Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: ist mein pc jetzt sauber ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.09.2010, 21:47   #1
Flagetho
 
ist mein pc jetzt sauber ? - Standard

ist mein pc jetzt sauber ?



Hallo,
ich habe mir heute einen Virus eingefangen (Trojaner) und hab sofort die notwendigsten schrritte
eingeleitet d.h lan kabel gezogen und gescant.Ich habe mit Malwarebytes,Superanispyware FUll scan
ausgeführt und mit Kaspersky Pure einen Quick scan.Ich werde wahrscheinlich über nacht den FUll
Scan mit Kaspersky ausführen.Was ich bemerkt hab ist, dass ich einen Infizierten Regschlüssel nicht
desinfizieren kann.Das ist der Folgende erste code.Mit HijackThis und OTL habe ich auch gescant und
meine frage ist einfach ob mein Pc jetzt frei von Viren ist und ich wieder in den normalen betrieb
gehen kann.

1.Malwarebytes (Regschlüssel lässt sich nicht desinfizieren)
2.Hijackthis
3.1 OTL.Txt
3.2 Extras.Txt





1.
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
 
Datenbank Version: 4589
 
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
 
10.09.2010 21:33:42
mbam-log-2010-09-10 (21-33-42).txt
 
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 439127
Laufzeit: 2 Stunde(n), 35 Minute(n), 55 Sekunde(n)
 
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
 
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot.
 
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
 
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         

2.
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:26:56, on 10.09.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\stpass.exe
D:\WinTV\Ir.exe
D:\WinTV\EPG Services\System\EPGClient.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
D:\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
C:\Users\Sydex\Desktop\HiJackThis204.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Snagit 9\SnagitBHO.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [EPGServiceTool] D:\WinTV\EPG Services\System\EPGClient.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PasswordManager] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\stpass.exe
O4 - HKCU\..\RunOnce: [PowerSuite] "D:\PowerSuite\launcher.exe" delay 20000 -m
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - Global Startup: AutoStart IR.lnk = D:\WinTV\Ir.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - hxxp://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FA695B6-3B06-4BE5-BB43-43E0AE7139FD}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5FA695B6-3B06-4BE5-BB43-43E0AE7139FD}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5FA695B6-3B06-4BE5-BB43-43E0AE7139FD}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~3\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~3\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~3\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: SAS Core Service (!SASCORE) - Unknown owner - D:\Superanti\SASCORE64.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Verwaltungsservice vom CryproStorage-System (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPGService - Hauppauge Computer Works - D:\WinTV\EPG Services\System\EPGService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - D:\CDBurnerXP\NMSAccessU.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @D:\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
 
--
End of file - 8848 bytes
         

3.1 OTL.Txt
Code:
ATTFilter
OTL logfile created on: 10.09.2010 22:28:39 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Sydex\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 72,00% Memory free
10,00 Gb Paging File | 9,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 6141 6141 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 5,94 Gb Free Space | 17,37% Space Free | Partition Type: NTFS
Drive D: | 338,42 Gb Total Space | 36,75 Gb Free Space | 10,86% Space Free | Partition Type: NTFS
Drive E: | 2,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SYDEX-PC
Current User Name: Sydex
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Sydex\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe (Uniblue Systems Limited)
PRC - D:\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\stpass.exe (Kaspersky Lab)
PRC - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - D:\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - D:\WinTV\Ir.exe (Hauppauge Computer Works)
PRC - D:\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works)
PRC - D:\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Sydex\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TuneUp.Defrag) -- D:\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- D:\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (Hamachi2Svc) -- D:\Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (NMSAccess) -- D:\CDBurnerXP\NMSAccessU.exe ()
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (CSObjectsSrv) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (EPGService) -- D:\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (HCW3x64) -- C:\Windows\SysNative\drivers\HCW71364.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (cpuz133) -- C:\Windows\SysNative\drivers\cpuz133_x64.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (CSCrySec) -- C:\Windows\SysNative\drivers\CSCrySec.sys (Infowatch)
DRV:64bit: - (CSVirtualDiskDrv) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV:64bit: - (ESLvnic1) -- C:\Windows\SysNative\drivers\ESLvnic.sys (Turtle Entertainment GmbH)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64k.sys (Microsoft Corporation)
DRV:64bit: - (KLBG) -- C:\Windows\SysNative\drivers\klbg.sys (Kaspersky Lab)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab)
DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek                                            )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (Ph3xIB64) -- C:\Windows\SysNative\drivers\Ph3xIB64.sys (Philips Semiconductors GmbH)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (TuneUpUtilitiesDrv) -- D:\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7D F6 89 76 6E B9 CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://radiobar.toolbarhome.com/?hp=df"
FF - prefs.js..extensions.enabledItems: fsonlinescanner@f-secure.com:1.01
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.15
FF - prefs.js..extensions.enabledItems: {72CA2996-F580-47DF-98FF-0B853D09CEC8}:4.0.142
FF - prefs.js..keyword.URL: "hxxp://radiobar.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.http: "116.225.151.192"
FF - prefs.js..network.proxy.http_port: 8088
 
