Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bka virus eingefangen... otl logfile mit otlpnet erstellt (https://www.trojaner-board.de/100252-bka-virus-eingefangen-otl-logfile-otlpnet-erstellt.html)

Bulli-76 12.06.2011 16:38
Bka virus eingefangen... otl logfile mit otlpnet erstellt
 
Hallo,

ich habe mir den bka virus eingefangen und kann nun nichtmehr auf mein system zugreifen... ich habe es schon mit den rescue systemen von avira und kaspersky versucht aber da war leider nichts zu machen. ich kann momentan über knoppix oder otlpnet per cd auf mein system zugreifen allerdings kann ich dort dann auch nicht viel machen weil ich dem linux nicht mächtig bin :headbang:
ich habe natürlich dann gleich otl nach anleitung scannen lassen und wende mich nun hoffnungsvoll mit meinem logfile an euch, in der hoffnung dass ich mein system nicht neu aufsetzen muss... :killpc:

Code:
OTL logfile created on: 6/12/2011 6:08:50 PM - Run
OTLPE by OldTimer - Version 3.1.46.0    Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.05 Gb Total Space | 5.40 Gb Free Space | 3.62% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 5.88 Gb Free Space | 3.95% Space Free | Partition Type: NTFS
Drive E: | 136.35 Gb Total Space | 1.70 Gb Free Space | 1.25% Space Free | Partition Type: NTFS
Drive F: | 149.04 Gb Total Space | 3.52 Gb Free Space | 2.36% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/02/04 07:10:20 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:64bit: - [2010/10/17 18:43:02 | 000,099,048 | ---- | M] (SANDBOXIE L.T.D) [Auto] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2010/10/14 11:16:56 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/05/06 05:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV:64bit: - [2007/08/03 15:24:54 | 000,125,496 | ---- | M] () [Auto] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2011/06/03 12:21:28 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/05/17 19:45:57 | 003,275,864 | ---- | M] () [Auto] -- C:\Program Files (x86)\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/04/15 05:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/02/06 11:36:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/11/24 16:33:26 | 000,921,600 | ---- | M] () [Auto] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 08:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/21 09:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 11:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/06 19:57:18 | 000,072,248 | ---- | M] () [Auto] -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe -- (WBVGAservice)
SRV - [2008/11/11 04:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/08/13 23:59:52 | 000,100,920 | ---- | M] () [Auto] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007/01/04 14:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/03/14 11:52:46 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2010/10/17 18:42:58 | 000,145,512 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2010/07/09 08:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto] -- C:\Windows\System32\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/04/16 02:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/30 21:58:04 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/18 05:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/03/18 05:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/12/07 14:38:23 | 000,074,880 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/11/11 16:15:44 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/10/01 13:04:54 | 001,307,648 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CM10664.sys -- (USBMULCD)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/05 09:27:12 | 001,449,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/04/11 01:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/04/11 01:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/04/01 20:46:40 | 000,016,440 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2008/11/03 03:03:27 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2008/09/15 02:57:32 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2008/09/15 02:57:18 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008/09/15 02:57:18 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2008/09/15 02:57:18 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008/08/28 06:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/08/21 02:39:13 | 000,017,464 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV:64bit: - [2008/08/21 00:18:39 | 001,836,800 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2008/05/02 01:59:47 | 000,166,912 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/02/15 21:27:18 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2008/01/24 01:24:23 | 000,060,928 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2007/10/17 00:54:20 | 000,015,872 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System] -- C:\Windows\System32\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2007/08/08 04:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\scramby_out.sys -- (scramby_out)
DRV:64bit: - [2007/07/27 22:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 23:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:64bit: - [2007/04/16 15:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV:64bit: - [2007/02/13 13:41:26 | 000,029,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\scramby.sys -- (scramby)
DRV:64bit: - [2006/10/27 09:01:07 | 000,013,680 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 6B 59 9A 78 F2 CB 01  [binary data]
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Bulli_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
[2009/11/10 16:11:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bulli\AppData\Roaming\Mozilla\Extensions
[2011/06/03 13:44:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\extensions
[2010/11/04 15:54:02 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/01/25 09:14:41 | 000,000,655 | ---- | M] () -- C:\Users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\searchplugins\guildwiki-de.xml
[2011/03/24 05:50:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/06/18 10:51:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/11 06:45:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/21 14:33:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/22 12:43:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/18 12:38:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\BULLI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOQAUI9C.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\BULLI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOQAUI9C.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BULLI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOQAUI9C.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2009/11/15 16:47:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/29 05:34:56 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 16:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 04:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/01/01 04:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/01/01 04:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/01/01 04:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3 - HKU\Bulli_ON_C\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDevAgt] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ChkMail] C:\Program Files\ChkMail\ChkMail\ChkMail.exe (ChkMail)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [iTunesHelper]  File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files (x86)\P4P\P4P.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Turbo Gear] C:\Program Files\ASUS\Turbo Gear\TurboGear.exe ()
O4 - HKLM..\Run: [Turbo Gear Help] C:\Program Files\ASUS\Turbo Gear\GearHelp.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKU\Bulli_ON_C..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\Bulli_ON_C..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\Bulli_ON_C..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\Bulli_ON_C..\Run: [UIWatcher]  File not found
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\Bulli_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Bulli_ON_C Winlogon: Shell - (C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe) - C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe (iu)
O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/14 10:41:22 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{144bec39-de93-11de-bb91-002243cc3463}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{4fa1649b-8842-11df-af6b-002243cc3463}\Shell\AutoRun\command - "" = J:\pakhet.exe
O33 - MountPoints2\{4fa1649b-8842-11df-af6b-002243cc3463}\Shell\open\Command - "" = J:\pakhet.exe
O33 - MountPoints2\{d8a11cf0-0e8f-11e0-abae-002243cc3463}\Shell\AutoRun\command - "" = J:\Menu.exe
O33 - MountPoints2\{e9ecba20-cfa5-11de-a863-002243cc3463}\Shell - "" = AutoRun
O33 - MountPoints2\{e9ecba20-cfa5-11de-a863-002243cc3463}\Shell\AutoRun\command - "" = I:\Trials_2_Second_Edition_Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/10 16:50:24 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/05/28 20:36:52 | 000,000,000 | ---D | C] -- C:\Users\Bulli\AppData\Roaming\go
[2011/05/28 20:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011/05/23 14:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/05/23 14:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/05/23 14:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/05/16 09:10:57 | 000,000,000 | --SD | C] -- C:\Users\Bulli\Documents\Eigene Datenquellen
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/12 09:09:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/11 20:15:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/06/11 20:15:13 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2011/06/11 20:14:59 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/11 20:14:53 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/06/11 20:14:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/11 20:14:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/11 08:21:42 | 005,291,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/10 17:16:04 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/10 16:55:27 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/06/10 16:55:27 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/10 16:55:27 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/06/10 16:55:27 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/10 16:50:24 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/10 16:47:06 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/06/09 15:49:01 | 000,071,168 | ---- | M] () -- C:\Users\Bulli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/06 13:44:40 | 000,000,680 | ---- | M] () -- C:\Users\Bulli\AppData\Local\d3d9caps.dat
[2011/05/28 20:36:52 | 000,001,562 | ---- | M] () -- C:\Users\Bulli\Desktop\Spielen (EasyBits GO).lnk
[2011/05/23 14:05:44 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/23 14:05:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/05/28 20:36:52 | 000,001,592 | ---- | C] () -- C:\Users\Bulli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk
[2011/05/28 20:36:52 | 000,001,562 | ---- | C] () -- C:\Users\Bulli\Desktop\Spielen (EasyBits GO).lnk
[2011/05/23 14:05:44 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/12/24 12:01:39 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010/12/17 08:41:07 | 000,002,508 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010/09/30 18:27:52 | 000,000,680 | ---- | C] () -- C:\Users\Bulli\AppData\Local\d3d9caps.dat
[2010/09/07 16:54:08 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009/12/04 15:11:40 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/04 15:11:18 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/04 15:11:03 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/12/01 12:50:19 | 000,004,096 | -H-- | C] () -- C:\Users\Bulli\AppData\Local\keyfile3.drm
[2009/11/28 19:05:36 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009/11/14 12:30:02 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
[2009/11/14 12:29:54 | 000,000,700 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2009/11/14 12:29:05 | 000,002,391 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2009/11/14 12:29:05 | 000,000,132 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2009/11/13 13:08:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/13 12:56:40 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/11/13 11:27:37 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/11/10 16:25:56 | 000,071,168 | ---- | C] () -- C:\Users\Bulli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/10 16:21:36 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2009/09/17 00:05:24 | 000,000,024 | ---- | C] () -- C:\Windows\SysWow64\ChkMail.ini
[2009/09/16 23:57:06 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe
[2009/09/16 23:51:56 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/09/16 23:51:56 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/09/16 22:38:46 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/09/16 22:37:00 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/04/08 13:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/12/19 02:42:28 | 000,000,518 | ---- | C] () -- C:\Windows\cm106.ini
[2008/11/07 21:08:20 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/08/04 14:29:59 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2008/04/29 22:22:42 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 11:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2000/08/02 14:47:20 | 000,026,112 | ---- | C] () -- C:\Windows\RunUnDrv.exe
 
