationskonto\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe ()
PRC - C:\Program Files (x86)\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Program Files (x86)\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Program Files (x86)\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\FlashGet Network\FlashGet 3\mxhelper.exe ()
PRC - C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
PRC - C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media Inc.)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\VC.exe (Acer Incoporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Windows\system\w98eject.exe (Sigmatel)
PRC - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Installationskonto\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International)
SRV - (IGBASVC) -- C:\Program Files (x86)\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe ()
SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (HsfXAudioService) -- C:\Windows\SysWOW64\XAudio64.dll (Conexant Systems, Inc.)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found
DRV:64bit: - (NinjaUSB) -- C:\Windows\SysNative\drivers\NinjaUSB.sys File not found
DRV:64bit: - (AlfaFF) -- C:\Windows\SysNative\drivers\AlfaFF.sys (Alfa Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (pavboot) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.)
DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\drivers\mdmxsdk.sys (Conexant)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\drivers\XAudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (TcUsb) -- C:\Windows\SysNative\drivers\tcusb.sys (UPEK Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (O2SDRDR) -- C:\Windows\SysNative\drivers\o2sdx64.sys (O2Micro )
DRV:64bit: - (O2MDRDR) -- C:\Windows\SysNative\drivers\o2mdx64.sys (O2Micro )
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (HSF_DPV) -- C:\Windows\SysNative\drivers\CAX_DPV.sys (Conexant Systems, Inc.)
DRV:64bit: - (CAXHWAZL) -- C:\Windows\SysNative\drivers\CAXHWAZL.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\drivers\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (sfsync04) StarForce Protection Synchronization Driver (version 4.x) -- C:\Windows\SysNative\drivers\sfsync04.sys (Protection Technology (StarForce))
DRV:64bit: - (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a) -- C:\Windows\SysNative\drivers\sfdrv01a.sys (Protection Technology (StarForce))
DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV:64bit: - (StMp3Recx64) -- C:\Windows\SysNative\drivers\StMp3Recx64.sys (Generic)
DRV:64bit: - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (NinjaUSB) -- C:\Windows\SysWOW64\drivers\NinjaUSB.sys ()
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys ()
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_5730&r=27361109c126l03e8z155x4881j255
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_5730&r=27361109c126l03e8z155x4881j255
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_5730&r=27361109c126l03e8z155x4881j255
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_5730&r=27361109c126l03e8z155x4881j255
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=travelmate_5730&r=27361109c126l03e8z155x4881j255
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://www.ask.com?o=15187&l=dis
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "h**p://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "h**p://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.6.1.22
FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.91
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.0.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "h**p://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=2&q="
FF - prefs.js..network.proxy.h**p: "77.87.124.102"
FF - prefs.js..network.proxy.h**p_port: 8080
FF - prefs.js..network.proxy.socks_version: 4
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.06.27 19:17:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.01 21:55:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.06.20 19:45:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.07.01 21:55:03 | 000,000,000 | ---D | M]
 
