Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Kampf Musik im Desktop Hintergrund

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.08.2010, 14:09   #16
Svensen89
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



so habe ich getan da stand dann ok und mein Rechner hat neugestartet


Lg Svensen89

Alt 07.08.2010, 14:15   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



Lösche bitte die vorhandenen MBRCheck.txt
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________

__________________

Alt 07.08.2010, 14:16   #18
Svensen89
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: FUJITSU SIEMENS
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: FUJITSU SIEMENS
System Product Name: G31T-M2
Logical Drives Mask: 0x00000ffc

Kernel Drivers (total 204):
0x8303E000 \SystemRoot\system32\ntoskrnl.exe
0x83007000 \SystemRoot\system32\halmacpi.dll
0x80BBC000 \SystemRoot\system32\kdcom.dll
0x8C411000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8C489000 \SystemRoot\system32\PSHED.dll
0x8C49A000 \SystemRoot\system32\BOOTVID.dll
0x8C4A2000 \SystemRoot\system32\CLFS.SYS
0x8C4E4000 \SystemRoot\system32\CI.dll
0x8C58F000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8C600000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8C60E000 \SystemRoot\System32\Drivers\spnz.sys
0x8C701000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8C70A000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x8C730000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8C778000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8C783000 \SystemRoot\system32\DRIVERS\pci.sys
0x8C7AD000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8C7B5000 \SystemRoot\System32\drivers\partmgr.sys
0x8C7C6000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8C819000 \SystemRoot\System32\drivers\volmgrx.sys
0x8C864000 \SystemRoot\system32\DRIVERS\intelide.sys
0x8C86B000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8C879000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8C881000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8C88C000 \SystemRoot\System32\drivers\mountmgr.sys
0x8C8A2000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8C8AB000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8C8CE000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8C8D7000 \SystemRoot\system32\drivers\fltmgr.sys
0x8C90B000 \SystemRoot\system32\drivers\fileinfo.sys
0x8C91C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8CA4B000 \SystemRoot\System32\Drivers\msrpc.sys
0x8CA76000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8CA89000 \SystemRoot\System32\Drivers\cng.sys
0x8CAE6000 \SystemRoot\System32\drivers\pcw.sys
0x8CAF4000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8CAFD000 \SystemRoot\system32\drivers\ndis.sys
0x8CBB4000 \SystemRoot\system32\drivers\NETIO.SYS
0x8C7D6000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8CC3F000 \SystemRoot\System32\drivers\tcpip.sys
0x8CD88000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8CDB9000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8CDC2000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8CE01000 \SystemRoot\System32\Drivers\spldr.sys
0x8CE09000 \SystemRoot\System32\drivers\rdyboost.sys
0x8CE36000 \SystemRoot\System32\Drivers\mup.sys
0x8CE46000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8CE4E000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8CE80000 \SystemRoot\system32\DRIVERS\disk.sys
0x8CE91000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8CEE8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8CF07000 \??\C:\Windows\system32\drivers\ACEDRV05.sys
0x8CF66000 \??\C:\Windows\system32\drivers\SSHDRV76.sys
0x8CF96000 \SystemRoot\System32\Drivers\Null.SYS
0x8CF9D000 \SystemRoot\System32\Drivers\Beep.SYS
0x8CFA4000 \SystemRoot\System32\drivers\vga.sys
0x8CFB0000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8CFD1000 \SystemRoot\System32\drivers\watchdog.sys
0x8CFDE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8CFE6000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8CFEE000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8CC00000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8CC0B000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8CC19000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8CC30000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x93C0F000 \SystemRoot\system32\drivers\afd.sys
0x93C69000 \SystemRoot\System32\DRIVERS\netbt.sys
0x93C9B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x93CA2000 \SystemRoot\system32\DRIVERS\pacer.sys
0x93CC1000 \SystemRoot\system32\DRIVERS\vpcnfltr.sys
0x93CD1000 \SystemRoot\system32\DRIVERS\netbios.sys
0x93CDF000 \SystemRoot\system32\DRIVERS\serial.sys
0x93CF9000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x93D0C000 \SystemRoot\system32\drivers\vpcvmm.sys
0x93D53000 \SystemRoot\system32\DRIVERS\termdd.sys
0x93D63000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x93D69000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0x93D8B000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0x93D91000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x93DD2000 \SystemRoot\system32\drivers\nsiproxy.sys
0x93DDC000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x93DE6000 \SystemRoot\System32\drivers\discache.sys
0x93DF2000 \SystemRoot\system32\drivers\csc.sys
0x93E56000 \SystemRoot\System32\Drivers\dfsc.sys
0x93E6E000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x93E7C000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x93E98000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0x93E9A000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x93EBB000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x95411000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x95E8F000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x95E91000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x95F48000 \SystemRoot\System32\drivers\dxgmms1.sys
0x95F81000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x95FA0000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0x95FE5000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x93ECD000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x95FF0000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x93F18000 \SystemRoot\system32\drivers\cmaudio.sys
0x93F70000 \SystemRoot\system32\drivers\portcls.sys
0x93F9F000 \SystemRoot\system32\drivers\drmk.sys
0x93FB8000 \SystemRoot\system32\drivers\ks.sys
0x9483D000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x94869000 \SystemRoot\system32\DRIVERS\serenum.sys
0x94873000 \SystemRoot\system32\DRIVERS\parport.sys
0x9488B000 \SystemRoot\System32\Drivers\abi8e5mk.SYS
0x948C4000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x948D1000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x948E3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x948FB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x94906000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x94928000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x94940000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x94957000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x9496E000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x94978000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x94985000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x94992000 \SystemRoot\system32\DRIVERS\swenum.sys
0x94994000 \SystemRoot\system32\DRIVERS\umbus.sys
0x949A2000 \SystemRoot\system32\DRIVERS\vpcusb.sys
0x949BA000 \SystemRoot\system32\DRIVERS\usbrpm.sys
0x949C7000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x949C9000 \SystemRoot\system32\DRIVERS\vpchbus.sys
0x949FF000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x94A43000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x96812000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x96A0A000 \SystemRoot\System32\Drivers\crashdmp.sys
0x96A17000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x96A22000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x96A2B000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x985A0000 \SystemRoot\System32\win32k.sys
0x96A3C000 \SystemRoot\System32\drivers\Dxapi.sys
0x96A46000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x96A5D000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x96A68000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x96A7B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x96A82000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x96A8E000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x96AA5000 \SystemRoot\system32\DRIVERS\monitor.sys
0x96AB0000 \SystemRoot\system32\DRIVERS\KMWDFILTER.sys
0x96AB9000 \SystemRoot\system32\DRIVERS\whfltr2k.sys
0x96ABB000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x98400000 \SystemRoot\System32\TSDDD.dll
0x98430000 \SystemRoot\System32\cdd.dll
0x98450000 \SystemRoot\System32\ATMFD.DLL
0x96AC6000 \SystemRoot\system32\drivers\luafv.sys
0x96AE1000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x96AF5000 \SystemRoot\system32\drivers\WudfPf.sys
0x96B0F000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x96B1F000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x96B32000 \SystemRoot\system32\drivers\HTTP.sys
0x96BB7000 \SystemRoot\system32\DRIVERS\bowser.sys
0x96BD0000 \SystemRoot\System32\drivers\mpsdrv.sys
0x94A54000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x94A77000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x96BE2000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x96800000 \SystemRoot\system32\DRIVERS\parvdm.sys
0x96807000 \SystemRoot\System32\Drivers\TBPanel.SYS
0x94AB2000 \SystemRoot\system32\DRIVERS\atksgt.sys
0x96809000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0x94AF5000 \SystemRoot\system32\drivers\peauth.sys
0x94B8C000 \SystemRoot\System32\Drivers\secdrv.SYS
0x94B96000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA4074000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA4081000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA40D0000 \SystemRoot\System32\DRIVERS\srv.sys
0xA4121000 \??\C:\Windows\system32\FsUsbExDisk.SYS
0xA412A000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xA414B000 \SystemRoot\System32\drivers\ipnat.sys
0xA4171000 \??\C:\Windows\system32\drivers\mbam.sys
0x77D60000 \Windows\System32\ntdll.dll
0x48310000 \Windows\System32\smss.exe
0x77FA0000 \Windows\System32\apisetschema.dll
0x00260000 \Windows\System32\autochk.exe
0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll
0x77F40000 \Windows\System32\gdi32.dll
0x77F10000 \Windows\System32\imagehlp.dll
0x77CD0000 \Windows\System32\oleaut32.dll
0x77C00000 \Windows\System32\user32.dll
0x77F00000 \Windows\System32\nsi.dll
0x77B50000 \Windows\System32\msvcrt.dll
0x77A50000 \Windows\System32\wininet.dll
0x77EB0000 \Windows\System32\Wldap32.dll
0x779F0000 \Windows\System32\shlwapi.dll
0x77970000 \Windows\System32\comdlg32.dll
0x778E0000 \Windows\System32\clbcatq.dll
0x778A0000 \Windows\System32\ws2_32.dll
0x776A0000 \Windows\System32\iertutil.dll
0x77EA0000 \Windows\System32\lpk.dll
0x77600000 \Windows\System32\advapi32.dll
0x77520000 \Windows\System32\kernel32.dll
0x77480000 \Windows\System32\usp10.dll
0x77340000 \Windows\System32\urlmon.dll
0x77290000 \Windows\System32\rpcrt4.dll
0x77280000 \Windows\System32\psapi.dll
0x77260000 \Windows\System32\sechost.dll
0x770C0000 \Windows\System32\setupapi.dll
0x770B0000 \Windows\System32\normaliz.dll
0x77090000 \Windows\System32\imm32.dll
0x76440000 \Windows\System32\shell32.dll
0x76370000 \Windows\System32\msctf.dll
0x76210000 \Windows\System32\ole32.dll
0x761B0000 \Windows\System32\difxapi.dll
0x76190000 \Windows\System32\devobj.dll