========== LOP Check ==========
 
[2011/04/12 15:07:32 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\.minecraft
[2010/09/07 17:45:23 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\10 Finger BreakOut
[2010/10/14 12:47:39 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Autodesk
[2011/04/05 10:27:13 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Camfrog
[2010/01/05 18:54:22 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2009/11/12 14:04:30 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\DAEMON Tools
[2009/11/11 16:43:24 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\DAEMON Tools Lite
[2011/05/13 09:25:54 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Downloaded Installations
[2010/11/04 15:54:01 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/01/11 10:42:22 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\FreeMoviesToDVD
[2011/06/10 16:48:34 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\go
[2009/11/18 15:12:23 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\InterVideo
[2010/04/04 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Leadertech
[2011/01/14 21:23:57 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Local
[2010/09/07 16:58:12 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\MAGIX
[2011/05/13 09:27:36 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Nitro PDF
[2009/11/10 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Nokia
[2010/10/14 09:07:17 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Nseries
[2009/11/10 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\PC Suite
[2011/04/30 13:25:11 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Power Sound Editor Free
[2010/03/15 12:47:44 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\ScreenSeven
[2009/11/10 16:21:39 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Shark007
[2011/05/03 19:07:50 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\SteelBytes
[2010/04/13 13:25:21 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Super-Cow
[2011/05/04 14:28:02 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\TeamViewer
[2010/01/31 14:56:03 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\TS3Client
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/01/22 19:43:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Ashampoo
[2010/02/27 12:40:20 | 000,000,000 | ---D | M] -- C:\ProgramData\ASUS
[2011/04/09 09:51:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Autodesk
[2010/07/09 07:02:54 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2009/11/11 16:15:07 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/06/10 17:28:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Easybits GO
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2010/05/13 10:29:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Insight Software
[2010/05/13 10:29:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Insight Software Solutions
[2010/02/22 14:03:29 | 000,000,000 | ---D | M] -- C:\ProgramData\InterVideo
[2011/04/09 10:20:24 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2011/05/13 09:26:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Nitro PDF
[2009/11/10 16:08:09 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2011/04/03 10:30:36 | 000,000,000 | ---D | M] -- C:\ProgramData\RapidSolution
[2011/02/06 12:37:45 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2009/11/10 16:21:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Shark007
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/04/26 09:28:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010/04/04 20:47:04 | 000,000,000 | ---D | M] -- C:\ProgramData\TrackMania
[2010/12/10 13:08:35 | 000,000,000 | ---D | M] -- C:\ProgramData\TVersity
[2009/11/30 13:01:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2010/05/23 10:10:18 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/06/11 20:15:45 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2009/12/09 07:50:53 | 000,000,000 | ---D | M](C:\Users\Bulli\Documents\??? ????) -- C:\Users\Bulli\Documents\Мои игры
[2009/12/09 07:50:53 | 000,000,000 | ---D | C](C:\Users\Bulli\Documents\??? ????) -- C:\Users\Bulli\Documents\Мои игры
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:E8BE05FA
< End of report >
Vielen dank schonmal!