[2010.03.24 19:41:21 | 000,000,000 | ---D | M] -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Extensions
[2010.03.24 19:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.07.04 19:09:22 | 000,000,000 | ---D | M] -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\u1b8g9yj.default\extensions
[2009.11.21 00:53:16 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\u1b8g9yj.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.07.04 19:09:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\u1b8g9yj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.11.21 00:53:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\u1b8g9yj.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2009.11.21 00:53:16 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\u1b8g9yj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.11.21 00:56:12 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\u1b8g9yj.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010.07.13 21:53:30 | 000,000,000 | ---D | M] -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\xqqfubeg.default\extensions
[2010.01.24 09:05:00 | 000,000,000 | ---D | M] (mediaplayerconnectivity) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\xqqfubeg.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6}
[2010.07.04 19:09:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\xqqfubeg.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.07.12 20:46:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\xqqfubeg.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.11.21 12:50:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\xqqfubeg.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2010.07.11 19:51:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\xqqfubeg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.08 10:17:15 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\xqqfubeg.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010.07.10 12:42:13 | 000,000,000 | ---D | M] -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\xqqfubeg.default\extensions\autopager@mozilla.org
[2010.04.06 21:17:43 | 000,000,000 | ---D | M] -- C:\Users\Installationskonto\AppData\Roaming\mozilla\Firefox\Profiles\xqqfubeg.default\extensions\isreaditlater@ideashower.com
[2009.11.23 22:35:17 | 000,002,171 | ---- | M] () -- C:\Users\Installationskonto\AppData\Roaming\Mozilla\FireFox\Profiles\xqqfubeg.default\searchplugins\bing.xml
[2009.12.20 00:02:32 | 000,001,987 | ---- | M] () -- C:\Users\Installationskonto\AppData\Roaming\Mozilla\FireFox\Profiles\xqqfubeg.default\searchplugins\wolframalpha.xml
[2010.06.15 18:17:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.06.15 18:17:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.06.15 18:17:08 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.06.27 17:43:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.06.27 17:43:39 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.06.27 17:43:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.06.27 17:43:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.06.27 17:43:39 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files (x86)\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [FlashGetBHO] C:\Program Files (x86)\FlashGet Network\FlashGet 3\mxhelper.exe ()
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Download all by FlashGet3 - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Download by FlashGet3 - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: ʹÓÿ쳵3ÏÂÔØ - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: ʹÓÿ쳵3ÏÂÔØÈ«²¿Á´½Ó - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: ʹÓÿ쳵3ÏÂÔØ - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: ʹÓÿ쳵3ÏÂÔØÈ«²¿Á´½Ó - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] h**p in Trusted sites)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\spba: DllName - Reg Error: Key error. - C:\Programme\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files (x86)\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files (x86)\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3382e244-4d42-11df-bb2c-001f16c2ff71}\Shell - "" = AutoRun
O33 - MountPoints2\{3382e244-4d42-11df-bb2c-001f16c2ff71}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e39ee5cf-d75f-11de-8fb6-0026c615e82c}\Shell - "" = AutoRun
O33 - MountPoints2\{e39ee5cf-d75f-11de-8fb6-0026c615e82c}\Shell\AutoRun\command - "" = G:\pushinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.07 18:48:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xca
[2010.07.07 17:50:42 | 000,033,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
[2010.07.07 17:50:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2010.07.04 19:10:02 | 000,000,000 | ---D | C] -- C:\Users\Installationskonto\Desktop\Spanische Musik
[2010.07.04 19:09:22 | 000,000,000 | ---D | C] -- C:\Users\Installationskonto\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.04 15:22:48 | 000,000,000 | ---D | C] -- C:\Users\Installationskonto\AppData\Roaming\vlc
[2010.06.28 21:28:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gothic
[2010.06.28 16:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Metal Gear Solid
[2010.06.24 16:25:57 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010.06.24 16:25:57 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010.06.24 16:25:57 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010.06.24 16:25:57 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010.06.24 16:25:57 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.06.24 16:25:57 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010.06.24 16:25:57 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010.06.24 16:25:57 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010.06.19 22:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2010.06.19 22:28:52 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.06.19 22:28:52 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.06.19 22:28:52 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.06.19 22:28:52 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.06.19 22:28:50 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.06.19 22:28:50 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.06.15 18:17:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.06.15 18:17:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.06.15 18:17:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.06.15 18:17:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.13 22:08:35 | 003,932,160 | -HS- | M] () -- C:\Users\Installationskonto\ntuser.dat
