| |
| |||||||
Log-Analyse und Auswertung: PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory CardsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
23.11.2011, 15:06
| #16 |
 |  PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Ein Programm lässt er mich nicht deinstallieren, jedes Mal wenn ich es über Systemsteuerung versuche geht Norton SONAR an und sagt, dass ein verdächtiges Programm (uninst1.exe) versucht hat auf meinen PC zuzugreifen und es aber entfernt wurde, wird auch im Verlauf angezeigt. |
|
23.11.2011, 15:10
| #17 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory CardsZitat:
__________________ |
|
23.11.2011, 15:19
| #18 |
| | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards All processes killed
__________________========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found. File C:\Program Files\Microsoft\BingBar\BingExt.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found. File C:\Program Files\Microsoft\BingBar\BingExt.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. C:\Windows\System32\acovcnt.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Steffie ->Temp folder emptied: 159095250 bytes ->Temporary Internet Files folder emptied: 35579428 bytes ->Apple Safari cache emptied: 186064896 bytes ->Flash cache emptied: 46492 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 629381 bytes RecycleBin emptied: 9485674 bytes Total Files Cleaned = 373,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.31.0 log created on 11232011_151059 Files\Folders moved on Reboot... File\Folder C:\Users\Steffie\AppData\Local\Temp\fe4yzsau.tmp\101162 - Praktikum Marketing Communications mit Schwerpunkt not found! Registry entries deleted on Reboot... |
|
23.11.2011, 19:02
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
23.11.2011, 19:30
| #20 |
| | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Danke, kann nach wie vor alle Dateien sehen. Ergebnis wie folgt: 19:21:44.0054 5024 TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55 19:21:45.0468 5024 ============================================================ 19:21:45.0468 5024 Current date / time: 2011/11/23 19:21:45.0468 19:21:45.0468 5024 SystemInfo: 19:21:45.0468 5024 19:21:45.0468 5024 OS Version: 6.0.6002 ServicePack: 2.0 19:21:45.0468 5024 Product type: Workstation 19:21:45.0468 5024 ComputerName: STEFFIE-PC 19:21:45.0468 5024 UserName: Steffie 19:21:45.0468 5024 Windows directory: C:\Windows 19:21:45.0468 5024 System windows directory: C:\Windows 19:21:45.0468 5024 Processor architecture: Intel x86 19:21:45.0468 5024 Number of processors: 2 19:21:45.0468 5024 Page size: 0x1000 19:21:45.0468 5024 Boot type: Normal boot 19:21:45.0468 5024 ============================================================ 19:21:46.0295 5024 Initialize success 19:25:01.0796 5720 ============================================================ 19:25:01.0796 5720 Scan started 19:25:01.0796 5720 Mode: Manual; SigCheck; TDLFS; 19:25:01.0796 5720 ============================================================ 19:25:02.0919 5720 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 19:25:03.0231 5720 ACPI - ok 19:25:03.0449 5720 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 19:25:03.0512 5720 adp94xx - ok 19:25:03.0730 5720 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 19:25:03.0777 5720 adpahci - ok 19:25:03.0917 5720 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 19:25:03.0980 5720 adpu160m - ok 19:25:04.0073 5720 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 19:25:04.0120 5720 adpu320 - ok 19:25:04.0370 5720 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 19:25:04.0510 5720 AFD - ok 19:25:04.0822 5720 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 19:25:04.0869 5720 agp440 - ok 19:25:05.0134 5720 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 19:25:05.0181 5720 aic78xx - ok 19:25:05.0353 5720 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 19:25:05.0399 5720 aliide - ok 19:25:05.0524 5720 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 19:25:05.0571 5720 amdagp - ok 19:25:05.0602 5720 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 19:25:05.0633 5720 amdide - ok 19:25:05.0821 5720 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 19:25:05.0992 5720 AmdK7 - ok 19:25:06.0101 5720 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 19:25:06.0429 5720 AmdK8 - ok 19:25:06.0710 5720 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 19:25:06.0741 5720 arc - ok 19:25:06.0991 5720 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 19:25:07.0037 5720 arcsas - ok 19:25:07.0240 5720 AsDsm (4385e371c25c94c804e9d3152bd9e1f7) C:\Windows\system32\drivers\AsDsm.sys 19:25:07.0365 5720 AsDsm - ok 19:25:07.0505 5720 ASMMAP (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys 19:25:07.0583 5720 ASMMAP - ok 19:25:07.0677 5720 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 19:25:07.0802 5720 AsyncMac - ok 19:25:08.0363 5720 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 19:25:08.0395 5720 atapi - ok 19:25:08.0613 5720 athr (44362605f5fff00c9b7696b47680a8c5) C:\Windows\system32\DRIVERS\athr.sys 19:25:08.0863 5720 athr - ok 19:25:09.0081 5720 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 19:25:09.0206 5720 Beep - ok 19:25:09.0861 5720 BHDrvx86 (9d14d76e4e7b9b2ead17149011db2b11) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20111114.002\BHDrvx86.sys 19:25:09.0955 5720 BHDrvx86 - ok 19:25:10.0126 5720 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 19:25:10.0235 5720 blbdrive - ok 19:25:10.0407 5720 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 19:25:10.0469 5720 bowser - ok 19:25:10.0610 5720 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 19:25:10.0688 5720 BrFiltLo - ok 19:25:10.0750 5720 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 19:25:10.0844 5720 BrFiltUp - ok 19:25:10.0969 5720 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 19:25:11.0218 5720 Brserid - ok 19:25:11.0405 5720 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 19:25:11.0577 5720 BrSerWdm - ok 19:25:11.0795 5720 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 19:25:11.0951 5720 BrUsbMdm - ok 19:25:12.0170 5720 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 