Processes (total 71):
0 System Idle Process
4 SYSTEM
296 C:\Windows\System32\smss.exe
440 csrss.exe
504 C:\Windows\System32\wininit.exe
516 csrss.exe
556 C:\Windows\System32\services.exe
584 C:\Windows\System32\lsass.exe
592 C:\Windows\System32\lsm.exe
652 C:\Windows\System32\winlogon.exe
740 C:\Windows\System32\svchost.exe
840 C:\Windows\System32\nvvsvc.exe
880 C:\Windows\System32\svchost.exe
964 C:\Windows\System32\svchost.exe
1012 C:\Windows\System32\svchost.exe
1040 C:\Windows\System32\svchost.exe
1148 C:\Windows\System32\audiodg.exe
1208 C:\Windows\System32\svchost.exe
1304 C:\Windows\System32\nvvsvc.exe
1348 C:\Windows\System32\svchost.exe
1468 C:\Windows\System32\LEXBCES.EXE
1516 C:\Windows\System32\LEXPPS.EXE
1552 C:\Windows\System32\spoolsv.exe
1628 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1648 C:\Windows\System32\svchost.exe
1980 C:\Windows\System32\dwm.exe
124 C:\Windows\explorer.exe
332 C:\Windows\System32\taskhost.exe
1416 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1908 C:\Windows\System32\svchost.exe
1892 C:\Windows\System32\FsUsbExService.Exe
1372 C:\Program Files\ICQ6Toolbar\ICQ Service.exe
2200 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
2240 C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
2296 C:\Windows\System32\PnkBstrA.exe
2320 C:\Windows\System32\PnkBstrB.exe
2344 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2420 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2476 C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
2676 C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
2976 C:\Windows\RtHDVCpl.exe
3004 C:\Windows\mixer.exe
3012 C:\Xtreme Mouse\wh_exec.exe
3040 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
3116 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
3168 C:\Program Files\EXPERTool\TBPANEL.exe
3324 C:\Program Files\ICQ7.2\ICQ.exe
3980 C:\Windows\servicing\TrustedInstaller.exe
4076 C:\Windows\System32\SearchIndexer.exe
1420 C:\Windows\System32\svchost.exe
1804 C:\Windows\System32\svchost.exe
3404 WUDFHost.exe
1764 C:\Windows\System32\svchost.exe
3800 C:\Program Files\Windows Media Player\wmpnetwk.exe
3408 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
1748 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
4148 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
4176 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
4184 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
4192 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
4200 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
4208 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
4420 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
4444 C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
4868 C:\Windows\System32\alg.exe
5592 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
4144 C:\Program Files\Windows Media Player\wmplayer.exe
5848 C:\Windows\System32\SearchProtocolHost.exe
1124 C:\Users\user\Desktop\MBRCheck (1).exe
5336 C:\Windows\System32\conhost.exe
5412 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)

PhysicalDrive1 Model Number: ST3360320AS, Rev: 3.AAM
PhysicalDrive0 Model Number: HitachiHDT721075SLA380, Rev: ST4OA31B

Size Device Name MBR Status
--------------------------------------------
335 GB \\.\PhysicalDrive1 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
698 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

Lg Svensen89
__________________

Alt 07.08.2010, 14:18   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



Zitat:
335 GB \\.\PhysicalDrive1 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
698 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Das sieht doch mal gut aus
Weiter gehts mit OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

