Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt

udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt


Log-Analyse und Auswertung: udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.08.2010, 19:27   #7
heumann
 
udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt - Standard

udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt


Zitat:
Zitat von cosinus Beitrag anzeigen
Ja, das ist mir nicht entgangen, es war aber nur ein Quickscan
Bevor Du einen Vollscan startest, bitte Malwarebytes aktualisieren, die bringen tw. mehrmals am Tag Updates raus!
Ok mach ich gleich noch doch hier erstmal die 2 logs aus OTL:

1. OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 13.08.2010 20:06:35 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\******\Downloads\++TB tut
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 190,96 Gb Free Space | 41,00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 931,28 Gb Total Space | 508,35 Gb Free Space | 54,59% Space Free | Partition Type: FAT32
Drive G: | 495,15 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 489,25 Mb Total Space | 343,39 Mb Free Space | 70,19% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
 
Computer Name: ******
Current User Name: ******
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1453348168-676586631-1407122209-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008AE73F-28DA-4024-960A-481C24B82D97}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{0C97598F-3FC8-4593-B250-8608625BF24A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{3F3D8228-AC55-4439-B13F-AD26C6BBB932}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{40C6D731-1254-449B-977C-AE8635267176}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{88BECE22-8119-4E6F-8F85-204DF6897EC9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9FA6D7BD-44C3-45BD-9540-44FA3C8A02AE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{B09084AF-48E3-4949-9007-7F1D06CDB127}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B1B3FA22-C3C7-4451-940B-247230E55999}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{B8F50036-EB80-4A2F-9850-4E5086F4DA24}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{C398FA1A-BF8B-414F-B751-D7D99E8995FA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DBF09A5F-5AA3-4921-A7BE-6FBBA318B64B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02D94AD8-51EE-4431-B2A6-CEBB82181603}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{05B1DE72-2DEB-4FC3-876C-8CC516658AF1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{07CA229F-D1BC-463B-800A-E01E0FF856BB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0B556006-E40C-4BB1-B6A8-D0780AADC633}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0B856A42-8C4C-4B9C-8268-539D8F69EC7B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{0CFFCD86-63A2-41E3-AB9B-8424CA070F78}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{13421BB2-86B3-462D-AF51-3BAAEF523505}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{14E3CD12-B3E2-4A80-BB50-60E74C6C4947}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{20444B07-77A0-4CBA-813B-E2E2388E17AB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{212F7EC4-EE0A-4E37-9122-E7E07FAB9F6A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{215905D1-D4D9-495F-9A47-C29B68FD05F3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{25151CE2-69CF-40AC-9040-E771C2C1958B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2522BC4F-229B-4617-ADD3-997E074161F3}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{2601297A-8FE7-4E81-AA9A-5893147B00DA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{27606E9F-AD62-4472-B7E6-389BC1EC03DF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2B7FBF17-60EC-4A7D-A858-2BB6EA05A5F6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2D99F34E-A1AE-4C00-BC8F-B85E3844A805}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{32EBAD43-2497-4C92-AFC0-9EBC2C6E7BC6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{363C2D13-EA76-4043-A24C-DA762D29EE13}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{38D5FFB3-0A2A-47B3-830F-7E8659E5D63C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{394A679C-35B9-4A20-8D32-1EFF7357C913}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{39BEA247-23EE-44D8-8BEE-3638022D47CE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3A7C4533-8096-4864-9D3A-E6465AF950F9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{402007E9-B344-4D2E-AFED-73DBC28A97B3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{402E96F7-4F80-4706-ABB2-813D3C7FED4B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{42E880FD-ACC2-4F02-A7FA-950AE8314277}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4E0ECBAC-3133-4735-9ECF-9DD4945EF4CA}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4E1117ED-6722-46E3-9A72-7BCAEC55954C