19:25:12.0310 5720 BrUsbSer - ok 19:25:12.0482 5720 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 19:25:12.0622 5720 BTHMODEM - ok 19:25:12.0763 5720 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 19:25:12.0919 5720 cdfs - ok 19:25:13.0059 5720 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 19:25:13.0137 5720 cdrom - ok 19:25:13.0293 5720 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 19:25:13.0387 5720 circlass - ok 19:25:13.0449 5720 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 19:25:13.0511 5720 CLFS - ok 19:25:13.0652 5720 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 19:25:13.0745 5720 CmBatt - ok 19:25:13.0964 5720 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 19:25:14.0011 5720 cmdide - ok 19:25:14.0229 5720 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 19:25:14.0291 5720 Compbatt - ok 19:25:14.0572 5720 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 19:25:14.0603 5720 crcdisk - ok 19:25:14.0869 5720 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 19:25:14.0962 5720 Crusoe - ok 19:25:15.0134 5720 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 19:25:15.0212 5720 DfsC - ok 19:25:15.0383 5720 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 19:25:15.0430 5720 disk - ok 19:25:15.0836 5720 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 19:25:15.0961 5720 drmkaud - ok 19:25:16.0460 5720 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 19:25:16.0569 5720 DXGKrnl - ok 19:25:16.0709 5720 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 19:25:16.0787 5720 E1G60 - ok 19:25:16.0881 5720 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 19:25:16.0928 5720 Ecache - ok 19:25:17.0068 5720 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 19:25:17.0131 5720 eeCtrl - ok 19:25:17.0427 5720 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 19:25:17.0489 5720 elxstor - ok 19:25:17.0817 5720 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 19:25:17.0864 5720 EraserUtilRebootDrv - ok 19:25:18.0129 5720 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 19:25:18.0223 5720 ErrDev - ok 19:25:18.0613 5720 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 19:25:18.0706 5720 exfat - ok 19:25:19.0143 5720 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 19:25:19.0252 5720 fastfat - ok 19:25:19.0439 5720 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 19:25:19.0549 5720 fdc - ok 19:25:19.0845 5720 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 19:25:19.0876 5720 FileInfo - ok 19:25:20.0266 5720 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 19:25:20.0375 5720 Filetrace - ok 19:25:20.0781 5720 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 19:25:20.0890 5720 flpydisk - ok 19:25:21.0436 5720 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 19:25:21.0499 5720 FltMgr - ok 19:25:21.0686 5720 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\Windows\system32\DRIVERS\fssfltr.sys 19:25:21.0733 5720 fssfltr - ok 19:25:21.0811 5720 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 19:25:21.0920 5720 Fs_Rec - ok 19:25:22.0403 5720 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 19:25:22.0466 5720 gagp30kx - ok 19:25:22.0544 5720 ghaio (31b40f40e09513addc460f6a297ad474) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys 19:25:22.0591 5720 ghaio - ok 19:25:22.0793 5720 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 19:25:22.0965 5720 HdAudAddService - ok 19:25:23.0308 5720 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 19:25:23.0464 5720 HDAudBus - ok 19:25:23.0714 5720 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 19:25:23.0854 5720 HidBth - ok 19:25:24.0322 5720 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 19:25:24.0463 5720 HidIr - ok 19:25:24.0603 5720 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 19:25:24.0681 5720 HidUsb - ok 19:25:24.0728 5720 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 19:25:24.0759 5720 HpCISSs - ok 19:25:25.0009 5720 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 19:25:25.0118 5720 HTTP - ok 19:25:25.0367 5720 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 19:25:25.0414 5720 i2omp - ok 19:25:25.0570 5720 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 19:25:25.0664 5720 i8042prt - ok 19:25:25.0882 5720 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys 19:25:25.0929 5720 iaStor - ok 19:25:26.0147 5720 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 19:25:26.0210 5720 iaStorV - ok 19:25:26.0803 5720 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20111122.030\IDSvix86.sys 19:25:26.0896 5720 IDSVix86 - ok 19:25:27.0910 5720 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys 19:25:28.0082 5720 igfx - ok 19:25:28.0472 5720 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 19:25:28.0503 5720 iirsp - ok 19:25:28.0862 5720 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys 19:25:29.0174 5720 IntcAzAudAddService - ok 19:25:29.0392 5720 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 19:25:29.0439 5720 intelide - ok 19:25:29.0486 5720 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 19:25:29.0564 5720 intelppm - ok 19:25:29.0735 5720 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:25:29.0829 5720 IpFilterDriver - ok 19:25:30.0063 5720 IpInIp - ok 19:25:30.0453 5720 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 19:25:30.0547 5720 IPMIDRV - ok 19:25:30.0937 5720 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 19:25:31.0030 5720 IPNAT - ok 19:25:31.0124 5720 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 19:25:31.0217 5720 IRENUM - ok 19:25:31.0264 5720 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 19:25:31.0311 5720 isapnp - ok 19:25:31.0358 5720 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 19:25:31.0420 5720 iScsiPrt - ok 19:25:31.0514 5720 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 19:25:31.0561 5720 iteatapi - ok 19:25:31.0592 5720 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 19:25:31.0639 5720 iteraid - ok 19:25:31.0685 5720 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys 19:25:31.0763 5720 k750bus - ok 19:25:31.0857 5720 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 19:25:31.0904 