FF - user.js..browser.search.openintab: false
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2010.09.08 18:25:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.08 18:25:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\THBExt [2010.09.10 14:59:45 | 000,000,000 | ---D | M]
 
[2009.10.20 20:27:33 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\mozilla\Extensions
[2010.09.10 18:58:35 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\mozilla\Firefox\Profiles\emcybv1y.default\extensions
[2009.11.07 20:26:02 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Sydex\AppData\Roaming\mozilla\Firefox\Profiles\emcybv1y.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2010.05.27 17:28:37 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Sydex\AppData\Roaming\mozilla\Firefox\Profiles\emcybv1y.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.02.08 01:54:49 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\mozilla\Firefox\Profiles\emcybv1y.default\extensions\fsonlinescanner@f-secure.com
[2010.04.13 16:50:30 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\mozilla\Firefox\Profiles\emcybv1y.default\extensions\illimitux@illimitux.net
[2010.04.25 22:31:18 | 000,002,059 | ---- | M] () -- C:\Users\Sydex\AppData\Roaming\Mozilla\FireFox\Profiles\emcybv1y.default\searchplugins\daemon-search.xml
[2010.09.07 14:51:00 | 000,000,961 | ---- | M] () -- C:\Users\Sydex\AppData\Roaming\Mozilla\FireFox\Profiles\emcybv1y.default\searchplugins\icqplugin-1.xml
[2010.04.26 15:38:33 | 000,000,961 | ---- | M] () -- C:\Users\Sydex\AppData\Roaming\Mozilla\FireFox\Profiles\emcybv1y.default\searchplugins\icqplugin-2.xml
[2010.07.21 03:57:17 | 000,000,961 | ---- | M] () -- C:\Users\Sydex\AppData\Roaming\Mozilla\FireFox\Profiles\emcybv1y.default\searchplugins\icqplugin-3.xml
[2010.07.25 21:22:04 | 000,000,961 | ---- | M] () -- C:\Users\Sydex\AppData\Roaming\Mozilla\FireFox\Profiles\emcybv1y.default\searchplugins\icqplugin-4.xml
[2010.03.29 23:43:27 | 000,000,958 | ---- | M] () -- C:\Users\Sydex\AppData\Roaming\Mozilla\FireFox\Profiles\emcybv1y.default\searchplugins\icqplugin.xml
[2010.06.27 01:03:32 | 000,001,598 | ---- | M] () -- C:\Users\Sydex\AppData\Roaming\Mozilla\FireFox\Profiles\emcybv1y.default\searchplugins\web-search.xml
 
