|
Plagegeister aller Art und deren Bekämpfung: Drive by Download. JavaScript ausgeführt.. auf FacebookWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.11.2011, 19:05 | #16 |
| Drive by Download. JavaScript ausgeführt.. auf Facebook DH in der Taskleiste darf NICHTS MEHR an sein? oder reicht es wenn ich alle fenster schließe + Virenschutzprogramm? |
14.11.2011, 20:19 | #17 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Drive by Download. JavaScript ausgeführt.. auf Facebook Ja, Virenscanner deaktivieren und möglichst alle Programme.
__________________
__________________ |
14.11.2011, 22:53 | #18 |
| Drive by Download. JavaScript ausgeführt.. auf Facebook Log von OTL
__________________All processes killed ========== OTL ========== Prefs.js: "ICQ Search" removed from browser.search.defaultenginename Prefs.js: "GMX Suche" removed from browser.search.order.1 Prefs.js: "1und1 Suche" removed from browser.search.order.2 Prefs.js: "amazon.de" removed from browser.search.order.3 Prefs.js: "WEB.DE Suche" removed from browser.search.order.4 Prefs.js: "ICQ Search" removed from browser.search.selectedEngine Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" removed from keyword.URL C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ deleted successfully. File To-Page\EPSON Web-To-Page.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully. File C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Programme\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ not found. File To-Page\EPSON Web-To-Page.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found. File C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nwiz deleted successfully. C:\WINDOWS\system32\nwiz.exe moved successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\AUTOEXEC.BAT moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8aadcd3a-1772-11dc-b616-00040ec7d919}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8aadcd3a-1772-11dc-b616-00040ec7d919}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8aadcd3a-1772-11dc-b616-00040ec7d919}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8aadcd3a-1772-11dc-b616-00040ec7d919}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8aadcd3a-1772-11dc-b616-00040ec7d919}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8aadcd3a-1772-11dc-b616-00040ec7d919}\ not found. File K:\LaunchU3.exe -a not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{981ad2ae-a439-11dd-b820-00040ec7d919}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{981ad2ae-a439-11dd-b820-00040ec7d919}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{981ad2ae-a439-11dd-b820-00040ec7d919}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{981ad2ae-a439-11dd-b820-00040ec7d919}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{981ad2ae-a439-11dd-b820-00040ec7d919}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{981ad2ae-a439-11dd-b820-00040ec7d919}\ not found. File L:\LaunchU3.exe -a not found. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\AskToolbar folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files\temp folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Lokale Einstellungen\Anwendungsdaten\AskToolbar\Downloaded Program Files folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Lokale Einstellungen\Anwendungsdaten\AskToolbar folder moved successfully. C:\Programme\Ask.com\Updater folder moved successfully. C:\Programme\Ask.com\assets\oobe folder moved successfully. C:\Programme\Ask.com\assets folder moved successfully. C:\Programme\Ask.com folder moved successfully. C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\ICQ Toolbar folder moved successfully. Folder C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\AskToolbar\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 80055 bytes ->Flash cache emptied: 41 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 5883581 bytes User: Loris Tischer ->Temp folder emptied: 2927339154 bytes ->Temporary Internet Files folder emptied: 42517663 bytes ->Java cache emptied: 29618 bytes ->FireFox cache emptied: 52117616 bytes ->Flash cache emptied: 1019 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 19569 bytes %systemroot%\System32 .tmp files removed: 2676103 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 113703457 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 2.999,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.23.0 log created on 11142011_224616 Files\Folders moved on Reboot... Registry entries deleted on Reboot... |
15.11.2011, 09:10 | #19 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Drive by Download. JavaScript ausgeführt.. auf Facebook Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern ) Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
15.11.2011, 20:17 | #20 |
| Drive by Download. JavaScript ausgeführt.. auf Facebook Soll ich mit da da programm TDSSKiller runterladen? Ich möchte nichts falsch machen, ich entschuldige mich, wenn ich hier so viele Fragen stelle.. Muss ich andwendungen schließen? |
15.11.2011, 20:32 | #21 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Drive by Download. JavaScript ausgeführt.. auf Facebook Ja genau, TDSS-Killer
__________________ --> Drive by Download. JavaScript ausgeführt.. auf Facebook |
15.11.2011, 20:50 | #22 |
| Drive by Download. JavaScript ausgeführt.. auf Facebook Kaspersky TDSSKiller Report: 20:43:17.0078 3072 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15 20:43:17.0468 3072 ============================================================ 20:43:17.0468 3072 Current date / time: 2011/11/15 20:43:17.0468 20:43:17.0468 3072 SystemInfo: 20:43:17.0468 3072 20:43:17.0468 3072 OS Version: 5.1.2600 ServicePack: 3.0 20:43:17.0468 3072 Product type: Workstation 20:43:17.0468 3072 ComputerName: LORIS 20:43:17.0468 3072 UserName: Loris Tischer 20:43:17.0468 3072 Windows directory: C:\WINDOWS 20:43:17.0468 3072 System windows directory: C:\WINDOWS 20:43:17.0468 3072 Processor architecture: Intel x86 20:43:17.0468 3072 Number of processors: 2 20:43:17.0468 3072 Page size: 0x1000 20:43:17.0468 3072 Boot type: Normal boot 20:43:17.0468 3072 ============================================================ 20:43:18.0875 3072 Initialize success 20:45:49.0718 0908 ============================================================ 20:45:49.0718 0908 Scan started 20:45:49.0718 0908 Mode: Manual; SigCheck; TDLFS; 20:45:49.0718 0908 ============================================================ 20:45:50.0500 0908 878BDA (36e27c96c909eec528d9c3ccf8508345) C:\WINDOWS\system32\Drivers\878BDA.sys 20:45:52.0281 0908 878BDA - ok 20:45:52.0359 0908 Abiosdsk - ok 20:45:52.0406 0908 abp480n5 - ok 20:45:52.0468 0908 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 20:45:53.0781 0908 ACPI - ok 20:45:53.0906 0908 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 20:45:54.0093 0908 ACPIEC - ok 20:45:54.0156 0908 ActionReplayDS (f35b5d0cc142b87e687fc504baa69d82) C:\WINDOWS\system32\Drivers\ActionReplayDS.sys 20:45:54.0171 0908 ActionReplayDS ( UnsignedFile.Multi.Generic ) - warning 20:45:54.0171 0908 ActionReplayDS - detected UnsignedFile.Multi.Generic (1) 20:45:54.0187 0908 adpu160m - ok 20:45:54.0250 0908 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 20:45:54.0390 0908 aec - ok 20:45:54.0812 0908 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys 20:45:54.0828 0908 Afc ( UnsignedFile.Multi.Generic ) - warning 20:45:54.0828 0908 Afc - detected UnsignedFile.Multi.Generic (1) 20:45:54.0906 0908 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 