5720 kbdclass - ok 19:25:31.0935 5720 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys 19:25:32.0029 5720 kbdhid - ok 19:25:32.0169 5720 kbfiltr (cc2a86d7bbf14977340dca61bbcba771) C:\Windows\system32\DRIVERS\kbfiltr.sys 19:25:32.0247 5720 kbfiltr - ok 19:25:32.0325 5720 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 19:25:32.0387 5720 KSecDD - ok 19:25:32.0621 5720 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 19:25:32.0715 5720 lltdio - ok 19:25:33.0121 5720 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 19:25:33.0183 5720 LSI_FC - ok 19:25:33.0464 5720 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 19:25:33.0511 5720 LSI_SAS - ok 19:25:33.0682 5720 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 19:25:33.0745 5720 LSI_SCSI - ok 19:25:33.0916 5720 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 19:25:34.0041 5720 luafv - ok 19:25:34.0322 5720 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys 19:25:34.0369 5720 MBAMProtector - ok 19:25:34.0540 5720 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 19:25:34.0618 5720 megasas - ok 19:25:34.0961 5720 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 19:25:35.0055 5720 MegaSR - ok 19:25:35.0445 5720 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 19:25:35.0554 5720 Modem - ok 19:25:35.0835 5720 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 19:25:35.0960 5720 monitor - ok 19:25:36.0163 5720 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 19:25:36.0209 5720 mouclass - ok 19:25:36.0381 5720 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 19:25:36.0475 5720 mouhid - ok 19:25:36.0724 5720 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 19:25:36.0771 5720 MountMgr - ok 19:25:36.0927 5720 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 19:25:36.0974 5720 mpio - ok 19:25:37.0005 5720 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 19:25:37.0067 5720 mpsdrv - ok 19:25:37.0177 5720 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 19:25:37.0208 5720 Mraid35x - ok 19:25:37.0255 5720 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 19:25:37.0348 5720 MRxDAV - ok 19:25:37.0379 5720 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:25:37.0457 5720 mrxsmb - ok 19:25:37.0567 5720 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:25:37.0645 5720 mrxsmb10 - ok 19:25:37.0691 5720 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:25:37.0754 5720 mrxsmb20 - ok 19:25:37.0847 5720 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 19:25:37.0894 5720 msahci - ok 19:25:37.0972 5720 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 19:25:38.0003 5720 msdsm - ok 19:25:38.0393 5720 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 19:25:38.0518 5720 Msfs - ok 19:25:38.0705 5720 MSHUSBVideo (5119ffc2a6b51089cdb0efdc75808c97) C:\Windows\system32\Drivers\nx6000.sys 19:25:38.0768 5720 MSHUSBVideo - ok 19:25:38.0830 5720 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 19:25:38.0861 5720 msisadrv - ok 19:25:39.0049 5720 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 19:25:39.0127 5720 MSKSSRV - ok 19:25:39.0158 5720 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 19:25:39.0251 5720 MSPCLOCK - ok 19:25:39.0439 5720 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 19:25:39.0548 5720 MSPQM - ok 19:25:39.0985 5720 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 19:25:40.0063 5720 MsRPC - ok 19:25:40.0718 5720 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 19:25:40.0811 5720 mssmbios - ok 19:25:41.0420 5720 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 19:25:41.0529 5720 MSTEE - ok 19:25:41.0701 5720 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys 19:25:41.0763 5720 MTsensor - ok 19:25:41.0825 5720 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 19:25:41.0888 5720 Mup - ok 19:25:42.0106 5720 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 19:25:42.0215 5720 NativeWifiP - ok 19:25:42.0496 5720 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111122.034\NAVENG.SYS 19:25:42.0559 5720 NAVENG - ok 19:25:42.0980 5720 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111122.034\NAVEX15.SYS 19:25:43.0136 5720 NAVEX15 - ok 19:25:43.0307 5720 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 19:25:43.0385 5720 NDIS - ok 19:25:43.0573 5720 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 19:25:43.0666 5720 NdisTapi - ok 19:25:43.0838 5720 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 19:25:43.0931 5720 Ndisuio - ok 19:25:44.0056 5720 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 19:25:44.0150 5720 NdisWan - ok 19:25:44.0384 5720 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 19:25:44.0477 5720 NDProxy - ok 19:25:44.0633 5720 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 19:25:44.0727 5720 NetBIOS - ok 19:25:44.0992 5720 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 19:25:45.0070 5720 netbt - ok 19:25:45.0273 5720 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 19:25:45.0335 5720 nfrd960 - ok 19:25:45.0460 5720 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 19:25:45.0569 5720 Npfs - ok 19:25:45.0679 5720 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 19:25:45.0788 5720 nsiproxy - ok 19:25:46.0053 5720 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 19:25:46.0287 5720 Ntfs - ok 19:25:46.0490 5720 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 19:25:46.0630 5720 ntrigdigi - ok 19:25:46.0771 5720 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 19:25:46.0864 5720 Null - ok 19:25:47.0020 5720 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 19:25:47.0067 5720 nvraid - ok 19:25:47.0145 5720 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 19:25:47.0176 5720 nvstor - ok 19:25:47.0301 5720 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 19:25:47.0363 5720 nv_agp - ok 19:25:47.0504 5720 NwlnkFlt - ok 19:25:47.0582 5720 NwlnkFwd - ok 19:25:47.0738 5720 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys 19:25:47.0831 5720 ohci1394 - ok 19:25:48.0019 5720 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 19:25:48.0175 5720 Parport - ok 19:25:48.0315 5720 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 19:25:48.0362 5720 