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{4FCC05A1-8F50-449A-8216-78DC10C4C4D9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{51477613-BC84-48BA-97FD-7732A68C9FA8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{51866763-DAC0-41F6-B5CC-F49809844725}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{53FFEA1D-6A42-4B86-A11E-2BF0E3366E6A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{550DF1B1-4AE2-413B-99F7-7201A81E9EFC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5A99CB4A-9421-4193-8C88-C87800315AC1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5B4C3231-DB17-44FB-B032-6E6299D5C83D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5C33DE54-BCF6-4E8B-A2F0-3A0CF3B70CBE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5D5F9B69-2D73-42AB-A7A6-806AD15156C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5F54DA4C-C8EA-4508-AA1D-6FD552977A8B}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{6154CD38-CB58-4C13-ABEC-F9766608D713}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6AD28B4E-3DF9-43D4-868A-85D41438EAFC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6C9EDD37-69C0-41E4-97B0-E01504F55846}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6D652298-9084-42FC-ADB5-F0F194CA45B7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{73CE17A3-14B3-4DF4-BA39-EC3327A97FE9}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{77200405-920F-4FA4-98AF-DFCFCEAFC6AD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{783DA7DD-2921-4755-8F04-C4A75196206E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{78431DD4-4E29-4BEF-B85C-3E4731C98516}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{796D6838-04D2-4353-9791-CB67FCE1581B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7E0215AD-9935-4F46-BC21-2AD90057599A}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{80A78852-00A0-41B6-AB13-2DC3CB0D67AA}" = protocol=6 | dir=in | app=c:\program files\ubisoft\demo\james cameron's avatar - das spiel (demo)\bin\avatardemo.exe | 
"{8DA36623-07A6-4C89-8A80-27B25C834C2D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8FC87FD9-C824-4AAE-B76D-F1A29B6EF18B}" = protocol=6 | dir=out | app=system | 
"{8FF5C61F-0F4A-4917-8E4C-E35941FCBA42}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{949C80A1-3544-4A4E-8DE6-82D13D0276EE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{956FDE1B-AB4D-4EE7-BF6E-28E9EE70A057}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{96DA1DED-9430-434A-A528-3E8B992AE4A2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9A58C291-5B0C-493E-BC89-0FDBB5BD0BDB}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{9B8FEA66-B467-47A8-B7F4-D290ACC6AC5F}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{9BD05731-3DCB-41AC-991D-A05FE2B12FD4}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{9BD7CD8D-90B9-49F9-8869-94B1B5D54359}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9C6D6BFD-8894-4EEA-9F44-DF2122B98AA6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A3ACD2F6-3C9F-4E4A-A332-15106D000D99}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A5B43722-33B0-4B24-B369-0E5A1F38F54F}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{A6422D40-95DA-47BF-BDDC-044E633CE558}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{AA478EC2-7837-473A-B200-2DAEFAAD9017}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{AC0D81BF-28BF-44BB-B0BD-FF4046E2B652}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{AE146071-053E-4122-BF51-15BE6277499A}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{B088B86F-AD2B-47C8-95BC-A323B2665B27}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{B3E64D38-F775-4438-8F61-28D88A7FF887}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B673C8BD-87A7-44A5-B4D7-D8FEE0F1693E}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | 
"{B8476C78-2042-426A-81E1-945A74D3EC26}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B95620A4-B8C5-4EFE-913E-3D99FE654861}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BED0F8D1-9EA1-4EDE-9DFF-E127F3F69019}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BFFE8133-12C8-4488-BBE1-92A59C485AC7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C25B40BA-D77C-4503-8D1E-1EFAD2975809}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{CA95AFE0-EDD5-4BD9-8734-F2D93128C942}" = protocol=17 | dir=in | app=c:\program files\ubisoft\demo\james cameron's avatar - das spiel (demo)\bin\avatardemo.exe | 