20:45:54.0968 0908 AFD - ok 20:45:55.0015 0908 Aha154x - ok 20:45:55.0062 0908 aic78u2 - ok 20:45:55.0109 0908 aic78xx - ok 20:45:55.0140 0908 AliIde - ok 20:45:55.0171 0908 amsint - ok 20:45:55.0234 0908 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 20:45:55.0390 0908 Arp1394 - ok 20:45:55.0437 0908 asc - ok 20:45:55.0468 0908 asc3350p - ok 20:45:55.0515 0908 asc3550 - ok 20:45:55.0593 0908 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys 20:45:55.0609 0908 ASCTRM ( UnsignedFile.Multi.Generic ) - warning 20:45:55.0609 0908 ASCTRM - detected UnsignedFile.Multi.Generic (1) 20:45:55.0656 0908 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 20:45:55.0796 0908 AsyncMac - ok 20:45:55.0828 0908 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 20:45:55.0984 0908 atapi - ok 20:45:56.0000 0908 Atdisk - ok 20:45:56.0062 0908 atinrvxx (74e104ada8a304774713e9a9a9cb3556) C:\WINDOWS\system32\DRIVERS\atinrvxx.sys 20:45:56.0125 0908 atinrvxx - ok 20:45:56.0171 0908 atksgt (6e996cf8459a2594e0e9609d0e34d41f) C:\WINDOWS\system32\DRIVERS\atksgt.sys 20:45:56.0203 0908 atksgt ( UnsignedFile.Multi.Generic ) - warning 20:45:56.0203 0908 atksgt - detected UnsignedFile.Multi.Generic (1) 20:45:56.0250 0908 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 20:45:56.0406 0908 Atmarpc - ok 20:45:56.0468 0908 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 20:45:56.0609 0908 audstub - ok 20:45:56.0656 0908 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 20:45:56.0750 0908 avgntflt - ok 20:45:56.0781 0908 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\WINDOWS\system32\DRIVERS\avipbb.sys 20:45:56.0796 0908 avipbb - ok 20:45:56.0828 0908 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys 20:45:56.0843 0908 avkmgr - ok 20:45:56.0890 0908 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\WINDOWS\system32\drivers\avmeject.sys 20:45:56.0937 0908 avmeject ( UnsignedFile.Multi.Generic ) - warning 20:45:56.0937 0908 avmeject - detected UnsignedFile.Multi.Generic (1) 20:45:56.0984 0908 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 20:45:57.0125 0908 Beep - ok 20:45:57.0187 0908 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 20:45:57.0343 0908 cbidf2k - ok 20:45:57.0390 0908 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 20:45:57.0546 0908 CCDECODE - ok 20:45:57.0562 0908 cd20xrnt - ok 20:45:57.0609 0908 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 20:45:57.0765 0908 Cdaudio - ok 20:45:57.0796 0908 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 20:45:57.0937 0908 Cdfs - ok 20:45:57.0968 0908 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 20:45:58.0109 0908 Cdrom - ok 20:45:58.0156 0908 Changer (2a5815ca6fff24b688c01f828b96819c) C:\WINDOWS\system32\drivers\Changer.sys 20:45:58.0328 0908 Changer - ok 20:45:58.0343 0908 CmdIde - ok 20:45:58.0359 0908 Cpqarray - ok 20:45:58.0375 0908 dac2w2k - ok 20:45:58.0390 0908 dac960nt - ok 20:45:58.0406 0908 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 20:45:58.0578 0908 Disk - ok 20:45:58.0625 0908 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 20:45:58.0828 0908 dmboot - ok 20:45:58.0859 0908 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 20:45:59.0031 0908 dmio - ok 20:45:59.0093 0908 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 20:45:59.0250 0908 dmload - ok 20:45:59.0296 0908 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 20:45:59.0468 0908 DMusic - ok 20:45:59.0484 0908 dpti2o - ok 20:45:59.0531 0908 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 20:45:59.0703 0908 drmkaud - ok 20:45:59.0750 0908 E100B (d57a8fc800b501ac05b10d00f66d127a) C:\WINDOWS\system32\DRIVERS\e100b325.sys 20:45:59.0812 0908 E100B - ok 20:45:59.0859 0908 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys 20:45:59.0875 0908 ElbyCDIO - ok 20:45:59.0937 0908 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 20:46:00.0093 0908 Fastfat - ok 20:46:00.0140 0908 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 20:46:00.0343 0908 Fdc - ok 20:46:00.0359 0908 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 20:46:00.0531 0908 Fips - ok 20:46:00.0578 0908 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 20:46:00.0781 0908 Flpydisk - ok 20:46:00.0812 0908 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 20:46:00.0968 0908 FltMgr - ok 20:46:01.0015 0908 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS 20:46:01.0109 0908 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 20:46:01.0109 0908 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 20:46:01.0171 0908 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 20:46:01.0328 0908 Fs_Rec - ok 20:46:01.0375 0908 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 20:46:01.0562 0908 Ftdisk - ok 20:46:01.0609 0908 FWLANUSB (ff12fa487265da2ac7de4be53f72ff1a) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys 20:46:01.0687 0908 FWLANUSB - ok 20:46:01.0734 0908 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 20:46:01.0875 0908 Gpc - ok 20:46:01.0953 0908 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys 20:46:02.0000 0908 HdAudAddService - ok 20:46:02.0046 0908 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 20:46:02.0187 0908 HDAudBus - ok 20:46:02.0218 0908 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 20:46:02.0359 0908 HidUsb - ok 20:46:02.0375 0908 hpn - ok 20:46:02.0437 0908 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 20:46:02.0468 0908 HTTP - ok 20:46:02.0484 0908 i2omgmt - ok 20:46:02.0500 0908 i2omp - ok 20:46:02.0546 0908 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\drivers\i8042prt.sys 20:46:02.0687 0908 i8042prt - ok 20:46:02.0734 0908 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 20:46:02.0875 0908 Imapi - ok 20:46:02.0890 0908 ini910u - ok 20:46:03.0062 0908 IntcAzAudAddService (a30685283f90ae02f1cd50972c6065e3) C:\WINDOWS\system32\drivers\RtkHDAud.sys 20:46:03.0234 0908 IntcAzAudAddService - ok 20:46:03.0281 0908 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys 20:46:03.0437 0908 IntelIde - ok 20:46:03.0468 0908 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 20:46:03.0640 0908 intelppm - ok 20:46:03.0671 0908 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 20:46:03.0828 0908 Ip6Fw - ok 20:46:03.0875 0908 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 20:46:04.0046 0908 IpFilterDriver - ok 20:46:04.0062 0908 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 20:46:04.0218 0908 IpInIp - ok 20:46:04.0250 0908 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 20:46:04.0390 0908 IpNat - ok 20:46:04.0421 0908 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 20:46:04.0578 0908 IPSec - ok 20:46:04.0609 0908 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 20:46:04.0750 0908 IRENUM - ok 20:46:04.0781 0908 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 20:46:04.0921 0908 isapnp - ok 20:46:04.0968 0908 Iviaspi (5dce7eed60bae992bab7f5ff1ce60641) C:\WINDOWS\system32\drivers\iviaspi.sys 20:46:04.0984 0908 Iviaspi - ok 20:46:05.0031 0908 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 20:46:05.0171 0908 Kbdclass - ok 20:46:05.0187 0908 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 20:46:05.0343 0908 kbdhid - ok 20:46:05.0390 0908 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 20:46:05.0562 0908 kmixer - ok 20:46:05.0671 0908 KMWDFilter (73186a580e287152b1be5087c0e92339) C:\WINDOWS\System32\Drivers\KMWDFilter.SYS 20:46:05.0703 0908 KMWDFilter ( UnsignedFile.Multi.Generic ) - warning 20:46:05.0703 0908 