Alt 07.08.2010, 14:23   #20
Svensen89
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.08.2010 15:19:51 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\user\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 335,35 Gb Total Space | 60,19 Gb Free Space | 17,95% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 24,26 Gb Free Space | 3,47% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SVENSEN
Current User Name: user
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\user\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\EXPERTool\TBPANEL.exe (Gainward Co.)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - c:\Programme\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Xtreme Mouse\wh_exec.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\mixer.exe (C-Media Electronic Inc. (C-Media Electronics, Inc.))
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\user\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Xtreme Mouse\wh_hook.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (UpdateCenterService) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (pccsmcfd) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys File not found
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek                                            )
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek                                            )
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (vpcuxd) -- C:\Windows\System32\drivers\vpcuxd.sys (Microsoft Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC-Seriellschnittstellentreiber (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) Brother MFC-WDM-Treiber (USB,seriell) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) Brother WDM-Treiber (seriell) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ACEDRV05) -- C:\Windows\System32\drivers\ACEDRV05.sys (Protect Software GmbH)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net)
DRV - (SSHDRV76) -- C:\Windows\System32\drivers\SSHDRV76.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (scramby_out) -- C:\Windows\System32\drivers\scramby_out.sys (RapidSolution Software AG)
DRV - (TBPanel) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (Cardex) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (scramby) -- C:\Windows\System32\drivers\scramby.sys (RapidSolution Software AG)
DRV - (whfltr2k) -- C:\Windows\System32\drivers\whfltr2k.sys ()
DRV - (cmpci) C-Media PCI Audio Driver (WDM) -- C:\Windows\System32\drivers\cmaudio.sys (C-Media Inc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = ICQ.com Suche [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = QIP.RU: ?????, ?????, ???????, ??????????, ??????, ???? ? ???????????
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2010.07.19 17:14:20 | 000,001,282 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	gosredirector.ea.com
O1 - Hosts: 127.0.0.1 gosredirector.ea.com
O1 - Hosts: 127.0.0.1 blazeserver.blazeemu.org
O1 - Hosts: 127.0.0.1 gosgvaprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 gosiadprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 gossjcprod-qos01.ea.com
O1 - Hosts: 127.0.0.1 demangler.ea.com
O1 - Hosts: 127.0.0.1 vmp.tools.gos.ea.com
O1 - Hosts: 127.0.0.1       static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1       ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1       onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1       orbitservice.ubi.com
O1 - Hosts: 127.0.0.1       ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [C-Media Mixer] C:\Windows\mixer.exe (C-Media Electronic Inc. (C-Media Electronics, Inc.))
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WheelMouse] C:\Xtreme Mouse\wh_exec.exe ()
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co.)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\5.0_(Windows;_U;_Windows_NT_6.1;_en-US)_AppleWebKit\532.5_(KHTML,_like_Gecko)_Chrome\4.1.249.1042_Safari\532.5 - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\user\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\Shell - "" = AutoRun
O33 - MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\Shell\AutoRun\command - "" = L:\AUTORUN.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.07 15:18:27 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2010.08.07 15:10:37 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\VA-Viva_Club_Rotation_Vol.46-2CD-2010-MST
[2010.08.07 15:03:09 | 000,081,920 | ---- | C] (eSage Lab) -- C:\Windows\System32\remover.exe
[2010.08.07 14:39:20 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Neuer Ordner
[2010.08.05 15:46:53 | 000,081,920 | ---- | C] (eSage Lab) -- C:\Users\user\Desktop\remover.exe
[2010.08.04 20:23:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com
[2010.08.04 20:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.08.04 20:23:31 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2010.08.04 15:41:29 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes
[2010.08.04 15:41:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.04 15:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.04 15:41:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.04 15:41:20 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.02 21:36:10 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\MAYDAY 10IN01
[2010.08.02 20:54:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.08.02 19:36:25 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Gentleman-Diversity-2CD-Deluxe_Edition-2010-NOiR
[2010.08.01 20:38:48 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mfc42loc.dll
[2010.07.31 01:46:25 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\StarCraft II
[2010.07.21 16:33:02 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Singularity
[2010.07.21 16:30:50 | 000,000,000 | ---D | C] -- C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
[2010.07.21 14:54:39 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2
[2010.07.21 12:46:38 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.07.21 12:46:38 | 011,008,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.07.21 12:46:38 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.07.21 12:46:38 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.07.21 12:46:38 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.07.21 12:46:36 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.07.21 12:46:36 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.07.21 12:46:36 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.07.21 12:46:36 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.07.21 12:46:36 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll
[2010.07.21 12:46:36 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010.07.19 20:49:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.07.19 20:49:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Adobe Mini Bridge CS5
[2010.07.19 17:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010.07.19 17:24:01 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Adobe Scripts
[2010.07.19 17:19:11 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Media Player
[2010.07.19 17:17:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe AIR
[2010.07.09 16:20:08 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2010.07.09 16:20:06 | 013,939,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010.07.09 16:20:06 | 001,881,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010.07.09 16:20:06 | 001,469,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.07 15:22:41 | 005,767,168 | -HS- | M] () -- C:\Users\user\ntuser.dat
[2010.08.07 15:18:29 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2010.08.07 15:11:02 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000UA.job
[2010.08.07 15:10:15 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.07 15:10:15 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.07 15:05:13 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.07 15:05:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.07 15:04:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.07 15:04:52 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.07 14:31:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.07 14:12:08 | 001,932,432 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
[2010.08.06 03:57:02 | 000,080,384 | ---- | M] () -- C:\Users\user\Desktop\MBRCheck (1).exe
[2010.08.05 00:11:03 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000Core.job
[2010.08.04 21:27:18 | 000,000,758 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.08.04 20:23:32 | 000,001,961 | ---- | M] () -- C:\Users\user\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.08.04 15:41:24 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.03 20:08:27 | 011,091,990 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.03 20:08:27 | 000,719,440 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010.08.03 20:08:27 | 000,718,452 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2010.08.03 20:08:27 | 000,714,494 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010.08.03 20:08:27 | 000,714,490 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2010.08.03 20:08:27 | 000,700,280 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2010.08.03 20:08:27 | 000,688,456 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2010.08.03 20:08:27 | 000,683,956 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.03 20:08:27 | 000,646,996 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.08.03 20:08:27 | 000,639,934 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.03 20:08:27 | 000,472,036 | ---- | M] () -- C:\Windows\System32\perfh014.dat
[2010.08.03 20:08:27 | 000,458,156 | ---- | M] () -- C:\Windows\System32\perfh001.dat
[2010.08.03 20:08:27 | 000,457,436 | ---- | M] () -- C:\Windows\System32\perfh00B.dat
[2010.08.03 20:08:27 | 000,419,450 | ---- | M] () -- C:\Windows\System32\perfh012.dat
[2010.08.03 20:08:27 | 000,396,560 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2010.08.03 20:08:27 | 000,380,258 | ---- | M] () -- C:\Windows\System32\prfh0804.dat
[2010.08.03 20:08:27 | 000,376,050 | ---- | M] () -- C:\Windows\System32\perfh00D.dat
[2010.08.03 20:08:27 | 000,148,924 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2010.08.03 20:08:27 | 000,146,642 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010.08.03 20:08:27 | 000,143,584 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2010.08.03 20:08:27 | 000,142,744 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.03 20:08:27 | 000,141,290 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010.08.03 20:08:27 | 000,139,422 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2010.08.03 20:08:27 | 000,138,480 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2010.08.03 20:08:27 | 000,133,028 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.08.03 20:08:27 | 000,116,702 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.03 20:08:27 | 000,114,990 | ---- | M] () -- C:\Windows\System32\perfc012.dat