"{CAE59183-9D80-4AF0-B463-D648F3DAB4AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CAE984A6-F1DE-4DF9-9426-FB9EF6239CE9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CCD0A0C4-A97E-4294-9FB5-EA87B47F8951}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CF0F2E7F-2A45-41AE-8887-B0C9A2213C53}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D1B39FC2-EE2A-4760-9487-612F80EC54F2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D7CD7E52-6B6E-4E2D-ABBD-448F95C0B550}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E1970D04-A62A-49A1-BD22-7D281FE5BC0B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E53B4150-AB82-4ED6-883A-AE09DE47A4B9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E9BDCF32-687E-4A66-BEB5-ACE72F76CCFC}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{F2A8131E-95B8-49BC-86C0-BFCA4DE5542E}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F6E47D11-8C62-4B95-9977-6F61444993FC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FB8E04C9-C652-4C44-A6D4-81CC79A075E7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{FC71D702-D8B7-45C0-9F8E-753863C0361D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FC77F9EB-5046-4902-BDDC-4A791E3F54C8}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | 
"{FD373E3E-8BF8-4C4E-9E51-21B4EDC21695}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{125BCD79-0FC8-4BBA-9B8C-11D87C4327D3}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{30A334FC-B458-4E22-A2B4-C45DD4F2DD23}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"TCP Query User{458BB575-8C8D-4EAD-9C86-2D146F69097A}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{B067D6EE-F43F-4FA9-96B1-320E8ADD9143}C:\program files\steam\steamapps\hazzem_bmc\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\hazzem_bmc\counter-strike source\hl2.exe | 
"TCP Query User{C1951A4F-CD5E-4CE8-9BE0-F95C099686DF}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{CE5E5BE2-BC4B-4AFF-AAB3-845CE0A59AB3}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{1C22B245-3BFC-4200-B309-745F7FE7C6AB}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{37AFDCBF-837F-45C6-974F-8AD152F108D0}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{4533FDD5-7DA9-4772-B95B-A24FE1E18C51}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"UDP Query User{4B53ACA7-FED4-4194-BF39-9EB5664F44FA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{928EC6AC-466D-47CB-A3B4-088526177EF6}C:\program files\steam\steamapps\hazzem_bmc\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\hazzem_bmc\counter-strike source\hl2.exe | 
"UDP Query User{A8240AA7-176A-4868-BB34-9F5D22839A43}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1DC4E424-5D92-4C92-B1E1-4BE4318E7136}" = James Cameron's AVATAR(tm): DAS SPIEL (Demo)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 21
"{300A2961-B2B5-4889-9CB9-5C2A570D08AD}" = Debugging Tools for Windows (x86)
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1" = Machinarium
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{732A67B6-2581-4434-AE64-9A34CCF943D1}" = 3-D HUNTING 2010: Hunt Rare and Wild Animals
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A5B876D-A900-4AAB-B557-DE827BE46E6C}" = Nero 8
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC76BA86-7AD7-5670-0000-900000000003}" = Korean Fonts Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E666E822-53A9-460B-BA99-35184AA80965}" = Hunting Unlimited 2011
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Bejeweled 2 Deluxe 1.1" = Bejeweled 2 Deluxe 1.1
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"CommanderCotaDemo_is1" = Commander: Conquest of the Americas [DEMO]
"DFX for Windows Media Player" = DFX for Windows Media Player
"EA Download Manager" = EA Download Manager
"Google Chrome" = Google Chrome
"Hunting Unlimited 2011_is1" = Hunting Unlimited 2011
"ICQToolbar" = ICQ Toolbar
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"JDownloader" = JDownloader
"KAMERA v1.1" = KAMERA v1.1
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live_Germany Toolbar" = Messenger_Plus_Live_Germany Toolbar
"MessengerPlusLive_Germany_TB Toolbar" = MessengerPlusLive Germany TB Toolbar
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"mIRC" = mIRC
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"SereneScreen Marine Aquarium Crystal_is1" = SereneScreen Marine Aquarium Crystal
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Sportfischen Professional" = Sportfischen Professional (Nur Entfernen)
"Steam App 240" = Counter-Strike: Source
"Streamripper" = Streamripper (Remove only)
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"TrueCrypt" = TrueCrypt
"vixy converter BETA_is1" = vixy converter uninstall
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 08.08.2010 09:40:47 | Computer Name = ****** | Source = ESENT | ID = 484
Description = wlcomm (2832) C:\Users\******\AppData\Local\Microsoft\Windows Live
 Contacts\{d93d17eb-0d1a-4a23-9e84-0eff51cbc5dd}\: Versuch, Ordner "C:\Users\******\AppData\Local\Microsoft\Windows
 Live Contacts\{d93d17eb-0d1a-4a23-9e84-0eff51cbc5dd}\DBStore\Backup\old" zu entfernen,
 ist mit Systemfehler 145 (0x00000091): "Das Verzeichnis ist nicht leer. " fehlgeschlagen.
 Fehler -1022 (0xfffffc02) beim Entfernen von Ordnern.
 
