Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Rescue Disk stürzt ab; PC langsamer

Rescue Disk stürzt ab; PC langsamer


Log-Analyse und Auswertung: Rescue Disk stürzt ab; PC langsamer

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 08.05.2011, 10:58   #1
braso
 
Rescue Disk stürzt ab; PC langsamer - Standard

Rescue Disk stürzt ab; PC langsamer


Hallo zusammen,

mein PC braucht seit ich eine fragwürdige exe-datei ausgeführt habe etwas langsamer bzw. lädt manchmal lange, teilweise setzt das internet auch aus, zumindest für eine weile.
zur Sicherheit wollte ich nun eine Rescue-disk ausführen. Allerdings schaltet er sich immer nach einer Weile aus, bevor das Programm zu Ende gescannt hat. Ich habe AntiVir Rescue System und kaspersky rescue Disk 10 benutzt.
Im Internet fand ich nur, dass ich mich an das board hier wenden soll.
Könnt ihr mir weiterhelfen?

OTL logfile created on: 08.05.2011 11:36:14 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Braso\Downloads
64bit-Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372,60 Gb Total Space | 5,49 Gb Free Space | 1,47% Space Free | Partition Type: NTFS

Computer Name: ULTIMATIVE | User Name: Braso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Braso\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Join Air\UIExec.exe ()
PRC - C:\Program Files (x86)\Join Air\AssistantServices.exe ()
PRC - C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Neuer Ordner (2)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Programme\Neuer Ordner (2)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Neuer Ordner (2)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)


========== Modules (SafeList) ==========

MOD - C:\Users\Braso\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\guard32.dll (COMODO)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (TuneUp.Defrag) -- C:\Windows\SysNative\TuneUpDefragService.exe ()
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\atiesrxx.exe ()
SRV:64bit: - (cmdAgent) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (AntiVirService) -- C:\Program Files\Neuer Ordner (2)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll ()
SRV:64bit: - (AntiVirSchedulerService) -- C:\Program Files\Neuer Ordner (2)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV:64bit: - (dtpd) -- C:\Program Files\VPN Client\dtpd.exe ()
SRV:64bit: - (iked) -- C:\Program Files\VPN Client\iked.exe ()
SRV:64bit: - (ipsecd) -- C:\Program Files\VPN Client\ipsecd.exe ()
SRV:64bit: - (hasplms) -- C:\Windows\SysNative\hasplms.exe ()
SRV:64bit: - (AgereModemAudio) -- C:\Windows\SysNative\agr64svc.exe ()
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll ()
SRV - (DBService) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (UI Assistant Service) -- C:\Program Files (x86)\Join Air\AssistantServices.exe ()
SRV - (a2AntiMalware) -- C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EvtEng) -- C:\Programme\Treiber\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)


========== Driver Services (SafeList) ==========

DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys ()
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\DRIVERS\vpnva64.sys ()
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\DRIVERS\ZTEusbser6k.sys ()
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\DRIVERS\ZTEusbnmea.sys ()
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\DRIVERS\ZTEusbmdm6k.sys ()
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys ()
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\DRIVERS\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\DRIVERS\lirsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys ()
DRV:64bit: - (FPSensor) LTT-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\SysNative\Drivers\FPSensor.sys ()
DRV:64bit: - (aksdf) -- C:\Windows\SysNative\DRIVERS\aksdf.sys ()
DRV:64bit: - (VClone) -- C:\Windows\SysNative\DRIVERS\VClone.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys ()
DRV:64bit: - (akshasp) -- C:\Windows\SysNative\DRIVERS\akshasp.sys ()
DRV:64bit: - (aksusb) -- C:\Windows\SysNative\DRIVERS\aksusb.sys ()
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys ()
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys ()
DRV:64bit: - (aksfridge) -- C:\Windows\SysNative\drivers\aksfridge.sys ()
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys ()
DRV:64bit: - (vflt) -- C:\Windows\SysNative\DRIVERS\vfilter.sys ()
DRV:64bit: - (vnet) -- C:\Windows\SysNative\DRIVERS\virtualnet.sys ()
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\DRIVERS\jmcr.sys ()
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys ()
DRV:64bit: - (NETw5v64) Intel(R) -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys ()
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys ()
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\RootMdm.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys ()
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys ()
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys ()
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\DRIVERS\btwrchid.sys ()
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys ()
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys ()
DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\Drivers\ElbyCDFL.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV:64bit: - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfvfs02.sys ()
DRV:64bit: - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\SysNative\drivers\sfdrv01.sys ()
DRV:64bit: - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfhlp02.sys ()
DRV - (Haspnt) -- C:\Windows\SysWOW64\drivers\Haspnt.sys (Aladdin Knowledge Systems)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (hotcore3) -- C:\Windows\SysWOW64\drivers\hotcore3.sys (Paragon Software Group)
DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1351351
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:defficial"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23


FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.07 12:26:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.07 12:26:25 | 000,000,000 | ---D | M]

[2009.09.02 14:26:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Braso\AppData\Roaming\mozilla\Extensions
[2011.05.07 14:57:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Braso\AppData\Roaming\mozilla\Firefox\Profiles\pi3hknej.default\extensions
[2010.11.06 03:26:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Braso\AppData\Roaming\mozilla\Firefox\Profiles\pi3hknej.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.07.01 15:19:32 | 000,000,894 | ---- | M] () -- C:\Users\Braso\AppData\Roaming\Mozilla\Firefox\Profiles\pi3hknej.default\searchplugins\conduit.xml
[2009.11.06 18:10:09 | 000,002,059 | ---- | M] () -- C:\Users\Braso\AppData\Roaming\Mozilla\Firefox\Profiles\pi3hknej.default\searchplugins\daemon-search.xml
[2011.05.04 16:02:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.28 16:25:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.23 19:28:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.01.10 12:51:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\BRASO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PI3HKNEJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.05.07 12:26:18 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2008.02.22 17:24:06 | 000,095,832 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\NPPDLicenseHelper.dll
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.05.07 12:26:21 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.07 12:26:21 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.05.07 12:26:21 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.07 12:26:21 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.07 12:26:21 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.07 12:26:21 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AdiCash Toolbar) - {85223548-4D57-4A3B-896B-145985F681C6} - C:\Program Files (x86)\AdiCash\Toolbar.dll (AdiCash GmbH)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (AdiCash Toolbar) - {BB9540F0-94B9-4fe8-A2E1-DE3A506ECD4B} - C:\Program Files (x86)\AdiCash\Toolbar.dll (AdiCash GmbH)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (AdiCash Toolbar) - {6AA99CB6-74AF-4136-A6C6-C64C95333249} - C:\Program Files (x86)\AdiCash\Toolbar.dll (AdiCash GmbH)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files (x86)\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\Comodo\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Acrobat Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Neuer Ordner (2)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\Join Air\UIExec.exe ()
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [VitaKeyPdtWzd] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2010.12.28 02:32:21 | 000,000,000 | ---D | M]
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Treiber\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Treiber\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Treiber\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Treiber\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Treiber\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Treiber\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Treiber\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Treiber\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll ()
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Braso\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Braso\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0d92fd67-b585-11de-a2da-00242cda0894}\Shell - "" = AutoRun
O33 - MountPoints2\{0d92fd67-b585-11de-a2da-00242cda0894}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{0fc5802a-142d-11e0-921b-00242cda0894}\Shell - "" = AutoRun
O33 - MountPoints2\{0fc5802a-142d-11e0-921b-00242cda0894}\Shell\AutoRun\command - "" = E:\Install.exe
O33 - MountPoints2\{369c3db3-08d1-11df-8141-00242cda0894}\Shell\Autoplay\command - "" = usb_driver.exe
O33 - MountPoints2\{369c3db3-08d1-11df-8141-00242cda0894}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL usb_driver.exe
O33 - MountPoints2\{369c3db3-08d1-11df-8141-00242cda0894}\Shell\explore\Command - "" = usb_driver.exe
O33 - MountPoints2\{369c3db3-08d1-11df-8141-00242cda0894}\Shell\Open\Command - "" = usb_driver.exe
O33 - MountPoints2\{5d992efa-2904-11df-baaa-00242cda0894}\Shell\Autoplay\command - "" = kingston.exe
O33 - MountPoints2\{5d992efa-2904-11df-baaa-00242cda0894}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL kingston.exe
O33 - MountPoints2\{5d992efa-2904-11df-baaa-00242cda0894}\Shell\explore\Command - "" = kingston.exe