KMWDFilter - detected UnsignedFile.Multi.Generic (1) 20:46:05.0750 0908 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 20:46:05.0843 0908 KSecDD - ok 20:46:05.0906 0908 LADF_DHP2 (830f886768892a3466c6bc4e807491af) C:\WINDOWS\system32\DRIVERS\ladfDHP2i386.sys 20:46:05.0921 0908 LADF_DHP2 - ok 20:46:06.0000 0908 LADF_SBVM (8e9487250acf2cc64c879ce3ee2553f7) C:\WINDOWS\system32\DRIVERS\ladfSBVMi386.sys 20:46:06.0015 0908 LADF_SBVM - ok 20:46:06.0109 0908 LBeepKE (9ffd1cf2a782f2560e78eec4b8b8689e) C:\WINDOWS\system32\Drivers\LBeepKE.sys 20:46:06.0125 0908 LBeepKE - ok 20:46:06.0140 0908 lbrtfdc - ok 20:46:06.0171 0908 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys 20:46:06.0187 0908 LHidFilt - ok 20:46:06.0328 0908 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys 20:46:06.0343 0908 lirsgt ( UnsignedFile.Multi.Generic ) - warning 20:46:06.0343 0908 lirsgt - detected UnsignedFile.Multi.Generic (1) 20:46:06.0359 0908 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys 20:46:06.0375 0908 LMouFilt - ok 20:46:06.0421 0908 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 20:46:06.0578 0908 mnmdd - ok 20:46:06.0625 0908 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 20:46:06.0796 0908 Modem - ok 20:46:06.0843 0908 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 20:46:07.0062 0908 Mouclass - ok 20:46:07.0093 0908 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys 20:46:07.0312 0908 mouhid - ok 20:46:07.0359 0908 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 20:46:07.0515 0908 MountMgr - ok 20:46:07.0546 0908 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys 20:46:07.0703 0908 MPE - ok 20:46:07.0718 0908 mraid35x - ok 20:46:07.0734 0908 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 20:46:07.0890 0908 MRxDAV - ok 20:46:07.0937 0908 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 20:46:08.0046 0908 MRxSmb - ok 20:46:08.0093 0908 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 20:46:08.0250 0908 Msfs - ok 20:46:08.0281 0908 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 20:46:08.0421 0908 MSKSSRV - ok 20:46:08.0453 0908 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 20:46:08.0843 0908 MSPCLOCK - ok 20:46:08.0859 0908 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 20:46:09.0015 0908 MSPQM - ok 20:46:09.0062 0908 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 20:46:09.0203 0908 mssmbios - ok 20:46:09.0234 0908 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 20:46:09.0390 0908 MSTEE - ok 20:46:09.0437 0908 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 20:46:09.0515 0908 Mup - ok 20:46:09.0562 0908 MVDCODEC (514829ed3e7f140aac16154106d04981) C:\WINDOWS\system32\DRIVERS\atinmdxx.sys 20:46:09.0593 0908 MVDCODEC - ok 20:46:09.0640 0908 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 20:46:09.0812 0908 NABTSFEC - ok 20:46:09.0843 0908 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 20:46:10.0000 0908 NDIS - ok 20:46:10.0031 0908 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 20:46:10.0171 0908 NdisIP - ok 20:46:10.0218 0908 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 20:46:10.0250 0908 NdisTapi - ok 20:46:10.0296 0908 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 20:46:10.0437 0908 Ndisuio - ok 20:46:10.0500 0908 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 20:46:10.0656 0908 NdisWan - ok 20:46:10.0687 0908 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 20:46:10.0765 0908 NDProxy - ok 20:46:10.0781 0908 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 20:46:10.0937 0908 NetBIOS - ok 20:46:10.0968 0908 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 20:46:11.0125 0908 NetBT - ok 20:46:11.0156 0908 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 20:46:11.0296 0908 NIC1394 - ok 20:46:11.0328 0908 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 20:46:11.0468 0908 Npfs - ok 20:46:11.0515 0908 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 20:46:11.0703 0908 Ntfs - ok 20:46:11.0750 0908 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys 20:46:11.0765 0908 NuidFltr - ok 20:46:11.0812 0908 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 20:46:11.0968 0908 Null - ok 20:46:12.0203 0908 nv (23b95a09677e62ec8d1641ecf39b9bfb) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 20:46:12.0515 0908 nv - ok 20:46:12.0562 0908 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 20:46:12.0718 0908 NwlnkFlt - ok 20:46:12.0968 0908 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 20:46:13.0187 0908 NwlnkFwd - ok 20:46:13.0296 0908 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 20:46:13.0437 0908 ohci1394 - ok 20:46:13.0484 0908 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys 20:46:13.0656 0908 Parport - ok 20:46:13.0671 0908 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 20:46:13.0812 0908 PartMgr - ok 20:46:13.0843 0908 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 20:46:14.0000 0908 ParVdm - ok 20:46:14.0015 0908 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 20:46:14.0171 0908 PCI - ok 20:46:14.0187 0908 PCIDump - ok 20:46:14.0203 0908 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys 20:46:14.0343 0908 PCIIde - ok 20:46:14.0390 0908 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys 20:46:14.0546 0908 Pcmcia - ok 20:46:14.0562 0908 PDCOMP - ok 20:46:14.0578 0908 PDFRAME - ok 20:46:14.0593 0908 PDRELI - ok 20:46:14.0609 0908 PDRFRAME - ok 20:46:14.0625 0908 perc2 - ok 20:46:14.0656 0908 perc2hib - ok 20:46:14.0734 0908 PhilCap (021ba865148ffaf6cdcbe1d0df050ee1) C:\WINDOWS\system32\DRIVERS\PhilCap.sys 20:46:14.0875 0908 PhilCap - ok 20:46:14.0937 0908 Point32 (e5582e43e167cf367757d81e9727da2a) C:\WINDOWS\system32\DRIVERS\point32.sys 20:46:14.0953 0908 Point32 - ok 20:46:15.0000 0908 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 20:46:15.0156 0908 PptpMiniport - ok 20:46:15.0171 0908 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 20:46:15.0343 0908 PSched - ok 20:46:15.0390 0908 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 20:46:15.0562 0908 Ptilink - ok 20:46:15.0578 0908 ql1080 - ok 20:46:15.0593 0908 Ql10wnt - ok 20:46:15.0609 0908 ql12160 - ok 20:46:15.0625 0908 ql1240 - ok 20:46:15.0640 0908 ql1280 - ok 20:46:15.0703 0908 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 20:46:15.0843 0908 RasAcd - ok 20:46:15.0875 0908 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 20:46:16.0031 0908 Rasl2tp - ok 20:46:16.0046 0908 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 20:46:16.0187 0908 RasPppoe - ok 20:46:16.0328 0908 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 20:46:16.0578 0908 Raspti - ok 20:46:16.0765 0908 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 20:46:16.0921 0908 Rdbss - ok 20:46:16.0968 0908 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 20:46:17.0109 0908 RDPCDD - ok 20:46:17.0171 0908 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 20:46:17.0203 0908 RDPWD - ok 20:46:17.0250 0908 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 20:46:17.0390 0908 redbook - ok 20:46:17.0468 0908 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 20:46:17.0625 0908 Secdrv - ok 20:46:17.0687 0908 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 20:46:17.0843 0908 serenum - ok 20:46:17.0921 0908 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 20:46:18.0062 0908 Serial - ok 20:46:18.0125 0908 sfdrv01a (4d0ce0fadca29e7da68ce597ac9010bd) C:\WINDOWS\system32\drivers\sfdrv01a.sys 20:46:18.0156 0908 sfdrv01a - ok 