[2010.07.13 19:35:23 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.07.13 18:18:21 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.13 18:18:21 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.13 16:13:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.12 11:31:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.12 11:31:33 | 3217,256,448 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.12 06:44:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2010.07.12 06:44:02 | 002,580,997 | -H-- | M] () -- C:\Users\Installationskonto\AppData\Local\IconCache.db
[2010.07.10 15:15:14 | 001,752,546 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.07.10 15:15:14 | 000,749,754 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.07.10 15:15:14 | 000,701,814 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.07.10 15:15:14 | 000,168,992 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.07.10 15:15:14 | 000,140,120 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.10 13:34:03 | 000,006,788 | ---- | M] () -- C:\Users\Installationskonto\.recently-used.xbel
[2010.07.08 22:18:17 | 000,099,263 | ---- | M] () -- C:\Users\Public\Documents\Unbenannt.wma
[2010.07.08 20:54:35 | 006,679,162 | ---- | M] () -- C:\Users\Installationskonto\Desktop\07_20Shine_20-_20Pillar.mp3
[2010.07.08 20:54:25 | 004,856,664 | ---- | M] () -- C:\Users\Installationskonto\Desktop\01_20Fire_20On_20the_20Inside_20-_20Pillar.mp3
[2010.07.08 20:54:01 | 006,818,984 | ---- | M] () -- C:\Users\Installationskonto\Desktop\03_20Secrets_20and_20Regrets_20-_20Pillar.mp3
[2010.07.04 21:24:48 | 170,034,342 | ---- | M] () -- C:\Users\Installationskonto\Desktop\Spanische Musik.rar
[2010.06.30 16:47:29 | 000,474,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.06.29 18:34:03 | 000,134,000 | ---- | M] () -- C:\Users\Installationskonto\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.28 21:30:34 | 000,008,192 | ---- | M] () -- C:\Windows\d3dx.dat
[2010.06.19 22:18:38 | 000,000,471 | ---- | M] () -- C:\Windows\MeinPlatz.ini
[2010.06.16 14:19:57 | 000,000,368 | ---- | M] () -- C:\Windows\SysNative\AIDefault.ai
[2010.06.15 18:17:08 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.06.15 18:17:08 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.06.15 18:17:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.06.15 18:17:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.07.10 13:34:03 | 000,006,788 | ---- | C] () -- C:\Users\Installationskonto\.recently-used.xbel
[2010.07.08 22:18:08 | 000,099,263 | ---- | C] () -- C:\Users\Public\Documents\Unbenannt.wma
[2010.07.08 20:54:32 | 006,679,162 | ---- | C] () -- C:\Users\Installationskonto\Desktop\07_20Shine_20-_20Pillar.mp3
[2010.07.08 20:54:23 | 004,856,664 | ---- | C] () -- C:\Users\Installationskonto\Desktop\01_20Fire_20On_20the_20Inside_20-_20Pillar.mp3
[2010.07.08 20:53:55 | 006,818,984 | ---- | C] () -- C:\Users\Installationskonto\Desktop\03_20Secrets_20and_20Regrets_20-_20Pillar.mp3
[2010.07.04 21:23:50 | 170,034,342 | ---- | C] () -- C:\Users\Installationskonto\Desktop\Spanische Musik.rar
[2010.06.28 21:30:34 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.06.10 18:17:45 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\VMC3KAPI.dll
[2010.04.24 14:22:12 | 000,000,000 | ---- | C] () -- C:\Windows\MusicEditor.INI
[2010.04.24 10:40:56 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI
[2010.04.24 10:01:59 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010.04.22 17:36:25 | 000,024,704 | ---- | C] () -- C:\Windows\SysWow64\drivers\NinjaUSB.sys
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.02.20 23:56:27 | 000,000,316 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.12.25 18:51:20 | 000,185,344 | ---- | C] () -- C:\Windows\patchw32.dll
[2009.12.24 22:25:16 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2009.11.30 21:33:46 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2009.11.28 17:48:08 | 000,000,450 | ---- | C] () -- C:\Windows\wininit.ini
[2009.11.25 20:18:43 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2009.11.23 20:49:13 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.11.23 20:49:13 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.11.21 18:21:22 | 000,000,471 | ---- | C] () -- C:\Windows\MeinPlatz.ini
[2009.11.21 11:57:47 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2009.11.21 00:55:10 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2009.10.28 16:40:55 | 000,001,716 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2009.10.28 08:38:07 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2009.10.28 08:36:17 | 001,635,828 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.10.28 08:18:31 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009.10.28 08:18:31 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2009.08.22 12:16:40 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009.08.22 12:16:40 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009.08.22 12:16:37 | 000,000,189 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009.08.22 12:16:37 | 000,000,166 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009.08.22 12:16:37 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2007.01.02 10:43:34 | 000,015,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\int15_64.sys
< End of report >
         
