Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Abnow versucht zu entfernen - Reste vorhanden?

Abnow versucht zu entfernen - Reste vorhanden?


Log-Analyse und Auswertung: Abnow versucht zu entfernen - Reste vorhanden?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 3 1 2 3
Alt 07.04.2012, 18:57   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Mit dem ntsvc müsste ich noch klären

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.04.2012, 20:43   #17
dumdididum
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Vielen Dank für deine Mühen (soll ich dir auch von der Freundin sagen) und schon einmal frohe Ostern

Also GMER hat ein bisschen gezickt, aber aller guten Dinge sind drei:
GMER:
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-04-07 20:57:29
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 FUJITSU_MJA2320BH_G2 rev.0084001C
Running: lgpr3wft.exe; Driver: C:\Users\******\AppData\Local\Temp\uxldrpoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKey + 13D1                                                                      82E45369 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                             82E7ED52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                    [74082437] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]               [74065600] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]              [740656BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                     [740824B2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]           [74078514] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]             [74074CC8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]            [7407506F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]           [74075144] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP]  [74076671] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]            [7407826B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]       [740787BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]     [7407901B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]           [7407E1BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[4024] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]               [74074BFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                            Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                            Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)

Device          \Driver\ACPI_HAL \Device\00000053                                                                  halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                             fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                             fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                             fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                             fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \FileSystem\MBAMProtector \Device\MBAMProtector                                                    AE1E7490

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001c7b2c43ab                        
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001c7b2c43ab (not active ControlSet)    

---- EOF - GMER 1.0.15 ----
OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:00:58 on 07.04.2012

