| |
| |||||||
Log-Analyse und Auswertung: Nerviger Skriptfehler von startsear.chWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.11.2011, 21:31
| #31 |
 |  Nerviger Skriptfehler von startsear.ch Das hat funktioniert!!!  Danke schön!!! Ich poste trotzdem die OTL logdatei:OTL Logfile:Code:
ATTFilter OTL logfile created on: 22.11.2011 20:55:10 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Irina\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 52,14% Memory free 4,21 Gb Paging File | 3,07 Gb Available in Paging File | 72,79% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,77 Gb Total Space | 10,52 Gb Free Space | 15,08% Space Free | Partition Type: NTFS Drive D: | 66,27 Gb Total Space | 41,09 Gb Free Space | 62,00% Space Free | Partition Type: NTFS Computer Name: IRINA-PC | User Name: Irina | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.11.16 14:25:49 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Irina\Desktop\OTL.exe PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.08.23 20:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.04.22 13:21:10 | 000,247,728 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe PRC - [2011.03.28 19:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2011.03.28 19:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2011.02.18 10:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe PRC - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.10.25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2006.10.11 11:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Programme\ScanSoft\OmniPageSE4.0\OpWareSE4.exe PRC - [2006.09.20 07:35:26 | 000,020,480 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe PRC - [2006.09.19 15:05:32 | 000,024,576 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ========== Modules (No Company Name) ========== MOD - [2010.02.10 18:10:10 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2006.09.20 07:35:26 | 000,020,480 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe MOD - [2006.09.19 15:05:32 | 000,024,576 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ========== Win32 Services (SafeList) ========== SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011.10.11 14:00:01 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.03.23 13:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV - [2010.01.28 12:09:55 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2008.11.16 17:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE) DRV - [2008.01.19 05:25:05 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2007.03.28 07:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir) DRV - [2007.01.18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA) DRV - [2006.11.14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.t-online.de/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://startsear.ch/?aff=1&cf=e5c4edc0-12d5-11e1-81cd-001b2492bc45" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: {37964A3C-4EE8-47b1-8321-34DE2C39BA4D}:2.2.0.34 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {c840e246-6b95-475e-9bd7-caa1c7eca9f2}:3.2.5.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..keyword.URL: "hxxp://startsear.ch/?aff=1&src=sp&cf=e5c4edc0-12d5-11e1-81cd-001b2492bc45&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.11.10 13:49:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.16 09:42:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.22 16:00:48 | 000,000,000 | ---D | M] [2011.07.17 07:46:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Irina\AppData\Roaming\mozilla\Extensions [2011.07.17 07:46:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Irina\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.11.22 15:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Irina\AppData\Roaming\mozilla\Firefox\Profiles\uxnp83zv.default\extensions [2010.04.18 13:32:49 | 000,002,253 | ---- | M] () -- C:\Users\Irina\AppData\Roaming\Mozilla\Firefox\Profiles\uxnp83zv.default\searchplugins\askcom.xml [2011.01.14 19:38:53 | 000,000,931 | ---- | M] () -- C:\Users\Irina\AppData\Roaming\Mozilla\Firefox\Profiles\uxnp83zv.default\searchplugins\conduit.xml [2010.09.02 09:09:28 | 000,002,486 | ---- | M] () -- C:\Users\Irina\AppData\Roaming\Mozilla\Firefox\Profiles\uxnp83zv.default\searchplugins\iMeshWebSearch.xml [2011.08.02 19:07:03 | 000,001,533 | ---- | M] () -- C:\Users\Irina\AppData\Roaming\Mozilla\Firefox\Profiles\uxnp83zv.default\searchplugins\mailru---.xml [2010.05.14 07:40:28 | 000,001,455 | ---- | M] () -- C:\Users\Irina\AppData\Roaming\Mozilla\Firefox\Profiles\uxnp83zv.default\searchplugins\mailru.xml [2011.07.11 19:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Irina\AppData\Roaming\Mozilla\Firefox\Profiles\uxnp83zv.default\searchplugins\startsear.xml [2011.11.21 09:22:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.04.15 09:27:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.04 10:20:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.07 21:48:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.02.17 10:35:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.07.22 09:30:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011.11.21 09:22:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011.11.10 13:49:00 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX [2011.10.16 09:42:20 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.11.21 09:22:01 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.10.16 09:42:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.16 09:42:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.10.16 09:42:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.09.02 09:09:28 | 000,002,486 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\iMeshWebSearch.xml [2011.10.16 09:42:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.05.14 07:40:28 | 000,001,455 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mailru.xml [2011.10.16 09:42:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.16 09:42:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2011.11.16 17:12:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll File not