extras.txt
Code:
ATTFilter
OTL Extras logfile created on: 13.07.2010 22:06:03 - Run 1
OTL by OldTimer - Version 3.2.9.0     Folder = C:\Users\Installationskonto\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 28,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,04 Gb Total Space | 8,99 Gb Free Space | 4,49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 100,00 Gb Total Space | 21,40 Gb Free Space | 21,40% Space Free | Partition Type: NTFS
Drive F: | 78,90 Gb Total Space | 1,13 Gb Free Space | 1,43% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PHILIPHOMECOMP2
Current User Name: Installationskonto
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
h**p [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
h**ps [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
h**p [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
h**ps [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"$INSTDIR\FlvDetector.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlvDetector.exe:*:Enabled:FGFlvDetector -- File not found
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Program Files (x86)\AirRivals_DE\Launcher.atm" = C:\Program Files (x86)\AirRivals_DE\Launcher.atm:Enabled:GameExe2 -- File not found
"C:\Program Files (x86)\AirRivals_DE\Res-Voip\SCVoIP.exe" = C:\Program Files (x86)\AirRivals_DE\Res-Voip\SCVoIP.exe:Enabled:GameVoIP -- File not found
"$INSTDIR\FlvDetector.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlvDetector.exe:*:Enabled:FGFlvDetector -- File not found
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Program Files (x86)\AirRivals_DE\Launcher.atm" = C:\Program Files (x86)\AirRivals_DE\Launcher.atm:Enabled:GameExe2 -- File not found
"C:\Program Files (x86)\AirRivals_DE\Res-Voip\SCVoIP.exe" = C:\Program Files (x86)\AirRivals_DE\Res-Voip\SCVoIP.exe:Enabled:GameVoIP -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series
"{1A300085-6A46-2B37-60E0-2C151E24DD66}" = ccc-utility64
"{1D5F34D0-6329-4D92-B81A-E24E9028910C}" = Crystal Reports Basic Runtime German Language Pack for Visual Studio 2008 (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{43239902-03DF-A165-7EF6-6A49DE4F8EF1}" = ATI AVIVO64 Codecs
"{49F3D04B-B849-4C89-AB31-2366A004EA28}" = Broadcom Gigabit Integrated Controller
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{62EED300-E841-4083-A1D6-60B906271804}" = Microsoft Windows SDK for Visual Studio 2008 Tools
"{64A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17 (64-bit)
"{7C552757-172E-4C18-AA3E-3DFAC5A15DAA}" = O2Micro Flash Memory Card Reader Driver
"{7ECA1AEA-2B61-3DE6-8276-6A9A2693F111}" = Microsoft Device Emulator (64 Bit) Version 3.0 - DEU
"{88363A53-C537-77C9-863D-C20147EF4AC0}" = ATI Catalyst Install Manager
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9aa5f39c-a8de-46b0-919a-0248f8bc8490}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A992BBAA-723D-4574-A07F-983BF8FAA3E1}" = Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
"{AC888A60-9557-3B74-B52B-F353D01BD544}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
"{ACD875CC-A146-3125-8F99-D3766F46FD86}" = Visual Studio .NET Prerequisites - English
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C31A4909-9C18-3121-AAD4-EAD92013B6E5}" = Microsoft Visual Studio 2008 Remote Debugger - DEU
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F68310EC-B615-4044-B7D7-1A6349758D42}" = Microsoft SQL Server VSS Writer
"{F90F5A11-53E6-4045-ACB1-BC03D71FB06C}" = Microsoft SQL Server Native Client
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Microsoft Visual Studio 2008 Remote Debugger - DEU" = Microsoft Visual Studio 2008 Remote Debugger - DEU
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{052DE950-9FE3-577E-996A-90C870A59A01}" = Catalyst Control Center Graphics Full New
"{06EF78A1-935E-8982-48EE-DEAF73075BBE}" = Catalyst Control Center InstallProxy
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}" = Microsoft SQL Server Compact 3.5 DEU