partmgr - ok 19:25:48.0565 5720 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 19:25:48.0705 5720 Parvdm - ok 19:25:48.0892 5720 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 19:25:48.0939 5720 pci - ok 19:25:49.0157 5720 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 19:25:49.0204 5720 pciide - ok 19:25:49.0391 5720 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys 19:25:49.0454 5720 pcmcia - ok 19:25:49.0672 5720 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 19:25:49.0875 5720 PEAUTH - ok 19:25:50.0109 5720 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 19:25:50.0218 5720 PptpMiniport - ok 19:25:50.0515 5720 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 19:25:50.0593 5720 Processor - ok 19:25:50.0764 5720 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 19:25:50.0858 5720 PSched - ok 19:25:51.0232 5720 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 19:25:51.0373 5720 ql2300 - ok 19:25:51.0513 5720 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 19:25:51.0560 5720 ql40xx - ok 19:25:51.0716 5720 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 19:25:51.0809 5720 QWAVEdrv - ok 19:25:51.0965 5720 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 19:25:52.0043 5720 RasAcd - ok 19:25:52.0153 5720 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:25:52.0246 5720 Rasl2tp - ok 19:25:52.0324 5720 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 19:25:52.0402 5720 RasPppoe - ok 19:25:52.0527 5720 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 19:25:52.0589 5720 RasSstp - ok 19:25:52.0683 5720 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 19:25:52.0777 5720 rdbss - ok 19:25:52.0917 5720 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:25:53.0011 5720 RDPCDD - ok 19:25:53.0260 5720 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 19:25:53.0369 5720 rdpdr - ok 19:25:53.0479 5720 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 19:25:53.0619 5720 RDPENCDD - ok 19:25:53.0837 5720 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 19:25:53.0947 5720 RDPWD - ok 19:25:54.0149 5720 rimmptsk (c35ca13d3627ebd9dd12a23ce781bc3d) C:\Windows\system32\DRIVERS\rimmptsk.sys 19:25:54.0243 5720 rimmptsk - ok 19:25:54.0383 5720 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys 19:25:54.0477 5720 rimsptsk - ok 19:25:54.0742 5720 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 19:25:54.0836 5720 rspndr - ok 19:25:54.0976 5720 RTL8023xp (5c5612756b380bcedbf566a780ff9afe) C:\Windows\system32\DRIVERS\Rtnicxp.sys 19:25:55.0101 5720 RTL8023xp - ok 19:25:55.0257 5720 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 19:25:55.0335 5720 sbp2port - ok 19:25:55.0600 5720 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 19:25:55.0709 5720 sdbus - ok 19:25:55.0803 5720 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 19:25:55.0959 5720 secdrv - ok 19:25:56.0224 5720 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 19:25:56.0380 5720 Serenum - ok 19:25:56.0614 5720 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 19:25:56.0786 5720 Serial - ok 19:25:57.0051 5720 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 19:25:57.0176 5720 sermouse - ok 19:25:57.0347 5720 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 19:25:57.0425 5720 sffdisk - ok 19:25:57.0581 5720 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 19:25:57.0675 5720 sffp_mmc - ok 19:25:57.0784 5720 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 19:25:57.0862 5720 sffp_sd - ok 19:25:58.0018 5720 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys 19:25:58.0096 5720 sfloppy - ok 19:25:58.0377 5720 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 19:25:58.0424 5720 sisagp - ok 19:25:58.0627 5720 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 19:25:58.0673 5720 SiSRaid2 - ok 19:25:58.0736 5720 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 19:25:58.0798 5720 SiSRaid4 - ok 19:25:58.0954 5720 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 19:25:59.0032 5720 Smb - ok 19:25:59.0141 5720 smserial (34d634366fc57524f5932eaec40e4fcb) C:\Windows\system32\DRIVERS\smserial.sys 19:25:59.0266 5720 smserial - ok 19:25:59.0547 5720 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 19:25:59.0625 5720 spldr - ok 19:26:00.0077 5720 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\NAV\1206000.01D\SRTSP.SYS 19:26:00.0155 5720 SRTSP - ok 19:26:00.0545 5720 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\NAV\1206000.01D\SRTSPX.SYS 19:26:00.0592 5720 SRTSPX - ok 19:26:00.0857 5720 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 19:26:00.0935 5720 srv - ok 19:26:01.0169 5720 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 19:26:01.0263 5720 srv2 - ok 19:26:01.0435 5720 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 19:26:01.0513 5720 srvnet - ok 19:26:01.0653 5720 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 19:26:01.0715 5720 swenum - ok 19:26:01.0762 5720 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 19:26:01.0809 5720 Symc8xx - ok 19:26:01.0903 5720 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\NAV\1206000.01D\SYMDS.SYS 19:26:01.0965 5720 SymDS - ok 19:26:02.0199 5720 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\NAV\1206000.01D\SYMEFA.SYS 19:26:02.0277 5720 SymEFA - ok 19:26:02.0464 5720 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS 19:26:02.0527 5720 SymEvent - ok 19:26:02.0651 5720 SymIMMP - ok 19:26:02.0807 5720 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\NAV\1206000.01D\Ironx86.SYS 19:26:02.0854 5720 SymIRON - ok 19:26:03.0041 5720 SYMTDIv (5136f99a60ddbdeb1f6fd1eefc44407f) C:\Windows\System32\Drivers\NAV\1206000.01D\SYMTDIV.SYS 19:26:03.0104 5720 SYMTDIv - ok 19:26:03.0197 5720 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 19:26:03.0244 5720 Sym_hi - ok 19:26:03.0260 5720 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 19:26:03.0322 5720 Sym_u3 - ok 19:26:03.0353 5720 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys 19:26:03.0400 5720 SynTP - ok 19:26:03.0509 5720 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys 19:26:03.0650 5720 Tcpip - ok 19:26:03.0790 5720 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys 19:26:03.0962 