[2010.08.03 20:08:27 | 000,114,562 | ---- | M] () -- C:\Windows\System32\prfc0804.dat
[2010.08.03 20:08:27 | 000,109,648 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2010.08.03 20:08:27 | 000,093,544 | ---- | M] () -- C:\Windows\System32\perfc00B.dat
[2010.08.03 20:08:27 | 000,089,298 | ---- | M] () -- C:\Windows\System32\perfc001.dat
[2010.08.03 20:08:27 | 000,087,704 | ---- | M] () -- C:\Windows\System32\perfc014.dat
[2010.08.03 20:08:27 | 000,079,408 | ---- | M] () -- C:\Windows\System32\perfc00D.dat
[2010.08.03 19:29:19 | 000,524,288 | -HS- | M] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TMContainer00000000000000000002.regtrans-ms
[2010.08.03 19:29:19 | 000,524,288 | -HS- | M] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TMContainer00000000000000000001.regtrans-ms
[2010.08.03 19:29:19 | 000,065,536 | -HS- | M] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TM.blf
[2010.08.02 20:29:22 | 000,000,101 | ---- | M] () -- C:\Windows\CMMIXER.INI
[2010.08.02 19:04:07 | 000,000,761 | ---- | M] () -- C:\Windows\eReg.dat
[2010.08.02 19:04:00 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 1942.lnk
[2010.08.01 20:54:39 | 000,001,753 | ---- | M] () -- C:\Users\user\Desktop\DivX Movies.lnk
[2010.08.01 20:38:57 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield Vietnam.lnk
[2010.07.29 23:36:14 | 000,000,856 | ---- | M] () -- C:\Users\user\Programme.lnk
[2010.07.29 10:11:32 | 000,002,260 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk
[2010.07.21 19:50:20 | 000,081,920 | ---- | M] (eSage Lab) -- C:\Windows\System32\remover.exe
[2010.07.21 19:50:20 | 000,081,920 | ---- | M] (eSage Lab) -- C:\Users\user\Desktop\remover.exe
[2010.07.21 16:30:57 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010.07.21 14:55:09 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.07.21 12:52:35 | 003,652,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.07.19 17:23:52 | 000,065,032 | ---- | M] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.17 11:12:52 | 010,798,576 | ---- | M] () -- C:\Users\user\Desktop\Eminem feat. Rihanna - Love the Way You Lie (Explicit Version).mp3
[2010.07.15 14:38:43 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.13 01:58:23 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.07.10 00:37:00 | 014,092,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.07.10 00:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.07.10 00:37:00 | 010,267,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.07.10 00:37:00 | 009,818,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.07.10 00:37:00 | 005,107,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.07.10 00:37:00 | 004,553,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.07.10 00:37:00 | 002,892,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.07.10 00:37:00 | 002,506,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.07.10 00:37:00 | 001,625,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.07.10 00:37:00 | 000,604,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe
[2010.07.10 00:37:00 | 000,314,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.07.10 00:37:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll
[2010.07.10 00:37:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010.07.10 00:37:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.07.10 00:37:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.07.10 00:37:00 | 000,009,596 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010.07.09 16:20:08 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2010.07.09 16:20:06 | 013,939,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010.07.09 16:20:06 | 001,881,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010.07.09 16:20:06 | 001,469,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.07 15:04:05 | 000,065,007 | ---- | C] () -- C:\Users\user\bootkit_remover_debug_log.txt
[2010.08.06 03:57:02 | 000,080,384 | ---- | C] () -- C:\Users\user\Desktop\MBRCheck (1).exe
[2010.08.04 20:23:32 | 000,001,961 | ---- | C] () -- C:\Users\user\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.08.04 15:41:24 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.04 03:35:53 | 010,798,576 | ---- | C] () -- C:\Users\user\Desktop\Eminem feat. Rihanna - Love the Way You Lie (Explicit Version).mp3
[2010.08.03 18:19:33 | 000,524,288 | -HS- | C] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TMContainer00000000000000000002.regtrans-ms
[2010.08.03 18:19:33 | 000,524,288 | -HS- | C] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TMContainer00000000000000000001.regtrans-ms
[2010.08.03 18:19:33 | 000,065,536 | -HS- | C] () -- C:\Users\user\ntuser.dat{e4d99378-9f12-11df-89a1-001bb9f8e668}.TM.blf
[2010.08.02 19:04:00 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 1942.lnk
[2010.08.02 03:26:44 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.02 03:26:43 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.01 20:41:08 | 000,000,761 | ---- | C] () -- C:\Windows\eReg.dat
[2010.08.01 20:38:57 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield Vietnam.lnk
[2010.07.31 01:46:25 | 000,000,758 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.07.29 23:36:04 | 000,000,856 | ---- | C] () -- C:\Users\user\Programme.lnk
[2010.07.21 16:30:57 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010.07.21 14:55:09 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.05.22 17:27:24 | 000,000,101 | ---- | C] () -- C:\Windows\CMMIXER.INI
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.02.17 02:16:11 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010.02.17 02:16:11 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010.02.14 19:03:15 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.11.09 19:00:41 | 000,000,859 | ---- | C] () -- C:\Windows\client.config.ini
[2009.10.15 16:18:02 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009.10.01 15:19:34 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009.10.01 15:19:34 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009.09.18 17:22:38 | 000,138,920 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.05.29 15:32:37 | 000,000,039 | ---- | C] () -- C:\Windows\nap.ini
[2009.05.19 13:29:26 | 000,000,025 | ---- | C] () -- C:\Windows\mixerdef.ini
[2009.05.19 13:25:59 | 000,000,199 | ---- | C] () -- C:\Windows\CMISETUP.INI
[2009.05.19 13:25:59 | 000,000,026 | ---- | C] () -- C:\Windows\CMCDPLAY.INI
[2009.02.03 23:33:56 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2008.12.28 18:59:44 | 004,377,500 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2008.12.28 17:51:00 | 000,239,247 | ---- | C] () -- C:\Windows\System32\ff_theora.dll
[2008.12.28 17:50:50 | 000,145,609 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2008.12.28 17:49:08 | 000,560,802 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2008.12.20 16:48:52 | 000,000,101 | ---- | C] () -- C:\Windows\lexstat.ini
[2008.12.12 18:57:38 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2008.12.09 20:57:26 | 000,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2008.12.09 20:57:18 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2008.12.09 20:57:02 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2008.12.09 20:56:42 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2008.12.09 20:56:34 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2008.12.09 20:56:22 | 000,485,888 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2008.12.08 15:37:04 | 000,884,237 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2008.12.08 15:34:42 | 000,791,742 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.12.08 14:53:40 | 000,093,184 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2008.12.08 14:53:32 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.11.26 21:55:22 | 000,683,520 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2008.11.26 20:49:10 | 000,238,080 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2008.10.22 22:39:49 | 000,000,041 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008.10.06 18:22:08 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.10.06 18:22:08 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.09.22 10:49:24 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll
[2008.09.22 10:49:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll
[2008.09.04 15:55:42 | 000,000,120 | ---- | C] () -- C:\Windows\disney.ini
[2008.09.01 15:10:37 | 000,053,760 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV76.sys
[2008.08.21 23:28:41 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2008.08.21 22:39:06 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.08.21 20:13:04 | 000,000,182 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.07.10 10:44:23 | 000,007,718 | ---- | C] () -- C:\Windows\cadx2.ini
[2008.03.29 17:42:22 | 000,245,248 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2008.03.29 17:42:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2008.03.29 17:42:14 | 000,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll
[2008.03.29 17:42:08 | 000,148,992 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2008.03.29 17:42:04 | 000,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2008.03.29 17:42:04 | 000,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll
[2008.03.29 17:42:02 | 000,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2008.03.29 17:42:00 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll
[2008.03.29 17:41:54 | 000,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll
[2008.03.29 17:41:52 | 000,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2008.03.29 17:41:52 | 000,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.10.13 11:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2007.07.10 19:10:12 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007.06.28 20:54:10 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007.01.26 00:45:02 | 000,006,784 | ---- | C] () -- C:\Windows\System32\drivers\whfltr2k.sys
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 55920 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:CF61CE5A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:EEB25EAE
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:3E06C78F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:70E897B5
< End of report >
         