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{18E1FD72-60FA-3E10-A66B-640970B5559F}" = Visual Studio Tools for the Office system 3.0 Runtime Language Pack - DEU
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1C3ADB5F-750E-4453-AC98-B75C5323845C}" = Microsoft SQL Server Compact 3.5 for Devices DEU
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2339BEE4-F74A-CCF1-5249-C38BD28CA5FB}" = Catalyst Control Center Localization All
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{288CF37D-3FE0-E572-D200-52113E47D679}" = ccc-core-static
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A02BB99-C34C-7167-8B78-CBBE3F2B266D}" = Catalyst Control Center Graphics Full Existing
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (BWDATOOLSET)
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{36694AD6-1E86-A376-4FCD-9F547581B4B9}" = CCC Help English
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3924C3E7-C440-4B23-9740-9A9EC0545F21}" = Crystal Reports Basic German Language Pack for Visual Studio 2008
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{445174EA-3D3A-308E-84AD-446127E71441}" = Microsoft Visual Studio 2008 Professional Edition - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ACDC413-AF13-3934-8D8A-1F8CEF70D1A5}" = Microsoft Document Explorer 2008 Language Pack - DEU
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{52B6FCEC-7146-17FC-6877-18DAE0EDF05F}" = Euro-Fahrschule 2010
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}" = msxml4
"{5DB161C0-7C9C-41D7-8DA1-CB112F60946B}" = Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galaktische Abenteuer
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7030E8F8-8896-693B-B666-21D2E2729058}" = Prezi Desktop
"{721B5CF0-D220-4955-BB6F-EBCFB1096DE7}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72CCBEA1-8D57-4981-A337-81019F28C5BA}" = Microsoft .NET Compact Framework 3.5
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{820D9939-FEC1-D65C-599D-232DBA015A87}" = Catalyst Control Center Graphics Light
"{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2 
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0407-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (German) 2007
"{90120000-0021-0407-0000-0000000FF1CE}_VisualWebDeveloper_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_VisualWebDeveloper_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{966CA8ED-5A5D-47F8-A478-794206AB1B3E}" = Microsoft WorldWide Telescope
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA467959-A1D6-4F45-90CD-11DC57733F32}" = Crystal Reports Basic for Visual Studio 2008
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.3 MUI
"{AE3F657E-14CD-70A4-9CD8-E534E9114C66}" = Catalyst Control Center Core Implementation
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF37F9DE-0726-439E-BC10-43D9195394D0}" = Firebird SQL Server - MAGIX Edition
"{B1060346-9388-4C5B-AA52-176C39819E43}" = Microsoft .NET Compact Framework 2.0 SP2
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Süß & Schrecklich Ergänzungs-Pack
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CBD30E1C-4B85-FC57-9E8D-98664E7AB805}" = Catalyst Control Center InstallProxy
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D475588F-91C9-365E-AB40-D588111DD7C4}" = MSDN Library for Visual Studio 2008 - DEU
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D96021A9-B290-4783-B019-0E4000DA84CE}" = S4 League_EU
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{DA7F48EF-5F56-45FE-9169-3B8159A7A323}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{E32260E7-0B10-43C7-9B77-AB9F4184676D}" = Microsoft SQL Server Compact 3.5 Design Tools DEU
"{E440017F-64DE-6E98-E513-31FA3D6D9DBE}" = Catalyst Control Center Graphics Previews Vista
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"¿ì³µ(FlashGet)3.4" = ¿ì³µ(FlashGet)3.4 Õýʽ°æ
"8461-7759-5462-8226" = Vuze
"AC3Filter" = AC3Filter (remove only)
"Acer Acer Bio Protection 6.0.00.16" = Acer Bio Protection