5720 Tcpip6 - ok 19:26:04.0601 5720 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 19:26:04.0711 5720 tcpipreg - ok 19:26:04.0789 5720 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 19:26:04.0898 5720 TDPIPE - ok 19:26:05.0584 5720 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 19:26:05.0709 5720 TDTCP - ok 19:26:06.0489 5720 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 19:26:06.0614 5720 tdx - ok 19:26:06.0957 5720 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 19:26:07.0004 5720 TermDD - ok 19:26:07.0285 5720 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:26:07.0394 5720 tssecsrv - ok 19:26:07.0503 5720 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys 19:26:07.0550 5720 TuneUpUtilitiesDrv - ok 19:26:07.0659 5720 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 19:26:07.0768 5720 tunmp - ok 19:26:07.0924 5720 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 19:26:08.0002 5720 tunnel - ok 19:26:08.0252 5720 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 19:26:08.0330 5720 uagp35 - ok 19:26:08.0611 5720 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 19:26:08.0704 5720 udfs - ok 19:26:08.0891 5720 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 19:26:08.0954 5720 uliagpkx - ok 19:26:09.0266 5720 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 19:26:09.0328 5720 uliahci - ok 19:26:09.0515 5720 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 19:26:09.0593 5720 UlSata - ok 19:26:09.0734 5720 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 19:26:09.0796 5720 ulsata2 - ok 19:26:09.0952 5720 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 19:26:10.0046 5720 umbus - ok 19:26:10.0202 5720 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 19:26:10.0311 5720 usbaudio - ok 19:26:10.0420 5720 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 19:26:10.0514 5720 usbccgp - ok 19:26:10.0639 5720 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 19:26:10.0795 5720 usbcir - ok 19:26:10.0935 5720 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 19:26:11.0029 5720 usbehci - ok 19:26:11.0200 5720 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 19:26:11.0278 5720 usbhub - ok 19:26:11.0512 5720 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 19:26:11.0653 5720 usbohci - ok 19:26:11.0824 5720 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 19:26:11.0933 5720 usbprint - ok 19:26:12.0074 5720 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 19:26:12.0167 5720 usbscan - ok 19:26:12.0386 5720 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:26:12.0464 5720 USBSTOR - ok 19:26:12.0620 5720 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 19:26:12.0713 5720 usbuhci - ok 19:26:12.0869 5720 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 19:26:12.0979 5720 usbvideo - ok 19:26:13.0135 5720 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 19:26:13.0275 5720 vga - ok 19:26:13.0384 5720 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 19:26:13.0509 5720 VgaSave - ok 19:26:13.0665 5720 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 19:26:13.0727 5720 viaagp - ok 19:26:13.0899 5720 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 19:26:13.0993 5720 ViaC7 - ok 19:26:14.0149 5720 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 19:26:14.0211 5720 viaide - ok 19:26:14.0320 5720 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 19:26:14.0398 5720 volmgr - ok 19:26:14.0570 5720 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 19:26:14.0632 5720 volmgrx - ok 19:26:14.0757 5720 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 19:26:14.0835 5720 volsnap - ok 19:26:14.0975 5720 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 19:26:15.0053 5720 vsmraid - ok 19:26:15.0225 5720 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 19:26:15.0381 5720 WacomPen - ok 19:26:15.0521 5720 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 19:26:15.0615 5720 Wanarp - ok 19:26:15.0631 5720 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 19:26:15.0709 5720 Wanarpv6 - ok 19:26:15.0911 5720 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 19:26:15.0974 5720 Wd - ok 19:26:16.0114 5720 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 19:26:16.0192 5720 Wdf01000 - ok 19:26:16.0535 5720 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 19:26:16.0629 5720 WmiAcpi - ok 19:26:16.0816 5720 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 19:26:16.0910 5720 WpdUsb - ok 19:26:17.0159 5720 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 19:26:17.0269 5720 ws2ifsl - ok 19:26:17.0643 5720 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:26:17.0752 5720 WUDFRd - ok 19:26:17.0939 5720 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys 19:26:18.0095 5720 yukonwlh - ok 19:26:18.0220 5720 MBR (0x1B8) (64b1e91c5c6c2157642651010728f90f) \Device\Harddisk0\DR0 19:26:18.0829 5720 \Device\Harddisk0\DR0 - ok 19:26:18.0875 5720 Boot (0x1200) (3872a6a9d6cd9c5fe6d3dc80eb3403b1) \Device\Harddisk0\DR0\Partition0 19:26:18.0875 5720 \Device\Harddisk0\DR0\Partition0 - ok 19:26:18.0907 5720 Boot (0x1200) (d35b7a03f032133a01cbb8781bc26278) \Device\Harddisk0\DR0\Partition1 19:26:18.0907 5720 \Device\Harddisk0\DR0\Partition1 - ok 19:26:18.0922 5720 ============================================================ 19:26:18.0922 5720 Scan finished 19:26:18.0922 5720 ============================================================ 19:26:18.0938 1688 Detected object count: 0 19:26:18.0938 1688 Actual detected object count: 0 |
|
23.11.2011, 19:42
| #21 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ --> PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards |
|
24.11.2011, 08:26
| #22 |
| | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Combofix Logfile: Code:
ATTFilter ComboFix 11-11-23.01 - Steffie 23.11.2011 20:16:15.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3062.1578 [GMT 1:00]
ausgeführt von:: c:\users\Steffie\Desktop\ComboFix.exe
AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Norton AntiVirus *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\SiL
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-10-23 bis 2011-11-23 ))))))))))))))))))))))))))))))
.