Gruß,
Bulli

markusg 12.06.2011 17:07
aloa,
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein:

Code:
:OTL
O20 - HKU\Bulli_ON_C Winlogon: Shell - (C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe) - C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe (iu)
:Files
C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]
dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits in meinem post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.
öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
http://www.trojaner-board.de/54791-a...ner-board.html

Bulli-76 12.06.2011 18:40
Hallo markusg,
dake für deine schnelle antwort.

ich habe die fix.txt in otl eingefügt und dann auf fix geklickt anschliessend kam die meldung, dass ein neustart notwendig ist dann hab ich auf ja geklickt und er hat nicht von allein neugestartet. ich habe dann manuell neu gestartet und die cd entfernt um windows zu booten aber da kam ich dann immer noch nicht ins system. anschliessend habe ich wieder mit der otlpnet cd gestartet und nochmal den fix ausgeführt und nach der neustartmeldung dann über otlpnet die dateien und das logfile rübergezogen...

Code:
OTL logfile created on: 6/12/2011 6:08:50 PM - Run
OTLPE by OldTimer - Version 3.1.46.0    Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.05 Gb Total Space | 5.40 Gb Free Space | 3.62% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 5.88 Gb Free Space | 3.95% Space Free | Partition Type: NTFS
Drive E: | 136.35 Gb Total Space | 1.70 Gb Free Space | 1.25% Space Free | Partition Type: NTFS
Drive F: | 149.04 Gb Total Space | 3.52 Gb Free Space | 2.36% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/02/04 07:10:20 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:64bit: - [2010/10/17 18:43:02 | 000,099,048 | ---- | M] (SANDBOXIE L.T.D) [Auto] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2010/10/14 11:16:56 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/05/06 05:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV:64bit: - [2007/08/03 15:24:54 | 000,125,496 | ---- | M] () [Auto] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2011/06/03 12:21:28 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/05/17 19:45:57 | 003,275,864 | ---- | M] () [Auto] -- C:\Program Files (x86)\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/04/15 05:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/02/06 11:36:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/11/24 16:33:26 | 000,921,600 | ---- | M] () [Auto] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 08:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/21 09:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 11:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/06 19:57:18 | 000,072,248 | ---- | M] () [Auto] -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe -- (WBVGAservice)
SRV - [2008/11/11 04:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/08/13 23:59:52 | 000,100,920 | ---- | M] () [Auto] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007/01/04 14:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/03/14 11:52:46 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2010/10/17 18:42:58 | 000,145,512 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2010/07/09 08:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto] -- C:\Windows\System32\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/04/16 02:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/30 21:58:04 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/18 05:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/03/18 05:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/12/07 14:38:23 | 000,074,880 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/11/11 16:15:44 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/10/01 13:04:54 | 001,307,648 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CM10664.sys -- (USBMULCD)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/05 09:27:12 | 001,449,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/04/11 01:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/04/11 01:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/04/01 20:46:40 | 000,016,440 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2008/11/03 03:03:27 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2008/09/15 02:57:32 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2008/09/15 02:57:18 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008/09/15 02:57:18 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2008/09/15 02:57:18 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008/08/28 06:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/08/21 02:39:13 | 000,017,464 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV:64bit: - [2008/08/21 00:18:39 | 001,836,800 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2008/05/02 01:59:47 | 000,166,912 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/02/15 21:27:18 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2008/01/24 01:24:23 | 000,060,928 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2007/10/17 00:54:20 | 000,015,872 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System] -- C:\Windows\System32\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2007/08/08 04:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\scramby_out.sys -- (scramby_out)
DRV:64bit: - [2007/07/27 22:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 23:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:64bit: - [2007/04/16 15:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV:64bit: - [2007/02/13 13:41:26 | 000,029,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\scramby.sys -- (scramby)
DRV:64bit: - [2006/10/27 09:01:07 | 000,013,680 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 6B 59 9A 78 F2 CB 01  [binary data]
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Bulli_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
[2009/11/10 16:11:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bulli\AppData\Roaming\Mozilla\Extensions
[2011/06/03 13:44:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\extensions
[2010/11/04 15:54:02 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/01/25 09:14:41 | 000,000,655 | ---- | M] () -- C:\Users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\searchplugins\guildwiki-de.xml
[2011/03/24 05:50:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/06/18 10:51:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/11 06:45:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/21 14:33:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/22 12:43:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/18 12:38:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\BULLI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOQAUI9C.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\BULLI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOQAUI9C.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BULLI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOQAUI9C.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2009/11/15 16:47:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/29 05:34:56 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 16:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 04:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/01/01 04:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/01/01 04:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/01/01 04:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3 - HKU\Bulli_ON_C\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDevAgt] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ChkMail] C:\Program Files\ChkMail\ChkMail\ChkMail.exe (ChkMail)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [iTunesHelper]  File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files (x86)\P4P\P4P.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Turbo Gear] C:\Program Files\ASUS\Turbo Gear\TurboGear.exe ()
O4 - HKLM..\Run: [Turbo Gear Help] C:\Program Files\ASUS\Turbo Gear\GearHelp.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKU\Bulli_ON_C..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\Bulli_ON_C..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\Bulli_ON_C..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\Bulli_ON_C..\Run: [UIWatcher]  File not found
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\Bulli_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Bulli_ON_C Winlogon: Shell - (C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe) - C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe (iu)
O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/14 10:41:22 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{144bec39-de93-11de-bb91-002243cc3463}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{4fa1649b-8842-11df-af6b-002243cc3463}\Shell\AutoRun\command - "" = J:\pakhet.exe
O33 - MountPoints2\{4fa1649b-8842-11df-af6b-002243cc3463}\Shell\open\Command - "" = J:\pakhet.exe
O33 - MountPoints2\{d8a11cf0-0e8f-11e0-abae-002243cc3463}\Shell\AutoRun\command - "" = J:\Menu.exe
O33 - MountPoints2\{e9ecba20-cfa5-11de-a863-002243cc3463}\Shell - "" = AutoRun
O33 - MountPoints2\{e9ecba20-cfa5-11de-a863-002243cc3463}\Shell\AutoRun\command - "" = I:\Trials_2_Second_Edition_Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/10 16:50:24 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/05/28 20:36:52 | 000,000,000 | ---D | C] -- C:\Users\Bulli\AppData\Roaming\go
[2011/05/28 20:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011/05/23 14:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/05/23 14:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/05/23 14:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/05/16 09:10:57 | 000,000,000 | --SD | C] -- C:\Users\Bulli\Documents\Eigene Datenquellen
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/12 09:09:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/11 20:15:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/06/11 20:15:13 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2011/06/11 20:14:59 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/11 20:14:53 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/06/11 20:14:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/11 20:14:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/11 08:21:42 | 005,291,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/10 17:16:04 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/10 16:55:27 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/06/10 16:55:27 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/10 16:55:27 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/06/10 16:55:27 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/10 16:50:24 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/10 16:47:06 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/06/09 15:49:01 | 000,071,168 | ---- | M] () -- C:\Users\Bulli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/06 13:44:40 | 000,000,680 | ---- | M] () -- C:\Users\Bulli\AppData\Local\d3d9caps.dat
[2011/05/28 20:36:52 | 000,001,562 | ---- | M] () -- C:\Users\Bulli\Desktop\Spielen (EasyBits GO).lnk
[2011/05/23 14:05:44 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/23 14:05:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/05/28 20:36:52 | 000,001,592 | ---- | C] () -- C:\Users\Bulli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk
[2011/05/28 20:36:52 | 000,001,562 | ---- | C] () -- C:\Users\Bulli\Desktop\Spielen (EasyBits GO).lnk
[2011/05/23 14:05:44 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/12/24 12:01:39 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010/12/17 08:41:07 | 000,002,508 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010/09/30 18:27:52 | 000,000,680 | ---- | C] () -- C:\Users\Bulli\AppData\Local\d3d9caps.dat
[2010/09/07 16:54:08 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009/12/04 15:11:40 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/04 15:11:18 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/04 15:11:03 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/12/01 12:50:19 | 000,004,096 | -H-- | C] () -- C:\Users\Bulli\AppData\Local\keyfile3.drm
[2009/11/28 19:05:36 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009/11/14 12:30:02 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
[2009/11/14 12:29:54 | 000,000,700 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2009/11/14 12:29:05 | 000,002,391 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2009/11/14 12:29:05 | 000,000,132 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2009/11/13 13:08:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/13 12:56:40 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/11/13 11:27:37 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/11/10 16:25:56 | 000,071,168 | ---- | C] () -- C:\Users\Bulli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/10 16:21:36 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2009/09/17 00:05:24 | 000,000,024 | ---- | C] () -- C:\Windows\SysWow64\ChkMail.ini
[2009/09/16 23:57:06 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe
[2009/09/16 23:51:56 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/09/16 23:51:56 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/09/16 22:38:46 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/09/16 22:37:00 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/04/08 13:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/12/19 02:42:28 | 000,000,518 | ---- | C] () -- C:\Windows\cm106.ini
[2008/11/07 21:08:20 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/08/04 14:29:59 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2008/04/29 22:22:42 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 11:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2000/08/02 14:47:20 | 000,026,112 | ---- | C] () -- C:\Windows\RunUnDrv.exe
 