ATU 6.0.00.16
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.5
"Aspell" = Aspell Data
"Aspell6-Dictionary-de" = Aspell 0.6 Dictionary (Language: de)
"Aspell6-Dictionary-en" = Aspell 0.6 Dictionary (Language: en)
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BF2SP64" = BF2SP64
"CCleaner" = CCleaner
"Clonk Rage" = Clonk Rage
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"com.prezi.PreziDesktop" = Prezi Desktop
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DriftCity_EU" = Drift City
"EA Download Manager" = EA Download Manager
"EA Installer.-2099549384" = EA Installer
"FileZilla Client" = FileZilla Client 3.3.2.1
"FINAL FANTASY VIII" = FINAL FANTASY VIII
"FlashGet 3.3" = FlashGet 3.3
"FormatFactory" = FormatFactory 2.20
"Free" = Free Allegiance
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.5
"Gothic_Screenfun" = Gothic (SCREENFUN-DVD November 2005)
"GridVista" = Acer GridVista
"heroes in the sky" = heroes in the sky
"Hidden & Dangerous 2 Patch" = Hidden & Dangerous 2 Patch
"HijackThis" = HijackThis 2.0.2
"Identity Card" = Identity Card
"Inkscape" = Inkscape 0.47
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}" = Hidden & Dangerous 2 
"JDownloader" = JDownloader
"LManager" = Launch Manager
"LyX" = LyX 1.6.5-1
"MAGIX Music Maker 16 Premium Download-Version D" = MAGIX Music Maker 16 Premium Download-Version
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaMonkey_is1" = MediaMonkey 3.2
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MeinPlatz" = MeinPlatz
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft Document Explorer 2008 Language Pack - DEU" = Microsoft Document Explorer 2008 Language Pack - DEU
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack" = Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack
"Microsoft Visual Studio 2008 Professional Edition - DEU" = Microsoft Visual Studio 2008 Professional Edition - DEU
"MiKTeX 2.8" = MiKTeX 2.8
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Mozilla Thunderbird (3.0.5)" = Mozilla Thunderbird (3.0.5)
"MSDN Library für Visual Studio 2008 - DEU" = MSDN Library für Visual Studio 2008 - DEU
"Mumble" = Mumble and Murmur
"MUSHclient" = MUSHclient (remove only)
"OpenVPN" = OpenVPN 2.1_rc22
"Perry Rhodan_is1" = Perry Rhodan (PATCHED BY XEONKING©)
"ROM Papyrus Autor" = Papyrus Autor 3.01
"SongBeamer_Setup_is1" = SongBeamer 4.09
"SYBEX.eurofahrschule2010.DEA6744BBD64092B439DF6F6F66EE152DA36E9C6.1" = Euro-Fahrschule 2010
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"The Chronicles of Spellborn_is1" = The Chronicles of Spellborn
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"Visual Studio Tools for the Office system 3.0 Runtime Language Pack - DEU" = Visual Studio-Tools für Office System 3.0 Runtime Language Pack - DEU
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VLC media player" = VLC media player 1.1.0
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"xca" = XCA (remove only)
"X-Chat 2_is1" = X-Chat 2.8.6-2
"Xfire" = Xfire (remove only)
"XviD" = XviD MPEG-4 Codec
"Xvid_is1" = Xvid 1.2.2 final uninstall
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
__________________