20:46:18.0187 0908 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\WINDOWS\system32\drivers\sfhlp02.sys 20:46:18.0203 0908 sfhlp02 - ok 20:46:18.0250 0908 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 20:46:18.0406 0908 Sfloppy - ok 20:46:18.0421 0908 Simbad - ok 20:46:18.0468 0908 SIS163u (4edc881c138e778feb9bd24cbc6b33ed) C:\WINDOWS\system32\DRIVERS\sis163u.sys 20:46:18.0500 0908 SIS163u - ok 20:46:18.0531 0908 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 20:46:18.0671 0908 SLIP - ok 20:46:18.0718 0908 Sparrow - ok 20:46:18.0781 0908 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 20:46:18.0921 0908 splitter - ok 20:46:18.0953 0908 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 20:46:19.0093 0908 sr - ok 20:46:19.0140 0908 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 20:46:19.0203 0908 Srv - ok 20:46:19.0250 0908 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 20:46:19.0265 0908 ssmdrv - ok 20:46:19.0312 0908 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 20:46:19.0453 0908 streamip - ok 20:46:19.0500 0908 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 20:46:19.0640 0908 swenum - ok 20:46:19.0671 0908 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 20:46:19.0828 0908 swmidi - ok 20:46:19.0843 0908 symc810 - ok 20:46:19.0859 0908 symc8xx - ok 20:46:19.0875 0908 sym_hi - ok 20:46:19.0890 0908 sym_u3 - ok 20:46:19.0906 0908 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 20:46:20.0046 0908 sysaudio - ok 20:46:20.0109 0908 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 20:46:20.0203 0908 Tcpip - ok 20:46:20.0234 0908 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 20:46:20.0406 0908 TDPIPE - ok 20:46:20.0437 0908 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 20:46:20.0593 0908 TDTCP - ok 20:46:20.0625 0908 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 20:46:20.0765 0908 TermDD - ok 20:46:20.0781 0908 TosIde - ok 20:46:20.0828 0908 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 20:46:21.0000 0908 Udfs - ok 20:46:21.0015 0908 ultra - ok 20:46:21.0046 0908 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 20:46:21.0218 0908 Update - ok 20:46:21.0265 0908 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 20:46:21.0421 0908 usbaudio - ok 20:46:21.0453 0908 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 20:46:21.0593 0908 usbccgp - ok 20:46:21.0640 0908 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 20:46:21.0781 0908 usbehci - ok 20:46:21.0812 0908 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 20:46:21.0953 0908 usbhub - ok 20:46:21.0984 0908 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 20:46:22.0140 0908 usbprint - ok 20:46:22.0187 0908 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 20:46:22.0343 0908 usbscan - ok 20:46:22.0390 0908 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 20:46:22.0531 0908 usbstor - ok 20:46:22.0578 0908 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 20:46:22.0718 0908 usbuhci - ok 20:46:22.0765 0908 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 20:46:22.0921 0908 usbvideo - ok 20:46:22.0984 0908 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\WINDOWS\system32\DRIVERS\VClone.sys 20:46:23.0000 0908 VClone ( UnsignedFile.Multi.Generic ) - warning 20:46:23.0000 0908 VClone - detected UnsignedFile.Multi.Generic (1) 20:46:23.0031 0908 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 20:46:23.0187 0908 VgaSave - ok 20:46:23.0203 0908 ViaIde - ok 20:46:23.0234 0908 VMUVC - ok 20:46:23.0281 0908 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 20:46:23.0453 0908 VolSnap - ok 20:46:23.0468 0908 vvftUVC - ok 20:46:23.0500 0908 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 20:46:23.0671 0908 Wanarp - ok 20:46:23.0953 0908 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys 20:46:24.0140 0908 wanatw - ok 20:46:24.0296 0908 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 20:46:24.0375 0908 Wdf01000 - ok 20:46:24.0562 0908 WDICA - ok 20:46:24.0609 0908 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 20:46:24.0750 0908 wdmaud - ok 20:46:24.0843 0908 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 20:46:25.0000 0908 WS2IFSL - ok 20:46:25.0031 0908 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 20:46:25.0203 0908 WSTCODEC - ok 20:46:25.0250 0908 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 20:46:25.0328 0908 WudfPf - ok 20:46:25.0375 0908 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 20:46:25.0406 0908 WudfRd - ok 20:46:25.0453 0908 xusb21 (a640c90b007762939507c28a021be3b3) C:\WINDOWS\system32\DRIVERS\xusb21.sys 20:46:25.0515 0908 xusb21 - ok 20:46:25.0531 0908 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0 20:46:25.0765 0908 \Device\Harddisk0\DR0 - ok 20:46:25.0781 0908 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1 20:46:25.0843 0908 \Device\Harddisk1\DR1 - ok 20:46:25.0843 0908 Boot (0x1200) (5431522f497aaccd5625ac249501f342) \Device\Harddisk0\DR0\Partition0 20:46:25.0843 0908 \Device\Harddisk0\DR0\Partition0 - ok 20:46:25.0843 0908 Boot (0x1200) (14a1c817fd1f317389f7ca4110543312) \Device\Harddisk1\DR1\Partition0 20:46:25.0843 0908 \Device\Harddisk1\DR1\Partition0 - ok 20:46:25.0843 0908 ============================================================ 20:46:25.0843 0908 Scan finished 20:46:25.0843 0908 ============================================================ 20:46:25.0953 0184 Detected object count: 9 20:46:25.0953 0184 Actual detected object count: 9 20:47:42.0609 0184 ActionReplayDS ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:42.0609 0184 ActionReplayDS ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:47:42.0609 0184 Afc ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:42.0609 0184 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:47:42.0609 0184 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:42.0609 0184 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:47:42.0625 0184 atksgt ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:42.0625 0184 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:47:42.0625 0184 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:42.0625 0184 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:47:42.0625 0184 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:42.0625 0184 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:47:42.0625 0184 KMWDFilter ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:42.0625 0184 KMWDFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:47:42.0625 0184 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:42.0625 0184 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:47:42.0625 0184 VClone ( UnsignedFile.Multi.Generic ) - skipped by user 20:47:42.0625 0184 VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip |
16.11.2011, 09:20 | #23 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Drive by Download. JavaScript ausgeführt.. auf Facebook Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
16.11.2011, 16:22 | #24 |
| Drive by Download. JavaScript ausgeführt.. auf Facebook Ich habe alles wie folgt ausgeführt, bin dann kurz weggegangen. als ich wieder kam War ein bluescreen da.. ,,Es wurde ein Problem festgestellt, windows wurde heruntergefahren, damit der computer nicht beschädigt wird.´´ bad_pool_caller usw... was jetzt? |
16.11.2011, 19:16 | #25 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Drive by Download. JavaScript ausgeführt.. auf Facebook Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es bitte nochmal.
