Probleme mit dll`s die verschwinden!

#1 Hallo

Hab seid geraumer zeit ein paar probleme mit meinem system,hatte mir ein prog. runter geladen das "etwas" in der registry ändert damit es kein pakete nachhause sendet kurz danah kamen die probleme z.b. wenn ich ein spiel installiere und erst starten will ist alles ok aber wenn ich nen reboot mache kommt diese eine meldung:

This application has failed to start because d3dx9_35.dll was not found
Re-installing....

das problem ist nicht nur auf meinem games zu finden auch der msn messenger ist betroffen :

This application has failed to start because sirenacm.dll was not found
Re-installing....

Und meine creative soundkarte verschwindet komplett aus den sound optionen
wie gesagt ein re-installieren bringt nix da das system nach einem reboot die gleichen meldungen auftauchen lässt.

anbei die Hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:12:48, on 03.11.2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\AASP\1.00.25\aaCenter.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
E:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
F:\Azureus\Azureus.exe
E:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
E:\Games\The Witcher\System\witcher.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.huddi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - E:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "E:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /PSCONV={NO} /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /PSCONV={NO} /FAIL=1 (User 'Default user')
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://E:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.johannrain-softwareentwicklung.de/DE/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 8346 bytes

ComboFixlog:

ComboFix 07-11-01.1 - Sancho 2007-11-03 17:01:53.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.1343 [GMT 1:00]
Running from: C:\Users\Sancho\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-10-03 to 2007-11-03 )))))))))))))))))))))))))))))))
.