O1 HOSTS File: ([2007.06.13 13:39:44 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [EPGServiceTool] D:\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKCU..\Run: [PasswordManager] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\Kaspersky Password Manager\Module Retargetable Folder\stpass.exe (Kaspersky Lab)
O4 - HKCU..\Run: [Steam] d:\steam\steam.exe (Valve Corporation)
O4 - HKCU..\RunOnce: [PowerSuite] D:\PowerSuite\launcher.exe (Uniblue Systems Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O12 - Plugin for: .spop - Reg Error: Value error. File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} hxxp://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~3\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~3\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~3\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~3\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~3\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~3\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~3\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~3\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.18 12:49:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.09.12 02:00:34 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2005.09.12 02:00:34 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2005.09.12 02:00:34 | 000,001,042 | R--- | M] () - E:\autorun.ini -- [ CDFS ]
O33 - MountPoints2\{32c6ec3e-3c00-11df-b2c0-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{32c6ec3e-3c00-11df-b2c0-00ff01000001}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{5caf4c14-50a8-11df-ae06-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{5caf4c14-50a8-11df-ae06-00ff01000001}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found
O33 - MountPoints2\{5caf4c20-50a8-11df-ae06-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{5caf4c20-50a8-11df-ae06-00ff01000001}\Shell\AutoRun\command - "" = H:\S3\Autorun.exe -- File not found
O33 - MountPoints2\{7548054d-d394-11de-931e-001a4d491ae0}\Shell - "" = AutoRun
O33 - MountPoints2\{7548054d-d394-11de-931e-001a4d491ae0}\Shell\AutoRun\command - "" = 1
O33 - MountPoints2\{b1526627-bd97-11de-bd2f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b1526627-bd97-11de-bd2f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2005.09.12 02:00:34 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.10 22:11:39 | 000,000,000 | ---D | C] -- C:\Users\Sydex\Documents\Venetica
[2010.09.10 18:46:15 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Sydex\Desktop\OTL.exe
[2010.09.10 18:35:55 | 000,000,000 | ---D | C] -- C:\Users\Sydex\AppData\Roaming\SUPERAntiSpyware.com
[2010.09.10 18:26:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.09.10 18:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010.09.10 17:50:45 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Sydex\Desktop\HiJackThis204.exe
[2010.09.10 17:45:11 | 000,000,000 | ---D | C] -- C:\Users\Sydex\AppData\Roaming\Kaspersky Lab
[2010.09.10 15:21:01 | 000,000,000 | --SD | C] -- C:\Users\Sydex\Documents\Passwords Database
[2010.09.10 14:59:54 | 000,085,048 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2010.09.10 14:59:54 | 000,066,104 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2010.09.10 14:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010.09.10 14:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2010.09.10 14:59:21 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010.09.10 14:57:58 | 000,000,000 | ---D | C] -- C:\Users\Sydex\Desktop\Kaspersky.PURE.v9.0.0.192.GERMAN.CRACKED.v3.READ-NFO-NKD
[2010.09.10 14:18:04 | 000,000,000 | ---D | C] -- C:\Users\Sydex\AppData\Local\khdumpwfe
[2010.09.04 14:37:45 | 1091,838,883 | ---- | C] (Gameforge 4D GmbH                                           ) -- C:\Users\Sydex\Desktop\CABAL_Online_DE_20100716.exe
[2010.09.03 00:08:34 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2010.09.03 00:08:34 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010.09.03 00:08:34 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2010.09.03 00:08:34 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010.08.29 12:24:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.08.29 11:03:27 | 000,000,000 | ---D | C] -- C:\Users\Sydex\AppData\Local\2K Games
[2010.08.12 01:08:13 | 000,000,000 | ---D | C] -- C:\Users\Sydex\AppData\Roaming\LolClient
[2010.08.12 00:47:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.08.12 00:25:06 | 000,000,000 | ---D | C] -- C:\Users\Sydex\AppData\Local\PMB Files
[2010.08.12 00:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010.08.12 00:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.10 22:32:03 | 000,013,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.10 22:32:03 | 000,013,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.10 22:25:55 | 006,291,456 | ---- | M] () -- C:\Users\Sydex\ntuser.dat
[2010.09.10 22:24:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.10 22:24:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.10 22:23:52 | 002,434,499 | -H-- | M] () -- C:\Users\Sydex\AppData\Local\IconCache.db
[2010.09.10 21:34:28 | 000,000,864 | ---- | M] () -- C:\Users\Sydex\Desktop\Venetica.lnk
[2010.09.10 21:34:28 | 000,000,604 | ---- | M] () -- C:\Users\Sydex\Desktop\R.G.StarFors.lnk
[2010.09.10 18:46:15 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Sydex\Desktop\OTL.exe
[2010.09.10 18:35:51 | 000,000,663 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2010.09.10 18:25:02 | 000,062,512 | ---- | M] () -- C:\Users\Sydex\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.10 17:50:46 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Sydex\Desktop\HiJackThis204.exe
[2010.09.10 15:50:27 | 000,044,857 | ---- | M] () -- C:\Users\Sydex\Desktop\YASU_1.6_9040.zip