Error - 08.08.2010 09:40:47 | Computer Name = ****** | Source = ESENT | ID = 215
Description = wlcomm (2832) C:\Users\******\AppData\Local\Microsoft\Windows Live
 Contacts\{d93d17eb-0d1a-4a23-9e84-0eff51cbc5dd}\: Die Sicherung wurde abgebrochen,
 weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 09.08.2010 04:13:41 | Computer Name = ****** | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.08.2010 05:52:53 | Computer Name = ****** | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.18928 arbeitet nicht mehr 
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
 "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen.  Prozess-ID: 368  Anfangszeit: 01cb37a26986954d  Zeitpunkt
 der Beendigung: 0
 
Error - 09.08.2010 10:04:47 | Computer Name = ****** | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.08.2010 03:37:47 | Computer Name = ****** | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.08.2010 06:29:45 | Computer Name = ****** | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.08.2010 06:59:15 | Computer Name = ****** | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.08.2010 10:59:17 | Computer Name = ****** | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.08.2010 10:07:14 | Computer Name = ****** | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 26.06.2010 07:11:23 | Computer Name = ****** | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 26.06.2010 07:34:54 | Computer Name = ****** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.******.2 für die Netzwerkkarte mit der Netzwerkadresse
 001D7DC7CB0B wurde durch den DHCP-Server 192.168.******.1 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 26.06.2010 10:12:03 | Computer Name = ****** | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 26.06.2010 10:23:11 | Computer Name = ****** | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 27.06.2010 04:43:43 | Computer Name = ****** | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 28.06.2010 08:19:45 | Computer Name = ****** | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
 für die Netzwerkkarte mit der Netzwerkadresse 001D7DC7CB0B zugeteilt werden. Der
 folgende Fehler ist aufgetreten:   %%1223. Es wird weiterhin im Hintergrund versucht,
 eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
 
Error - 30.06.2010 04:49:51 | Computer Name = ****** | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 30.06.2010 04:51:38 | Computer Name = ****** | Source = DCOM | ID = 10005
Description = 
 
Error - 30.06.2010 04:51:39 | Computer Name = ****** | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 30.06.2010 04:51:39 | Computer Name = ****** | Source = Service Control Manager | ID = 7000
Description = 
 
[ TuneUp Events ]
Error - 14.07.2010 14:12:38 | Computer Name = ****** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-07-14 20:12:37', '\device\harddiskvolume1\program
 files\ubisoft\demo\james cameron's avatar - das spiel (demo)\bin\avatardemo.exe','1024',0)
 
Error - 14.07.2010 14:15:43 | Computer Name = ****** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-07-14 20:15:43', '\device\harddiskvolume1\program
 files\ubisoft\demo\james cameron's avatar - das spiel (demo)\bin\avatardemo.exe','180',0)
 
Error - 13.08.2010 10:51:46 | Computer Name = ****** | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-08-13 16:51:46', '\device\harddiskvolume1\program
 files\malwarebytes' anti-malware\mbam.exe','5296',0)
 
 
< End of report >
--- --- ---


und der 2te.
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 13.08.2010 20:06:35 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\******\Downloads\++TB tut
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 190,96 Gb Free Space | 41,00% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 931,28 Gb Total Space | 508,35 Gb Free Space | 54,59% Space Free | Partition Type: FAT32
Drive G: | 495,15 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 489,25 Mb Total Space | 343,39 Mb Free Space | 70,19% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
 