found O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {09900DE8-1DCA-443F-9243-26FF581438AF} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe () O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html () O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} hxxp://download.sopcast.com/download/SOPCORE.CAB (SopCore Control) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{079701D7-620B-4032-BED5-47EFE345557B}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.11.22 20:46:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Irina\Desktop\OTL.exe [2011.11.21 09:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011.11.21 09:22:36 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.11.21 09:22:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.11.21 09:22:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.11.20 11:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.11.20 11:05:19 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.11.20 11:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.11.20 11:04:57 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Irina\Desktop\mbam-setup-1.51.2.1300.exe [2011.11.18 13:52:25 | 000,000,000 | ---D | C] -- C:\Users\Irina\AppData\Roaming\MiKTeX [2011.11.17 13:14:11 | 000,000,000 | ---D | C] -- C:\Users\Irina\AppData\Local\MiKTeX [2011.11.17 12:06:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.8 [2011.11.17 12:01:26 | 000,000,000 | ---D | C] -- C:\Program Files\MiKTeX 2.8 [2011.11.17 12:00:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll [2011.11.17 12:00:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXnicCenter [2011.11.17 12:00:21 | 000,000,000 | ---D | C] -- C:\Program Files\TeXnicCenter [2011.11.17 10:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9 [2011.11.17 10:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MiKTeX [2011.11.17 10:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\MiKTeX 2.9 [2011.11.16 19:15:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.11.16 19:15:57 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.11.16 19:15:31 | 003,511,776 | ---- | C] (Piriform Ltd) -- C:\Users\Irina\Desktop\ccsetup312.exe [2011.11.16 17:18:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011.11.16 17:18:20 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011.11.16 17:18:20 | 000,000,000 | ---D | C] -- C:\Users\Irina\AppData\Local\temp [2011.11.16 16:59:46 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011.11.15 22:37:33 | 000,000,000 | ---D | C] -- C:\Users\Irina\AppData\Roaming\Malwarebytes [2011.11.15 22:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.11.15 09:48:11 | 000,000,000 | ---D | C] -- C:\Users\Irina\Desktop\CVK [2011.11.14 20:45:42 | 000,000,000 | ---D | C] -- C:\Users\Irina\Desktop\übung zu IW [2011.11.12 22:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} [2011.11.12 18:01:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Gibraltar [2011.11.12 14:40:07 | 000,000,000 | ---D | C] -- C:\Users\Irina\AppData\Local\assembly [2011.11.12 13:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair [2011.11.12 13:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair [2011.11.10 20:15:02 | 000,000,000 | ---D | C] -- C:\Users\Irina\Documents\Exmaralda [2011.11.10 20:04:30 | 000,000,000 | ---D | C] -- C:\Users\Irina\Desktop\MMI [2011.11.10 19:57:42 | 000,000,000 | ---D | C] -- C:\Users\Irina\Desktop\Methoden der IW [2011.11.10 16:15:18 | 000,000,000 | ---D | C] -- C:\Users\Irina\AppData\Roaming\Swiss Academic Software [2011.11.10 16:15:18 | 000,000,000 | ---D | C] -- C:\Users\Irina\Documents\Citavi 3 [2011.11.10 13:49:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 3 [2011.11.10 13:48:15 | 000,000,000 | ---D | C] -- C:\Program Files\Citavi 3 [2011.11.10 13:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Swiss Academic Software [2011.11.10 13:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client [2011.11.10 13:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Deterministic Networks [2011.11.09 17:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LECTURNITY Player [2011.11.09 17:52:57 | 000,000,000 | ---D | C] -- C:\Program Files\LECTURNITY Player [2011.11.09 13:10:56 | 000,000,000 | ---D | C] -- C:\Users\Irina\Documents\Porila [2011.11.08 10:38:35 | 000,000,000 | ---D | C] -- C:\Users\Irina\Documents\Methoden der IW [2011.11.02 19:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011.11.01 21:07:47 | 000,000,000 | ---D | C] -- C:\Users\Irina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast [2011.11.01 21:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast [2011.11.01 21:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast [2011.11.01 19:29:49 | 000,000,000 | ---D | C] -- C:\Users\Irina\Desktop\Volker Rosin [2011.11.01 19:26:06 | 000,000,000 | ---D | C] -- C:\Users\Irina\AppData\Roaming\Amazon [2011.11.01 19:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon [2011.11.01 19:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon [2011.10.29 08:59:46 | 000,000,000 | ---D | C] -- C:\Users\Irina\AppData\Local\NewSoft [2011.10.29 08:59:46 | 000,000,000 | ---D | C] -- C:\Users\Irina\Documents\My PageManager [2010.03.02 20:49:36 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Irina\AppData\Roaming\pcouffin.sys [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.11.22 20:10:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.11.22 20:02:19 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.11.22 20:02:18 | 000,004,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.11.22 20:02:18 | 000,004,896 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.11.22 20:02:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.11.22 20:00:53 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.11.21 09:22:01 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.11.21 09:22:01 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.11.21 09:22:01 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.11.21 09:22:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011.11.20 11:05:26 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.20 11:03:40 