__________________ Logfiles bitte immer in CODE-Tags posten |
16.11.2011, 20:15 | #26 |
| Drive by Download. JavaScript ausgeführt.. auf Facebook Wieder ausgeführt. Schon wieder derselbe Fehler. Aber es war nicht BAD_POOL_CALLER sondern BAD_POOL_HEADER!!! |
16.11.2011, 21:09 | #27 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Drive by Download. JavaScript ausgeführt.. auf Facebook Kopiere die combofix.exe bitte direkt nach C: Starte Windows neu in den abgesicherten Modus mit Netzwerktreibern. In der Eingebabeaufforderung das hier eintippen: Code:
ATTFilter start c:\combofix.exe
__________________ Logfiles bitte immer in CODE-Tags posten |
16.11.2011, 21:39 | #28 |
| Drive by Download. JavaScript ausgeführt.. auf Facebook Wo ist die Eingabeaufforderung, wenn ich Windows im abgesichteren Modus mit NETZWERKTREIBERN starte.. Es gibt doch auch noch die Funktion, Abgesicherter Modus mit Eingabeaufforderung? Wie genau soll ich das machen, erklär mir das bitte nochmal.. |
16.11.2011, 21:54 | #29 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Drive by Download. JavaScript ausgeführt.. auf FacebookZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
16.11.2011, 23:05 | #30 |
| Drive by Download. JavaScript ausgeführt.. auf Facebook Hab jetzt das Log (nachdem sich der pc 2 mal von alleine neugestartet hat) Log Von ComboFix. ComboFix 11-11-16.01 - Loris Tischer 16.11.2011 22:23:14.3.2 - x86 MINIMAL Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.3071.2816 [GMT 1:00] ausgeführt von:: c:\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) C:\config.dat C:\Dokumente und Einstellungen\Loris Tischer\WINDOWS C:\Programme\FreeYouTubeDownload3016.exe C:\readme.txt C:\WINDOWS\IsUn0407.exe C:\WINDOWS\iun6002.exe Infizierte Kopie von C:\WINDOWS\system32\midimap.dll wurde gefunden und desinfiziert Kopie von - C:\WINDOWS\NiwradSoft Shell Pack\Backup\midimap.dll wurde wiederhergestellt ((((((((((((((((((((((( Dateien erstellt von 2011-10-16 bis 2011-11-16 )))))))))))))))))))))))))))))) 2011-11-16 20:25:32 . 2011-11-16 20:26:23 -------- d-----w- C:\Dokumente und Einstellungen\Administrator 2011-11-14 21:46:16 . 2011-11-14 21:46:16 -------- d-----w- C:\_OTL 2011-11-10 15:50:15 . 2011-11-10 15:50:15 -------- d-----w- C:\Programme\ESET 2011-11-09 20:42:03 . 2011-11-09 20:42:03 -------- d-----w- C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Malwarebytes 2011-11-09 20:41:51 . 2011-11-09 20:41:51 -------- d-----w- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2011-11-09 20:41:47 . 2011-11-10 15:31:01 -------- d-----w- C:\Programme\Malwarebytes' Anti-Malware 2011-11-09 20:41:47 . 2011-08-31 16:00:50 22216 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2011-11-08 20:03:13 . 2011-11-08 20:03:13 -------- d-----w- C:\Programme\Gemeinsame Dateien\Java 2011-10-18 19:13:37 . 2011-10-18 19:13:37 -------- d-----w- C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Avira 2011-10-18 19:11:07 . 2011-10-11 13:00:01 36000 ----a-w- C:\WINDOWS\system32\drivers\avkmgr.sys 2011-10-18 19:11:07 . 2011-10-11 13:00:01 134344 ----a-w- C:\WINDOWS\system32\drivers\avipbb.sys 2011-10-18 19:10:06 . 2011-10-18 19:12:50 -------- d-----w- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira 2011-10-18 19:10:06 . 2011-10-18 19:10:06 -------- d-----w- C:\Programme\Avira 2011-10-18 18:48:26 . 2011-10-18 18:50:56 83538448 ----a-w- C:\Programme\avira_free_antivirus_de.exe . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) 2011-10-19 12:25:49 . 2011-06-07 14:31:53 414368 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2011-10-13 15:14:11 . 2011-10-13 15:14:06 1110476 ----a-w- C:\Programme\7z920.exe 2011-10-11 13:00:01 . 2009-12-10 19:45:12 74640 ----a-w- C:\WINDOWS\system32\drivers\avgntflt.sys 2011-10-10 14:22:46 . 2005-11-07 16:49:37 692736 ----a-w- C:\WINDOWS\system32\inetcomm.dll 2011-10-03 04:06:03 . 2011-05-25 20:03:41 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll 2011-10-03 01:37:52 . 2011-05-25 20:03:41 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl 2011-09-28 07:06:43 . 2005-11-07 08:37:41 604160 ----a-w- C:\WINDOWS\system32\crypt32.dll 2011-09-26 09:41:54 . 2008-07-29 18:59:58 614912 ----a-w- C:\WINDOWS\system32\uiautomationcore.dll 2011-09-26 09:41:54 . 2005-11-07 08:37:50 23040 ----a-w- C:\WINDOWS\system32\oleaccrc.dll 2011-09-26 09:41:20 . 2005-11-07 08:37:50 220160 ----a-w- C:\WINDOWS\system32\oleacc.dll 2011-09-06 14:10:01 . 2005-11-07 08:37:56 1859072 ----a-w- C:\WINDOWS\system32\win32k.sys 2011-08-22 23:41:33 . 2005-11-07 08:37:56 916480 ----a-w- C:\WINDOWS\system32\wininet.dll 2011-08-22 23:41:31 . 2005-11-07 08:37:46 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll 2011-08-22 23:41:31 . 2005-11-07 08:37:45 1469440 ----a-w- C:\WINDOWS\system32\inetcpl.cpl 2011-08-22 11:56:39 . 2005-11-07 08:37:44 385024 ----a-w- C:\WINDOWS\system32\html.iec ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. [7] 2008-04-14 02:22:08 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . C:\WINDOWS\NiwradSoft Shell Pack\Backup\comres.dll [-] 2008-04-14 02:22:08 . 08AD15F9B0449D12587A2ED34AAACD12 . 1548800 . . [2001.12.4414.700] . . C:\WINDOWS\ServicePackFiles\i386\comres.dll [-] 2008-04-14 02:22:08 . 08AD15F9B0449D12587A2ED34AAACD12 . 1548800 . . [2001.12.4414.700] . . C:\WINDOWS\system32\comres.dll [7] 2004-08-04 12:00:00 . 4B9D9E2708019763C5A72DA776DB1158 . 846848 . . [2001.12.4414.258] . . C:\WINDOWS\$NtServicePackUninstall$\comres.dll [7] 2008-04-14 02:23:05 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\NiwradSoft Shell Pack\Backup\winlogon.exe [-] 2008-04-14 02:23:05 . AD37DF3FB8F168E42C09B77B487F6812 . 552448 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 02:23:05 . AD37DF3FB8F168E42C09B77B487F6812 . 552448 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\winlogon.exe [-] 2004-08-25 16:59:56 . 325A82EBBD69248D75C5F831E8817D17 . 