Computer Name: *******
Current User Name: ******
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\******\Downloads\++TB tut\OTL.exe (OldTimer Tools)
PRC - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software)
PRC - C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\*****\Downloads\++TB tut\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (truecrypt) -- C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek                                            )
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.clipfish.de/special/bigbrother/livestream/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 9A A0 C9 B5 F5 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010.08.05 14:35:18 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2010.05.12 17:20:48 | 000,395,221 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 13649 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MessengerPlusLive Germany TB Toolbar) - {76AEEA42-E04A-4B62-83AB-DF4B2BE2541E} - C:\Programme\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TrueCrypt] C:\Program Files\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Geräteerkennung)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444552540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldde-de.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: CabBuilder hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\*******\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\******\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.02.25 20:27:12 | 000,000,016 | R--- | M] () - G:\AUTOPLAY.BAT -- [ CDFS ]
O32 - AutoRun File - [2008.02.25 20:27:28 | 000,000,055 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{7d4855e1-61dc-11df-a1c4-001d7dc7cb0b}\Shell - "" = AutoRun
O33 - MountPoints2\{7d4855e1-61dc-11df-a1c4-001d7dc7cb0b}\Shell\AutoRun\command - "" = G:\PopCDRun.exe -- [2008.02.25 20:27:46 | 000,300,304 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.13 17:00:44 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.08.13 17:00:44 | 000,000,000 | ---D | C] -- C:\rsit
[2010.08.13 16:51:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes
[2010.08.13 16:51:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.13 16:51:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.13 16:51:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.13 16:51:17 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.13 16:42:39 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.08.12 14:41:56 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.12 14:41:56 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.08.12 14:41:56 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.12 14:41:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.08.12 14:41:56 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.12 14:41:56 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.12 14:41:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.08.12 14:41:56 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.12 14:41:56 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.08.12 14:41:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.08.12 14:41:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.08.12 14:41:56 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.08.12 14:41:56 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.12 14:41:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.12 14:41:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.12 14:41:55 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.12 14:41:49 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.12 14:41:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.08.12 14:41:34 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.12 14:41:34 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.09 11:07:50 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.09 11:07:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.09 11:07:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.08.08 19:41:56 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\mIRC
[2010.08.08 19:41:56 | 000,000,000 | ---D | C] -- C:\Programme\mIRC
[2010.08.08 15:15:40 | 000,000,000 | ---D | C] -- C:\Programme\Daedalic Entertainment
[2010.08.05 22:10:20 | 000,000,000 | ---D | C] -- C:\Programme\MessengerPlusLive_Germany_TB
[2010.08.05 14:34:49 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2010.08.05 14:34:25 | 000,475,224 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.05 14:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010.08.01 14:36:53 | 000,000,000 | ---D | C] -- C:\Users\******\Documents\Commander Demo
[2010.08.01 13:56:41 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.08.01 13:56:41 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.08.01 13:56:40 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.08.01 13:56:40 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.08.01 13:56:40 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.08.01 13:56:40 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.08.01 13:56:40 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.08.01 13:56:40 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.08.01 13:56:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.08.01 13:56:39 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.08.01 13:56:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.08.01 13:56:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.08.01 13:56:39 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.08.01 13:56:38 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.08.01 13:56:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.08.01 13:56:38 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.08.01 13:56:38 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.08.01 13:56:38 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.08.01 13:56:37 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.08.01 13:56:35 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.08.01 13:56:32 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.08.01 13:56:32 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.08.01 13:56:31 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.08.01 13:56:31 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.08.01 13:56:31 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.08.01 13:56:31 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.08.01 13:56:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.08.01 13:51:11 | 000,000,000 | ---D | C] -- C:\Programme\Paradox Interactive
[2010.07.29 23:22:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010.07.29 21:14:16 | 000,000,000 | ---D | C] -- C:\Users\*******\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
[2010.07.29 19:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Zylom
[2010.07.25 17:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueCrypt