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Irina\Desktop\mbam-setup-1.51.2.1300.exe [2011.11.19 20:14:10 | 000,375,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.11.19 10:32:14 | 000,085,504 | ---- | M] () -- C:\Users\Irina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.11.19 09:21:08 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.11.19 09:21:08 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.11.19 09:21:08 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.11.19 09:21:08 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.11.18 09:10:49 | 000,076,731 | ---- | M] () -- C:\Users\Irina\Documents\AskInvoice.pdf [2011.11.17 12:00:23 | 000,000,841 | ---- | M] () -- C:\Users\Irina\Desktop\TeXnicCenter.lnk [2011.11.17 10:37:54 | 000,000,631 | ---- | M] () -- C:\Users\Irina\Desktop\MiKTeX 2.9 - Verknüpfung.lnk [2011.11.16 20:57:17 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl [2011.11.16 19:15:59 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.11.16 19:14:56 | 003,511,776 | ---- | M] (Piriform Ltd) -- C:\Users\Irina\Desktop\ccsetup312.exe [2011.11.16 17:12:03 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011.11.16 14:25:49 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Irina\Desktop\OTL.exe [2011.11.10 13:49:10 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\Citavi 3.lnk [2011.11.10 13:21:08 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF [2011.11.10 13:18:34 | 000,001,982 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2011.11.10 13:12:27 | 000,001,594 | ---- | M] () -- C:\Windows\VPNUnInstall.MIF [2011.11.09 17:53:26 | 000,000,968 | ---- | M] () -- C:\Users\Public\Desktop\LECTURNITY Player.lnk [2011.11.07 14:59:41 | 000,004,515 | ---- | M] () -- C:\Users\Irina\Documents\Begrüßung_ElsterOnline1.html [2011.10.31 12:44:30 | 000,003,636 | ---- | M] () -- C:\Users\Irina\Documents\Begrüßung_ElsterOnline1.pdf [2011.10.28 16:01:37 | 000,479,373 | ---- | M] () -- C:\Users\Irina\Documents\Sdroulia_Projektarbeit.pdf [2011.10.27 11:17:19 | 000,010,391 | ---- | M] () -- C:\Users\Irina\andreas_elster_2048.pfx [2011.10.25 09:55:35 | 000,156,175 | ---- | M] () -- C:\Users\Irina\Documents\CAVA_technical_data.pdf [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.11.20 11:05:26 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.18 09:10:49 | 000,076,731 | ---- | C] () -- C:\Users\Irina\Documents\AskInvoice.pdf [2011.11.17 12:00:23 | 000,000,841 | ---- | C] () -- C:\Users\Irina\Desktop\TeXnicCenter.lnk [2011.11.17 10:37:54 | 000,000,631 | ---- | C] () -- C:\Users\Irina\Desktop\MiKTeX 2.9 - Verknüpfung.lnk [2011.11.16 20:57:17 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl [2011.11.16 19:15:59 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.11.10 13:49:10 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\Citavi 3.lnk [2011.11.10 13:18:34 | 000,001,982 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2011.11.09 17:53:26 | 000,000,968 | ---- | C] () -- C:\Users\Public\Desktop\LECTURNITY Player.lnk [2011.11.02 19:34:13 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.11.01 19:28:51 | 000,479,373 | ---- | C] () -- C:\Users\Irina\Documents\Sdroulia_Projektarbeit.pdf [2011.10.31 12:44:30 | 000,003,636 | ---- | C] () -- C:\Users\Irina\Documents\Begrüßung_ElsterOnline1.pdf [2011.10.31 12:41:56 | 000,004,515 | ---- | C] () -- C:\Users\Irina\Documents\Begrüßung_ElsterOnline1.html [2011.10.27 11:17:04 | 000,010,391 | ---- | C] () -- C:\Users\Irina\andreas_elster_2048.pfx [2011.10.25 09:55:35 | 000,156,175 | ---- | C] () -- C:\Users\Irina\Documents\CAVA_technical_data.pdf [2011.08.12 15:40:57 | 000,000,183 | ---- | C] () -- C:\Users\Irina\AppData\Roaming\burnaware.ini [2011.07.28 09:14:48 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2011.05.09 19:05:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IPPCPUID.DLL [2011.05.09 19:03:27 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll [2011.05.09 19:00:08 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI [2011.04.02 20:18:32 | 000,028,672 | ---- | C] () -- C:\Windows\System32\NlsLexidons004c.dll [2010.07.27 08:18:28 | 000,017,408 | ---- | C] () -- C:\Users\Irina\AppData\Local\WebpageIcons.db [2010.03.23 13:26:48 | 000,201,512 | ---- | C] () -- C:\Windows\System32\vpnapi.dll [2010.03.07 17:00:48 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010.03.04 11:42:40 | 000,000,036 | ---- | C] () -- C:\Windows\System32\swk.ini [2010.03.02 20:49:36 | 000,007,887 | ---- | C] () -- C:\Users\Irina\AppData\Roaming\pcouffin.cat [2010.03.02 20:49:36 | 000,001,144 | ---- | C] () -- C:\Users\Irina\AppData\Roaming\pcouffin.inf [2010.02.28 14:24:16 | 000,000,125 | ---- | C] () -- C:\Users\Irina\AppData\Roaming\Broad Intelligenceprefs.xml [2010.01.06 10:58:42 | 000,085,504 | ---- | C] () -- C:\Users\Irina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.12.30 20:23:04 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.12.30 19:09:24 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.12.30 19:09:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.12.28 18:26:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.12.20 19:27:51 | 000,000,680 | ---- | C] () -- C:\Users\Irina\AppData\Local\d3d9caps.dat [2008.02.11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll [2008.02.11 19:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin [2008.02.11 19:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin [2008.02.11 19:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin [2006.12.09 03:54:38 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugg1l3.dll [2006.11.02 16:33:31 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 16:33:31 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,375,696 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.05.06 19:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll < End of report > |
|
23.11.2011, 12:17
| #32 |
| /// Malware-holic   | Nerviger Skriptfehler von startsear.ch sehr gut. noch probleme mit dem pc?
__________________
__________________ |
|
23.11.2011, 14:08
| #33 |
| | Nerviger Skriptfehler von startsear.ch Alles ist wieder gut, danke schön.