--- --- ---


Alt 07.08.2010, 14:23   #21
Svensen89
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 07.08.2010 15:19:51 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\user\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 335,35 Gb Total Space | 60,19 Gb Free Space | 17,95% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 24,26 Gb Free Space | 3,47% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SVENSEN
Current User Name: user
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D15456-F679-4AD4-8BD2-56450D4C3F72}" = WarRock
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01590C21-E8BF-444D-8FC4-DBD132CA1962}" = Windows Vista Upgrade Advisor
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0AEA6DF2-CD5A-4EAC-9C6B-44477994E2F1}" = Battlefield Bad Company 2 Command Center
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{13AD0F5B-FF8C-4625-851D-A83D4BE74716}" = Smart Menus (Windows Live Toolbar)
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{28526951-55EF-4901-A0CA-B9AC966D1DD1}" = Split/Second
"{289338AE-2213-4509-AED2-450414C1260C}_is1" = ICQ Update Patch 1.5
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2B54B4B6-5834-494D-81E6-79AC3955EEE5}_is1" = SnowBound Online v2.0
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3A75BDE6-418E-4DB9-8601-C9E5225E0059}" = Feederkennung (Windows Live Toolbar)
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6293F2-53DA-45A1-B7F4-1843CA3B2658}" = Darkest of Days
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5AD05333-600A-4CD8-88C6-BF22A3BE9767}_is1" = Multi-ICQ 1.2
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = Saboteur™
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{6266BA75-45FA-4B1A-B21F-E04A90C273E5}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7C3D8108-8D99-427F-A1C2-D8E0D25A469C}" = Tom Clancy's EndWar
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tiberian Twilight
"{82842B3D-5BD9-463E-8F57-462A4D680A88}" = Stereoscopic Player
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888DD888-82BE-4D85-BCB2-2E042CD3E844}" = Tom Clancy's Splinter Cell Chaos Theory
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis(TM) 2009
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = Die Siedler 7
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A398D0A0-EE68-4CA6-8984-78AEF841CDE7}" = SBK(TM)09
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B32D6CE8-D6C1-4615-8FC4-4EE822F7BD4B}" = SBK(TM)09
"{B975F4A1-63B6-11D4-BFEC-005004AF2D32}" = Monopoly Tycoon
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}" = MotoGP 08
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C1A80F67-656F-4DF3-A6C4-DE18A47477C5}_is1" = ICQ Away Reader 1.4
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CCD90636-D97D-4130-A44A-3AD4E63B9220}" = OpenOffice.org 2.4
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D07643A3-CE41-4286-8C78-EB9C83E76DDB}" = PunkBuster für Battlefield Vietnam
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}" = Alpha Protocol
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAB0D352-00D9-4795-9FBE-EC4791ABA44A}" = Section 8 PCW
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEC41CA8-C30F-4F70-9AEE-1B3EEB4A3B62}_is1" = ICQ Language
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8C02517-4AC3-4026-8292-ACF23E98A7D7}" = Activision(R)
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"2B92EA9865777B996CE7FFF8BD7A40F883C18BE0" = Windows-Treiberpaket - Das (Siudi-Stick) USB  (02/13/2009 1.1.0)
"3A66BC15DC4D478459742138077230185DB7DAEB" = Windows-Treiberpaket - Das (Siudi) USB  (02/13/2009 1.5.1)
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Mythology 1.0" = Age of Mythology
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced) 7.2.0
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combat Zone - Special Forces/DE-German_is1" = Combat Zone: Special Forces
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Die 15 beliebtesten Kartenspiele_is1" = Die 15 beliebtesten Kartenspiele
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"EXPERTool_is1" = EXPERTool 7.6
"Full Spectrum Warrior" = Full Spectrum Warrior (remove only)
"GameSpy Arcade" = GameSpy Arcade
"Gaming Mouse" = Gaming Mouse
"Guild Wars" = GUILD WARS
"Hamachi" = Hamachi 1.0.3.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{DAB0D352-00D9-4795-9FBE-EC4791ABA44A}" = Section 8 PCW
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OPERATION7" = OPERATION7
"PartyPoker" = PartyPoker
"PartyPokerNet" = PartyPoker.net
"Patch-Master" = Patch-Master
"PCI Audio Driver" = PCI Audio Driver
"PhotoScape" = PhotoScape
"PunkBusterSvc" = PunkBuster Services
"Puzzle Quest1.01" = Puzzle Quest
"RiseOfNationsExpansion 1.0" = Rise of Nations
"Sacraboar_is1" = Sacraboar
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"StarCraft II" = StarCraft II
"Steam App 30" = Day of Defeat
"Steamless Counter Strike Source Pack" = Steamless Counter Strike Source Pack
"Steamless Left4Dead2 Pack" = Steamless Left4Dead2 Pack
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WheelMouse" = Xtreme Mouse 6.0.0.005
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---

Alt 07.08.2010, 14:31   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
DRV - (pccsmcfd) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O33 - MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\Shell - "" = AutoRun
O33 - MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\Shell\AutoRun\command - "" = L:\AUTORUN.EXE -- File not found
[2010.07.21 16:30:50 | 000,000,000 | ---D | C] -- C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
@Alternate Data Stream - 55920 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:CF61CE5A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:EEB25EAE
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:3E06C78F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:70E897B5
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann auf den Button Run Fixes!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Alt 07.08.2010, 14:47   #23
Svensen89
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



All processes killed
========== OTL ==========
Service pccsmcfd stopped successfully!
Service pccsmcfd deleted successfully!
File C:\Windows\System32\DRIVERS\pccsmcfd.sys File not found not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{142b14d8-31ab-11df-824d-001bb9f8e668}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{142b14d8-31ab-11df-824d-001bb9f8e668}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{142b14d8-31ab-11df-824d-001bb9f8e668}\ not found.
File L:\AUTORUN.EXE not found.
C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP folder moved successfully.
ADS C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM deleted successfully.
ADS C:\ProgramData\TEMP:CF61CE5A deleted successfully.
ADS C:\ProgramData\TEMP:EEB25EAE deleted successfully.
ADS C:\ProgramData\TEMP:3E06C78F deleted successfully.
ADS C:\ProgramData\TEMP:FDDD8917 deleted successfully.
ADS C:\ProgramData\TEMP:70E897B5 deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: user
->Temp folder emptied: 18394269 bytes
->Temporary Internet Files folder emptied: 50469941 bytes
->Java cache emptied: 45028379 bytes
->Google Chrome cache emptied: 331661890 bytes
->Flash cache emptied: 6101032 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1982464 bytes
%systemroot%\System32 .tmp files removed: 3221600 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 66890309 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 500,00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 08072010_153755

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Lg Svensen89

Alt 07.08.2010, 15:01   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Alt 07.08.2010, 18:14   #25
Svensen89
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



Combofix Logfile:
Code:
ATTFilter
ComboFix 10-08-06.03 - user 07.08.2010  18:53:21.1.4 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.3327.2368 [GMT 2:00]
ausgeführt von:: c:\users\user\Downloads\cofi.exe.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe
c:\users\user\AppData\Roaming\.#
c:\users\user\AppData\Roaming\Desktopicon
c:\users\user\AppData\Roaming\Desktopicon\config.ini
D:\install.exe

.
(((((((((((((((((((((((   Dateien erstellt von 2010-07-07 bis 2010-08-07  ))))))))))))))))))))))))))))))
.