Alt 13.07.2010, 23:19   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Flash Desinfector für x64 - Standard

Flash Desinfector für x64



Zitat:
Mache ich mit diesen Informationen nicht quasi die Tore für alle Hacker auf?):
Nein, das ist technisch ausgeschlossen.

Zitat:
Datenbank Version: 4052
Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen Vollscan machen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.07.2010, 17:56   #5
Profpatsch
 
Flash Desinfector für x64 - Pfeil

Flash Desinfector für x64



So, hier die aktuelle Version. Ich hatte mir zwar das Update heruntergeladen, aber er wollte es nicht installieren. Dann kam nichts mehr und ich dachte jetzt ist es in Ordnung. Anscheinend war es das doch nicht

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4312

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14.07.2010 17:41:32
mbam-log-2010-07-14 (17-41-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|)
Durchsuchte Objekte: 571100
Laufzeit: 2 Stunde(n), 31 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
2 1/2 Stunden laufen lassen und das gleiche Ergebnis: Gar keins...


Alt 14.07.2010, 19:41   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Flash Desinfector für x64 - Standard

Flash Desinfector für x64



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=2&q="
FF - prefs.js..network.proxy.http: "77.87.124.102"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.socks_version: 4
O8 - Extra context menu item: ʹÓÿ쳵3ÏÂÔØ - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: ʹÓÿ쳵3ÏÂÔØÈ«²¿Á´½Ó - C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O33 - MountPoints2\{3382e244-4d42-11df-bb2c-001f16c2ff71}\Shell - "" = AutoRun
O33 - MountPoints2\{3382e244-4d42-11df-bb2c-001f16c2ff71}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e39ee5cf-d75f-11de-8fb6-0026c615e82c}\Shell - "" = AutoRun
O33 - MountPoints2\{e39ee5cf-d75f-11de-8fb6-0026c615e82c}\Shell\AutoRun\command - "" = G:\pushinst.exe -- File not found
[2010.07.07 18:48:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xca
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann auf den Button Run Fixes!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
--> Flash Desinfector für x64

Alt 15.07.2010, 18:33   #7
Profpatsch
 
Flash Desinfector für x64 - Standard

Flash Desinfector für x64



Ét Voila:

Code:
ATTFilter
All processes killed
========== OTL ==========
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=2&q=" removed from keyword.URL
Prefs.js: "77.87.124.102" removed from network.proxy.http
Prefs.js: 8080 removed from network.proxy.http_port
Prefs.js: 4 removed from network.proxy.socks_version
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ʹÓÿ쳵3ÏÂÔØ\ deleted successfully.
C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetUrl.htm moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ʹÓÿ쳵3ÏÂÔØÈ«²¿Á´½Ó\ deleted successfully.
C:\Users\Installationskonto\AppData\Roaming\FlashGetBHO\GetAllUrl.htm moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\kuaiche.com\software\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3382e244-4d42-11df-bb2c-001f16c2ff71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3382e244-4d42-11df-bb2c-001f16c2ff71}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3382e244-4d42-11df-bb2c-001f16c2ff71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3382e244-4d42-11df-bb2c-001f16c2ff71}\ not found.
File D:\LaunchU3.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e39ee5cf-d75f-11de-8fb6-0026c615e82c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e39ee5cf-d75f-11de-8fb6-0026c615e82c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e39ee5cf-d75f-11de-8fb6-0026c615e82c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e39ee5cf-d75f-11de-8fb6-0026c615e82c}\ not found.
File G:\pushinst.exe not found.
C:\Program Files (x86)\xca folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: CZ-FFB
->Temp folder emptied: 8117067 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 10895741 bytes
->FireFox cache emptied: 3288062 bytes
->Flash cache emptied: 75 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 57482 bytes
->Flash cache emptied: 56504 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Installationskonto
->Temp folder emptied: 135927636 bytes
->Temporary Internet Files folder emptied: 2643526 bytes
->Java cache emptied: 54464543 bytes
->FireFox cache emptied: 85510384 bytes
->Flash cache emptied: 96524 bytes
 
User: Philöi
->Temp folder emptied: 61629480 bytes
->Temporary Internet Files folder emptied: 839140561 bytes
->Java cache emptied: 38475196 bytes
->FireFox cache emptied: 160910565 bytes
->Flash cache emptied: 12852 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1089498 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50300 bytes
RecycleBin emptied: 21593 bytes
 
Total Files Cleaned = 1.337,00 mb
 
 
OTL by OldTimer - Version 3.2.9.0 log created on 07152010_182810

Files\Folders moved on Reboot...
C:\Users\Installationskonto\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
         
So, und was hat der jetzt gemacht außer die Registry bereinigt und die temp. Dateien gelöscht?