__________________ Das einzige, was, vermutlich, mit dem gelösten Problem nicht zusammenhängt, ist, dass die Suchanfragen und Seitenladen manchmal sehr langsam sind, aber das kommt nicht immer vor. |
|
23.11.2011, 15:20
| #34 |
| /// Malware-holic | Nerviger Skriptfehler von startsear.ch hast du noch nen zweiten pc im haushalt? tritt dort das problem auch auf?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
23.11.2011, 16:30
| #35 |
| | Nerviger Skriptfehler von startsear.ch nein, das ist das einzige Notebook. Ich hatte mal Besuch mit einem anderen laptop, daran funktionierte alles prima. Deshalb darf wohl nicht an der Verbindung liegen... |
|
23.11.2011, 16:35
| #36 |
| /// Malware-holic | Nerviger Skriptfehler von startsear.ch downloade: http://www.trojaner-board.de/82358-t...entfernen.html • Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan bitte das log posten nichts löschen
__________________ --> Nerviger Skriptfehler von startsear.ch |
|
23.11.2011, 19:28
| #37 |
| | Nerviger Skriptfehler von startsear.ch ich habe alles gemacht, wie empfohlen, das programm hat 2 sachen gefunden. Einmal unsigned file, Service: CVPNDRVA und einmal Locked file, Service: sptd. Ich konnte keine andere logdaatei finden. Sollte ich was im dropdown menü auswählen? |
|
23.11.2011, 19:40
| #38 |
| /// Malware-holic | Nerviger Skriptfehler von startsear.ch das log liegt direkt auf c: als kaspersky-datum.txt aber starte den tdss killer noch mal wie folgt. Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan lösche niths, nur log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
23.11.2011, 20:09
| #39 |
| | Nerviger Skriptfehler von startsear.ch 20:06:34.0037 1288 TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55 20:06:35.0836 1288 ============================================================ 20:06:35.0836 1288 Current date / time: 2011/11/23 20:06:35.0836 20:06:35.0836 1288 SystemInfo: 20:06:35.0836 1288 20:06:35.0836 1288 OS Version: 6.0.6002 ServicePack: 2.0 20:06:35.0836 1288 Product type: Workstation 20:06:35.0836 1288 ComputerName: IRINA-PC 20:06:35.0836 1288 UserName: Irina 20:06:35.0836 1288 Windows directory: C:\Windows 20:06:35.0837 1288 System windows directory: C:\Windows 20:06:35.0837 1288 Processor architecture: Intel x86 20:06:35.0837 1288 Number of processors: 2 20:06:35.0837 1288 Page size: 0x1000 20:06:35.0837 1288 Boot type: Normal boot 20:06:35.0837 1288 ============================================================ 20:06:36.0965 1288 Initialize success 20:06:48.0826 1624 ============================================================ 20:06:48.0827 1624 Scan started 20:06:48.0827 1624 Mode: Manual; SigCheck; TDLFS; 20:06:48.0827 1624 ============================================================ 20:06:50.0250 1624 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 20:06:50.0387 1624 ACPI - ok 20:06:50.0477 1624 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 20:06:50.0539 1624 adp94xx - ok 20:06:50.0647 1624 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 20:06:50.0665 1624 adpahci - ok 20:06:50.0737 1624 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 20:06:50.0752 1624 adpu160m - ok 20:06:50.0832 1624 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 20:06:50.0848 1624 adpu320 - ok 20:06:51.0000 1624 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 20:06:51.0024 1624 AFD - ok 20:06:51.0157 1624 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 20:06:51.0170 1624 agp440 - ok 20:06:51.0212 1624 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 20:06:51.0226 1624 aic78xx - ok 20:06:51.0260 1624 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 20:06:51.0273 1624 aliide - ok 20:06:51.0371 1624 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 20:06:51.0384 1624 amdagp - ok 20:06:51.0416 1624 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 20:06:51.0429 1624 amdide - ok 20:06:51.0470 1624 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 20:06:51.0539 1624 AmdK7 - ok 20:06:51.0638 1624 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 20:06:51.0695 1624 AmdK8 - ok 20:06:51.0862 1624 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 20:06:51.0876 1624 arc - ok 20:06:51.0915 1624 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 20:06:51.0928 1624 arcsas - ok 20:06:52.0059 1624 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 20:06:52.0095 1624 AsyncMac - ok 20:06:52.0139 1624 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 20:06:52.0154 1624 atapi - ok 20:06:52.0283 1624 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys 20:06:52.0343 1624 avgntflt - ok 20:06:52.0402 1624 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\Windows\system32\DRIVERS\avipbb.sys 20:06:52.0417 1624 avipbb - ok 20:06:52.0624 1624 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys 20:06:52.0636 1624 avkmgr - ok 20:06:52.0759 1624 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys 20:06:52.0794 1624 b57nd60x - ok 20:06:52.0933 1624 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 20:06:52.0966 1624 Beep - ok 20:06:53.0077 1624 blbdrive - ok 20:06:53.0142 1624 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 20:06:53.0164 1624 bowser - ok 20:06:53.0321 1624 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 20:06:53.0350 1624 BrFiltLo - ok 20:06:53.0389 1624 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 20:06:53.0415 1624 BrFiltUp - ok 20:06:53.0545 1624 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 20:06:53.0603 1624 Brserid - ok 20:06:53.0638 1624 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 20:06:53.0696 1624 BrSerWdm - ok 20:06:53.0727 1624 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 20:06:53.0784 1624 BrUsbMdm - ok 20:06:53.0886 1624 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 20:06:53.0942 1624 BrUsbSer - ok 20:06:54.0014 1624 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 20:06:54.0044 1624 BthEnum - ok 20:06:54.0160 1624 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys 20:06:54.0186 1624 BTHMODEM - ok 20:06:54.0255 1624 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 20:06:54.0288 1624 BthPan - ok 20:06:54.0423 1624 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 