[2010.09.10 15:11:12 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010.09.10 15:11:12 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010.09.10 14:59:21 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010.09.10 14:19:21 | 000,000,005 | ---- | M] () -- C:\zrpt.xml
[2010.09.09 23:17:26 | 028,162,396 | ---- | M] () -- C:\Users\Sydex\Desktop\Venetica_Patch_1.01_DE.zip
[2010.09.05 10:56:37 | 000,285,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.09.04 15:03:57 | 000,000,639 | ---- | M] () -- C:\Users\Public\Desktop\CABAL Online.lnk
[2010.09.04 14:51:53 | 1091,838,883 | ---- | M] (Gameforge 4D GmbH                                           ) -- C:\Users\Sydex\Desktop\CABAL_Online_DE_20100716.exe
[2010.09.03 18:49:12 | 000,142,228 | ---- | M] () -- C:\Users\Sydex\Desktop\skilltrees.jpg
[2010.09.03 18:37:33 | 000,000,621 | ---- | M] () -- C:\Users\Public\Desktop\Rappelz.lnk
[2010.09.03 00:08:29 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.09.03 00:08:29 | 000,000,880 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.09.03 00:05:32 | 000,000,565 | ---- | M] () -- C:\Users\Sydex\AppData\Roaming\myMPQ.ini
[2010.09.01 15:26:02 | 000,000,568 | ---- | M] () -- C:\Users\Sydex\Desktop\MAESTIA.lnk
[2010.08.29 12:20:34 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2010.08.29 10:32:22 | 000,001,613 | ---- | M] () -- C:\Users\Sydex\Desktop\DivX Movies.lnk
[2010.08.29 10:32:05 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.08.26 14:45:36 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2010.08.26 14:40:38 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2010.08.26 14:40:34 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010.08.26 14:40:32 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2010.08.26 14:40:24 | 000,030,016 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010.08.20 19:09:42 | 000,001,385 | ---- | M] () -- C:\Users\Sydex\Desktop\Counter-Strike Source.lnk
[2010.08.17 19:09:00 | 001,501,128 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.17 19:09:00 | 000,654,096 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.08.17 19:09:00 | 000,615,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.17 19:09:00 | 000,130,952 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.08.17 19:09:00 | 000,107,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.16 19:08:42 | 000,190,144 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.08.16 19:08:42 | 000,190,144 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.08.16 19:08:37 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.08.12 00:46:56 | 000,000,713 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.10 21:34:28 | 000,000,864 | ---- | C] () -- C:\Users\Sydex\Desktop\Venetica.lnk
[2010.09.10 21:34:28 | 000,000,604 | ---- | C] () -- C:\Users\Sydex\Desktop\R.G.StarFors.lnk
[2010.09.10 18:35:51 | 000,000,663 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2010.09.10 15:50:01 | 000,044,857 | ---- | C] () -- C:\Users\Sydex\Desktop\YASU_1.6_9040.zip
[2010.09.10 15:00:15 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2010.09.10 15:00:15 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2010.09.10 14:19:21 | 000,000,005 | ---- | C] () -- C:\zrpt.xml
[2010.09.09 23:16:50 | 028,162,396 | ---- | C] () -- C:\Users\Sydex\Desktop\Venetica_Patch_1.01_DE.zip
[2010.09.04 15:03:57 | 000,000,639 | ---- | C] () -- C:\Users\Public\Desktop\CABAL Online.lnk
[2010.09.03 18:49:10 | 000,142,228 | ---- | C] () -- C:\Users\Sydex\Desktop\skilltrees.jpg
[2010.09.03 18:37:33 | 000,000,621 | ---- | C] () -- C:\Users\Public\Desktop\Rappelz.lnk
[2010.09.01 15:26:02 | 000,000,568 | ---- | C] () -- C:\Users\Sydex\Desktop\MAESTIA.lnk
[2010.08.29 12:20:34 | 000,000,651 | ---- | C] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2010.08.20 19:09:41 | 000,001,385 | ---- | C] () -- C:\Users\Sydex\Desktop\Counter-Strike Source.lnk
[2010.08.12 00:46:56 | 000,000,713 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends.lnk
[2010.08.10 17:36:02 | 000,000,565 | ---- | C] () -- C:\Users\Sydex\AppData\Roaming\myMPQ.ini
[2010.07.24 01:41:44 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll
[2010.07.09 12:46:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\driverinfo.txt
[2010.06.13 02:10:36 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2010.06.13 02:10:36 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010.05.30 12:01:20 | 000,052,836 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2010.05.30 12:01:18 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll
[2010.05.30 12:01:17 | 000,394,752 | ---- | C] () -- C:\Windows\SysWow64\cygwinb19.dll
[2010.05.30 11:54:27 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.05.25 00:27:03 | 000,000,017 | ---- | C] () -- C:\Users\Sydex\AppData\Local\resmon.resmoncfg
[2010.01.16 12:16:17 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2009.12.31 14:46:33 | 000,000,760 | ---- | C] () -- C:\Users\Sydex\AppData\Roaming\setup_ldm.iss
[2009.12.07 21:23:16 | 000,000,920 | ---- | C] () -- C:\Users\Sydex\AppData\Roaming\datawin.dat
[2009.11.15 20:54:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.10.29 18:23:09 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini
[2009.10.29 18:21:51 | 000,000,248 | ---- | C] () -- C:\Windows\HCWBlast.ini
[2009.10.29 18:21:35 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.INI
[2009.10.29 18:20:50 | 000,032,989 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.10.29 18:19:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\dmcrypto.dll
[2009.10.29 18:18:59 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.10.29 18:18:54 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hcwChDB.dll
[2009.10.29 18:17:50 | 000,011,819 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008.11.06 18:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dtu100.dll.manifest
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
 