Alt 15.07.2010, 19:32   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Flash Desinfector für x64 - Standard

Flash Desinfector für x64



Der hat noch ein bisschen mehr gemacht durch das Script

Weitere Tools können wir aufgrund der Inkompatibilität mit nem x64 Windows nicht einsetzen, die sind aber nicht wirklich notwendig.
Mach daher nurnoch zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Hast Du die Sticks mittlerweile mit dem FlashDisinfector von einem 32-Bit-Windows aus geimpft?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.10.2010, 19:08   #9
Profpatsch
 
Flash Desinfector für x64 - Standard

Flash Desinfector für x64



Ich habe jetzt die Lösung gefunden.

Für alle: FlashDesinfector.exe funzt bei RavMon.exe NICHT, bzw. nur zur Hälfte.
Er kann zwar die autorun.inf beseitigen, aber die RavMon.exe, die auf jedem Stick auch gespeichert wird, NICHT.

Ich poste die Lösung unter einem eigenen Thread namens "ravmon.exe"

Antwort

Themen zu Flash Desinfector für x64
antimalware, betriebssysteme, chance, dropper, flash, flashdesinfector, funktionier, funktioniert, großes, jahre, leute, lösung, neues, nützliches, problem, programm, schei, snyper, usb-stick, usb-virus, wechseldatenträger, ziemlich



Ähnliche Themen: Flash Desinfector für x64


  1. Kommentar: Weg mit Flash!
    Nachrichten - 17.07.2015 (0)
  2. Flash Beat
    Log-Analyse und Auswertung - 13.02.2015 (11)
  3. Flash Beat Virus
    Plagegeister aller Art und deren Bekämpfung - 08.02.2015 (5)
  4. Schädling in Firefox / Flash
    Log-Analyse und Auswertung - 28.01.2015 (16)
  5. Flash Disinfector Fehlalarm?
    Antiviren-, Firewall- und andere Schutzprogramme - 26.01.2015 (5)
  6. Win7_Rechner hängt/Internet langsam/ständig Meldung: Plug-in (Shockwave Flash / oder Flash Player) hängt oder reagiert nicht
    Plagegeister aller Art und deren Bekämpfung - 15.11.2014 (19)
  7. Pop ups von Flash Player Updates etc. + Flash Player funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (8)
  8. EXP/FLASH.Iwandi.Gen
    Plagegeister aller Art und deren Bekämpfung - 30.12.2012 (23)
  9. Startfenster.com nach Flash / Shockwave Update, Flash Plugin stürzt dauernd ab
    Log-Analyse und Auswertung - 26.09.2012 (41)
  10. Probleme mit Flash
    Alles rund um Windows - 29.12.2011 (10)
  11. Flash-Cookies im Griff: Adobe veröffentlicht Flash 10.3
    Nachrichten - 13.05.2011 (0)
  12. Flash Fehler
    Alles rund um Windows - 26.04.2011 (2)
  13. Flash Player 10.2 ist fertig
    Nachrichten - 09.02.2011 (0)
  14. Flash-Cookies
    Überwachung, Datenschutz und Spam - 02.02.2010 (8)
  15. Flash Video runterladen
    Alles rund um Windows - 04.12.2009 (6)
  16. popups und flash-werbung
    Log-Analyse und Auswertung - 13.11.2005 (28)
  17. Fragen zu Flash
    Alles rund um Windows - 04.06.2003 (8)

Zum Thema Flash Desinfector für x64 - Hallo Leute, Ich habe ein ziemlich großes Problem: Keine **** Antimalware Lösung scheint Rücksicht darauf zu nehmen, dass es "seit neuestem" (schon seit Jahren) auch x64 Betriebssysteme gibt. Ich habe - Flash Desinfector für x64...
Archiv
Du betrachtest: Flash Desinfector für x64 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.