20:06:54.0453 1624 BTHPORT - ok 20:06:54.0603 1624 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 20:06:54.0621 1624 BTHUSB - ok 20:06:54.0761 1624 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 20:06:54.0795 1624 cdfs - ok 20:06:54.0848 1624 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 20:06:54.0875 1624 cdrom - ok 20:06:54.0994 1624 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 20:06:55.0027 1624 circlass - ok 20:06:55.0100 1624 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 20:06:55.0120 1624 CLFS - ok 20:06:55.0418 1624 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 20:06:55.0451 1624 CmBatt - ok 20:06:55.0525 1624 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 20:06:55.0538 1624 cmdide - ok 20:06:55.0584 1624 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 20:06:55.0598 1624 Compbatt - ok 20:06:55.0693 1624 cpuz132 - ok 20:06:55.0789 1624 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 20:06:55.0802 1624 crcdisk - ok 20:06:55.0848 1624 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 20:06:55.0905 1624 Crusoe - ok 20:06:56.0053 1624 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys 20:06:56.0078 1624 CVirtA - ok 20:06:56.0263 1624 CVPNDRVA (18994842386fd3039279d7865740abbd) C:\Windows\system32\Drivers\CVPNDRVA.sys 20:06:56.0272 1624 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning 20:06:56.0272 1624 CVPNDRVA - detected UnsignedFile.Multi.Generic (1) 20:06:56.0340 1624 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 20:06:56.0366 1624 DfsC - ok 20:06:56.0508 1624 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 20:06:56.0540 1624 disk - ok 20:06:56.0624 1624 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\Windows\system32\DRIVERS\dne2000.sys 20:06:56.0641 1624 DNE - ok 20:06:56.0763 1624 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 20:06:56.0789 1624 drmkaud - ok 20:06:56.0882 1624 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 20:06:56.0929 1624 DXGKrnl - ok 20:06:57.0056 1624 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 20:06:57.0115 1624 E1G60 - ok 20:06:57.0198 1624 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 20:06:57.0216 1624 Ecache - ok 20:06:57.0335 1624 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 20:06:57.0354 1624 elxstor - ok 20:06:57.0440 1624 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 20:06:57.0475 1624 exfat - ok 20:06:57.0589 1624 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 20:06:57.0618 1624 fastfat - ok 20:06:57.0675 1624 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 20:06:57.0733 1624 fdc - ok 20:06:57.0834 1624 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 20:06:57.0848 1624 FileInfo - ok 20:06:57.0907 1624 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 20:06:57.0941 1624 Filetrace - ok 20:06:57.0990 1624 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 20:06:58.0047 1624 flpydisk - ok 20:06:58.0191 1624 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 20:06:58.0210 1624 FltMgr - ok 20:06:58.0350 1624 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\Windows\system32\DRIVERS\fssfltr.sys 20:06:58.0365 1624 fssfltr - ok 20:06:58.0447 1624 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 20:06:58.0474 1624 Fs_Rec - ok 20:06:58.0579 1624 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 20:06:58.0593 1624 gagp30kx - ok 20:06:58.0678 1624 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 20:06:58.0699 1624 HdAudAddService - ok 20:06:58.0811 1624 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:06:58.0873 1624 HDAudBus - ok 20:06:58.0936 1624 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 20:06:58.0994 1624 HidBth - ok 20:06:59.0098 1624 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 20:06:59.0125 1624 HidIr - ok 20:06:59.0205 1624 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 20:06:59.0233 1624 HidUsb - ok 20:06:59.0330 1624 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 20:06:59.0343 1624 HpCISSs - ok 20:06:59.0417 1624 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 20:06:59.0452 1624 HSFHWAZL - ok 20:06:59.0577 1624 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 20:06:59.0636 1624 HSF_DPV - ok 20:06:59.0723 1624 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 20:06:59.0790 1624 HTTP - ok 20:06:59.0886 1624 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 20:06:59.0899 1624 i2omp - ok 20:06:59.0985 1624 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 20:07:00.0012 1624 i8042prt - ok 20:07:00.0128 1624 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 20:07:00.0145 1624 iaStorV - ok 20:07:00.0631 1624 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys 20:07:00.0707 1624 igfx - ok 20:07:00.0854 1624 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 20:07:00.0868 1624 iirsp - ok 20:07:00.0912 1624 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 20:07:00.0926 1624 intelide - ok 20:07:00.0975 1624 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 20:07:01.0010 1624 intelppm - ok 20:07:01.0141 1624 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:07:01.0174 1624 IpFilterDriver - ok 20:07:01.0195 1624 IpInIp - ok 20:07:01.0249 1624 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 20:07:01.0307 1624 IPMIDRV - ok 20:07:01.0505 1624 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 20:07:01.0539 1624 IPNAT - ok 20:07:01.0646 1624 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 20:07:01.0679 1624 IRENUM - ok 20:07:01.0733 1624 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 20:07:01.0746 1624 isapnp - ok 20:07:01.0859 1624 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 20:07:01.0878 1624 iScsiPrt - ok 20:07:01.0934 1624 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 20:07:01.0947 1624 iteatapi - ok 20:07:02.0036 1624 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 20:07:02.0049 1624 iteraid - ok 20:07:02.0090 1624 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 20:07:02.0105 1624 kbdclass - ok 20:07:02.0147 1624 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 20:07:02.0175 1624 kbdhid - ok 20:07:02.0299 1624 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 