========== LOP Check ==========
 
[2009.10.20 20:50:08 | 000,000,000 | -HSD | M] -- C:\Users\Sydex\AppData\Roaming\.#
[2010.08.18 21:23:30 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Azureus
[2010.03.30 17:40:26 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Command and Conquer 4
[2010.01.14 22:14:03 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\CPUTempWatch
[2009.11.10 08:41:25 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\DAEMON Tools Lite
[2009.11.19 12:42:51 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\DAEMON Tools Pro
[2009.12.24 20:48:00 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\DisplayTune
[2010.06.27 03:59:45 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\DNA
[2010.08.09 21:14:30 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\ICQ
[2009.12.24 19:08:19 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\InterTrust
[2010.01.01 19:27:11 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\JLC's Software
[2009.12.31 14:46:39 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Leadertech
[2010.08.12 01:08:13 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\LolClient
[2010.01.03 01:55:32 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Mumble
[2010.05.21 19:42:08 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Octoshape
[2009.12.02 16:24:00 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\OpenOffice.org
[2009.10.20 22:48:16 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Opera
[2010.05.07 12:52:15 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\PC Suite
[2009.11.07 20:01:47 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\RouterControl
[2010.07.21 00:04:36 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\runic games
[2010.05.07 13:22:54 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Samsung
[2010.08.13 13:30:23 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\TeamViewer
[2010.06.27 00:58:06 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Thinstall
[2010.04.19 17:19:02 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\TS3Client
[2009.10.20 23:18:25 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\TuneUp Software
[2010.05.30 10:45:03 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Ubisoft
[2010.07.07 13:48:40 | 000,000,000 | ---D | M] -- C:\Users\Sydex\AppData\Roaming\Uniblue
[2010.07.31 12:59:26 | 000,010,206 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
         