O33 - MountPoints2\{5d992efa-2904-11df-baaa-00242cda0894}\Shell\Open\Command - "" = kingston.exe
O33 - MountPoints2\{93f2897b-b586-11de-8f63-00242cda0894}\Shell - "" = AutoRun
O33 - MountPoints2\{93f2897b-b586-11de-8f63-00242cda0894}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{ce07733a-7b87-11df-a8a8-00242cda0894}\Shell\Autoplay\command - "" = E:\usb_tools.exe
O33 - MountPoints2\{ce07733a-7b87-11df-a8a8-00242cda0894}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\usb_tools.exe
O33 - MountPoints2\{ce07733a-7b87-11df-a8a8-00242cda0894}\Shell\explore\Command - "" = E:\usb_tools.exe
O33 - MountPoints2\{ce07733a-7b87-11df-a8a8-00242cda0894}\Shell\Open\Command - "" = E:\usb_tools.exe
O33 - MountPoints2\{dc6445c6-67f4-11df-a8cf-00242cda0894}\Shell\Autoplay\command - "" = E:\kingston.exe
O33 - MountPoints2\{dc6445c6-67f4-11df-a8cf-00242cda0894}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\kingston.exe
O33 - MountPoints2\{dc6445c6-67f4-11df-a8cf-00242cda0894}\Shell\explore\Command - "" = E:\kingston.exe
O33 - MountPoints2\{dc6445c6-67f4-11df-a8cf-00242cda0894}\Shell\Open\Command - "" = E:\kingston.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.05.07 17:02:31 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2011.05.04 23:36:17 | 000,000,000 | ---D | C] -- C:\Users\Braso\AppData\Roaming\R-TT
[2011.05.04 23:27:25 | 000,000,000 | ---D | C] -- C:\Users\Braso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
[2011.05.04 23:27:24 | 000,000,000 | ---D | C] -- C:\Users\Braso\Documents\R-TT
[2011.05.04 23:27:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R-Studio
[2011.05.03 14:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
[2011.05.03 14:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runtime Software
[2011.04.23 15:31:17 | 000,000,000 | ---D | C] -- C:\Users\Braso\AppData\Roaming\vlc
[2011.04.23 15:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.05.08 11:32:58 | 001,427,406 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.08 11:32:58 | 000,621,952 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.08 11:32:58 | 000,590,082 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.08 11:32:58 | 000,123,852 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.08 11:32:58 | 000,102,094 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.08 11:23:39 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.08 11:23:39 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.08 11:23:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.07 18:49:53 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.05.07 13:52:05 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{33D8D392-EEFB-42C8-9406-494FE21E3726}.job
[2011.05.04 20:12:33 | 000,103,424 | ---- | M] () -- C:\Users\Braso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.04 15:27:10 | 000,373,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.05.03 16:05:01 | 001,449,296 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.03 14:28:38 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\GetDataBack for NTFS.lnk
[2011.04.29 17:46:58 | 000,017,055 | ---- | M] () -- C:\Users\Braso\Desktop\520px-Logo-Universität_des_Saarlandes klein.svg.png
[2011.04.28 17:55:44 | 571,463,541 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.26 18:10:21 | 000,056,169 | ---- | M] () -- C:\Users\Braso\Desktop\PraktikumBachelor.pdf
[2011.04.24 18:26:55 | 000,342,104 | ---- | M] () -- C:\Users\Braso\Desktop\fulltext.pdf
[2011.04.24 17:15:19 | 000,078,027 | ---- | M] () -- C:\Users\Braso\Desktop\PraktikumInfo.pdf
[2011.04.23 15:27:34 | 000,000,774 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.23 15:24:56 | 020,533,281 | ---- | M] () -- C:\Users\Braso\Desktop\vlc-1.1.9-win32.exe
[2011.04.19 14:51:43 | 000,024,215 | ---- | M] () -- C:\Users\Braso\Desktop\520px-Logo-Universität_des_Saarlandes.svg.png
[2011.04.17 22:31:29 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.05.07 12:26:26 | 000,000,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.05.03 16:05:01 | 001,449,296 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.03 14:28:38 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\GetDataBack for NTFS.lnk
[2011.04.29 17:46:57 | 000,017,055 | ---- | C] () -- C:\Users\Braso\Desktop\520px-Logo-Universität_des_Saarlandes klein.svg.png
[2011.04.26 18:10:21 | 000,056,169 | ---- | C] () -- C:\Users\Braso\Desktop\PraktikumBachelor.pdf
[2011.04.24 18:26:55 | 000,342,104 | ---- | C] () -- C:\Users\Braso\Desktop\fulltext.pdf
[2011.04.24 17:15:19 | 000,078,027 | ---- | C] () -- C:\Users\Braso\Desktop\PraktikumInfo.pdf
[2011.04.23 15:27:34 | 000,000,774 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.23 15:24:22 | 020,533,281 | ---- | C] () -- C:\Users\Braso\Desktop\vlc-1.1.9-win32.exe