2007-11-03 17:01 51,200 --a------ C:\Windows\NirCmd.exe
2007-11-03 13:08 <DIR> d-------- C:\Temp
2007-11-03 13:08 <DIR> d-------- C:\ProgramData\Prevx
2007-11-03 11:04 81,984 --a------ C:\Windows\System32\bdod.bin
2007-11-02 23:48 <DIR> d-------- C:\ProgramData\DAEMON Tools Pro
2007-11-02 20:04 <DIR> d-------- C:\Users\Sancho\AppData\Roaming\DAEMON Tools Pro
2007-11-01 15:49 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2007-10-27 18:28 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-26 23:50 <DIR> d-------- C:\Program Files\ProtectDisc Driver Installer
2007-10-24 19:20 364,544 --a------ C:\Windows\System32\nvapi.dll
2007-10-24 19:20 86,016 --a------ C:\Windows\System32\nvsvc.dll
2007-10-20 14:18 <DIR> d-------- C:\Program Files\Common Files\Steam
2007-10-17 05:08 278,984 --a------ C:\Windows\System32\drivers\atksgt.sys
2007-10-17 05:08 25,416 --a------ C:\Windows\System32\drivers\lirsgt.sys
2007-10-17 05:05 <DIR> d-------- C:\Windows\System32\AGEIA
2007-10-17 05:05 <DIR> d-------- C:\Program Files\AGEIA Technologies
2007-10-17 05:04 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-14 22:48 <DIR> d-------- C:\Users\Sancho\AppData\Roaming\SmartPCTools
2007-10-14 22:48 <DIR> d-a------ C:\ProgramData\TEMP
2007-10-14 19:47 <DIR> d-------- C:\Users\Sancho\AppData\Roaming\Bitdefender
2007-10-14 19:47 <DIR> d-------- C:\ProgramData\BitDefender
2007-10-14 19:47 <DIR> d-------- C:\Program Files\BitDefender
2007-10-12 19:47 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-10-10 13:22 788,992 --a------ C:\Windows\System32\rpcrt4.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-03 12:27 --------- d-----w C:\Users\Sancho\AppData\Roaming\Azureus
2007-11-02 22:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-02 18:57 685,816 ----a-w C:\Windows\system32\drivers\sptd.sys
2007-11-01 18:51 87,952 ------w C:\Windows\system32\drivers\bdfndisf.sys
2007-11-01 14:55 --------- d-----w C:\ProgramData\NVIDIA
2007-10-22 01:09 --------- d-----w C:\Users\Sancho\AppData\Roaming\Skype
2007-10-20 04:44 --------- d-----w C:\ProgramData\Microsoft Help
2007-10-16 13:26 --------- d-----w C:\Program Files\MSN Messenger
2007-10-14 18:47 --------- d-----w C:\Program Files\Common Files\BitDefender
2007-10-12 19:12 --------- d-----w C:\ProgramData\Creative
2007-10-12 18:47 --------- d-----w C:\Program Files\Skype
2007-10-12 15:48 --------- d-----w C:\Users\Sancho\AppData\Roaming\Bioshock
2007-10-10 12:49 --------- d-----w C:\Program Files\Windows Mail
2007-10-10 12:23 84,480 ----a-w C:\Windows\System32\INETRES.dll
2007-10-10 12:23 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-10-10 12:23 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2007-10-10 12:23 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-10-10 12:23 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-10-10 12:23 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-10-10 12:23 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-10-10 12:23 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-10-10 12:23 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2007-10-09 16:55 --------- d-----w C:\Program Files\Java
2007-09-30 15:50 --------- d-----w C:\Program Files\Creative
2007-09-29 20:04 --------- d-----w C:\ProgramData\Apple Computer
2007-09-29 20:04 --------- d-----w C:\Program Files\iTunes
2007-09-29 20:04 --------- d-----w C:\Program Files\iPod
2007-09-29 17:03 --------- d-----w C:\Users\Sancho\AppData\Roaming\SystemRequirementsLab
2007-09-26 15:53 --------- d-----w C:\Users\Sancho\AppData\Roaming\Apple Computer
2007-09-26 15:52 --------- d-----w C:\Program Files\Common Files\Apple
2007-09-26 15:51 --------- d-----w C:\ProgramData\Apple
2007-09-26 15:51 --------- d-----w C:\Program Files\Apple Software Update
2007-09-23 14:30 --------- d-----w C:\ProgramData\Media Center Programs
2007-09-11 20:28 81,920 ----a-w C:\Windows\System32\nvmctray.dll
2007-09-11 20:28 7,623,968 ----a-w C:\Windows\system32\drivers\nvlddmkm.sys
2007-09-11 20:28 4,988,928 ----a-w C:\Windows\System32\nvd3dum.dll
2007-09-04 16:21 --------- d--h--r C:\Users\Sancho\AppData\Roaming\SecuROM
2007-08-30 20:01 174 --sha-w C:\Program Files\desktop.ini
2007-08-30 14:32 88,576 ----a-w C:\Windows\System32\avifil32.dll
2007-08-30 14:32 82,944 ----a-w C:\Windows\System32\mciavi32.dll
2007-08-30 14:32 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr
2007-08-30 14:32 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
2007-08-30 14:32 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-08-30 14:32 69,632 ----a-w C:\Windows\System32\sendmail.dll
2007-08-30 14:32 65,024 ----a-w C:\Windows\System32\avicap32.dll
2007-08-30 14:32 61,440 ----a-w C:\Windows\System32\ntprint.exe
2007-08-30 14:32 31,232 ----a-w C:\Windows\System32\msvidc32.dll
2007-08-30 14:32 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-08-30 14:32 3,470,008 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-08-30 14:32 269,824 ----a-w C:\Windows\System32\schannel.dll
2007-08-30 14:32 220,160 ----a-w C:\Windows\System32\ntprint.dll
2007-08-30 14:32 123,904 ----a-w C:\Windows\System32\msvfw32.dll
2007-08-30 14:32 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll
2007-08-30 14:32 12,800 ----a-w C:\Windows\System32\msrle32.dll
2007-08-30 14:32 105,984 ----a-w C:\Windows\System32\CscMig.dll
2007-08-30 14:32 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll
2007-08-30 14:32 1,984,512 ----a-w C:\Windows\System32\authui.dll
2007-08-30 14:14 8,192 ----a-w C:\Windows\System32\riched32.dll
2007-08-30 14:14 77,824 ----a-w C:\Windows\System32\rascfg.dll
2007-08-30 14:14 694,784 ----a-w C:\Windows\System32\localspl.dll
2007-08-30 14:14 52,736 ----a-w C:\Windows\System32\rasdiag.dll
2007-08-30 14:14 384,000 ----a-w C:\Windows\System32\netcfgx.dll
2007-08-30 14:14 36,864 ----a-w C:\Windows\System32\cdd.dll
2007-08-30 14:14 33,280 ----a-w C:\Windows\System32\traffic.dll
2007-08-30 14:14 32,768 ----a-w C:\Windows\System32\rasmxs.dll
2007-08-30 14:14 286,208 ----a-w C:\Windows\System32\ipnathlp.dll
2007-08-30 14:14 22,016 ----a-w C:\Windows\System32\rasser.dll
2007-08-30 14:14 15,360 ----a-w C:\Windows\System32\pacerprf.dll
2007-08-30 14:14 134,656 ----a-w C:\Windows\System32\dps.dll
2007-08-30 14:14 13,824 ----a-w C:\Windows\System32\wshqos.dll
2007-08-30 14:14 13,824 ----a-w C:\Windows\System32\icsunattend.exe
2007-08-30 14:13 750,080 ----a-w C:\Windows\System32\qmgr.dll
2007-08-30 14:13 25,600 ----a-w C:\Windows\System32\LangCleanupSysprepAction.dll
2007-08-30 14:13 23,552 ----a-w C:\Windows\System32\lpremove.exe
2007-08-30 14:13 166,912 ----a-w C:\Windows\System32\lpksetup.exe
2007-08-30 14:13 10,240 ----a-w C:\Windows\System32\MUILanguageCleanup.dll
2007-08-27 14:18 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
2007-08-24 08:53 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2007-08-24 08:53 43,352 ----a-w C:\Windows\System32\wups2.dll
2007-08-24 08:53 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2007-08-24 08:53 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2007-08-24 08:52 80,896 ----a-w C:\Windows\System32\wudriver.dll
2007-08-24 08:52 549,720 ----a-w C:\Windows\System32\wuapi.dll
2007-08-24 08:52 33,624 ----a-w C:\Windows\System32\wups.dll
2007-08-24 08:52 31,232 ----a-w C:\Windows\System32\wuapp.exe
2007-08-24 08:52 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2007-08-15 21:13 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
2007-08-15 21:13 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
2004-07-09 08:13 15,493,481 ----a-w C:\Program Files\DirectX.cab
2004-07-09 03:08 472,576 ----a-w C:\Program Files\dxsetup.exe
2004-07-09 03:08 2,242,560 ----a-w C:\Program Files\dsetup32.dll
2004-07-09 02:03 62,976 ----a-w C:\Program Files\DSETUP.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{381FFDE8-2394-4f90-B10D-FC6124A40F8C}"= C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2007-11-01 19:51 86016]