3.2 Extras.Txt
Code:
ATTFilter
OTL Extras logfile created on: 10.09.2010 22:28:39 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Sydex\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 72,00% Memory free
10,00 Gb Paging File | 9,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): c:\pagefile.sys 6141 6141 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 34,18 Gb Total Space | 5,94 Gb Free Space | 17,37% Space Free | Partition Type: NTFS
Drive D: | 338,42 Gb Total Space | 36,75 Gb Free Space | 10,86% Space Free | Partition Type: NTFS
Drive E: | 2,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SYDEX-PC
Current User Name: Sydex
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" = 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{08194E86-10BE-C749-8D43-E6ECBF44248E}" = ccc-utility64
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FBB2E98-1A3B-396A-A662-73E17009C076}" = ATI Catalyst Install Manager
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{850C7AF6-7376-464D-A69C-E8419EC7ACA7}" = Microsoft IntelliType Pro 7.0
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C74A84EC-7C5F-4C36-A4A6-381E516D643B}" = Microsoft IntelliPoint 7.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"BC15EA930074932BB2C4B4493C9FD4EA95087D1A" = Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.54
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Download Driver" = SAMSUNG Mobile USB Download Driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"WinRAR archiver" = WinRAR archiver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{1BF43B74-1EDE-060E-A612-56A116A381F8}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4E2CD272-0F2F-98EA-9596-510EF0D24E28}" = ccc-core-static
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{727A7452-9B12-4E45-B29A-BFEFA2FF8A7E}_is1" = WinTools.net 10.2.1 Professional
"{72C02F89-9E8E-2DBD-11D7-EB5F075FE081}" = Catalyst Control Center Graphics Previews Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793A260C-CDBF-499C-ABBA-B51E8E076867}_is1" = Uniblue PowerSuite
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz_DE
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DD16C0E-B9E7-417C-0C30-E57916C353E3}" = CCC Help English
"{A1E1D1EE-3F04-CC1A-8498-0D48463F579D}" = Catalyst Control Center Localization All
"{A680643A-1155-02F6-6B29-BF4FBA1190E8}" = Catalyst Control Center Graphics Full Existing
"{ABB6F00C-9722-82C2-FE1E-893313CCF612}" = Catalyst Control Center Graphics Light
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B04836D8-4170-D430-6297-3DD084AAEC09}" = Catalyst Control Center Graphics Full New
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.07
"{B440D659-FECA-4BDD-A12B-5C9F05790FF3}" = Snagit 9.1.2
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{BCC78381-4B63-5352-BF57-BDBF7A77823A}" = Catalyst Control Center HydraVision Full
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1" = SRWare Iron 4.0.280
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1 + KB928366
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EE02955B-74BC-3995-6B67-2A9D1651D4F5}" = Catalyst Control Center Graphics Previews Vista
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F241EC95-C81A-466E-8006-6B0B364B07A0}" = PCMark Vantage
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3.20
"Assassin's Creed 2_is1" = Black_Box v1
"CABAL Online_is1" = CABAL Online
"CCleaner" = CCleaner
"Counter-Strike: Source" = Counter-Strike: Source
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26057)
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV IR Blaster" = Hauppauge WinTV IR Blaster
"Hauppauge WinTV Radio" = Hauppauge WinTV Radio
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR
"HijackThis" = HijackThis 2.0.2
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"JDownloader" = JDownloader
"League of Legends_is1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1 SP1 + KB928366
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"Neffy" = Neffy 1,3,29,0
"S2TNG" = Die Siedler II - Die nächste Generation
"S3" = Die Siedler III Gold Edition
"StarCraft II" = StarCraft II
"TeamViewer 5" = TeamViewer 5
"The KMPlayer" = The KMPlayer (remove only)
"TuneUp Utilities" = TuneUp Utilities
"Venetica_is1" = Venetica
"VLC media player" = VLC media player 1.0.2
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"MAESTIA" = MAESTIA
"Mozilla Firefox (3.5.12)" = Mozilla Firefox (3.5.12)
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Octoshape Streaming Services" = Octoshape Streaming Services
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
ich hoffe ihr könnt mir helfen