507904 . . [5.1.2600.2508 (xpsp.040806-1825)] . . C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [7] 2004-08-04 12:00:00 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB883529$\winlogon.exe [7] 2008-04-14 02:22:31 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\NiwradSoft Shell Pack\Backup\user32.dll [-] 2008-04-14 02:22:31 . C268AE6C540CC43F2264C8CB7A9A4243 . 580096 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\user32.dll [-] 2008-04-14 02:22:31 . C268AE6C540CC43F2264C8CB7A9A4243 . 580096 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\user32.dll [-] 2007-03-08 15:48:39 . 78785EFF8CB90CEC1862A4CCFD9A3C3A . 579584 . . [5.1.2600.3099 (xpsp_sp2_qfe.070308-0217)] . . C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll [-] 2007-03-08 15:36:30 . 492E166CFD26A50FB9160DB536FF7D2B . 579072 . . [5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] . . C:\WINDOWS\$NtServicePackUninstall$\user32.dll [-] 2005-03-02 18:19:56 . 4C90159A69A5FD3EB39C71411F28FCFF . 578560 . . [5.1.2600.2622 (xpsp.050301-1521)] . . C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll [-] 2005-03-02 18:09:46 . 3751D7CF0E0A113D84414992146BCE6A . 578560 . . [5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] . . C:\WINDOWS\$NtUninstallKB925902$\user32.dll [7] 2004-08-04 12:00:00 . 56785FD5236D7B22CF471A6DA9DB46D8 . 578560 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB890859$\user32.dll [-] 2008-04-14 02:22:45 . C4F91B363B29E589E84E6D9D41A92952 . 1544192 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\explorer.exe [7] 2008-04-14 02:22:45 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\NiwradSoft Shell Pack\Backup\explorer.exe [-] 2008-04-14 02:22:45 . C4F91B363B29E589E84E6D9D41A92952 . 1544192 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\ServicePackFiles\i386\explorer.exe [-] 2007-06-13 13:10:08 . 331ED93570BAF3CFE30340298762CD56 . 1036288 . . [6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)] . . C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [-] 2005-04-07 18:46:59 . 64322E8399B205B7281FF883737A9B03 . 1035264 . . [6.00.2900.2649 (xpsp.050406-1732)] . . C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [7] 2004-08-04 12:00:00 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtUninstallKB884883$\explorer.exe [-] 2008-04-14 02:22:58 . B4E7A9D7524304DC390E19ED7E1D7EE3 . 283136 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\regedit.exe [7] 2008-04-14 02:22:58 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\NiwradSoft Shell Pack\Backup\regedit.exe [-] 2008-04-14 02:22:58 . B4E7A9D7524304DC390E19ED7E1D7EE3 . 283136 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\ServicePackFiles\i386\regedit.exe [7] 2004-08-04 12:00:00 . 8193CE5FB09E83F2699FD65BBCBE2FD2 . 153600 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\regedit.exe [7] 2004-08-04 12:00:00 . 8193CE5FB09E83F2699FD65BBCBE2FD2 . 153600 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\I386\REGEDIT.EXE [7] 2008-04-14 02:22:40 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\NiwradSoft Shell Pack\Backup\ctfmon.exe [-] 2008-04-14 02:22:40 . 6BB3F4E4B01913F1764CC137E841B520 . 40448 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\ctfmon.exe [7] 2004-08-04 12:00:00 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe [7] 2008-04-14 02:22:11 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\NiwradSoft Shell Pack\Backup\hnetcfg.dll [-] 2008-04-14 02:22:11 . 0F68637BB752D674D110928CD31B7292 . 373248 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\ServicePackFiles\i386\hnetcfg.dll [-] 2008-04-14 02:22:11 . 0F68637BB752D674D110928CD31B7292 . 373248 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\hnetcfg.dll [7] 2004-08-04 12:00:00 . AE93E415220A4C0112768A0DEE36D28D . 348672 . . [5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\$NtServicePackUninstall$\hnetcfg.dll [7] 2009-06-29 08:35:10 . 3CFC56F73D494FC1AA2B6E981DF15ACD . 634632 . . [7.00.6000.16876 (vista_gdr.090625-2339)] . . C:\WINDOWS\ie8\iexplore.exe [7] 2009-06-29 07:25:31 . 02E2754D3E566C11A4934825920C47DD . 634632 . . [7.00.6000.21073 (vista_ldr.090625-2339)] . . C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe [7] 2009-04-25 05:27:50 . 092A7F2B49A19ECCE5369D3CB2276148 . 636088 . . [7.00.6000.16850 (vista_gdr.090423-0018)] . . C:\WINDOWS\ie7updates\KB972260-IE7\iexplore.exe [7] 2009-04-25 05:27:39 . C0503FD8D163652735C1EE900672A75C . 636088 . . [7.00.6000.21045 (vista_ldr.090423-0018)] . . C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iexplore.exe [7] 2009-03-08 12:09:26 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] . . C:\WINDOWS\NiwradSoft Shell Pack\Backup\iexplore.exe [-] 2009-03-08 12:09:26 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] . . C:\WINDOWS\ServicePackFiles\i386\iexplore.exe [-] 2009-03-08 12:09:26 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] . . C:\WINDOWS\system32\dllcache\iexplore.exe [7] 2009-02-28 04:54:44 . BCD8E48709BE4A79606F0B6E8E9A6162 . 636088 . . [7.00.6000.21020 (vista_ldr.090226-1506)] . . C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iexplore.exe [7] 2009-02-28 04:54:41 . A251068640DDB69FD7805B57D89D7FF7 . 636072 . . [7.00.6000.16827 (vista_gdr.090226-1506)] . . C:\WINDOWS\ie7updates\KB969897-IE7\iexplore.exe [7] 2008-12-19 05:25:30 . 15E8A89499741D5CF59A9CF6463A4339 . 634024 . . [7.00.6000.20978 (vista_ldr.081217-1620)] . . C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe [7] 2008-12-19 05:25:30 . 15E8A89499741D5CF59A9CF6463A4339 . 634024 . . [7.00.6000.20978 (vista_ldr.081217-1620)] . . C:\WINDOWS\SoftwareDistribution\Download\16035e76e7a72d3a2285fb1603a86010\SP2QFE\iexplore.exe [7] 2008-12-19 05:25:25 . 030D78FE84A086ED376EFCBD2D72C522 . 634024 . . [7.00.6000.16791 (vista_gdr.081217-1620)] . . C:\WINDOWS\ie7updates\KB963027-IE7\iexplore.exe [7] 2008-12-19 05:25:25 . 030D78FE84A086ED376EFCBD2D72C522 . 