[2011.04.19 14:51:42 | 000,024,215 | ---- | C] () -- C:\Users\Braso\Desktop\520px-Logo-Universität_des_Saarlandes.svg.png
[2011.04.17 22:31:28 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.11.05 12:37:57 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010.11.05 12:37:57 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010.04.30 02:02:29 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.04.06 20:27:32 | 000,000,552 | ---- | C] () -- C:\Users\Braso\AppData\Local\d3d8caps.dat
[2010.01.15 12:01:16 | 000,000,383 | ---- | C] () -- C:\Windows\SysWow64\haspdos.sys
[2010.01.15 11:57:19 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\hdduinst.exe
[2010.01.15 11:57:18 | 000,006,836 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.INI
[2010.01.15 11:57:17 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2009.11.07 14:46:44 | 000,000,130 | ---- | C] () -- C:\Windows\cfplogvw.INI
[2009.10.25 00:31:06 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2009.10.23 20:03:57 | 000,000,276 | ---- | C] () -- C:\Windows\game.ini
[2009.10.10 12:23:12 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.09.04 12:57:17 | 000,000,680 | ---- | C] () -- C:\Users\Braso\AppData\Local\d3d9caps.dat
[2009.09.02 22:24:15 | 000,103,424 | ---- | C] () -- C:\Users\Braso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.02 03:10:43 | 004,244,744 | ---- | C] () -- C:\Windows\SysWow64\qtp-mt334.dll
[2009.09.02 03:10:43 | 000,247,560 | ---- | C] () -- C:\Windows\SysWow64\prgiso.dll
[2009.09.02 03:10:43 | 000,013,576 | ---- | C] () -- C:\Windows\SysWow64\wnaspi32.dll
[2009.09.02 02:14:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.09.02 01:55:15 | 000,000,732 | ---- | C] () -- C:\Users\Braso\AppData\Local\d3d9caps64.dat
[2009.09.02 01:05:34 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.07.14 18:15:00 | 000,178,432 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.06.02 18:11:16 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.05.29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.12.03 11:41:58 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\VMC3KAPI.dll
[2008.01.21 04:48:25 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 04:48:07 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 17:34:20 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2009.11.01 17:27:41 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\AdiCash
[2010.04.30 02:04:34 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Atari
[2010.12.09 14:12:42 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\AV Stumpfl
[2010.05.03 18:27:11 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Canneverbe_Limited
[2010.05.17 16:10:39 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Canon
[2009.10.22 16:27:27 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\DAEMON Tools Lite
[2009.09.06 13:42:34 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\DeepBurner
[2010.12.09 14:10:39 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Downloaded Installations
[2010.12.16 21:59:57 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\GetRightToGo
[2010.08.02 20:08:58 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\ICQ
[2009.10.22 16:57:06 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Leadertech
[2011.05.04 23:36:17 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\R-TT
[2010.11.22 18:44:11 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Research In Motion
[2010.05.05 20:17:22 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\SpieleEntwicklungsKombinat
[2010.09.02 21:50:57 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\streamripper
[2010.09.08 20:04:52 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Sytexis Software
[2010.07.26 12:55:28 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\TeamViewer
[2009.09.07 19:40:14 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Thinstall
[2009.10.24 23:58:12 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\TuneUp Software
[2009.10.10 13:02:03 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Ubisoft
[2009.09.13 23:57:51 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\Uniblue
[2009.09.02 15:00:50 | 000,000,000 | ---D | M] -- C:\Users\Braso\AppData\Roaming\VistaCodecs
[2011.05.07 18:49:53 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.05.07 13:52:05 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{33D8D392-EEFB-42C8-9406-494FE21E3726}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 48 bytes -> C:\Users\Braso\ntuser.dat.log:{110214F5-DB92-3458-BA32-ACEAD44B0F0A}
@Alternate Data Stream - 24 bytes -> C:\Windows:747E36C37A214846