.
2011-11-23 19:45 . 2011-11-23 19:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-23 14:15 . 2011-11-23 14:15 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-11-23 14:10 . 2011-11-23 14:10 -------- d-----w- C:\_OTL
2011-11-21 11:55 . 2011-11-21 11:55 -------- d-----w- c:\program files\ESET
2011-11-20 13:00 . 2011-11-20 13:00 -------- d-----w- c:\users\Steffie\AppData\Roaming\Malwarebytes
2011-11-20 13:00 . 2011-11-20 13:00 -------- d-----w- c:\programdata\Malwarebytes
2011-11-20 13:00 . 2011-11-20 13:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-20 13:00 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-20 12:33 . 2011-11-11 11:59 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-11-20 12:33 . 2011-11-11 11:59 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-11-20 12:32 . 2011-11-20 12:32 -------- d-----w- c:\users\Steffie\AppData\Roaming\TuneUp Software
2011-11-20 12:30 . 2011-11-20 12:33 -------- d-----w- c:\program files\TuneUp Utilities 2012
2011-11-20 12:28 . 2011-11-20 12:33 -------- d-----w- c:\programdata\TuneUp Software
2011-11-20 12:28 . 2011-11-20 12:28 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-11-17 20:28 . 2011-11-18 09:10 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-11-17 20:25 . 2011-11-18 10:16 -------- d-----w- c:\windows\system32\drivers\NAV
2011-11-17 20:25 . 2011-11-17 20:25 -------- d-----w- c:\program files\Norton AntiVirus
2011-11-15 17:37 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-15 17:22 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-15 17:22 . 2011-09-20 21:02 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-10-29 07:49 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-28 11:06 . 2011-10-28 11:06 -------- d-----w- c:\users\Steffie\{517fbef0-afaa-458b-9049-5228477d34c9}
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-30 23:06 . 2011-10-14 09:48 916480 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 23:02 . 2011-10-14 09:48 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:01 . 2011-10-14 09:48 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 23:01 . 2011-10-14 09:48 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 23:01 . 2011-10-14 09:48 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 22:07 . 2011-10-14 09:48 385024 ----a-w- c:\windows\system32\html.iec
2011-09-30 21:29 . 2011-10-14 09:48 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:28 . 2011-10-14 09:48 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-06 13:30 . 2011-10-14 09:48 2043392 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-18 7737344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-22 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-22 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-22 133656]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"SMSERIAL"="sm56hlpr.exe" [2005-05-26 544768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"WheelMouse"="c:\program files\OCZ Technology\Mouse\Amoumain.exe" [2006-12-28 196608]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-20 30576]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1206000.01D\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1206000.01D\SYMEFA.SYS [2011-03-15 744568]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20111114.002\BHDrvx86.sys [2011-11-14 819320]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20111122.030\IDSvix86.sys [2011-11-17 368248]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1206000.01D\Ironx86.SYS [2011-01-27 136312]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NAV\1206000.01D\SYMTDIV.SYS [2011-03-22 331384]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-02-19 554616]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-11-11 1510720]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-17 106104]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-11-08 10064]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 16805232
*Deregistered* - 16805232
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uInternet Settings,ProxyOverride = *.local
IE: &Citavi Picker... - file://c:\program files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-11-23 20:45
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
C:\ADSM_PData_0150
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Zeit der Fertigstellung: 2011-11-23 20:48:53
ComboFix-quarantined-files.txt 2011-11-23 19:48
.
Vor Suchlauf: 12 Verzeichnis(se), 53.599.338.496 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 53.548.666.880 Bytes frei
.
