|
|
|||||||
| Startseite |  |
Registrieren | |
Hilfe | |
Suchen | |
Heutige Beiträge | Alle Foren als gelesen markieren |
RSS-Feed
Highlights
Forenübersicht
Letzte Forenthemen
Onlineuser
Statistik
Login
Kalender
Populäre Begriffe
Surf-Tipp
Aktuelle Inhalte
 |
|
|
LinkBack | Themen-Optionen |
21.06.2010, 10:54
|
#1 |
|
hat sich eingelebt
Registriert seit: 30.04.2008
Ort: München
Alter: 33
Beiträge: 70
8 ******** Windows 7 Ultimate 64Bit Officeversion: Office 2010 |
Besuch von C90dll.dll
Hallo zusammen, jetzt benötigte ich mal Eure Hilfe.
Hab hier mir einer Kiste folgendes Problem: Win 7 Ultimate 32 Alle Updates. mbam Code:
Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 4219 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 21.06.2010 07:37:50 mbam-log-2010-06-21 (07-37-50).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 139653 Laufzeit: 3 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Program Files\C90dll.dll (Spyware.OnlineGames) -> No action taken. Code:
OTL logfile created on: 21.06.2010 07:17:37 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = E:\Download\Microsoft\Diagnose Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 87,79 Gb Total Space | 56,55 Gb Free Space | 64,41% Space Free | Partition Type: NTFS Drive D: | 100,58 Gb Total Space | 64,86 Gb Free Space | 64,49% Space Free | Partition Type: NTFS Drive E: | 43,95 Gb Total Space | 7,13 Gb Free Space | 16,22% Space Free | Partition Type: NTFS Drive F: | 39,06 Gb Total Space | 26,38 Gb Free Space | 67,52% Space Free | Partition Type: NTFS Drive G: | 146,48 Gb Total Space | 130,15 Gb Free Space | 88,85% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MANFRED-PC Current User Name: Manfred Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - File not found -- C:\Programme\StCenter.exe PRC - File not found -- C:\Programme\IGDCTRL.EXE PRC - File not found -- C:\Programme\FwebProt.exe PRC - [2010.06.21 07:17:30 | 000,574,464 | ---- | M] (OldTimer Tools) -- E:\Download\Microsoft\Diagnose\OTL.exe PRC - [2010.06.03 09:34:56 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe PRC - [2010.04.29 21:25:00 | 001,890,816 | ---- | M] (Topala Software Solutions) -- D:\Programme\SIW\siw.exe PRC - [2010.04.02 18:53:01 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Programme\FireFox\firefox.exe PRC - [2010.03.13 14:53:52 | 020,753,760 | ---- | M] (Microsoft Corporation) -- D:\Programme\MS Office\Office14\EXCEL.EXE PRC - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E PRC - [2009.11.16 10:04:30 | 000,735,960 | ---- | M] (ESET) -- D:\Programme\NOD32\ekrn.exe PRC - [2009.11.16 10:03:32 | 002,054,360 | ---- | M] (ESET) -- D:\Programme\NOD32\egui.exe PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.07.24 20:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Programme\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.07.14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2009.07.14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2009.03.30 04:25:26 | 043,010,392 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe PRC - [2008.07.10 03:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2006.10.26 14:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe ========== Modules (SafeList) ========== MOD - [2010.06.21 07:17:30 | 000,574,464 | ---- | M] (OldTimer Tools) -- E:\Download\Microsoft\Diagnose\OTL.exe MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_4211 89da2b7fabfc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (WPFFontCache_v0400) SRV - [2010.05.29 21:02:39 | 002,480,048 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2010.05.21 13:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\Programme\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2010.03.27 18:39:02 | 000,752,184 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programme\MS Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010.03.18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspn et_state.exe -- (aspnet_state) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe -- (NetTcpPortSharing) SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe -- (NetTcpActivator) SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe -- (NetPipeActivator) SRV - [2010.03.18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe -- (NetMsmqActivator) SRV - [2010.01.21 20:29:46 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E -- (osppsvc) SRV - [2009.12.15 21:16:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.11.16 10:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- D:\Programme\NOD32\EHttpSrv.exe -- (EhttpSrv) SRV - [2009.11.16 10:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- D:\Programme\NOD32\ekrn.exe -- (ekrn) SRV - [2009.11.12 14:48:56 | 000,071,096 | ---- | M] () [Disabled | Stopped] -- D:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009.07.28 17:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\IGDCTRL.EXE -- (IGDCTRL) SRV - [2009.07.24 20:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009.07.21 04:04:00 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100) SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV) SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009.03.30 04:25:26 | 043,010,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) SRV - [2009.03.30 04:23:32 | 000,254,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2009.03.30 04:23:24 | 000,366,936 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS) SRV - [2008.10.24 17:35:44 | 000,128,296 | ---- | M] () [Disabled | Stopped] -- D:\Programme\Steuer\AAVUpdateManager\aavus.exe -- (AAV UpdateService) SRV - [2008.07.10 03:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2007.01.04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Disabled | Stopped] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (cpuz132) DRV - [2010.05.29 21:02:41 | 000,160,704 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp) DRV - [2010.05.29 21:02:35 | 000,911,680 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258) DRV - [2010.05.29 21:02:31 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2010.05.29 21:02:22 | 000,166,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2010.04.23 18:31:01 | 000,106,432 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2010.02.11 09:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009.12.15 23:56:28 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs) DRV - [2009.12.11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009.12.08 21:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Programme\VisualStudio\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100) DRV - [2009.11.16 10:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2009.11.16 10:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009.11.16 09:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon) DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009.10.06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009.10.06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009.10.06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009.10.06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009.07.14 01:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt) DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009.05.08 12:23:18 | 001,047,552 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009.03.30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103) DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007.11.18 04:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD) DRV - [2007.04.17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi) DRV - [2007.02.16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 34 BE 1A A1 7D CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "SweetIM Search" FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={s earchTerms}" FF - prefs.js..browser.search.selectedEngine: "Winload Customized Web Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.de/" FF - prefs.js..extensions.enabledItems: smileys@yourdomain.com:1.3.3 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.87 FF - prefs.js..extensions.enabledItems: {759F3C3E-A3FC-474b-A6F0-66B14404AA07}:4.1.1 FF - prefs.js..extensions.enabledItems: {8620c15f-30dc-4dba-a131-7c5d20cf4a29}:2.0.3 FF - prefs.js..extensions.enabledItems: {99B98C2C-7274-45a3-A640-D9DF1A1C8460}:1.4 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: longurlplease@darragh.curran:0.4.3 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksyn c@nokia.com: D:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.16 11:34:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Programme\FireFox\components [2010.04.02 18:53:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Programme\FireFox\plugins [2010.06.17 07:26:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplg Tb@eset.com: D:\Programme\NOD32\Mozilla Thunderbird [2010.03.13 11:53:37 | 000,000,000 | ---D | M] [2009.12.15 18:08:27 | 000,000,000 | ---D | M] -- C:\Users\Manfred\AppData\Roaming\mozilla\Extension s [2010.06.21 06:45:50 | 000,000,000 | ---D | M] -- C:\Users\Manfred\AppData\Roaming\mozilla\Firefox\P rofiles\r16ium12.default\extensions [2010.06.15 12:25:09 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Manfred\AppData\Roaming\mozilla\Firefox\P rofiles\r16ium12.