========== LOP Check ==========
 
[2011/04/12 15:07:32 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\.minecraft
[2010/09/07 17:45:23 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\10 Finger BreakOut
[2010/10/14 12:47:39 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Autodesk
[2011/04/05 10:27:13 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Camfrog
[2010/01/05 18:54:22 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2009/11/12 14:04:30 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\DAEMON Tools
[2009/11/11 16:43:24 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\DAEMON Tools Lite
[2011/05/13 09:25:54 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Downloaded Installations
[2010/11/04 15:54:01 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/01/11 10:42:22 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\FreeMoviesToDVD
[2011/06/10 16:48:34 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\go
[2009/11/18 15:12:23 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\InterVideo
[2010/04/04 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Leadertech
[2011/01/14 21:23:57 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Local
[2010/09/07 16:58:12 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\MAGIX
[2011/05/13 09:27:36 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Nitro PDF
[2009/11/10 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Nokia
[2010/10/14 09:07:17 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Nseries
[2009/11/10 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\PC Suite
[2011/04/30 13:25:11 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Power Sound Editor Free
[2010/03/15 12:47:44 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\ScreenSeven
[2009/11/10 16:21:39 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Shark007
[2011/05/03 19:07:50 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\SteelBytes
[2010/04/13 13:25:21 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Super-Cow
[2011/05/04 14:28:02 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\TeamViewer
[2010/01/31 14:56:03 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\TS3Client
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/01/22 19:43:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Ashampoo
[2010/02/27 12:40:20 | 000,000,000 | ---D | M] -- C:\ProgramData\ASUS
[2011/04/09 09:51:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Autodesk
[2010/07/09 07:02:54 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2009/11/11 16:15:07 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/06/10 17:28:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Easybits GO
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2010/05/13 10:29:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Insight Software
[2010/05/13 10:29:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Insight Software Solutions
[2010/02/22 14:03:29 | 000,000,000 | ---D | M] -- C:\ProgramData\InterVideo
[2011/04/09 10:20:24 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2011/05/13 09:26:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Nitro PDF
[2009/11/10 16:08:09 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2011/04/03 10:30:36 | 000,000,000 | ---D | M] -- C:\ProgramData\RapidSolution
[2011/02/06 12:37:45 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2009/11/10 16:21:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Shark007
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/04/26 09:28:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010/04/04 20:47:04 | 000,000,000 | ---D | M] -- C:\ProgramData\TrackMania
[2010/12/10 13:08:35 | 000,000,000 | ---D | M] -- C:\ProgramData\TVersity
[2009/11/30 13:01:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2010/05/23 10:10:18 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/06/11 20:15:45 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2009/12/09 07:50:53 | 000,000,000 | ---D | M](C:\Users\Bulli\Documents\??? ????) -- C:\Users\Bulli\Documents\Мои игры
[2009/12/09 07:50:53 | 000,000,000 | ---D | C](C:\Users\Bulli\Documents\??? ????) -- C:\Users\Bulli\Documents\Мои игры
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:E8BE05FA
< End of report >
Gruß,
Bulli

markusg 12.06.2011 19:11
hallo, moved files hat hier nichts zu suchen, bitte lesen wos hingehört hätte.
versuch das neue otl script
Code:
:OTL
:Files
C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe
:Commands
[Reboot]
du musst dann, nach neustart, taskmanager öffnen, dort neuer task und explorer.exe starten.