[2010.07.25 17:31:46 | 000,000,000 | ---D | C] -- C:\Programme\Debugging Tools for Windows (x86)
[2010.07.25 17:16:44 | 000,000,000 | ---D | C] -- C:\Users\*****\test
[2010.07.25 16:59:45 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\TrueCrypt
[2010.07.25 16:54:20 | 000,230,736 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2010.07.25 16:53:56 | 000,000,000 | ---D | C] -- C:\Programme\TrueCrypt
[2010.07.24 15:04:11 | 000,000,000 | ---D | C] -- C:\Programme\DAMN NFO Viewer
[2010.07.23 17:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.07.21 17:53:11 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2010.07.21 17:53:11 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2010.07.21 17:53:04 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010.07.21 17:53:04 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2010.07.21 17:53:03 | 000,000,000 | ---D | C] -- C:\Programme\AviSynth 2.5
[2010.07.21 17:52:19 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll
[2010.07.21 17:52:19 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax
[2010.07.21 17:52:19 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\System32\MatroskaDX.ax
[2010.07.21 17:52:19 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax
[2010.07.21 17:52:19 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax
[2010.07.21 17:52:19 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax
[2010.07.21 17:52:19 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax
[2010.07.21 17:52:19 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax
[2010.07.21 17:52:19 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll
[2010.07.21 17:52:18 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax
[2010.07.21 17:52:18 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll
[2010.07.21 17:52:18 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax
[2010.07.21 17:51:59 | 000,000,000 | ---D | C] -- C:\Programme\eRightSoft
[2010.07.21 11:24:02 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\HU2011
[2010.07.21 11:20:33 | 000,000,000 | ---D | C] -- C:\Programme\Hunting Unlimited 2011
[2010.07.17 16:04:39 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\Ps3 acc daten
[2010.07.17 15:30:51 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Microsoft Games
[2010.07.14 20:12:37 | 000,000,000 | ---D | C] -- C:\Users\******\Documents\My Games
[2010.07.14 20:09:13 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.13 20:08:15 | 006,553,600 | -HS- | M] () -- C:\Users\*****\NTUSER.DAT
[2010.08.13 20:06:53 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.13 20:06:53 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.13 20:00:00 | 000,000,502 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.08.13 19:43:40 | 000,048,640 | ---- | M] () -- C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.13 19:36:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.13 18:28:52 | 000,101,949 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.08.13 18:28:52 | 000,101,949 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.08.13 16:51:22 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.13 16:48:37 | 000,001,862 | ---- | M] () -- C:\Users\******\Documents\cc_20100813_164830.reg
[2010.08.13 16:42:41 | 000,000,804 | ---- | M] () -- C:\Users\******\Desktop\CCleaner.lnk
[2010.08.13 16:13:05 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.13 16:13:04 | 001,445,310 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.13 16:13:04 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.13 16:13:04 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.13 16:13:04 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.13 16:09:46 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D2B5F805-A34C-4DB9-90CF-084D78278A84}.job
[2010.08.13 16:06:58 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.13 16:06:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.13 16:06:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.13 16:06:28 | 3754,426,368 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.12 20:25:50 | 000,524,288 | -HS- | M] () -- C:\Users\******\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.08.12 20:25:50 | 000,065,536 | -HS- | M] () -- C:\Users\******\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.08.12 20:25:38 | 002,582,636 | -H-- | M] () -- C:\Users\******\AppData\Local\IconCache.db
[2010.08.12 17:01:57 | 003,584,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.12 13:36:48 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.08.11 14:36:17 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
[2010.08.11 14:36:17 | 000,000,196 | ---- | M] () -- C:\Users\Public\Desktop\Weitere tolle Spiele!.url
[2010.08.05 14:51:38 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.05 14:51:38 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.05 14:34:25 | 000,475,224 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.08.05 11:24:09 | 006,553,600 | -HS- | M] () -- C:\Users\******\ntuser.dat_previous
[2010.08.04 16:56:15 | 000,000,104 | ---- | M] () -- C:\Users\******\AppData\Roaming\default.pls
[2010.08.01 15:54:57 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.08.01 13:54:59 | 000,001,975 | ---- | M] () -- C:\Users\******\Desktop\Commander demo spielen.lnk
[2010.07.25 17:42:30 | 001,835,008 | ---- | M] () -- C:\Users\******\Documents\TrueCrypt Rescue Disk.iso
[2010.07.25 16:54:28 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2010.07.25 16:54:20 | 000,230,736 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2010.07.24 15:12:46 | 000,000,888 | ---- | M] () -- C:\Users\******\Desktop\DAMN NFO Viewer - Verknüpfung.lnk
[2010.07.23 20:42:28 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.22 19:59:21 | 000,000,890 | ---- | M] () -- C:\Users\******\Desktop\Hunting Unlimited 2011.lnk
[2010.07.22 19:56:56 | 000,001,336 | ---- | M] () -- C:\Users\******\Documents\unpack.bat.lnk
[2010.07.21 18:05:27 | 747,253,910 | ---- | M] () -- C:\Users\******\Documents\test.nrg
[2010.07.21 17:56:00 | 008,131,739 | ---- | M] () -- C:\Users\******\Documents\100_0432.MOV.WMV
[2010.07.21 17:52:19 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\SUPER © Uninstall.lnk
[2010.07.21 17:52:19 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2010.07.21 17:44:18 | 023,914,177 | ---- | M] () -- C:\Users\******\Documents\100_0432.MOV
[2010.07.21 11:22:12 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Hunting Unlimited 2011.lnk
[2010.07.20 18:59:04 | 000,002,540 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010.07.20 18:59:04 | 000,002,420 | ---- | M] () -- C:\Users\Public\Desktop\Nero Home.lnk
[2010.07.20 08:32:42 | 000,000,282 | ---- | M] () -- C:\Users\******\Documents\file_id.diz
[2010.07.17 05:00:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.07.17 05:00:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.07.17 05:00:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
 