20:07:02.0349 1624 KSecDD - ok 20:07:02.0429 1624 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 20:07:02.0466 1624 lltdio - ok 20:07:02.0579 1624 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 20:07:02.0592 1624 LSI_FC - ok 20:07:02.0638 1624 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 20:07:02.0652 1624 LSI_SAS - ok 20:07:02.0771 1624 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 20:07:02.0784 1624 LSI_SCSI - ok 20:07:02.0843 1624 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 20:07:02.0877 1624 luafv - ok 20:07:02.0994 1624 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys 20:07:03.0008 1624 MBAMProtector - ok 20:07:03.0068 1624 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 20:07:03.0082 1624 megasas - ok 20:07:03.0227 1624 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 20:07:03.0261 1624 Modem - ok 20:07:03.0351 1624 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 20:07:03.0385 1624 monitor - ok 20:07:03.0499 1624 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 20:07:03.0513 1624 mouclass - ok 20:07:03.0548 1624 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 20:07:03.0582 1624 mouhid - ok 20:07:03.0685 1624 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 20:07:03.0699 1624 MountMgr - ok 20:07:03.0745 1624 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 20:07:03.0759 1624 mpio - ok 20:07:03.0871 1624 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 20:07:03.0899 1624 mpsdrv - ok 20:07:03.0956 1624 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 20:07:03.0970 1624 Mraid35x - ok 20:07:04.0089 1624 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 20:07:04.0109 1624 MRxDAV - ok 20:07:04.0160 1624 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:07:04.0189 1624 mrxsmb - ok 20:07:04.0293 1624 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:07:04.0314 1624 mrxsmb10 - ok 20:07:04.0385 1624 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:07:04.0404 1624 mrxsmb20 - ok 20:07:04.0446 1624 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys 20:07:04.0462 1624 msahci - ok 20:07:04.0565 1624 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 20:07:04.0580 1624 msdsm - ok 20:07:04.0625 1624 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 20:07:04.0659 1624 Msfs - ok 20:07:04.0725 1624 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 20:07:04.0739 1624 msisadrv - ok 20:07:04.0878 1624 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 20:07:04.0913 1624 MSKSSRV - ok 20:07:04.0977 1624 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 20:07:05.0010 1624 MSPCLOCK - ok 20:07:05.0104 1624 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 20:07:05.0139 1624 MSPQM - ok 20:07:05.0204 1624 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 20:07:05.0222 1624 MsRPC - ok 20:07:05.0274 1624 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 20:07:05.0289 1624 mssmbios - ok 20:07:05.0395 1624 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 20:07:05.0430 1624 MSTEE - ok 20:07:05.0493 1624 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 20:07:05.0509 1624 Mup - ok 20:07:05.0846 1624 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 20:07:05.0866 1624 NativeWifiP - ok 20:07:06.0019 1624 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 20:07:06.0058 1624 NDIS - ok 20:07:06.0264 1624 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 20:07:06.0291 1624 NdisTapi - ok 20:07:06.0335 1624 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 20:07:06.0368 1624 Ndisuio - ok 20:07:06.0493 1624 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 20:07:06.0521 1624 NdisWan - ok 20:07:06.0575 1624 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 20:07:06.0602 1624 NDProxy - ok 20:07:06.0734 1624 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 20:07:06.0767 1624 NetBIOS - ok 20:07:06.0820 1624 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 20:07:06.0848 1624 netbt - ok 20:07:07.0071 1624 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys 20:07:07.0164 1624 NETw3v32 - ok 20:07:07.0292 1624 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 20:07:07.0305 1624 nfrd960 - ok 20:07:07.0379 1624 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 20:07:07.0408 1624 Npfs - ok 20:07:07.0528 1624 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 20:07:07.0562 1624 nsiproxy - ok 20:07:07.0657 1624 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 20:07:07.0704 1624 Ntfs - ok 20:07:07.0838 1624 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 20:07:07.0895 1624 ntrigdigi - ok 20:07:07.0943 1624 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 20:07:07.0977 1624 Null - ok 20:07:08.0088 1624 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 20:07:08.0102 1624 nvraid - ok 20:07:08.0133 1624 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 20:07:08.0148 1624 nvstor - ok 20:07:08.0186 1624 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 20:07:08.0201 1624 nv_agp - ok 20:07:08.0288 1624 NwlnkFlt - ok 20:07:08.0308 1624 NwlnkFwd - ok 20:07:08.0368 1624 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 20:07:08.0397 1624 ohci1394 - ok 20:07:08.0541 1624 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 20:07:08.0599 1624 Parport - ok 20:07:08.0651 1624 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 20:07:08.0667 1624 partmgr - ok 20:07:08.0783 1624 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 20:07:08.0841 1624 Parvdm - ok 20:07:08.0893 1624 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 20:07:08.0912 1624 pci - ok 20:07:09.0008 1624 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys 20:07:09.0022 1624 pciide - ok 20:07:09.0057 1624 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 20:07:09.0073 1624 pcmcia - ok 20:07:09.0117 1624 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys 20:07:09.0143 1624 pcouffin - ok 20:07:09.0281 1624 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 20:07:09.0380 1624 PEAUTH - ok 20:07:09.0567 1624 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 20:07:09.0601 1624 PptpMiniport - ok 20:07:09.0642 1624 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 