Bulli-76 12.06.2011 19:26
habe die moved files nochmal an entsprechender stelle hochgeladen...
deinen neuen fix habe ich auch ausgeführt. aber nachdem ich in dem fenster mit dem neustart auf ja klicke startet er nicht von alleine neu... soll ich nun manuell neustarten und windows booten um weiterzukommen oder ist da noch irgendwas fehlerhaft?

markusg 12.06.2011 19:35
der fix war auch vorher nciht fehlerhaft, aber starte mal manuell neu.

Bulli-76 12.06.2011 19:44
ok.... hab neu gestartet und kann auch wieder auf den desktop zugreifen:applaus:
wars das etwa schon oder muss ich den virus nun noch entgültig entfernen?

markusg 12.06.2011 19:52
jetzt musst du mir noch mal moved files im upload channel hochladen, da jetzt erst die datei gelöscht wurde.
ist der destkop von allein gekommen oder musstest du explorer.exe starten?

Bulli-76 12.06.2011 19:55
kam alles von alleine... musste den explorer.exe nicht manuell starten. werde jetzt die moved files nochmal rüberziehen und hochladen...

markusg 12.06.2011 20:00
hast du das alte archiv hochgeladen oder ist der ordner moved files nur 2 kb groß?

Bulli-76 12.06.2011 20:09
der ordner ist 7,31 kb groß das rar archiv ist 2,19kb groß
habe den aktuellen ordner hochgeladen in dem 3 verschiedene dateien enthalten sind... 2 davon waren anscheinen von meinen ersten beiden versuchen und das dritte war jetzt neu...

markusg 12.06.2011 20:15
ok.
bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Bulli-76 12.06.2011 21:21
erstellt und gepostet....

Code:
ComboFix 11-06-11.01 - Bulli 12.06.2011  23:31:22.1.4 - x64
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.49.1031.18.6142.4012 [GMT 2:00]
ausgeführt von:: c:\users\Bulli\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\3.ddi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\4.ddi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\5.ddi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\6.ddi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Monk.S06E03.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi.ddr
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Monk.S06E04.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi.ddr
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Monk.S06E05.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi.ddr
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Monk.S06E06.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi.ddr
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\mse_monk_s01e01.avi.ddr
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Monk.german.XviD.iFF.S06E02.avi.ddp
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Monk.S06E02.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi(2).ddp
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Monk.S06E02.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi.ddp
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Monk.S06E03.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi.ddp
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Monk.S06E04.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Monk.S06E04.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi.ddp
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Monk.S06E05.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Monk.S06E06.GERMAN.DUBBED.DL.DVDRiP.WS.XviD.avi
c:\users\Bulli\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\mse_monk_s01e01.avi.ddp
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-05-12 bis 2011-06-12  ))))))))))))))))))))))))))))))
.
.
2011-06-12 23:49 . 2011-03-06 22:12        2234368        ----a-r-        C:\OTLPE.exe
2011-06-12 23:49 . 2011-06-12 20:56        --------        d-----w-        C:\_OTL
2011-06-12 22:11 . 2011-06-12 22:11        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-06-12 21:29 . 2011-06-12 21:29        --------        d-----w-        C:\32788R22FWJFW
2011-06-10 20:51 . 2011-05-09 22:00        8718160        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{D6C3762E-9594-4C01-B7CC-DC02669B6AAE}\mpengine.dll
2011-06-10 20:50 . 2011-06-10 20:50        404640        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-29 00:36 . 2011-06-12 22:01        --------        d-----w-        c:\users\Bulli\AppData\Roaming\go
2011-05-29 00:36 . 2011-06-12 22:01        --------        d-----w-        c:\programdata\Easybits GO
2011-05-23 18:06 . 2011-06-12 20:51        --------        d-----w-        c:\programdata\Skype Extras
2011-05-23 18:05 . 2011-05-23 18:05        --------        d-----w-        c:\program files (x86)\Common Files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-12 17:55 . 2009-09-17 04:05        45056        ----a-w-        c:\windows\system32\acovcnt.exe
2011-05-11 22:00 . 2011-05-11 22:07        258352        ----a-w-        c:\windows\SysWow64\unicows.dll
2011-05-02 23:33 . 2011-05-02 23:33        53248        ----a-r-        c:\users\Bulli\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-05-02 23:32 . 2010-04-04 20:47        18960        ----a-w-        c:\windows\system32\drivers\LNonPnP.sys
2009-04-08 17:31 . 2009-04-08 17:31        106496        ----a-w-        c:\program files (x86)\Common Files\CPInstallAction.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08        143360        ----a-w-        c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2010-11-17 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2008-07-04 486856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2010-10-17 590056]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-04-18 15146376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-07 159744]
"ADSMTray"="c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"Turbo Gear Help"="c:\program files\ASUS\Turbo Gear\GearHelp.exe" [2008-10-01 1025536]
"Turbo Gear"="c:\program files\ASUS\Turbo Gear\TurboGear.exe" [2008-10-14 2987008]
"PowerForPhone"="c:\program files (x86)\P4P\P4P.exe" [2008-01-26 778240]
"ChkMail"="c:\program files\ChkMail\ChkMail\ChkMail.exe" [2007-07-14 741376]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2008-10-01 1126400]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-09-17 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-09-17 47672]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2009-07-01 37888]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="d:\programme\iTunes\iTunesHelper.exe" [2010-04-28 142120]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-04-28 220552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-30 1026088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-28 135664]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cpuz130;cpuz130;c:\users\Bulli\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-14 1436424]
R3 GPU-Z;GPU-Z;c:\users\Bulli\AppData\Local\Temp\GPU-Z.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-28 135664]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 scramby_out;Scramby Output;c:\windows\system32\drivers\scramby_out.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 27648]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-02-04 341296]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
S2 WBVGAservice;WB VGA Service;c:\program files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe [2009-02-06 72248]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-28 16:42]
.
2011-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-28 16:42]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52        159744        ----a-w-        c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-04-28 7731232]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-20 1833504]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1216808]
"Cm106Sound"="c:\windows\Syswow64\cm106.dll" [2009-10-09 8151040]
"Launch LgDevAgt"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2008-11-06 397320]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2008-11-06 2049544]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2008-11-06 3837960]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-05 2345848]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-02-22 500208]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
TCP: DhcpNameServer = 192.168.1.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\
.
.
------- Dateityp-Verknüpfung -------
.
.txt=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-UIWatcher - c:\program files (x86)\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-Counter-Strike: Source - g:\games\CSS-lan\Counter-Strike Source\Uninst.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Bulli\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-5981235-4273543227-2212357858-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:23,d7,96,13,50,8a,98,db,99,85,6c,8c,6d,58,4e,30,57,6e,08,9c,48,8a,1b,
  b8,99,47,b1,17,99,16,1d,03,5e,25,91,47,aa,21,5e,96,41,d4,9b,12,e3,d2,a7,71,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-06-13  00:14:08
ComboFix-quarantined-files.txt  2011-06-12 22:14
.
Vor Suchlauf: 7.087.280.128 Bytes frei
Nach Suchlauf: 9.498.513.408 Bytes frei
.
- - End Of File - - 72B235CBF56B49716E953BB349E1826C