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009.12.15 20:12:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manfred\AppData\Roaming\mozilla\Firefox\P rofiles\r16ium12.default\extensions\{759F3C3E-A3FC-474b-A6F0-66B14404AA07} [2009.12.15 20:10:49 | 000,000,000 | ---D | M] (Nightly Tester Tools) -- C:\Users\Manfred\AppData\Roaming\mozilla\Firefox\P rofiles\r16ium12.default\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} [2010.01.09 10:08:30 | 000,000,000 | ---D | M] (CookieCuller) -- C:\Users\Manfred\AppData\Roaming\mozilla\Firefox\P rofiles\r16ium12.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460} [2010.04.16 06:42:19 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Manfred\AppData\Roaming\mozilla\Firefox\P rofiles\r16ium12.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.05.01 08:58:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Manfred\AppData\Roaming\mozilla\Firefox\P rofiles\r16ium12.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.06.08 06:09:12 | 000,000,000 | ---D | M] -- C:\Users\Manfred\AppData\Roaming\mozilla\Firefox\P rofiles\r16ium12.default\extensions\longurlplease@ darragh.curran [2010.01.09 22:15:52 | 000,000,000 | ---D | M] -- C:\Users\Manfred\AppData\Roaming\mozilla\Firefox\P rofiles\r16ium12.default\extensions\smileys@yourdo main.com O1 HOSTS File: ([2009.12.23 13:22:35 | 000,001,198 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [egui] D:\Programme\NOD32\egui.exe (ESET) O4 - Startup: C:\Users\Manfred\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FwebProt.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: TaskbarNoNotification = 1 O13 - gopher Prefix: missing O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20) O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Programme\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (acaptuser32.dll) - C:\Windows\System32\acaptuser32.dll (Adobe Systems Incorporated) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.ex e (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme\MS Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.06.18 10:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010.06.18 10:04:37 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies [2010.06.15 12:29:37 | 000,000,000 | ---D | C] -- C:\Users\Manfred\AppData\Roaming\ScummVM [2010.06.13 14:30:02 | 000,000,000 | ---D | C] -- C:\Users\Manfred\AppData\Local\LearnPulse [2010.06.10 06:32:34 | 000,000,000 | ---D | C] -- C:\Users\Manfred\Documents\Meine Shapes [2010.06.08 21:27:57 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.06.08 21:27:55 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.06.08 21:27:55 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.06.08 21:27:53 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.06.08 21:27:47 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010.06.08 21:26:05 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.06.08 21:26:04 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.06.08 21:26:03 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.06.06 12:38:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Explorer Suite Signatures [2010.06.03 09:30:18 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER [2010.06.03 09:28:27 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 8 [2010.06.03 09:27:31 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Analysis Services [2010.06.02 06:47:47 | 000,000,000 | ---D | C] -- C:\Users\Manfred\Documents\AnyDVDHD [2010.05.29 21:04:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis [2010.05.29 21:02:41 | 000,160,704 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\afcdp.sys [2010.05.29 21:02:35 | 000,911,680 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\tdrpm258.sys [2010.05.29 21:02:31 | 000,581,984 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\timntr.sys [2010.05.29 21:02:22 | 000,166,272 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\snapman.sys [2010.05.29 21:02:08 | 000,000,000 | ---D | C] -- C:\Programme\Acronis [2010.05.29 21:02:06 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Acronis ========== Files - Modified Within 30 Days ========== [2010.06.21 07:19:02 | 009,175,040 | ---- | M] () -- C:\Users\Manfred\ntuser.dat [2010.06.21 07:09:46 | 000,019,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.06.21 07:09:46 | 000,019,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.06.21 06:44:43 | 008,324,962 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.06.21 06:44:43 | 002,984,244 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.06.21 06:44:43 | 002,529,700 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.06.21 06:44:43 | 002,258,736 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.06.21 06:44:43 | 000,006,870 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.06.21 06:38:42 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.06.21 06:38:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.06.21 06:38:35 | 2616,647,680 | -HS- | M] () -- C:\hiberfil.sys [2010.06.20 22:17:04 | 004,609,455 | -H-- | M] () -- C:\Users\Manfred\AppData\Local\IconCache.db [2010.06.20 20:53:05 | 000,001,054 | ---- | M] () -- C:\Users\Manfred\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk [2010.06.20 20:52:46 | 000,000,876 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DSL Protect.lnk [2010.06.20 20:38:19 | 000,002,507 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk [2010.06.20 20:38:19 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\FRITZ!DSL Startcenter.lnk [2010.06.19 10:24:58 | 000,000,805 | ---- | M] () -- C:\Users\Manfred\Desktop\CDBurnerXP.lnk [2010.06.19 06:39:50 | 000,000,566 | ---- | M] () -- C:\Windows\win.ini [2010.06.18 20:08:30 | 000,077,101 | ---- | M] () -- C:\Windows\System32\settings.dat [2010.06.15 21:09:54 | 000,524,288 | -HS- | M] () -- C:\Users\Manfred\ntuser.dat{d892d16a-7863-11df-871c-0021977b1f02}.TMContainer00000000000000000002.regt rans-ms [2010.06.15 21:09:54 | 000,524,288 | -HS- | M] () -- C:\Users\Manfred\ntuser.dat{d892d16a-7863-11df-871c-0021977b1f02}.TMContainer00000000000000000001.regt rans-ms [2010.06.15 21:09:54 | 000,065,536 | -HS- | M] () -- C:\Users\Manfred\ntuser.dat{d892d16a-7863-11df-871c-0021977b1f02}.TM.blf [2010.06.15 12:54:24 | 000,000,039 | ---- | M] () -- C:\Windows\vbaddin.ini [2010.06.09 08:51:57 | 000,000,670 | ---- | M] () -- C:\Users\Manfred\Desktop\EVEREST Ultimate Edition.lnk [2010.06.08 21:32:33 | 002,361,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.06.08 20:06:36 | 000,017,408 | ---- | M] () -- C:\Users\Manfred\AppData\Local\WebpageIcons.db [2010.06.08 08:42:37 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk [2010.06.06 09:18:27 | 000,002,973 | ---- | M] () -- C:\Users\Manfred\Desktop\HiJackThis.lnk [2010.06.05 17:37:14 | 006,220,854 | ---- | M] () -- C:\Spaten89485.bmp [2010.06.03 09:40:32 | 000,118,416 | ---- | M] () -- C:\Users\Manfred\AppData\Local\GDIPFONTCACHEV1.DAT [2010.06.03 09:34:56 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe [2010.06.02 06:44:45 | 000,000,040 | -HS- | M] () -- C:\ProgramData\.zreglib [2010.06.01 10:10:44 | 000,018,288 | ---- | M] () -- C:\Ich.JPG [2010.05.29 21:02:41 | 000,160,704 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\afcdp.sys [2010.05.29 21:02:35 | 000,911,680 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\tdrpm258.sys [2010.05.29 21:02:31 | 000,581,984 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\timntr.sys [2010.05.29 21:02:22 | 000,166,272 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\snapman.sys [2010.05.29 21:02:21 | 000,001,905 | ---- | M] () -- C:\Users\Manfred\Desktop\Acronis One-Click Backup.lnk [2010.05.29 21:02:21 | 000,000,745 | ---- | M] () -- C:\Users\Manfred\Desktop\Acronis True Image Home 2010.lnk [2010.05.27 15:12:05 | 000,000,741 | ---- | M] () -- C:\Users\Manfred\Desktop\CCleaner.lnk [2010.05.27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.05.27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.05.24 19:14:52 | 000,004,841 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2 [2010.05.24 18:55:54 | 000,000,027 | ---- | M] () -- C:\Windows\popcinfo.dat [2010.05.24 15:45:09 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE ========== Files Created - No Company Name ========== [2010.06.20 20:53:05 | 000,001,054 | ---- | C] () -- C:\Users\Manfred\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk [2010.06.20 20:52:46 | 000,000,876 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DSL Protect.lnk [2010.06.15 12:26:16 | 000,524,288 | -HS- | C] () -- C:\Users\Manfred\ntuser.dat{d892d16a-7863-11df-871c-0021977b1f02}.TMContainer00000000000000000002.regt rans-ms [2010.06.15 12:26:16 | 000,524,288 | -HS- | C] () -- C:\Users\Manfred\ntuser.dat{d892d16a-7863-11df-871c-0021977b1f02}.TMContainer00000000000000000001.regt rans-ms [2010.06.15 12:26:16 | 000,065,536 | -HS- | C] () -- C:\Users\Manfred\ntuser.dat{d892d16a-7863-11df-871c-0021977b1f02}.TM.blf [2010.06.09 08:51:57 | 000,000,670 | ---- | C] () -- C:\Users\Manfred\Desktop\EVEREST Ultimate Edition.lnk [2010.06.08 20:45:17 | 000,077,101 | ---- | C] () -- C:\Windows\System32\settings.dat [2010.06.06 09:18:27 | 000,002,973 | ---- | C] () -- C:\Users\Manfred\Desktop\HiJackThis.lnk [2010.06.05 17:37:14 | 006,220,854 | ---- | C] () -- C:\Spaten89485.bmp [2010.06.03 09:37:01 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2010.06.02 06:44:45 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.05.28 20:19:27 | 000,017,408 | ---- | C] () -- C:\Users\Manfred\AppData\Local\WebpageIcons.db [2010.05.24 15:45:08 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2010.04.29 12:01:16 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2010.04.29 12:01:16 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2010.04.29 12:01:16 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2010.04.29 12:01:16 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2010.04.29 12:01:16 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2010.04.29 12:01:16 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2010.03.29 18:43:34 | 000,000,028 | ---- | C] () -- C:\Windows\ID3Sort.INI [2010.02.23 21:43:05 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010.02.11 07:30:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2010.01.02 19:28:10 | 000,000,479 | ---- | C] () -- C:\Windows\Poolemup.ini [2009.12.16 09:45:11 | 000,108,544 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL [2009.12.16 09:45:11 | 000,069,120 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL [2009.12.16 09:34:52 | 000,000,052 | ---- | C] () -- C:\Windows\sbwin.ini [2009.12.15 22:25:08 | 000,120,832 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2009.12.15 22:24:34 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.01.05 16:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini [2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [1999.01.26 23:00:00 | 000,114,816 | ---- | C] () -- C:\Windows\System32\MSMT4232.DLL [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP Danke im Voraus Gruß Fflash PS Eine Sunbeltsecurity Auswertung ergab auch nichts. |
|
|
21.06.2010, 13:55
|
#2 |
|
Administrator
Registriert seit: 31.01.2008
Ort: Earth\EU\DE\Berlin
Alter: 49
Beiträge: 17.281
9 ********* Windows 7 Ultimate Officeversion: Office 2007 |
Logdateien (wenn überhaupt) dann bitte immer als Anhang anfügen. Sonst scrollt man sich ja tot in den Code-Boxen. Ausserdem musst du so die Smilies deaktivieren.
Was sagen denn die Dateieigenschaften der C90dll.dll?
__________________
BuckFix  Weltuntergang ist Quatsch - schliesslich gibt es bei Tchibo jede Woche eine neue Welt!
|
|
|
21.06.2010, 19:23
|
#3 |
|
hat sich eingelebt
Registriert seit: 30.04.2008
Ort: München
Alter: 33
Beiträge: 70
8 ******** Windows 7 Ultimate 64Bit Officeversion: Office 2010 |
Erstmal sorry für das falsche einfügen.
Habe aber den Verursacher gefunden. Es war die FritzSoftware die da diese Fehlermeldung verursachte. Denn als ich diese deinstallierte, war auch dieser "Besuch" nicht mehr vorhanden. Danke trotzdem für das gezeigte Interesse Verbleibe MfG FFlash |
|
|
|
21.06.2010, 19:26
|
#4 |
|
Administrator
Registriert seit: 31.01.2008
Ort: Earth\EU\DE\Berlin
Alter: 49
Beiträge: 17.281
9 ********* Windows 7 Ultimate Officeversion: Office 2007 |
Danke für die Rückmeldung und Aufklärung!
__________________
BuckFix Weltuntergang ist Quatsch - schliesslich gibt es bei Tchibo jede Woche eine neue Welt!
|
|
|
|
| Lesezeichen |
| Themen-Optionen | |
|
|
|
Ähnliche Themen
|
||||
| Thema | Autor | Forum | Antworten | Zuletzt |
| Unable to load DLL 'uxtheme': | Alf147258369 | Windows 95/98/ME/NT/2000 allgemein | 15 | 13.01.2010 14:42 |
| Hal.DLL fehlerhaft | Justseven | Windows XP allgemein | 6 | 01.10.2009 16:24 |
| framedyn.dll | runner43 | Windows XP allgemein | 5 | 25.04.2009 15:02 |
| Tausende verzichteten auf CeBIT-Besuch | BuckFix | News | 0 | 09.03.2009 13:31 |
| gdi32.dll wird nicht gefunden..... | Franklin1984 | Windows XP allgemein | 7 | 09.05.2008 14:07 |
9C13817
< End of report >