========== Files Created - No Company Name ==========
 
[2010.08.13 16:51:22 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.13 16:48:34 | 000,001,862 | ---- | C] () -- C:\Users\******\Documents\cc_20100813_164830.reg
[2010.08.13 16:42:41 | 000,000,804 | ---- | C] () -- C:\Users\******\Desktop\CCleaner.lnk
[2010.08.11 14:36:17 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
[2010.08.11 14:36:17 | 000,000,196 | ---- | C] () -- C:\Users\Public\Desktop\Weitere tolle Spiele!.url
[2010.08.05 14:36:20 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010.08.05 14:36:20 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.08.01 13:54:59 | 000,001,975 | ---- | C] () -- C:\Users\******\Desktop\Commander demo spielen.lnk
[2010.07.25 17:42:30 | 001,835,008 | ---- | C] () -- C:\Users\******\Documents\TrueCrypt Rescue Disk.iso
[2010.07.25 16:54:28 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2010.07.24 15:12:46 | 000,000,888 | ---- | C] () -- C:\Users\******\Desktop\DAMN NFO Viewer - Verknüpfung.lnk
[2010.07.22 19:59:21 | 000,000,890 | ---- | C] () -- C:\Users\******\Desktop\Hunting Unlimited 2011.lnk
[2010.07.22 19:57:15 | 000,001,336 | ---- | C] () -- C:\Users\******\Documents\unpack.bat.lnk
[2010.07.21 18:05:22 | 747,253,910 | ---- | C] () -- C:\Users\******\Documents\test.nrg
[2010.07.21 17:57:55 | 008,131,739 | ---- | C] () -- C:\Users\******\Documents\100_0432.MOV.WMV
[2010.07.21 17:53:04 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.07.21 17:52:19 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax
[2010.07.21 17:52:19 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax
[2010.07.21 17:52:19 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax
[2010.07.21 17:52:19 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax
[2010.07.21 17:52:19 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\SUPER © Uninstall.lnk
[2010.07.21 17:52:19 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2010.07.21 17:52:18 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax
[2010.07.21 17:52:18 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax
[2010.07.21 17:52:18 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax
[2010.07.21 17:52:18 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax
[2010.07.21 17:49:54 | 023,914,177 | ---- | C] () -- C:\Users\******\Documents\100_0432.MOV
[2010.07.21 11:22:12 | 000,001,780 | ---- | C] () -- C:\Users\Public\Desktop\Hunting Unlimited 2011.lnk
[2010.07.20 08:32:42 | 000,000,282 | ---- | C] () -- C:\Users\******\Documents\file_id.diz
[2010.05.27 12:58:17 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.05.27 12:51:37 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.05.26 21:44:14 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2010.05.21 16:20:55 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.05.17 12:09:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.02.23 04:21:32 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.01.10 20:16:20 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.01.10 20:15:30 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.02.06 02:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
< End of report >
--- --- ---