markusg 12.06.2011 21:23
sieht gut aus.
download malwarebytes:
Malwarebytes : Malwarebytes Anti-Malware is a free download that removes viruses and malware from your computer
instalieren, öffnen, registerkarte aktualisierung, programm updaten.
schalte alle laufenden programme ab, trenne die internetverbindung.
registerkarte scanner, komplett scan, funde entfernen, log posten.

Bulli-76 13.06.2011 00:12
Zitat:
Zitat von markusg
komplett scan, funde entfernen, log posten.
log:
Code:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6842

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048

13.06.2011 01:09:39
mbam-log-2011-06-13 (01-09-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|G:\|)
Durchsuchte Objekte: 501258
Laufzeit: 1 Stunde(n), 8 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\program files (x86)\Visions\updater.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\program files (x86)\Visions\Visions.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.

markusg 13.06.2011 09:42
sagt dir das was?
c:\program files (x86)\Visions

Bulli-76 13.06.2011 10:38
ja das sagt mir was^^

markusg 13.06.2011 10:39
öffne dann mal malwarebytes, quarantäne und stelle die beiden funde wieder her, die aus diesem verzeichniss kommen

Bulli-76 13.06.2011 10:41
ist nicht so schlimm... das wollte ich sowieso noch mal runterschmeissen^^