< End of report >

Alt 08.05.2011, 11:45   #2
markusg
/// Malware-holic
 
Rescue Disk stürzt ab; PC langsamer - Standard

Rescue Disk stürzt ab; PC langsamer


hallo,
was heißt genau fragwürdig?
hast du die exe noch? falls ja, hochladen bittee im upload channel:
http://www.trojaner-board.de/54791-a...ner-board.html
falls du den link noch hast, als private nachicht an mich.
__________________

__________________
Alt 09.05.2011, 16:35   #3
markusg
/// Malware-holic
 
Rescue Disk stürzt ab; PC langsamer - Standard

Rescue Disk stürzt ab; PC langsamer


ok, da es sich hier um nen keygen handelt.
und diese illegal sind
helfe ich dir dabei das system neu aufzusetzen und abzusichern
bitte sichere deine daten, keine keygens cracks und sonstige illegalen downloads.
melde dich bitte, wenn fertig
__________________
__________________
Antwort

Themen zu Rescue Disk stürzt ab; PC langsamer
alternate, antivir, autorun, avgntflt.sys, avira, becker, bho, bonjour, c:\windows\system32\rundll32.exe, cdburnerxp, conduit, defender, desktop, error, exe-datei, firefox, format, helper, internet, kaspersky, kaspersky rescue, location, logfile, mozilla, oldtimer, plug-in, programm, realtek, registry, rundll, sched.exe, searchplugins, security, services.exe, shell32.dll, sicherheit, softonic, softonic deutsch toolbar, software, sptd.sys, staropen, start menu, system, syswow64, uiexec.exe, vista


« HiJackThis Log zum auswerten | Kazy.mekml.1 »


Ähnliche Themen: Rescue Disk stürzt ab; PC langsamer


  1. Frage zu Avira Rescue Disk
    Antiviren-, Firewall- und andere Schutzprogramme - 30.05.2015 (3)
  2. Windows 7 - PC stürzt ab und startet unzuverlässig: Meldung "Non-System disk or disk error..."; Trojaner/Viren oder mechanisches Problem?
    Log-Analyse und Auswertung - 16.11.2014 (21)
  3. BKA-Trojaner und Kaspersky Rescue Disk; PC Winows 7
    Log-Analyse und Auswertung - 31.07.2014 (1)
  4. Keine Netzwerkverbindung mit Kaspersky Rescue Disk
    Alles rund um Windows - 04.03.2014 (11)
  5. Kaspersky Rescue Disk Bericht
    Plagegeister aller Art und deren Bekämpfung - 13.09.2013 (1)
  6. 2x | Kaspersky Rescue Disk Bericht
    Mülltonne - 12.09.2013 (1)
  7. Rescue Disk Update wird unterbrochen
    Log-Analyse und Auswertung - 24.04.2013 (2)
  8. Bundespolizei Trojaner, Probleme mit Kaspersky Rescue Disk.....
    Log-Analyse und Auswertung - 18.02.2013 (3)
  9. PC gesperrt, kASPERSKY Rescue Disk bootet nicht.
    Plagegeister aller Art und deren Bekämpfung - 03.11.2012 (16)
  10. Kaspersky Rescue Disk funktioniert nicht
    Log-Analyse und Auswertung - 27.10.2012 (1)
  11. GVU/BKA Malware auf XP - Kein Rescue Disk möglich durch Festplattenverschlüsselung
    Log-Analyse und Auswertung - 09.07.2012 (1)
  12. Virenbekämpfung mit Kaspersky rescue disk 10 ... hängengeblieben?
    Antiviren-, Firewall- und andere Schutzprogramme - 16.07.2011 (15)
  13. Kaspersky Rescue Disk 10
    Alles rund um Windows - 18.06.2011 (1)
  14. BKA-Trojaner, kein Erfolg mit rescue disk
    Log-Analyse und Auswertung - 22.04.2011 (24)
  15. Bit Defender rescue disk erkennt partitionen nicht
    Alles rund um Windows - 23.08.2010 (5)
  16. Kaspersky Rescue Disk
    Anleitungen, FAQs & Links - 24.03.2010 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Rescue Disk stürzt ab; PC langsamer - Hallo zusammen, mein PC braucht seit ich eine fragwürdige exe-datei ausgeführt habe etwas langsamer bzw. lädt manchmal lange, teilweise setzt das internet auch aus, zumindest für eine weile. zur Sicherheit - Rescue Disk stürzt ab; PC langsamer...
Archiv
Du betrachtest: Rescue Disk stürzt ab; PC langsamer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129