634024 . . [7.00.6000.16791 (vista_gdr.081217-1620)] . . C:\WINDOWS\SoftwareDistribution\Download\16035e76e7a72d3a2285fb1603a86010\SP2GDR\iexplore.exe [7] 2008-08-23 05:56:16 . E8305C30D35E85D6657ED3E9934CB302 . 635848 . . [7.00.6000.20900 (vista_ldr.080820-1506)] . . C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe [7] 2008-08-23 05:56:16 . E8305C30D35E85D6657ED3E9934CB302 . 635848 . . [7.00.6000.20900 (vista_ldr.080820-1506)] . . C:\WINDOWS\SoftwareDistribution\Download\d53a19238e3664857cfe3ba9425b011d\SP2QFE\iexplore.exe [7] 2008-08-23 05:56:15 . 1F03216084447F990AE797317D0A6E70 . 635848 . . [7.00.6000.16735 (vista_gdr.080820-1506)] . . C:\WINDOWS\ie7updates\KB961260-IE7\iexplore.exe [7] 2008-08-23 05:56:15 . 1F03216084447F990AE797317D0A6E70 . 635848 . . [7.00.6000.16735 (vista_gdr.080820-1506)] . . C:\WINDOWS\SoftwareDistribution\Download\d53a19238e3664857cfe3ba9425b011d\SP2GDR\iexplore.exe [7] 2007-08-13 17:43:56 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13 (longhorn(wmbla).070711-1130)] . . C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe [7] 2004-08-04 12:00:00 . B39A6AF04A431E317C85BF061719E705 . 93184 . . [6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] . . C:\WINDOWS\ie7\iexplore.exe (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Verknüpfung mit der High Definition Audio-Eigenschaftenseite"="HDAShCut.exe" [2005-01-07 16:07:16 61952] "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 11:36:20 14854144] "EPSON Stylus DX4200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE" [2005-03-08 04:00:00 98304] "AOLDialer"="C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" [2007-06-21 12:42:56 70952] "HostManager"="C:\Programme\Gemeinsame Dateien\AOL\1174821229\ee\AOLSoftware.exe" [2006-11-17 13:16:10 50736] "AVMWlanClient"="C:\Programme\avmwlanstick\wlangui.exe" [2009-05-07 01:01:00 1904640] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2009-03-27 08:03:00 13684736] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2009-03-27 08:03:00 86016] "QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2007-03-11 15:27:02 98304] "IntelliPoint"="C:\Programme\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 19:16:31 1468296] "VirtualCloneDrive"="C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 11:44:11 85160] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 16:55:10 55824] "avgnt"="C:\Programme\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 12:59:37 258512] "SunJavaUpdateSched"="C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2011-06-09 12:06:06 254696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 02:22:40 40448] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\ AOL 9.0 Tray-Symbol.lnk - C:\Programme\AOL 9.0\aoltray.exe [2007-3-11 156784] Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\SetPoint.exe [2010-10-31 813584] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 11:28:42 72208 ----a-w- c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk] path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk backup=C:\WINDOWS\pss\Adobe Reader - Schnellstart.lnkCommon Startup [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk] path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KMCONFIG] 2007-03-06 12:51:14 212992 ----a-w- C:\Programme\Trust\Trust R-Series Mouse\StartAutorun.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 02:22:54 1695232 ------w- C:\Programme\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 10:50:42 155648 ----a-w- C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2005-11-01 12:23:32 143360 ----a-w- C:\Program Files\CyberLink\PowerCinema\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress] 2005-08-24 19:14:44 2031711 ----a-w- C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2007-03-11 15:27:02 98304 ----a-w- C:\Programme\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] 2009-06-02 03:54:21 26112 ----a-w- C:\Programme\Real\RealPlayer\realplay.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2005-04-15 15:13:00 45056 ----a-w- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WEB.DE Update] 2009-10-30 15:06:47 2276744 ----a-w- C:\Programme\Web.de\LiveUpdate\m2LUTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{1290A33C-85F5-4164-A1BE-7DD299D4986A}] 2005-04-11 14:34:02 69721 ----a-w- C:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"= "C:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"= "C:\\Programme\\Messenger\\Msmsgs.exe"= "C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe"= "C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe"= "C:\\Programme\\AOL 9.0\\waol.exe"= "C:\\Programme\\UBISOFT\\Heroes of Might and Magic V\\bin\\H5_Game.exe"= "C:\\Programme\\ANNO 1602 Königs-Edition\\1602.exe"= "C:\\WINDOWS\\system32\\dpnsvr.exe"= "C:\\Programme\\Reality Pump\\KnightShift\\KnightShift.ex2"= "C:\\Programme\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"= "C:\\Programme\\GameSpy Arcade\\Aphex.exe"= "C:\\Programme\\Gemeinsame Dateien\\aol\\1174821229\\ee\\aolsoftware.exe"= "C:\\Programme\\JoWooD\\SpellForce\\spellforce.exe"= "C:\\Programme\\Microsoft Games\\Age of Mythology\\aom.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Programme\\Samsung\\Samsung New PC Studio\\npsasvr.exe"= "C:\\Programme\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"= "C:\\Programme\\Kalypso\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"= "C:\\Programme\\UBISOFT\\Heroes of Might and Magic V - Tribes of the East\\bin\\H5_Game.exe"= "C:\\Programme\\Google\\Google Earth\\client\\googleearth.exe"= "C:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"= "C:\\Dokumente und Einstellungen\\Loris Tischer\\Eigene Dateien\\World of Padman\\wop.exe"= "C:\\Programme\\ICQ7.4\\ICQ.exe"= "C:\\Dokumente und Einstellungen\\Loris Tischer\\Desktop\\Games\\World of Padman 1.5\\wop.exe"= "C:\\Programme\\Skype\\Phone\\Skype.exe"= "C:\\Programme\\TmNationsForever\\TmForever.exe"= "C:\\Programme\\Steam\\SteamApps\\larrygarry927\\counter-strike source\\hl2.