markusg 13.06.2011 10:42
ok
jetzt kommen wir noch zu einigen kleineren arbeiten, wie updates etc.
lade den CCleaner standard:
CCleaner - Standard
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Bulli-76 13.06.2011 11:18
Code:
Acrobat.com        Adobe Systems Incorporated        30.03.2010        1,70MB        1.2.443  -->unbekannt
Adobe After Effects CS5        Adobe Systems Incorporated        05.02.2011        2.146MB        10  -->unnötig
Adobe AIR        Adobe Systems Inc.        05.02.2011                1.5.3.9120  -->unbekannt
Adobe Community Help        Adobe Systems Incorporated        05.02.2011        2,52MB        3.0.0.400  -->unbekannt
Adobe Flash Player 10 ActiveX        Adobe Systems, Inc.        30.03.2010        1,96MB        10.0.2.54  -->notwendig
Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        09.06.2011        2,95MB        10.3.181.22  -->notwendig
Adobe Media Player        Adobe Systems Incorporated        30.03.2010        2,95MB        1.1  -->unbekannt
Adobe Photoshop CS3        Adobe Systems Incorporated        06.02.2011                10.0  -->notwendig
Adobe Reader 9.2 - Deutsch        Adobe Systems Incorporated        03.11.2010        161,5MB        9.2.0  -->notwendig
Akamai NetSession Interface                13.10.2010        5,20MB          -->unbekannt
Apple Application Support        Apple Inc.        22.05.2010        39,7MB        1.2.1  -->unbekannt
Apple Mobile Device Support        Apple Inc.        22.05.2010        20,2MB        3.0.1.3  -->unbekannt
Apple Software Update        Apple Inc.        22.05.2010        2,26MB        2.1.2.120  -->notwendig
ASUS CopyProtect        ASUS        15.09.2009        3,47MB        1.0.0012  -->unbekannt
ASUS Data Security Manager        ASUS        15.09.2009        15,0MB        1.00.0011  -->notwendig
ASUS LifeFrame3        ASUS        15.09.2009        27,7MB        3.0.19  -->notwendig
ASUS Live Update        ASUS        16.09.2009        0,43MB        2.5.7  -->notwendig
ASUS MultiFrame                16.09.2009        2,36MB        1.0.0018  -->notwendig
ASUS SmartLogon        ASUS        15.09.2009        10,9MB        1.0.0005  -->notwendig
ASUS Splendid Video Enhancement Technology        ASUS        15.09.2009        25,0MB        1.02.0025  -->notwendig
ASUS Turbo Gear Enhanced VGA Driver        ASUSTeK Computer Inc.        16.09.2009        0,27MB        0.0.0.18  -->notwendig
ASUS Virtual Camera        asus        15.09.2009        2,88MB        1.0.14  -->notwendig
Asus_Camera_ScreenSaver        ASUS        16.09.2009                2.0.0008  -->notwendig
Atheros Client Installation Program        Atheros        15.09.2009        1,29MB        7.0  -->unbekannt
ATK Generic Function Service        ATK        15.09.2009        0,45MB        1.00.0008  -->unbekannt
ATK Hotkey        ASUS        15.09.2009        5,80MB        1.0.0049  -->unbekannt
ATK Media        ASUS        15.09.2009        0,18MB        2.0.0004  -->unbekannt
ATKOSD2        ASUS        15.09.2009        7,99MB        7.0.0003  -->unbekannt
Autodesk Design Review 2011        Autodesk, Inc.        13.10.2010        115,8MB        11.0.0.86  -->unnötig
Autodesk Vault 2011 (Client)        Autodesk, Inc.        13.10.2010        352MB        15.0.58.0  -->unnötig
Avira AntiVir Personal - Free Antivirus        Avira GmbH        14.11.2009        137,5MB          -->notwendig
Call of Duty: Black Ops        Treyarch        09.11.2010        7.892MB          -->notwendig
Call of Duty: Black Ops - Multiplayer        Treyarch        09.11.2010        7.892MB          -->notwendig
Canon iP4500 series                08.07.2010          -->notwendig       
CCleaner        Piriform        20.11.2010        5,96MB        3.00  -->notwendig
ChkMail        ChkMail        15.09.2009        0,71MB        2.0.0.16  -->unbekannt
Cisco EAP-FAST Module        Cisco Systems, Inc.        15.09.2009        1,56MB        2.2.10  -->unbekannt
Cisco LEAP Module        Cisco Systems, Inc.        15.09.2009        0,62MB        1.0.16  -->unbekannt
Cisco PEAP Module        Cisco Systems, Inc.        15.09.2009        1,24MB        1.1.3  -->unbekannt
Counter-Strike: Source        Valve        13.01.2010        1.643MB          -->notwendig
Counter-Strike: Source        Valve        09.11.2009        3.844MB        1.0.0.0  -->notwendig
CPUID CPU-Z 1.56                19.11.2010        3,48MB          -->notwendig
CyberLink LabelPrint        CyberLink Corp.        15.09.2009        88,4MB        2.5.1720  -->notwendig
CyberLink Power2Go        CyberLink Corp.        15.09.2009        108,4MB        6.1.2713  -->notwendig
Direct Console 2.0        ASUS        15.09.2009        9,53MB        2.0.7  -->notwendig
DivX-Setup        DivX, LLC        14.01.2011        2,08MB        2.2.1.2  -->unbekannt
DWG TrueView 2011        Autodesk        13.10.2010        488MB        18.1.49.0  -->unnötig
EasyBits GO        EasyBits Media        28.05.2011        12,6MB          -->unbekannt
eToro        eToro        17.03.2011        48,8MB        1146  -->notwendig
EVEREST Ultimate Edition v5.30        Lavalys, Inc.        27.11.2009        15,7MB        5.30  -->unnötig
Express Gate        DeviceVM, Inc.        15.09.2009        366MB        1.1.9.2  -->notwendig
FARO LS 1.1.406.58        FARO Scanner Production        13.10.2010        21,5MB        4.6.58.2  -->unbekannt
FEAR        Vivendi Universal Games, Inc.        12.11.2009        5.309MB        1.00.0000  -->unnötig
Free YouTube to MP3 Converter version 3.8        DVDVideoSoft Limited.        03.11.2010        3,41MB            -->unnötig
Futuremark SystemInfo        Futuremark Corporation        20.11.2010        2,89MB        3.21.2.1  -->unnötig
Google Chrome        Google Inc.        11.05.2010        217MB        12.0.742.91  -->notwendig
Google Earth        Google        08.03.2011        84,4MB        6.0.1.2032  -->notwendig
Google SketchUp 7        Google, Inc.        06.04.2010        68,1MB        2.1.6863  -->unnötig
GUILD WARS                26.11.2009        3.738MB          -->notwendig
GuildWars Visions v1.08        Luzzifus, www.guild-wars.info        11.12.2009        16,5MB          -->unnötig
InterVideo WinDVD 8        InterVideo Inc.        10.11.2009        100,4MB        8.0-B9.579  -->notwendig
iTunes        Apple Inc.        22.05.2010        160,6MB        9.1.1.12  -->notwendig
Java(TM) 6 Update 24        Sun Microsystems, Inc.        11.11.2009        97,7MB        6.0.240  -->notwendig
JDownloader        AppWork UG (haftungsbeschränkt)        29.03.2010        54,9MB        0.89  -->notwendig
Left 4 Dead        Valve        29.04.2011        7.560MB          -->notwendig
Logitech GamePanel Software 3.01        Logitech        08.04.2010        42,9MB        3.01.180  -->notwendig
Logitech SetPoint 6.15        Logitech        02.05.2011                6.15.25  -->notwendig
Malwarebytes' Anti-Malware Version 1.51.0.1200        Malwarebytes Corporation        11.06.2011        7,30MB        1.51.0.1200  -->unbekannt
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        14.11.2009        42,1MB          -->unbekannt
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        14.11.2009        42,1MB          -->unbekannt
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        24.11.2010        189,3MB        4.0.30319  -->unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        24.11.2010        46,5MB        4.0.30319  -->unbekannt
Microsoft IntelliType Pro 7.1        Microsoft        12.11.2010        32,9MB        7.10.344.0  -->notwendig
Microsoft Office Enterprise 2007        Microsoft Corporation        31.07.2010        623MB        12.0.4518.1014  -->notwendig