Mfg Heumann

ps. ich starte jetzt mal nen full-scan

 

Themen zu udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt
adobe, bereit, bho, browser, cpu, defender, device driver, dhcp-client, error, fontcache, frage, google, hdaudio.sys, hijack, hijackthis, home, home premium, installation, internet security 2011, kaspersky, kis, netzwerk, notepad.exe, nvlddmkm.sys, plug-in, preferences, programdata, realtek, registry, rundll, safer networking, security, skype.exe, software, start menu, starten, svchost.exe, tastatur, udp, verdacht auf trojaner, vista, wscript.exe


« internet stürtz öffters am tag ab (wlan) | Laptop "arbeitet" sich tot »


Ähnliche Themen: udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt


  1. Vista - Laptop startet nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 03.09.2015 (5)
  2. DHCP Client Fehler 1068 bei Start nach Malwarebytes Quarantäne Bereinigung
    Plagegeister aller Art und deren Bekämpfung - 26.04.2015 (1)
  3. Windows Vista startet nicht mehr
    Alles rund um Windows - 19.02.2015 (13)
  4. DHCP Dienst startet nach Win Update nicht mehr
    Alles rund um Windows - 13.02.2014 (7)
  5. Windows Vista KEINE LAN Verbindung mit INTERNET möglich, statisch / dhcp
    Alles rund um Windows - 01.02.2014 (10)
  6. Windows Vista: PC startet nicht (erweiterte Startoptionen funktionieren nicht)
    Log-Analyse und Auswertung - 26.11.2013 (5)
  7. GVU-Trojaner Vista startet nicht
    Plagegeister aller Art und deren Bekämpfung - 30.12.2012 (24)
  8. DHCP Client und Afd Dienst starten nicht nach Trojaner
    Plagegeister aller Art und deren Bekämpfung - 29.02.2012 (7)
  9. dwlgina3.dll, vista startet nicht mehr
    Log-Analyse und Auswertung - 31.01.2012 (5)
  10. Vindows Vista 64 startet nicht mehr richtig
    Alles rund um Windows - 01.01.2012 (6)
  11. OS Attack: MS RPCSS Attack CVE-2004-0116 2 ; svchost
    Log-Analyse und Auswertung - 06.07.2011 (4)
  12. VIRUS :WARNING!Network attack detected!
    Log-Analyse und Auswertung - 17.09.2010 (5)
  13. Vista startet nicht
    Alles rund um Windows - 09.04.2010 (7)
  14. Windows Vista startet nicht mehr
    Alles rund um Windows - 20.08.2008 (6)
  15. PC startet nicht - Lüfter defekt
    Netzwerk und Hardware - 15.03.2008 (14)
  16. Problem mit DHCP Client, IP Zuweisung
    Netzwerk und Hardware - 13.11.2007 (6)
  17. DHCP-Client startet nicht Fehlercode:1068
    Alles rund um Windows - 05.10.2006 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt - Zitat: Zitat von cosinus Ja, das ist mir nicht entgangen, es war aber nur ein Quickscan Bevor Du einen Vollscan startest, bitte Malwarebytes aktualisieren, die bringen tw. mehrmals am Tag - udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt...
Archiv
Du betrachtest: udp-network attack , kis datenbank defekt ,vista startet nicht dhcp-client nun sys wiederhergestellt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132