[HKEY_CLASSES_ROOT\CLSID\{381FFDE8-2394-4f90-B10D-FC6124A40F8C}]
[HKEY_CLASSES_ROOT\BitDefender Toolbar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-05-26 10:05]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-26 11:10 C:\Windows\RtHDVCpl.exe]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" []
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 02:10]
"JMB36X IDE Setup"="C:\Windows\JM\JMInsIDE.exe" [2006-10-31 03:44]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-11-01 19:51]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-11-01 19:51]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-11 21:28]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" []
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-11 21:28]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 13:33]
"Steam"="" []
"DAEMON Tools Pro Agent"="E:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 14:08]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DevconDefaultDB"=C:\Windows\system32\READREG /PSCONV={NO} /FAIL=1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backup=C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
CTHELPER.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
CTXFIHLP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CtxfiReg]
CTxfiReg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"E:\Program Files\QuickTime\QTTask.exe" -atboottime

R1 bdftdif;bdftdif;\??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys
R2 acedrv10;acedrv10;\??\C:\Windows\system32\drivers\acedrv10.sys
R2 acehlp10;acehlp10;\??\C:\Windows\system32\drivers\acehlp10.sys
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\bdfndisf.sys
R3 bdfsfltr;bdfsfltr;C:\Windows\system32\DRIVERS\bdfsfltr.sys
R3 BDSelfPr;BDSelfPr;\??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
R3 ha20x2k;Creative 20X HAL Driver;C:\Windows\system32\drivers\ha20x2k.sys
R3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys
R3 Razerlow;Razerlow USB Filter Driver;C:\Windows\system32\Drivers\Razerlow.sys
R3 scan;BitDefender Threat Scanner;C:\Windows\System32\svchost.exe -kbdx
R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys
S3 RTL8187;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8187.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2708f3b3-0b98-11dc-abe4-806e6f6e6963}]
\shell\AutoRun\command - D:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3424091d-1129-11dc-aae5-806e6f6e6963}]
\shell\AutoRun\command - D:\setup.exe

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-03 17:03:19
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-03 17:04:03
.
--- E O F ---


Ich hoffe mal das mir hier jemand helfen kann

gurss
Selectet