20:07:09.0700 1624 Processor - ok 20:07:09.0832 1624 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 20:07:09.0858 1624 PSched - ok 20:07:09.0952 1624 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 20:07:09.0993 1624 ql2300 - ok 20:07:10.0106 1624 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 20:07:10.0121 1624 ql40xx - ok 20:07:10.0173 1624 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 20:07:10.0190 1624 QWAVEdrv - ok 20:07:10.0296 1624 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 20:07:10.0329 1624 RasAcd - ok 20:07:10.0386 1624 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:07:10.0421 1624 Rasl2tp - ok 20:07:10.0535 1624 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 20:07:10.0562 1624 RasPppoe - ok 20:07:10.0630 1624 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 20:07:10.0648 1624 RasSstp - ok 20:07:10.0761 1624 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 20:07:10.0790 1624 rdbss - ok 20:07:11.0055 1624 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:07:11.0087 1624 RDPCDD - ok 20:07:11.0192 1624 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 20:07:11.0253 1624 rdpdr - ok 20:07:11.0313 1624 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 20:07:11.0346 1624 RDPENCDD - ok 20:07:11.0458 1624 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 20:07:11.0487 1624 RDPWD - ok 20:07:11.0560 1624 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 20:07:11.0588 1624 RFCOMM - ok 20:07:11.0688 1624 RimUsb - ok 20:07:11.0764 1624 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys 20:07:11.0787 1624 RimVSerPort - ok 20:07:11.0910 1624 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys 20:07:11.0937 1624 rismxdp - ok 20:07:12.0050 1624 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys 20:07:12.0084 1624 ROOTMODEM - ok 20:07:12.0146 1624 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 20:07:12.0180 1624 rspndr - ok 20:07:12.0308 1624 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 20:07:12.0322 1624 sbp2port - ok 20:07:12.0377 1624 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 20:07:12.0405 1624 sdbus - ok 20:07:12.0529 1624 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 20:07:12.0587 1624 secdrv - ok 20:07:12.0630 1624 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 20:07:12.0687 1624 Serenum - ok 20:07:12.0806 1624 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 20:07:12.0864 1624 Serial - ok 20:07:12.0909 1624 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 20:07:12.0943 1624 sermouse - ok 20:07:13.0079 1624 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 20:07:13.0106 1624 sffdisk - ok 20:07:13.0142 1624 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 20:07:13.0201 1624 sffp_mmc - ok 20:07:13.0323 1624 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 20:07:13.0350 1624 sffp_sd - ok 20:07:13.0397 1624 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 20:07:13.0455 1624 sfloppy - ok 20:07:13.0569 1624 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 20:07:13.0583 1624 sisagp - ok 20:07:13.0626 1624 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 20:07:13.0639 1624 SiSRaid2 - ok 20:07:13.0749 1624 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 20:07:13.0763 1624 SiSRaid4 - ok 20:07:13.0819 1624 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 20:07:13.0846 1624 Smb - ok 20:07:13.0905 1624 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 20:07:13.0920 1624 spldr - ok 20:07:14.0080 1624 sptd (a80cd850d69d996c832bea37e3a6aa1e) C:\Windows\system32\Drivers\sptd.sys 20:07:14.0080 1624 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: a80cd850d69d996c832bea37e3a6aa1e 20:07:14.0083 1624 sptd ( LockedFile.Multi.Generic ) - warning 20:07:14.0083 1624 sptd - detected LockedFile.Multi.Generic (1) 20:07:14.0216 1624 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 20:07:14.0249 1624 srv - ok 20:07:14.0362 1624 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 20:07:14.0392 1624 srv2 - ok 20:07:14.0424 1624 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 20:07:14.0443 1624 srvnet - ok 20:07:14.0558 1624 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 20:07:14.0569 1624 ssmdrv - ok 20:07:14.0617 1624 StarOpen - ok 20:07:14.0735 1624 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys 20:07:14.0762 1624 StillCam - ok 20:07:14.0824 1624 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 20:07:14.0838 1624 swenum - ok 20:07:14.0942 1624 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 20:07:14.0955 1624 Symc8xx - ok 20:07:14.0996 1624 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 20:07:15.0009 1624 Sym_hi - ok 20:07:15.0117 1624 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 20:07:15.0130 1624 Sym_u3 - ok 20:07:15.0246 1624 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys 20:07:15.0290 1624 Tcpip - ok 20:07:15.0415 1624 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys 20:07:15.0459 1624 Tcpip6 - ok 20:07:15.0511 1624 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 20:07:15.0542 1624 tcpipreg - ok 20:07:15.0653 1624 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 20:07:15.0687 1624 TDPIPE - ok 20:07:15.0736 1624 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 20:07:15.0770 1624 TDTCP - ok 20:07:15.0884 1624 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 20:07:15.0911 1624 tdx - ok 20:07:15.0962 1624 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 20:07:15.0980 1624 TermDD - ok 20:07:16.0253 1624 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:07:16.0287 1624 tssecsrv - ok 20:07:16.0361 1624 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 20:07:16.0388 1624 tunmp - ok 20:07:16.0485 1624 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 20:07:16.0503 1624 tunnel - ok 20:07:16.0573 1624 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 20:07:16.0587 1624 uagp35 - ok 20:07:16.0686 1624 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 20:07:16.0715 1624 udfs - ok 20:07:16.0793 1624 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 20:07:16.0807 1624 uliagpkx - ok 20:07:16.0888 1624 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 