2010-08-07 17:04 . 2010-08-07 17:04	--------	d-----w-	c:\users\user\AppData\Local\temp
2010-08-07 17:04 . 2010-08-07 17:04	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-08-07 16:45 . 2010-08-07 16:46	--------	d-----w-	C:\32788R22FWJFW
2010-08-07 16:37 . 2010-08-07 16:37	--------	d-----w-	c:\program files\CCleaner
2010-08-07 13:37 . 2010-08-07 13:37	--------	d-----w-	C:\_OTL
2010-08-07 13:03 . 2010-07-21 17:50	81920	----a-w-	c:\windows\system32\remover.exe
2010-08-04 18:23 . 2010-08-04 18:23	--------	d-----w-	c:\users\user\AppData\Roaming\SUPERAntiSpyware.com
2010-08-04 18:23 . 2010-08-04 18:23	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2010-08-04 18:23 . 2010-08-04 18:23	--------	d-----w-	c:\program files\SUPERAntiSpyware
2010-08-04 13:41 . 2010-08-04 13:41	--------	d-----w-	c:\users\user\AppData\Roaming\Malwarebytes
2010-08-04 13:41 . 2010-04-29 10:19	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-04 13:41 . 2010-08-04 13:41	--------	d-----w-	c:\programdata\Malwarebytes
2010-08-04 13:41 . 2010-08-04 13:41	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-08-04 13:41 . 2010-04-29 10:19	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-08-01 18:41 . 2010-08-02 17:04	761	----a-w-	c:\windows\eReg.dat
2010-08-01 18:38 . 1998-06-17 15:07	57344	----a-w-	c:\windows\system32\Mfc42loc.dll
2010-07-21 12:54 . 2010-07-21 12:55	--------	d-----w-	c:\program files\ICQ7.2
2010-07-21 10:46 . 2010-07-09 22:37	56936	----a-w-	c:\windows\system32\OpenCL.dll
2010-07-21 10:46 . 2010-07-09 22:37	314984	----a-w-	c:\windows\system32\nvdecodemft.dll
2010-07-21 10:46 . 2010-07-09 22:37	14092904	----a-w-	c:\windows\system32\nvoglv32.dll
2010-07-21 10:46 . 2010-07-09 22:37	11008040	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2010-07-21 10:46 . 2010-07-09 22:37	4553832	----a-w-	c:\windows\system32\nvcuda.dll
2010-07-21 10:46 . 2010-07-09 22:37	2892904	----a-w-	c:\windows\system32\nvcuvid.dll
2010-07-21 10:46 . 2010-07-09 22:37	2506344	----a-w-	c:\windows\system32\nvcuvenc.dll
2010-07-21 10:46 . 2010-07-09 22:37	236136	----a-w-	c:\windows\system32\nvcod1922.dll
2010-07-21 10:46 . 2010-07-09 22:37	236136	----a-w-	c:\windows\system32\nvcod.dll
2010-07-21 10:46 . 2010-07-09 22:37	10267240	----a-w-	c:\windows\system32\nvcompiler.dll
2010-07-19 18:49 . 2010-07-19 18:49	--------	d-----w-	c:\users\user\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-07-19 18:49 . 2010-07-19 18:49	--------	d-----w-	c:\users\user\AppData\Roaming\Adobe Mini Bridge CS5
2010-07-19 15:24 . 2010-07-19 15:24	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2010-07-19 15:19 . 2010-07-19 15:19	--------	d-----w-	c:\program files\Adobe Media Player
2010-07-19 15:17 . 2010-07-19 15:17	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2010-07-09 14:20 . 2010-07-09 14:20	110696	----a-w-	c:\windows\system32\nvmctray.dll
2010-07-09 14:20 . 2010-07-09 14:20	1881704	----a-w-	c:\windows\system32\nvsvcr.dll
2010-07-09 14:20 . 2010-07-09 14:20	1469544	----a-w-	c:\windows\system32\nvsvc.dll
2010-07-09 14:20 . 2010-07-09 14:20	13939816	----a-w-	c:\windows\system32\nvcpl.dll
2010-07-09 14:20 . 2010-07-09 14:20	129640	----a-w-	c:\windows\system32\nvvsvc.exe

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-07 16:47 . 2010-02-15 17:44	--------	d-----w-	c:\programdata\NVIDIA
2010-08-07 16:46 . 2009-10-14 21:39	--------	d-----w-	c:\users\user\AppData\Roaming\ICQ
2010-08-07 12:22 . 2009-12-26 23:51	--------	d-----w-	c:\program files\JDownloader
2010-08-04 19:27 . 2010-07-30 23:58	47364	----a-w-	c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-08-04 18:24 . 2010-08-04 18:24	63488	----a-w-	c:\users\user\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-08-04 18:24 . 2010-08-04 18:24	52224	----a-w-	c:\users\user\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-08-04 18:24 . 2010-08-04 18:24	117760	----a-w-	c:\users\user\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-08-03 18:56 . 2008-11-03 16:48	--------	d-----w-	c:\program files\EXPERTool
2010-08-03 18:56 . 2008-08-18 20:11	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-08-03 18:56 . 2008-08-22 12:04	--------	d-----w-	c:\programdata\InstallShield
2010-08-03 01:26 . 2008-09-02 08:15	--------	d-----w-	c:\program files\Google
2010-08-02 19:22 . 2008-08-21 15:51	1	----a-w-	c:\users\user\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2010-08-02 19:21 . 2008-08-21 15:50	--------	d-----w-	c:\users\user\AppData\Roaming\OpenOffice.org2
2010-08-02 18:57 . 2010-01-12 22:01	--------	d-----w-	c:\program files\rondomedia
2010-08-02 18:55 . 2009-12-28 21:13	--------	d-----w-	c:\program files\Purplehills
2010-08-02 18:53 . 2010-04-24 11:17	--------	d-----w-	c:\program files\Alawar
2010-08-02 18:52 . 2009-11-23 22:48	--------	d-----w-	c:\program files\PokerStars.NET
2010-08-02 18:52 . 2009-04-06 18:37	--------	d-----w-	c:\program files\PC Connectivity Solution
2010-08-02 18:50 . 2008-08-23 08:03	--------	d-----w-	c:\programdata\Napster
2010-08-02 18:49 . 2009-12-03 21:47	--------	d-----w-	c:\program files\DEUTSCHLAND SPIELT
2010-08-02 18:45 . 2010-06-21 16:44	--------	d-----w-	c:\program files\Groschengrab Deluxe
2010-08-02 18:44 . 2010-03-20 15:00	--------	d-----w-	c:\program files\Galileo FamilyQuiz
2010-08-02 18:42 . 2010-04-01 18:42	--------	d-----w-	c:\program files\Die grosse Wimmelbildbox 2
2010-08-02 16:56 . 2008-08-23 16:35	--------	d-----w-	c:\program files\EA GAMES
2010-07-30 23:58 . 2009-09-24 21:38	--------	d-----w-	c:\programdata\Blizzard Entertainment
2010-07-30 23:52 . 2009-04-11 11:53	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2010-07-22 10:57 . 2008-09-23 21:41	--------	d-----w-	c:\program files\ICQ6Toolbar
2010-07-21 14:30 . 2008-10-08 23:17	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2010-07-21 12:54 . 2008-09-23 21:41	--------	d-----w-	c:\programdata\ICQ
2010-07-21 10:47 . 2010-02-15 17:44	--------	d-----w-	c:\program files\NVIDIA Corporation
2010-07-19 15:23 . 2010-02-15 19:07	65032	----a-w-	c:\users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-19 15:21 . 2008-07-14 11:44	--------	d-----w-	c:\program files\Common Files\Adobe
2010-07-17 00:03 . 2009-10-28 19:01	--------	d-----w-	c:\users\user\AppData\Roaming\Winamp
2010-07-13 00:06 . 2010-05-11 13:41	57344	----a-w-	c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-13 00:06 . 2010-05-11 13:38	--------	d-----w-	c:\programdata\DivX
2010-07-12 23:58 . 2010-07-12 23:58	57715	----a-w-	c:\programdata\DivX\Player\Uninstaller.exe
2010-07-12 23:58 . 2010-07-12 23:58	56765	----a-w-	c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-12 23:58 . 2008-09-23 18:16	--------	d-----w-	c:\program files\DivX
2010-07-12 23:58 . 2010-07-12 23:58	54153	----a-w-	c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-07-12 23:57 . 2010-05-11 13:40	1062184	----a-w-	c:\programdata\DivX\Setup\Resource.dll
2010-07-12 23:57 . 2010-05-11 13:40	895256	----a-w-	c:\programdata\DivX\Setup\DivXSetup.exe
2010-07-09 22:37 . 2010-07-21 10:46	10920	----a-w-	c:\windows\system32\drivers\nvBridge.kmd
2010-07-09 22:37 . 2010-04-28 19:02	5107816	----a-w-	c:\windows\system32\nvwgf2um.dll
2010-07-09 22:37 . 2010-04-28 19:02	9818728	----a-w-	c:\windows\system32\nvd3dum.dll
2010-07-09 22:37 . 2010-04-28 19:02	1625192	----a-w-	c:\windows\system32\nvapi.dll
2010-07-09 22:37 . 2009-09-27 14:12	604776	----a-w-	c:\windows\system32\nvudisp.exe
2010-07-07 11:46 . 2009-01-24 21:41	604776	----a-w-	c:\windows\system32\nvuninst.exe
2010-06-26 01:01 . 2010-06-26 01:01	--------	d-----w-	c:\program files\Microsoft.NET
2010-06-21 16:42 . 2010-02-23 08:58	--------	d-----w-	c:\program files\Aliens Vs Predator
2010-06-21 16:37 . 2010-04-08 15:26	--------	d-----w-	c:\program files\Steamless CounterStrikeSource Pack
2010-06-04 09:26 . 2010-06-04 09:26	56997	----a-w-	c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-06-04 09:26 . 2010-06-04 09:26	53600	----a-w-	c:\programdata\DivX\Update\Uninstaller.exe
2010-06-04 09:26 . 2010-06-04 09:26	54128	----a-w-	c:\programdata\DivX\Converter\Uninstaller.exe
2010-06-04 09:26 . 2010-06-04 09:26	54644	----a-w-	c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-06-04 09:26 . 2010-06-04 09:26	54101	----a-w-	c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-05-27 07:24 . 2010-06-09 18:14	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-09 18:14	293888	----a-w-	c:\windows\system32\atmfd.dll
2010-05-26 17:03 . 2010-05-26 17:02	10210514	----a-w-	c:\users\user\AppData\Roaming\bizarre creations\blur\BizUpdaterPack_EFIGS_57670_to_58755.exe
2010-05-22 01:04 . 2010-05-25 05:11	232040	----a-w-	c:\windows\system32\nvcod1920.dll
2010-05-21 12:14 . 2009-10-14 02:21	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-21 05:18 . 2010-06-09 18:14	977920	----a-w-	c:\windows\system32\wininet.dll
2010-05-13 10:17 . 2008-09-03 18:30	20720	----a-w-	c:\users\user\AppData\Roaming\Patch-Master.exe.dat
2010-05-13 09:45 . 2008-09-03 18:20	27892	----a-w-	c:\users\user\AppData\Roaming\Patch-Master.exe3.dat
2010-05-13 09:45 . 2008-09-03 18:20	46342	----a-w-	c:\users\user\AppData\Roaming\Patch-Master.exe2.dat
2010-05-13 09:45 . 2008-09-03 18:20	44756	----a-w-	c:\users\user\AppData\Roaming\Patch-Master.exe0.dat
2010-05-13 09:45 . 2008-09-03 18:20	157763	----a-w-	c:\users\user\AppData\Roaming\Patch-Master.exe1.dat
2010-05-12 22:09 . 2009-02-16 08:10	65536	----a-w-	c:\windows\IFinst27.exe
2010-05-12 17:02 . 2008-08-18 21:41	189472	----a-w-	c:\windows\system32\PnkBstrB.exe
2010-05-11 13:39 . 2010-05-11 13:39	84040	----a-w-	c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	57609	----a-w-	c:\programdata\DivX\MFComponents\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	57054	----a-w-	c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	54166	----a-w-	c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	57532	----a-w-	c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	56458	----a-w-	c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	54174	----a-w-	c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	57409	----a-w-	c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	52963	----a-w-	c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	54073	----a-w-	c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-05-11 13:39 . 2010-05-11 13:39	56969	----a-w-	c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2009-10-05 2174976]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-07-21 133368]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-02-26 4939776]
"C-Media Mixer"="Mixer.exe" [2001-11-15 1216512]
"WheelMouse"="c:\xtreme~1\wh_exec.exe" [2008-10-08 98304]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Manager.lnk]
backup=c:\windows\pss\Desktop Manager.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Manager.lnk