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "59124:TCP"= 59124:TCP:Pando Media Booster "59124:UDP"= 59124:UDP:Pando Media Booster "8396:TCP"= 8396:TCP:League of Legends Launcher "8396:UDP"= 8396:UDP:League of Legends Launcher "6976:TCP"= 6976:TCP:League of Legends Launcher "6976:UDP"= 6976:UDP:League of Legends Launcher "6921:TCP"= 6921:TCP:League of Legends Launcher "6921:UDP"= 6921:UDP:League of Legends Launcher "6893:TCP"= 6893:TCP:League of Legends Launcher "6893:UDP"= 6893:UDP:League of Legends Launcher "8397:TCP"= 8397:TCP:League of Legends Launcher "8397:UDP"= 8397:UDP:League of Legends Launcher "6988:TCP"= 6988:TCP:League of Legends Launcher "6988:UDP"= 6988:UDP:League of Legends Launcher "8398:TCP"= 8398:TCP:League of Legends Launcher "8398:UDP"= 8398:UDP:League of Legends Launcher "8393:TCP"= 8393:TCP:League of Legends Lobby "8393:UDP"= 8393:UDP:League of Legends Lobby "8390:TCP"= 8390:TCP:League of Legends Game Client "8390:UDP"= 8390:UDP:League of Legends Game Client "6964:TCP"= 6964:TCP:League of Legends Launcher "6964:UDP"= 6964:UDP:League of Legends Launcher R0 878BDA;DVB-TV 878 BDA Driver;C:\WINDOWS\system32\drivers\878BDA.sys [07.11.2005 09:45:06 78336] R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [05.07.2006 13:46:06 63352] R1 avkmgr;avkmgr;C:\WINDOWS\system32\drivers\avkmgr.sys [18.10.2011 20:11:07 36000] R2 AntiVirSchedulerService;Avira Planer;C:\Programme\Avira\AntiVir Desktop\sched.exe [18.10.2011 20:11:15 86224] R2 AntiVirWebService;Avira Browser Schutz;C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe [18.10.2011 20:11:08 463824] R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [13.05.2009 20:00:20 233472] R2 KMWDSERVICE;Keyboard And Mouse Communication Service;C:\Programme\Trust\Trust R-Series Mouse\KMWDSrv.exe [08.06.2007 23:23:50 208896] R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\drivers\LBeepKE.sys [31.10.2010 18:10:22 10384] R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [13.05.2009 20:00:20 36608] R3 FWLANUSB;AVM FRITZ!WLAN;C:\WINDOWS\system32\drivers\fwlanusb.sys [21.01.2007 15:59:17 265088] R3 LADF_DHP2;G35 DHP2 Filter Driver;C:\WINDOWS\system32\drivers\ladfDHP2i386.sys [10.04.2009 19:19:38 53264] R3 LADF_SBVM;G35 SBVM Filter Driver;C:\WINDOWS\system32\drivers\ladfSBVMi386.sys [10.04.2009 19:19:44 334992] R3 PhilCap;PhilCap service;C:\WINDOWS\system32\drivers\PhilCap.sys [07.11.2005 09:45:06 787840] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.03.2010 13:16:28 130384] S2 gupdate1c991e6324b2b64;Google Update Service (gupdate1c991e6324b2b64);C:\Programme\Google\Update\GoogleUpdate.exe [18.02.2009 17:30:22 133104] S3 ActionReplayDS;ActionReplayDS;C:\WINDOWS\system32\drivers\actionreplayds.sys [21.10.2009 22:22:14 29184] S3 avmeject;AVM Eject;C:\WINDOWS\system32\drivers\avmeject.sys [07.05.2009 02:01:00 4352] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\MAGIX\Common\Database\bin\fbserver.exe [07.11.2005 18:37:07 1527900] S3 gupdatem;Google Update-Dienst (gupdatem);C:\Programme\Google\Update\GoogleUpdate.exe [18.02.2009 17:30:22 133104] S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\drivers\sis163u.sys [07.11.2005 09:45:10 215040] S3 VMUVC;Vimicro Camera Service VMUVC;C:\WINDOWS\system32\Drivers\VMUVC.sys --> C:\WINDOWS\system32\Drivers\VMUVC.sys [?] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;C:\WINDOWS\system32\drivers\vvftUVC.sys --> C:\WINDOWS\system32\drivers\vvftUVC.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.03.2010 13:16:28 753504] --- Andere Dienste/Treiber im Speicher --- *NewlyCreated* - FSUSBEXDISK Inhalt des "geplante Tasks" Ordners 2011-11-16 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job - C:\Programme\Google\Update\GoogleUpdate.exe [2009-02-18 16:30:22 . 2009-02-18 16:30:19] 2011-11-16 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job - C:\Programme\Google\Update\GoogleUpdate.exe [2009-02-18 16:30:22 . 2009-02-18 16:30:19] ------- Zusätzlicher Suchlauf ------- uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.google.de/ uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://go.web.de/suchbox/webdesuche?su=%s IE: Free YouTube Download - C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe LSP: C:\Programme\Avira\AntiVir Desktop\avsda.dll TCP: Interfaces\{21BBC1BB-38CE-4F03-AE6E-AFE194038080}: NameServer = 192.168.178.1 FF - ProfilePath - C:\Dokumente und Einstellungen\Loris Tischer\Anwendungsdaten\Mozilla\Firefox\Profiles\9sirfwyx.default\ FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - google.com FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - C:\Programme\Java\jre6\lib\deploy\jqs\ff - - - - Entfernte verwaiste Registrierungseinträge - - - - BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-ApnUpdater - C:\Programme\Ask.com\Updater\Updater.exe Notify-AtiExtEvent - (no file) MSConfigStartUp-swg - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe AddRemove-ANNO 1602 Königs-Edition - C:\WINDOWS\IsUn0407.exe AddRemove-Heroes of Might and Magic IV - C:\WINDOWS\IsUn0407.exe AddRemove-Microsoft Interactive Training - C:\WINDOWS\IsUn0407.exe AddRemove-World of Padman 1.5 - C:\Dokumente und Einstellungen\Loris Tischer\Eigene Dateien\World of Padman\World of Padman 1.5\UnWoP.exe AddRemove-YouTube Song Downloader_is1 - C:\Programme\YouTube Song Downloader\unins000.exe AddRemove-Zuma_Deluxe!_1.0 - C:\WINDOWS\iun6002.exe |
Themen zu Drive by Download. JavaScript ausgeführt.. auf Facebook |
avira, beitrag, drive by, erkennen, facebook, facebook code php javascript, falsche, festplatte, formatieren, formatieren?, forum, freunde, javascript, knapp, leute, länger, minuten, nicht mehr, platte, posten, schonmal, script, seite, sekunden, sicherheitsbedenken, total, video, wirklich, youtube |