mfg Chris

so ich habe mal mit eset einen online scan durchgeführt.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=d2b688921520c544b88873202f91f6de
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-09-11 04:33:10
# local_time=2010-09-11 06:33:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1280 16777215 100 0 34947 34947 0 0
# compatibility_mode=5893 16776574 100 94 25029 36564188 0 0
# compatibility_mode=8192 67108863 100 0 607 607 0 0
# scanned=271047
# found=6
# cleaned=6
# scan_time=21074
C:\Users\Sydex\AppData\Local\Temp\Ed2.exe    a variant of Win32/Kryptik.GRS trojan (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\Users\Sydex\AppData\Local\Temp\Ed4.exe    a variant of Win32/Kryptik.GRH trojan (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
C:\Users\Sydex\AppData\Local\Temp\Edz.exe    a variant of Win32/Kryptik.GRS trojan (cleaned by deleting - quarantined)    00000000000000000000000000000000    C
D:\downloads\cac4\Venetica-RELOADED\rld-vene.iso    a variant of Win32/Injector.CRE trojan (deleted - quarantined)    00000000000000000000000000000000    C
D:\SYDEX-PC\Backup Set 2010-07-25 190002\Backup Files 2010-07-25 190002\Backup files 4.zip    probably a variant of Win32/Spy.Agent.IUTUVVF trojan (deleted - quarantined)    00000000000000000000000000000000    C
D:\SYDEX-PC\Backup Set 2010-07-25 190002\Backup Files 2010-07-25 190002\Backup files 7.zip    probably a variant of Win32/Spy.Agent.IUTUVVF trojan (deleted - quarantined)    00000000000000000000000000000000    C
         

er hat 6 dinge gefunden leider kann man sie nicht löschen deshalb werde ich mal mit f-secure einen online scann durchführen.


mfg chris

Hallo,
ich wollte grad mit GMER einen scan laufne lassen und hab bemerkt, dass
1. ich eine meldung bekomme beim start: "c:\windows\system32\config\system: das system kann die angegebene datei nicht finden."2.kann ich folgende sachen garnicht erst anhacken: System, Sections, Devices, Modules, Processes, Threads, Libraries, Services.Ok da dacht ich mir mach ich einen scan aus dne drei sachen nur : Service, registry und files.als ich anschließend auf scan druckte erschient : C:\windows\system32\config\system: der Prozess kann nicht auf die datei zugreifen, da sie von einem anderen prozess verwendet wird obwohl ich alles nach anleitung getan habe.wenn ich auf ok klicke erfolgt trotzdem ein scan den wer dich eben machen und posten.So als GMER fertig war sagte es, dass es keine modifikationen im system gibt.trotzdem würd ich gern einen full scan machen bloß was hat es mit den grauen kästschen und der fehlermeldung auf sich ?