[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Alaplaya Launcher.lnk]
backup=c:\windows\pss\Alaplaya Launcher.lnk.Startup
backupExtension=.Startup
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alaplaya Launcher.lnk

[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Need for Speed™ Undercover Registration.lnk]
backup=c:\windows\pss\Need for Speed™ Undercover Registration.lnk.Startup
backupExtension=.Startup
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Need for Speed™ Undercover Registration.lnk

[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]
backup=c:\windows\pss\OpenOffice.org 2.4.lnk.Startup
backupExtension=.Startup
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk

[HKLM\~\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ubisoft register.lnk]
backup=c:\windows\pss\Ubisoft register.lnk.Startup
backupExtension=.Startup
path=c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ubisoft register.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06	976832	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04	35760	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44	500208	------w-	c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57	406992	----a-w-	c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-02 16:05	102400	----a-w-	c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57	369200	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50	1144104	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2008-09-25 09:07	133104	----atw-	c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PatchMaster]
2008-08-06 16:21	3471360	----a-w-	c:\program files\Patch-Master\Patch-Master.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18	413696	----a-w-	c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
2008-12-15 22:19	306088	----a-w-	c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-07 12:38	1238352	----a-w-	c:\program files\Valve\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-12-24 12:46	149280	----a-w-	c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-07-19 17:50	2403568	----a-w-	c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37	517096	----a-w-	c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 135664]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-05-03 3604720]
R3 scramby_out;Scramby Output;c:\windows\system32\drivers\scramby_out.sys [2007-08-08 23840]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-03-27 23064]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2008-09-18 25600]
R3 vpcuxd;USB-Virtualisierungsstubdienst;c:\windows\system32\DRIVERS\vpcuxd.sys [2009-09-23 12800]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-02-19 691696]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S1 SSHDRV76;SSHDRV76;c:\windows\system32\drivers\SSHDRV76.sys [2008-09-01 53760]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-03-31 233472]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784]

.
Inhalt des "geplante Tasks" Ordners

2010-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 01:26]

2010-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-02 01:26]

2010-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-25 09:07]

2010-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-25 09:07]

2009-01-17 c:\windows\Tasks\NSSstub.job
- c:\windows\System32\Adobe\Shockwave 11\nssstub.exe [2009-01-15 16:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
uSearchURL,(Default) = hxxp://go.1und1.de/suchbox/1und1suche?su=%s
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-NPSStartup - (no file)
MSConfigStartUp-Alamandi tray notifier - c:\program files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-GameTracker - c:\program files\GameTracker\GTLite.exe
MSConfigStartUp-Lexmark X6100 Series - c:\program files\Lexmark X6100 Series\lxbfbmgr.exe
MSConfigStartUp-MsnMsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe
MSConfigStartUp-NapsterShell - c:\program files\Napster\napster.exe
MSConfigStartUp-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-Nokia - c:\program files\Nokia\Nokia PC Suite 6\PCSync2.exe
MSConfigStartUp-Pando Media Booster - c:\program files\Pando Networks\Media Booster\PMB.exe
MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe
MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
MSConfigStartUp-SweetIM - c:\program files\SweetIM\Messenger\SweetIM.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSConfigStartUp-WEB.DE_WEB - c:\program files\WEB.DE\WEB.DE MultiMessenger\MESSENGR.EXE
MSConfigStartUp-Yahoo! Pager - c:\program files\Yahoo!\Messenger\YahooMessenger.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,ee,2e,83,c5,48,5a,44,82,6b,db,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,ee,2e,83,c5,48,5a,44,82,6b,db,\

[HKEY_USERS\S-1-5-21-422482940-1233743548-968030833-1000\Software\SecuROM\License information*]
"datasecu"=hex:90,59,91,25,fd,d7,87,c9,93,55,a4,19,e3,3d,a6,4b,49,e0,b5,ce,41,
   c2,3b,54,54,fb,d6,52,46,b0,d0,73,22,61,fd,47,d7,57,f4,7c,20,a6,3a,5e,24,fd,\
"rkeysecu"=hex:0b,7c,3a,fe,2c,de,01,1d,ab,0d,b4,88,20,ce,50,55

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2010-08-07  19:13:41
ComboFix-quarantined-files.txt  2010-08-07 17:13