20:07:16.0905 1624 uliahci - ok 20:07:16.0951 1624 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 20:07:16.0966 1624 UlSata - ok 20:07:17.0040 1624 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 20:07:17.0055 1624 ulsata2 - ok 20:07:17.0136 1624 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 20:07:17.0169 1624 umbus - ok 20:07:17.0270 1624 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 20:07:17.0297 1624 usbccgp - ok 20:07:17.0380 1624 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 20:07:17.0439 1624 usbcir - ok 20:07:17.0539 1624 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 20:07:17.0566 1624 usbehci - ok 20:07:17.0646 1624 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 20:07:17.0674 1624 usbhub - ok 20:07:17.0748 1624 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 20:07:17.0807 1624 usbohci - ok 20:07:17.0895 1624 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 20:07:17.0928 1624 usbprint - ok 20:07:17.0983 1624 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 20:07:18.0010 1624 usbscan - ok 20:07:18.0082 1624 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:07:18.0109 1624 USBSTOR - ok 20:07:18.0284 1624 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 20:07:18.0311 1624 usbuhci - ok 20:07:18.0399 1624 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 20:07:18.0435 1624 usbvideo - ok 20:07:18.0533 1624 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 20:07:18.0590 1624 vga - ok 20:07:18.0661 1624 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 20:07:18.0695 1624 VgaSave - ok 20:07:18.0732 1624 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 20:07:18.0746 1624 viaagp - ok 20:07:18.0837 1624 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 20:07:18.0894 1624 ViaC7 - ok 20:07:18.0968 1624 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 20:07:18.0983 1624 viaide - ok 20:07:19.0067 1624 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 20:07:19.0081 1624 volmgr - ok 20:07:19.0149 1624 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 20:07:19.0170 1624 volmgrx - ok 20:07:19.0250 1624 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 20:07:19.0269 1624 volsnap - ok 20:07:19.0354 1624 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 20:07:19.0369 1624 vsmraid - ok 20:07:19.0451 1624 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 20:07:19.0508 1624 WacomPen - ok 20:07:19.0553 1624 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 20:07:19.0580 1624 Wanarp - ok 20:07:19.0594 1624 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 20:07:19.0622 1624 Wanarpv6 - ok 20:07:19.0721 1624 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 20:07:19.0735 1624 Wd - ok 20:07:19.0830 1624 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 20:07:19.0857 1624 Wdf01000 - ok 20:07:19.0971 1624 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 20:07:20.0020 1624 winachsf - ok 20:07:20.0094 1624 winbondcir (3fa87d56769838aac82fafc3e78fc732) C:\Windows\system32\DRIVERS\winbondcir.sys 20:07:20.0121 1624 winbondcir - ok 20:07:20.0260 1624 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:07:20.0286 1624 WmiAcpi - ok 20:07:20.0382 1624 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 20:07:20.0400 1624 WpdUsb - ok 20:07:20.0493 1624 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 20:07:20.0527 1624 ws2ifsl - ok 20:07:20.0649 1624 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:07:20.0683 1624 WUDFRd - ok 20:07:20.0751 1624 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 20:07:21.0955 1624 \Device\Harddisk0\DR0 - ok 20:07:21.0982 1624 Boot (0x1200) (8c8f2d03d2545ef9c4caa1f231bfe850) \Device\Harddisk0\DR0\Partition0 20:07:21.0983 1624 \Device\Harddisk0\DR0\Partition0 - ok 20:07:22.0005 1624 Boot (0x1200) (b240469af47ff1d70b2279a6219f9380) \Device\Harddisk0\DR0\Partition1 20:07:22.0007 1624 \Device\Harddisk0\DR0\Partition1 - ok 20:07:22.0007 1624 ============================================================ 20:07:22.0007 1624 Scan finished 20:07:22.0007 1624 ============================================================ 20:07:22.0020 0476 Detected object count: 2 20:07:22.0020 0476 Actual detected object count: 2 20:07:47.0365 0476 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user 20:07:47.0365 0476 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:07:47.0367 0476 sptd ( LockedFile.Multi.Generic ) - skipped by user 20:07:47.0367 0476 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 20:07:51.0416 3116 Deinitialize success |
|
23.11.2011, 20:13
| #40 |
| /// Malware-holic | Nerviger Skriptfehler von startsear.ch sieht auch in orndsieht auch ok aus. tritt das mit den langsamen ladezeiten häufig oder nur sporadisch auf?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
23.11.2011, 20:55
| #41 |
| | Nerviger Skriptfehler von startsear.ch leider ziemlich oft, besonders wenn man mit google sucht, da kommt auch manchmal keine Rückmeldung. |
|
23.11.2011, 21:02
| #42 |
| /// Malware-holic | Nerviger Skriptfehler von startsear.ch also der browser hängt sich auf? ist dasauch mit dem internet explorer so?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
23.11.2011, 21:05
| #43 |
| | Nerviger Skriptfehler von startsear.ch Ja, aber explorer ist irgendwie schneller, aber heute haben sich z.B mozilla und explorer beim googeln aufgehängt, musste mit yahoo suchen. Ich kann da wirklich keine Systematik feststellen, manchmal funktioniert der eine und der andere nicht und umgekehrt. |
|
23.11.2011, 21:07
| #44 |
| /// Malware-holic | Nerviger Skriptfehler von startsear.ch wer weis was du bei deinen streifzügen noch so eingefangen hast... start suchen tippe oder kopiere: diskmgmt.msc mache mir nen screenshot
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
23.11.2011, 21:17
| #45 |
| | Nerviger Skriptfehler von startsear.ch  |
|
| Themen zu Nerviger Skriptfehler von startsear.ch |
| bericht, bösartige, dateien, entfernt, explorer, fehler, files, hijack, hijack.startpage, hilfe!, hilfe!!, installiert, malwarebytes, microsoft, minute, nervige, not, schädling, schön, service, skriptfehler, software, spring, startsear.ch, system, version, verzeichnisse |
Linear-Darstellung