Microsoft Report Viewer Redistributable 2008        Microsoft Corporation        13.10.2010        76,7MB          -->unbekannt
Microsoft SQL Server Compact 3.5 SP1 English        Microsoft Corporation        13.10.2010        2,60MB        3.5.5692.0  -->unbekannt
Microsoft SQL Server Compact 3.5 SP1 x64 English        Microsoft Corporation        13.10.2010        3,70MB        3.5.5692.0  -->unbekannt
Microsoft Visual Basic Power Packs 3.0        Microsoft        13.10.2010        5,29MB        9.0.30214  -->unbekannt
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        10.11.2009        2,37MB        8.0.50727.42  -->unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17        Microsoft Corporation        19.12.2009        0,24MB        9.0.30729  -->unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148        Microsoft Corporation        09.11.2009        0,76MB        9.0.30729.4148  -->unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        14.11.2009        0,58MB        9.0.30729  -->unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        13.10.2010        0,58MB        9.0.30729.4148  -->unbekannt
Microsoft WSE 3.0 Runtime        Microsoft Corp.        13.10.2010        0,92MB        3.0.5305.0  -->unbekannt
Mozilla Firefox 4.0.1 (x86 de)        Mozilla        28.04.2011        32,3MB        4.0.1  -->notwendig
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        13.11.2009        1,28MB        4.20.9870.0  -->unbekannt
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        23.11.2009        1,34MB        4.20.9876.0  -->unbekannt
NB Probe                16.09.2009        2,75MB          -->unbekannt
Nitro PDF Reader        Nitro PDF Software        12.05.2011        90,0MB        1.4.0.11  -->notwendig
Nokia Connectivity Cable Driver        Nokia        09.11.2009        3,14MB        7.1.8.0  -->notwendig
Nokia Ovi Application Installer 6.85.3011        Nokia        09.11.2009        81,2MB          -->notwendig
Nokia Ovi Content Copier 6.85.3011        Nokia        09.11.2009        81,2MB          -->notwendig
Nokia Ovi One Touch Access 6.85.3011        Nokia        09.11.2009        35,8MB          -->notwendig
Nokia Ovi Suite        Nokia        09.11.2009        59,6MB        3.1.243  -->notwendig
Nokia Ovi System Utilities 6.85.3013        Nokia        09.11.2009        35,8MB          -->notwendig
NVIDIA Display Control Panel        NVIDIA Corporation        31.07.2010        1,29MB        6.14.12.5896  -->notwendig
NVIDIA Drivers        NVIDIA Corporation        31.07.2010        3.370MB        1.10.62.40  -->notwendig
NVIDIA PhysX        NVIDIA Corporation        31.07.2010        80,0MB        9.10.0224  -->notwendig
OpenAL                20.11.2010        0,75MB            -->unbekannt
P4P        P4P        15.09.2009        0,75MB        1.0.0.17  -->unbekannt
PC Connectivity Solution        Nokia        09.11.2009        17,6MB        8.47.6.0  -->notwendig
PC Inspector File Recovery                25.04.2011        5,93MB        4.0  -->unbekannt
PDF24 Creator 3.0.0        PDF24.org        12.05.2011        34,9MB          -->unnötig
PDFCreator        Frank Heindörfer, Philip Chinery        26.10.2010        25,1MB        1.0.2  -->notwendig
PokerStars.net        PokerStars.net        13.11.2009        42,8MB          -->unnötig
Portal 2        Valve        18.04.2011        10.526MB          -->notwendig
Power Sound Editor Free        PowerSE Studio Inc.        29.04.2011        55,3MB          -->unnötig
QuickTime        Apple Inc.        22.05.2010        73,8MB        7.66.71.0  -->notwendig
Realtek 8169 8168 8101E 8102E Ethernet Driver        Realtek        15.09.2009        1,49MB        1.00.0000  -->notwendig
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        15.09.2009        11,1MB        6.0.1.5836  -->notwendig
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01                16.09.2009        2,11MB        3.55.01  -->notwendig
Sandboxie 3.50 (64-bit)                16.12.2010        3,41MB          -->notwendig
Skype™ 5.3        Skype Technologies S.A.        22.05.2011        22,6MB        5.3.111  -->notwendig
Smart Data Recovery v4.3        Smart PC Solutions        25.04.2011        14,0MB        4.3  -->unbekannt
Source Violence Patch 1.5 BETA                12.11.2009        360MB          -->notwendig
StarCraft II        Blizzard Entertainment        15.01.2011        9.260MB        1.2.0.17326  -->notwendig
Steam(TM)        Valve        09.11.2009        16,6MB        1.0.0.0  -->notwendig
Synaptics Pointing Device Driver        Synaptics        16.09.2009        14,2MB        10.1.8.0    -->unbekannt
System Requirements Lab                20.11.2009        0,38MB          -->unbekannt
TeamSpeak 2 RC2        Dominating Bytes Design        12.11.2009                2.0.32.60  -->notwendig
TeamSpeak 3 Client        TeamSpeak Systems GmbH        02.03.2011        38,8MB          -->notwendig
TeamViewer 6        TeamViewer GmbH        03.05.2011        22,8MB        6.0.10511  -->notwendig
TmNationsForever Update 2010-03-15        Nadeo        04.04.2010        716MB          -->unnötig
Turbo Gear Extreme                16.09.2009        1,27MB        1.00.22  -->notwendig
TVersity Codec Pack 1.4        TVersity Inc.        10.10.2010        1,63MB        1.4  -->notwendig
TVersity Media Server 1.9.3        TVersity        09.12.2010        209MB        1.9.3  -->notwendig
USB 2.0 UVC 2.0M WebCam                16.09.2009            -->unbekannt       
USB Multi-Channel Audio Device                05.03.2010          -->notwendig       
VLC media player 1.0.3        VideoLAN Team        09.11.2009        73,1MB        1.0.3  -->notwendig
WIDCOMM Bluetooth Software        Broadcom Corporation        15.09.2009        50,1MB        5.2.0.800  -->unbekannt
Winamp        Nullsoft, Inc        09.11.2009        35,2MB        5.56  -->notwendig
Windows Media Player Firefox Plugin        Microsoft Corp        22.12.2010        0,29MB        1.0.0.8  -->notwendig
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)        Nokia        09.11.2009        699MB        08/22/2008 7.0.0.0  -->notwendig
WinFlash                16.09.2009        1,37MB          -->unbekannt
WinRAR                24.07.2010        4,41MB          -->notwendig
Wireless Console 2        ATK        15.09.2009                2.0.10  -->notwendig
x64 Components v2.2.2        Shark007        09.11.2009        32,3MB        2.2.2  -->unbekannt

markusg 13.06.2011 13:04
deinstaliere:
Acrobat.com
Adobe After Effects


Adobe AIR
Adobe Community
Adobe Media Player

Adobe Reader 9
Adobe - Adobe Reader herunterladen - Alle Versionen
ohne mc affe instalieren (haken weg)
öffne den adobe reader, bearbeiten, voreinstellungen, javascript, dort den haken raus,
internet, ebenfalls alle haken raus.
so werden keine pdfs mehr automatisch geladen und es kann dir kein schadcode mehr auf diese weise untergeschoben werden.
unter allgemein, nur zertifizierte zusatzmodule verwenden anhaken.
unter update, auf instalieren stellen.
klicke übernehmen /ok

deinstaliere.
ChkMail
EVEREST
FEAR
Free YouTube
Futuremark
Google SketchUp
Google Chrome ist doch schon total veraltet, update mal dringenst.
Google Chrome - der schnelle, sichere Browser | Kostenloser Download
iTunes ebenfalls updaten.
Apple - iTunes - iTunes jetzt laden
Java
Java SE Downloads
klicke download jre, downloade offline installer, instalire

PC Inspector
PokerStars
Power Sound
bereinige mit dem ccleaner.


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:49 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131