- - End Of File - - CF5498CB96007ABC70BFB27C2DD19E3C
|
|
24.11.2011, 10:44
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.11.2011, 16:27
| #24 |
| | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Ergebnisse aus GMER kommen schon mal hier: GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-11-24 16:23:51
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.BBFO
Running: bojxtq34.exe; Driver: C:\Users\Steffie\AppData\Local\Temp\ugrirfob.sys
---- System - GMER 1.0.15 ----
SSDT 87C44548 ZwAlertResumeThread
SSDT 87CC2E80 ZwAlertThread
SSDT 87C72578 ZwAllocateVirtualMemory
SSDT 87AB4A48 ZwAlpcConnectPort
SSDT 87CA5438 ZwAssignProcessToJobObject
SSDT 87C8A5B0 ZwCreateMutant
SSDT 87CA6D30 ZwCreateSymbolicLinkObject
SSDT 87C9A078 ZwCreateThread
SSDT 87C8AE10 ZwDebugActiveProcess
SSDT 87C72748 ZwDuplicateObject
SSDT 87C44D08 ZwFreeVirtualMemory
SSDT 87CA5310 ZwImpersonateAnonymousToken
SSDT 87CA56B8 ZwImpersonateThread
SSDT 87A5B3C0 ZwLoadDriver
SSDT 87C44C08 ZwMapViewOfSection
SSDT 87C44580 ZwOpenEvent
SSDT 87C9A800 ZwOpenProcess
SSDT 87C72668 ZwOpenProcessToken
SSDT 87CA6600 ZwOpenSection
SSDT 87C72838 ZwOpenThread
SSDT 87CA5ED8 ZwProtectVirtualMemory
SSDT 87C446A0 ZwResumeThread
SSDT 87C44668 ZwSetContextThread
SSDT 87C44A38 ZwSetInformationProcess
SSDT 87C9AE08 ZwSetSystemInformation
SSDT 87CA5E80 ZwSuspendProcess
SSDT 87C8A7D0 ZwSuspendThread
SSDT 87C9A158 ZwTerminateProcess
SSDT 87C44250 ZwTerminateThread
SSDT 87C44B28 ZwUnmapViewOfSection
SSDT 87C721B8 ZwWriteVirtualMemory
SSDT 87CA5D20 ZwCreateThreadEx
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 11D 822EA8A0 8 Bytes [48, 45, C4, 87, 80, 2E, CC, ...] {DEC EAX; INC EBP; LES EAX, DWORD [EDI-0x7833d180]}
.text ntkrnlpa.exe!KeSetEvent + 131 822EA8B4 4 Bytes [78, 25, C7, 87]
.text ntkrnlpa.exe!KeSetEvent + 13D 822EA8C0 4 Bytes [48, 4A, AB, 87]
.text ntkrnlpa.exe!KeSetEvent + 191 822EA914 4 Bytes [38, 54, CA, 87] {CMP [EDX+ECX*8-0x79], DL}
.text ntkrnlpa.exe!KeSetEvent + 1F5 822EA978 4 Bytes [B0, A5, C8, 87]
.text ...
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Files - GMER 1.0.15 ----
File C:\ADSM_PData_0150 0 bytes
File C:\ADSM_PData_0150\DB 0 bytes
File C:\ADSM_PData_0150\DB\SI.db 624 bytes
File C:\ADSM_PData_0150\DB\UL.db 16 bytes
File C:\ADSM_PData_0150\DB\VL.db 16 bytes
File C:\ADSM_PData_0150\DB\_avt 512 bytes
File C:\ADSM_PData_0150\DragWait.exe 253952 bytes executable
File C:\ADSM_PData_0150\_avt 512 bytes
File C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86 0 bytes
File C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\AsDsm.sys 29752 bytes executable
File C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\_avt 512 bytes
---- EOF - GMER 1.0.15 ----
OSAM folgt |
|
24.11.2011, 18:32
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Das Archiv muss auch VORHER komplett entpackt werden! WinRAR oder 7zip sind keine "öffner", sie führen die Anwendung nicht aus! Es ist auch eine ganz schlechte Angewohnheit Programme aus einem Archiv heraus anzuklicken!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.11.2011, 19:14
| #27 |
| | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Ich weiß aber nicht wie man etwas "entpackt" |
|
24.11.2011, 20:13
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory CardsZitat:
 http://uckanleitungen.de/7-zip/
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.11.2011, 09:43
| #29 |
| | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Also hier das Ergebnis aus OSAM, ich war allerdings nicht mit dem Internet verbunden, wäre das nötig gewesen? OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 Online Solutions. Complex Protection for Information Systems Saved at 08:58:03 on 25.11.2011 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Apple Inc. Safari 5.0.3 (7533.19.4) Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "ecsepm" - "Teleca Software Solutions AB" - C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\ecsepm.cpl "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ASMMAP" (ASMMAP) - ? - C:\Program Files\ATKGFNEX\ASMMAP.sys "BHDrvx86" (BHDrvx86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20111114.002\BHDrvx86.sys "catchme" (catchme) - ? - C:\Users\Steffie\AppData\Local\Temp\catchme.sys (File not found) "Data Security Manager Driver" (AsDsm) - "Windows (R) Codename Longhorn DDK provider" - C:\Windows\system32\drivers\AsDsm.sys "EraserUtilRebootDrv" (EraserUtilRebootDrv) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "ghaio" (ghaio) - ? - C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys (File found, but it contains no detailed information) "IDSVix86" (IDSVix86) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20111123.030\IDSvix86.sys "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "NAVENG" (NAVENG) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111123.036\NAVENG.SYS "NAVEX15" (NAVEX15) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111123.036\NAVEX15.SYS "Symantec Data Store" (SymDS) - "Symantec Corporation" - C:\Windows\System32\drivers\NAV\1206000.01D\SYMDS.SYS "Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys "Symantec Extended File Attributes" (SymEFA) - "Symantec