mfg chris

Hallo,
ich habe jetzt einen F-secur eonline scan und Trend Micro Houscall scan hinter mir und beides negativ.Dennoch arbeitet mein computer langsamer als zu zuvor ich werde gleich nochmal einen Scan mti Malwarebytes durchführen.Wäre nett sich jemand mein Problem ansehen würde und sagen würde was er dazu denkt.

mfg chris

Antwort

Themen zu ist mein pc jetzt sauber ?
bho, black, c:\windows\system32\rundll32.exe, cdburnerxp, components, computer, cpu-z, defender, desktop, druck, error, firefox, firefox.exe, flash player, format, frage, hijack, hijack.folderoptions, hijackthis, install.exe, jdownloader, kaspersky, langs, local\temp, location, logfile, microsoft .net framework 1.1 sp1, mozilla, oldtimer, otl logfile, otl.exe, plug-in, programdata, realtek, registry, rundll, saver, searchplugins, security, shell32.dll, shortcut, software, speedupmypc, sptd.sys, staropen, system, syswow64, tastatur, teamspeak, trojaner, viren, virus, virus eingefangen, vlc media player, webcheck



Ähnliche Themen: ist mein pc jetzt sauber ?


  1. Qv06.com eingefangen und (hoffentlich) desinfiziert - ist mein Rechner jetzt sauber?
    Plagegeister aller Art und deren Bekämpfung - 30.07.2013 (1)
  2. GVU Trojahner eingefangen, Reinigung durchgeführt, ist mein System jetzt sauber?
    Plagegeister aller Art und deren Bekämpfung - 20.05.2013 (5)
  3. Hatte Exoloit Java/ CVE 2012 und 2013 ist mein PC jetzt sauber?
    Plagegeister aller Art und deren Bekämpfung - 17.04.2013 (17)
  4. Ist mein Computer jetzt sauber ?
    Log-Analyse und Auswertung - 06.12.2011 (1)
  5. Kido eingefangen und versucht zu entfernen. Ist mein Rechner jetzt sauber ?
    Log-Analyse und Auswertung - 14.11.2011 (65)
  6. Ist mein System jetzt sauber?
    Log-Analyse und Auswertung - 05.09.2011 (3)
  7. Ist mein PC jetzt sauber?
    Plagegeister aller Art und deren Bekämpfung - 01.07.2011 (4)
  8. Conhost-Trojaner: Ist mein System jetzt sauber???
    Plagegeister aller Art und deren Bekämpfung - 07.03.2011 (2)
  9. Ist mein PC jetzt sauber?
    Plagegeister aller Art und deren Bekämpfung - 04.01.2011 (2)
  10. Ist mein PC jetzt sauber?
    Log-Analyse und Auswertung - 11.07.2009 (4)
  11. ist mein PC jetzt sauber?
    Log-Analyse und Auswertung - 23.05.2009 (1)
  12. Ist mein PC jetzt sauber
    Log-Analyse und Auswertung - 23.03.2009 (1)
  13. Ist mein System jetzt sauber???
    Log-Analyse und Auswertung - 25.09.2008 (1)
  14. Ist mein System jetzt sauber?
    Log-Analyse und Auswertung - 27.02.2007 (6)
  15. Ist mein PC jetzt wieder sauber ? Brauche eine Analyse
    Log-Analyse und Auswertung - 15.02.2007 (5)
  16. Ist mein rechner jetzt sauber???
    Mülltonne - 06.01.2006 (2)
  17. Ist mein System jetzt sauber?
    Log-Analyse und Auswertung - 16.02.2005 (6)

Zum Thema ist mein pc jetzt sauber ? - Hallo, ich habe mir heute einen Virus eingefangen (Trojaner) und hab sofort die notwendigsten schrritte eingeleitet d.h lan kabel gezogen und gescant.Ich habe mit Malwarebytes,Superanispyware FUll scan ausgeführt und mit - ist mein pc jetzt sauber ?...
Archiv
Du betrachtest: ist mein pc jetzt sauber ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.