Vor Suchlauf: 23 Verzeichnis(se), 64.446.869.504 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 64.130.273.280 Bytes frei

- - End Of File - - B416694EDD69A2FC9D6626C82FFBC447
         
--- --- ---

Alt 07.08.2010, 18:27   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus

Alt 07.08.2010, 18:39   #27
Svensen89
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
Online Solutions. Complex Protection for Information Systems
Saved at 19:36:13 on 07.08.2010

OS: Windows 7 Ultimate Edition (Build 7600), 32-bit
Default Browser: Google Inc. Google Chrome 0.0.0.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000Core.job" - "Google Inc." - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-422482940-1233743548-968030833-1000UA.job" - "Google Inc." - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
"NSSstub.job" - "Symantec Corporation" - C:\Windows\System32\Adobe\Shockwave 11\nssstub.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"ISUSPM.cpl" - "InstallShield Software Corporation" - C:\Windows\system32\ISUSPM.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl
"vp6dec_settings.cpl" - ? - C:\Windows\system32\vp6dec_settings.cpl  (File found, but it contains no detailed information)
"vp7dec_settings.cpl" - ? - C:\Windows\system32\vp7dec_settings.cpl  (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV05" (ACEDRV05) - "Protect Software GmbH" - C:\Windows\system32\drivers\ACEDRV05.sys
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"Cardex" (Cardex) - "Windows (R) 2000 DDK provider" - C:\Windows\system32\drivers\TBPANEL.SYS
"catchme" (catchme) - ? - C:\Users\user\AppData\Local\Temp\catchme.sys  (File not found)
"ENTECH" (ENTECH) - "EnTech Taiwan" - C:\Windows\system32\DRIVERS\ENTECH.sys
"FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS  (File found, but it contains no detailed information)
"Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys
"kwddypog" (kwddypog) - ? - C:\Users\user\AppData\Local\Temp\kwddypog.sys  (Hidden registry entry, rootkit activity | File not found)
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
"SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
"SSHDRV76" (SSHDRV76) - ? - C:\Windows\system32\drivers\SSHDRV76.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"TBPanel" (TBPanel) - "Windows (R) 2000 DDK provider" - C:\Windows\system32\drivers\TBPanel.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Windows\system32\mmfinfo.dll  (File found, but it contains no detailed information)
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{7D4D6379-F301-4311-BEBA-E26EB0561882} "{7D4D6379-F301-4311-BEBA-E26EB0561882}" - ? -   (File not found | COM-object registry key not found)
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll
{D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll
{83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Windows\system32\mmfinfo.dll  (File found, but it contains no detailed information)
{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\Windows\system32\mmfinfo.dll  (File found, but it contains no detailed information)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\Windows\system32\mmfinfo.dll  (File found, but it contains no detailed information)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler" - ? -   (File not found | COM-object registry key not found)
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler" - ? -   (File not found | COM-object registry key not found)
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll  (File found, but it contains no detailed information)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
<binary data> "DAEMON Tools Toolbar" - ? - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
<binary data> "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" - ? -   (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
 "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
"PartyPoker.com" - ? - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
"PartyPoker.net" - ? - C:\Programs\PartyGaming.Net\PartyPokerNet\RunPF.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
<binary data> "DAEMON Tools Toolbar" - ? - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"GAINWARD" - "Gainward Co." - C:\Program Files\EXPERTool\TBPanel.exe /A
"ICQ" - "ICQ, LLC." - "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
"ISUSPM Startup" - "InstallShield Software Corporation" - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce )-----
"Shockwave Updater" - "Adobe Systems, Inc." - C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.1;_en-US)_AppleWebKit/532.5_(KHTML,_like_Gecko)_Chrome/4.1.249.1042_Safari/532.5" -"hxxp://www.coolespiele.com/game.php?url=hxxp://richmedia.coolespiele.com/games/Bowling_Game.dcr&breite=640&hoehe=480"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"WheelMouse" - ? - C:\XTREME~1\wh_exec.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Lexmark Network Port" - "Lexmark International, Inc." - C:\Windows\system32\LEXLMPM.DLL

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"FsUsbExService" (FsUsbExService) - "Teruten" - C:\Windows\system32\FsUsbExService.Exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"ICQ Service" (ICQ Service) - ? - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
"LexBce Server" (LexBceS) - "Lexmark International, Inc." - C:\Windows\System32\LEXBCES.EXE
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
"nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
"Performance Service" (nTuneService) - "NVIDIA" - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File found, but it contains no detailed information)
"PnkBstrB" (PnkBstrB) - ? - C:\Windows\system32\PnkBstrB.exe  (File found, but it contains no detailed information)
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"SwitchBoard" (SwitchBoard) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"Update Center Service" (UpdateCenterService) - "NVIDIA" - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

===[ Logfile end ]=========================================[ Logfile end ]===
         
--- --- ---
If You have questions or want to get some help, You can visit Online Solutions :: Index

Alt 07.08.2010, 18:40   #28
Svensen89
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



verstehe von der anleitung von OSAM nicht welche hacken ich weg machen soll

LG Svensen89

Alt 07.08.2010, 18:51   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



OSAM oder GMER? Das OSAM Log hast Du richtig gepostet.

Alt 07.08.2010, 18:57   #30
Svensen89
 
Kampf Musik im Desktop Hintergrund - Standard

Kampf Musik im Desktop Hintergrund



ach so weil da stand bei OSAM irgendwas mit Deaktivieren, aber wenn das richtig ist das andere läuft noch

Antwort

Themen zu Kampf Musik im Desktop Hintergrund
anti-malware, dateien, desktop, erfolgreich, explorer, files, gefährliche, gestoppt, hallo zusammen, heute, hintergrund, kampf, morgen, musik, rechts, spiel, temp, tmp, version, webseite, werbung, zugang, zusammen, öffnet



Ähnliche Themen: Kampf Musik im Desktop Hintergrund


  1. Musik im Hintergrund (von FB )
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (1)
  2. menge pop ups und musik im hintergrund
    Plagegeister aller Art und deren Bekämpfung - 24.09.2014 (15)
  3. Immer wieder Musik im Hintergrund
    Log-Analyse und Auswertung - 13.02.2014 (46)
  4. Werbung und Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 02.01.2014 (12)
  5. Menge Pop-Ups und Musik im Hintergrund.
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (4)
  6. Musik im Hintergrund?
    Plagegeister aller Art und deren Bekämpfung - 04.03.2013 (5)
  7. Musik wird im Hintergrund abgespielt
    Plagegeister aller Art und deren Bekämpfung - 03.12.2012 (1)
  8. Hintergrund: Microsofts Kampf gegen Bugs
    Nachrichten - 13.02.2012 (0)
  9. Musik/Videos im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (1)
  10. Werbung / Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 04.02.2011 (1)
  11. Musik im Hintergrund! Virus?
    Plagegeister aller Art und deren Bekämpfung - 26.09.2010 (21)
  12. Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 22.08.2010 (34)
  13. Musik im Hintergrund,Pop-ups in IE-Fenstern
    Log-Analyse und Auswertung - 17.08.2010 (41)
  14. virus! musik im hintergrund
    Plagegeister aller Art und deren Bekämpfung - 02.08.2010 (3)
  15. Musik läuft im Hintergrund
    Alles rund um Windows - 17.05.2009 (2)
  16. Bei mir läuft Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 08.05.2007 (8)
  17. HILFE!!!!arabische Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 18.11.2004 (16)

Zum Thema Kampf Musik im Desktop Hintergrund - so habe ich getan da stand dann ok und mein Rechner hat neugestartet Lg Svensen89 - Kampf Musik im Desktop Hintergrund...
Archiv
Du betrachtest: Kampf Musik im Desktop Hintergrund auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.