Corporation" - C:\Windows\System32\drivers\NAV\1206000.01D\SYMEFA.SYS "Symantec Iron Driver" (SymIRON) - "Symantec Corporation" - C:\Windows\system32\drivers\NAV\1206000.01D\Ironx86.SYS "Symantec Real Time Storage Protection" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\NAV\1206000.01D\SRTSP.SYS "Symantec Real Time Storage Protection (PEL)" (SRTSPX) - "Symantec Corporation" - C:\Windows\system32\drivers\NAV\1206000.01D\SRTSPX.SYS "Symantec Vista Network Dispatch Driver" (SYMTDIv) - "Symantec Corporation" - C:\Windows\System32\Drivers\NAV\1206000.01D\SYMTDIV.SYS "SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT.SYS "SymIMMP" (SymIMMP) - ? - C:\Windows\System32\DRIVERS\SymIM.sys (File not found) "TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {A5110426-177D-4e08-AB3F-785F10B4439C} "Sony Ericsson Datei-Manager" - ? - (File not found | COM-object registry key not found) {4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2012\DseShExt-x86.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll {E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll {E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll {E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files\Windows Live\Companion\companioncore.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Click to call with Skype" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- 10 "10" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {6D53EC84-6AAE-4787-AEEE-F4628F01010C} "Symantec Intrusion Prevention" - "Symantec Corporation" - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Companion\companioncore.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Steffie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "WinZip Quick Pick.lnk" - "WinZip Computing, S.L." - C:\Program Files\WinZip\WZQKPICK.EXE (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "LightScribe Control Panel" - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "ATKOSD2" - ? - "C:\Program Files\ATKOSD2\ATKOSD2.exe" "LifeCam" - "Microsoft Corporation" - "C:\Program Files\Microsoft LifeCam\LifeExp.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "WheelMouse" - ? - C:\Program Files\OCZ Technology\Mouse\Amoumain.exe (File found, but it contains no detailed information) [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "ADSM Service" (ADSMService) - ? - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe "ASLDR Service" (ASLDRService) - ? - C:\Program Files\ATK Hotkey\ASLDRSrv.exe "ATKGFNEX Service" (ATKGFNEXSrv) - ? - C:\Program Files\ATKGFNEX\GFNEXSrv.exe "Automatisches LiveUpdate - Scheduler" (Automatisches LiveUpdate - Scheduler) - "Symantec Corporation" - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe "LiveUpdate" (LiveUpdate) - "Symantec Corporation" - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "MSCamSvc" (MSCamSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft LifeCam\MSCamS32.exe "Norton AntiVirus" (NAV) - "Symantec Corporation" - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "spmgr" (spmgr) - ? - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe "TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit Online Solutions :: Index Und hier aswMBR: aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-25 09:04:06 ----------------------------- 09:04:06.087 OS Version: Windows 6.0.6002 Service Pack 2 09:04:06.087 Number of processors: 2 586 0xF0D 09:04:06.087 ComputerName: STEFFIE-PC UserName: Steffie 09:04:07.101 Initialize success 09:05:44.192 AVAST engine defs: 11112401 09:06:20.608 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 09:06:20.608 Disk 0 Vendor: Hitachi_ BBFO Size: 238475MB BusType: 3 09:06:20.639 Disk 0 MBR read successfully 09:06:20.639 Disk 0 MBR scan 09:06:20.655 Disk 0 unknown MBR code 09:06:20.670 Disk 0 scanning sectors +488396800 09:06:20.764 Disk 0 scanning C:\Windows\system32\drivers 09:06:37.968 Service scanning 09:06:39.591 Modules scanning 09:06:48.871 Disk 0 trace - called modules: 09:06:48.903 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys 09:06:48.903 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86299240] 09:06:48.918 3 CLASSPNP.SYS[8adaa8b3] -> nt!IofCallDriver -> [0x84d7d648] 09:06:48.934 5 acpi.sys[806976bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84d83028] 09:06:49.667 AVAST engine scan C:\Windows 09:06:55.641 AVAST engine scan C:\Windows\system32 09:10:01.148 AVAST engine scan C:\Windows\system32\drivers 09:10:18.992 AVAST engine scan C:\Users\Steffie 09:33:39.006 AVAST engine scan C:\ProgramData 09:36:34.702 Scan finished successfully 09:38:32.739 Disk 0 MBR has been saved successfully to "C:\Users\Steffie\Desktop\MBR.dat" 09:38:32.755 The log file has been saved successfully to "C:\Users\Steffie\Desktop\aswMBR.txt" |
|
25.11.2011, 11:27
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards |
| antivirus, bho, bingbar, bonjour, browser, conduit, converter, desktop, dringend, error, excel, firefox, flash player, home, install.exe, installation, intrusion prevention, logfile, maßnahme, microsoft office word, mp3, office 2007, ordnerverknüpfungen, realtek, registry, scan, security, security update, shell32.dll, software, symantec, usb, version=1.0, virus, vista |
Linear-Darstellung