OS: Windows 7  Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 11.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000Core.job" - "Google Inc." - C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000UA.job" - "Google Inc." - C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"QuickTime.cpl" - "Apple Computer, Inc." - C:\Windows\system32\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aswArKrn" (aswArKrn) - ? - C:\Users\******\AppData\Local\Temp\aswArKrn.sys  (File not found)
"catchme" (catchme) - ? - C:\Users\******\AppData\Local\Temp\catchme.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"NetLimiter Ndis Protocol Service" (NLNdisPT) - ? - C:\Windows\System32\DRIVERS\nlndis.sys  (File not found)
"NLNdisMP" (NLNdisMP) - ? - C:\Windows\System32\DRIVERS\nlndis.sys  (File not found)
"PSSDK42" (PSSDK42) - "microOLAP Technologies LTD" - C:\Windows\system32\Drivers\pssdk42.sys
"Realtek IR Driver" (RtsUIR) - ? - C:\Windows\System32\DRIVERS\Rts516xIR.sys  (File not found)
"Realtek Smartcard Reader Driver" (USBCCID) - ? - C:\Windows\System32\DRIVERS\RtsUCcid.sys  (File not found)
"TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
"USB2.0 PC Camera (SNP2UVC)" (SNP2UVC) - ? - C:\Windows\System32\DRIVERS\snp2uvc.sys
"uxldrpoc" (uxldrpoc) - ? - C:\Users\******\AppData\Local\Temp\uxldrpoc.sys  (Hidden registry entry, rootkit activity | File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{94586423-855F-4EB2-9F6A-D9DA5658DBE3} "Context menu" - ? - C:\PROGRA~1\FREEM4~1\m4a_menu.dll  (File found, but it contains no detailed information)
{0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} "CSendToContextMenu Object" - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\btmshell.dll
{D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll
{83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{862D80CE-A2A4-45D4-8008-7F40766F5FEA} "My Bluetooth" - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\btmshell.dll
{CF822AB4-6DB5-4FDA-BC28-E61DF36D2583} "PDF-XChange PDF Preview Provider" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{67EB453C-1BE1-48EC-AAF3-23B10277FCC1} "PDF-XChange PDF Property Handler" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{EBD0B8F4-A9A0-41B7-9695-030CD264D9C8} "PDF-XChange PDF Thumbnail Provider" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -   (File not found | COM-object registry key not found)
{4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
{2d3dd4c0-3bd7-11d2-821e-444553540000} "WdmidleDeviceShellExtension" - ? - c:\program files\lenovo\energy management\powcpl.dll  (File found, but it contains no detailed information)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "******ander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} "&NetWorx Desk Band" - "SoftPerfect Research" - C:\PROGRA~1\NetWorx\deskband.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Stardock ObjectDock.lnk" - "Stardock" - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Energy Management" - "Lenovo (Beijing) Limited" - C:\Program Files\Lenovo\Energy Management\Energy Management.exe
"EnergyUtility" - "Lenovo(beijing) Limited" - C:\Program Files\Lenovo\Energy Management\utility.exe
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"NetWorx" - "SoftPerfect Research" - "C:\Program Files\NetWorx\networx.exe" /auto
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"2wirepcp" (s117mgmt) - ? - C:\Windows\system32\enodpl.dll  (File not found)
"@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1" (TuneUp.Defrag) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
"A016obex" (HSFHWICH) - ? - C:\Windows\system32\imagedrv.dll  (File not found)
"Aawservice" (mi-raysat_3dsmax8) - ? - C:\Windows\system32\akshasp.dll  (File not found)
"Ac97intc" (npkcrypt) - ? - C:\Windows\system32\NETGEAR_MA111.dll  (File not found)
"Aclient" ({e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}) - ? - C:\Windows\system32\hpci.dll  (File not found)
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Adobeactivefilemonitor5.0" (ilicensesvc) - ? - C:\Windows\system32\FirePM.dll  (File not found)
"Adsservice" (MS1000) - ? - C:\Windows\system32\se2Bunic.dll  (File not found)
"Advantage" (WaveEnrollmentService) - ? - C:\Windows\system32\IPSECSHM.dll  (File not found)
"Aec" (TIEHDUSB) - ? - C:\Windows\system32\caboagp.dll  (File not found)
"AffinegyService" (adfs) - ? - C:\Windows\system32\adobeactivefilemonitor4.0.dll  (File not found)
"Amon" (rpsupdaterr) - ? - C:\Windows\system32\intcazaudaddservice.dll  (File not found)
"AN983" (se27nd5) - ? - C:\Windows\system32\rdnaoflsvc.dll  (File not found)
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"AppnApi" (fa_scheduler) - ? - C:\Windows\system32\usnjsvc.dll  (File not found)
"Aracpi" (pdiddcci) - ? - C:\Windows\system32\flashcomadmin.dll  (File not found)
"AsDsm" (AVCamUSB20) - ? - C:\Windows\system32\owstimer.dll  (File not found)
"Aslm75" (HssSrv) - ? - C:\Windows\system32\UpdateCenterService.dll  (File not found)
"AsusACPI" (haspnt) - ? - C:\Windows\system32\DVDRC.dll  (File not found)
"Atalk" (McciCMService) - ? - C:\Windows\system32\W55U01.dll  (File not found)
"Ati2mtaa" (vsdatant) - ? - C:\Windows\system32\S7oppilx.dll  (File not found)
"Backupclientsvc" (vmnetbridge) - ? - C:\Windows\system32\VAIOMediaPlatform-VideoServer-HTTP.dll  (File not found)
"Bantext" (regsrvc) - ? - C:\Windows\system32\mcp.dll  (File not found)
"Bb-run" (ssisvr32) - ? - C:\Windows\system32\nim32.dll  (File not found)
"BcmSqlStartupSvc" (zenos1) - ? - C:\Windows\system32\TMBUS.dll  (File not found)
"Bdss" (dladresn) - ? - C:\Windows\system32\hdaudbus.dll  (File not found)
"Besclient" (portmapper) - ? - C:\Windows\system32\asapiw2k.dll  (File not found)
"Bjmcmng" (srtspx) - ? - C:\Windows\system32\SunkFilt39.dll  (File not found)
"Blueservice" (areschatserver) - ? - C:\Windows\system32\cdvp.dll  (File not found)
"Bluetooth Device Manager" (Bluetooth Device Manager) - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
"Bluetooth Media Service" (Bluetooth Media Service) - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
"Bluetooth OBEX Service" (Bluetooth OBEX Service) - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
"Btwaudio" (ATKGFNEXSrv) - ? - C:\Windows\system32\ssm_mdm.dll  (File not found)
"Btwdndis" (RSAFAL) - ? - C:\Windows\system32\dpc_srv_webcast.dll  (File not found)
"CcmExec" (ZSMC211) - ? - C:\Windows\system32\NVR0Dev.dll  (File not found)
"CdaC15BA" (akshasp) - ? - C:\Windows\system32\fssfltr.dll  (File not found)
"Client32" (ndassvc) - ? - C:\Windows\system32\fdc.dll  (File not found)
"Cmigameport" (sonytvc) - ? - C:\Windows\system32\CdaD10BA.dll  (File not found)
"Cmuda3" (omniusb) - ? - C:\Windows\system32\hpdj.dll  (File not found)
"CnxTrUsb" (symwsc) - ? - C:\Windows\system32\WmUsbHid.dll  (File not found)
"Cpqarry2" (UPATC) - ? - C:\Windows\system32\adiusbaw.dll  (File not found)
"Cpqdmi" (beatjammusicstreamingserver) - ? - C:\Windows\system32\Udfreadr_xp.dll  (File not found)
"Ctxcpusched" (AVRec) - ? - C:\Windows\system32\ati2mpaa.dll  (File not found)
"CYGF32X" (lktimesync) - ? - C:\Windows\system32\tsp.dll  (File not found)
"D-link_st3402" (datunidr) - ? - C:\Windows\system32\CE3.dll  (File not found)
"Db2das00" (perc2hib) - ? - C:\Windows\system32\rdpwd.dll  (File not found)
"DcFpoint" (ixiaendpoint) - ? - C:\Windows\system32\ssidrv.dll  (File not found)
"Deltafw" (z800mgmt) - ? - C:\Windows\system32\procexp111.dll  (File not found)
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Drvmcdb" (AdfuUd) - ? - C:\Windows\system32\WmiAcpi.dll  (File not found)
"Dsproct" (el90xbc) - ? - C:\Windows\system32\termdd.dll  (File not found)
"Dtsagntsvc" (tpkmpsvc) - ? - C:\Windows\system32\emitray.dll  (File not found)
"Dwmrcs" (MobilityService) - ? - C:\Windows\system32\LKbdFlt2.dll  (File not found)
"Earthlinksafeconnectagent" (se44bus) - ? - C:\Windows\system32\osanbm.dll  (File not found)
"EIO_XP" (atirage3) - ? - C:\Windows\system32\s7oppitx.dll  (File not found)
"Eliservice" (hwpsgt) - ? - C:\Windows\system32\eaps2kbd.dll  (File not found)
"EMSCR" (eaps2kbd) - ? - C:\Windows\system32\qcmerced.dll  (File not found)
"EpmPsd" (qbreminderflash) - ? - C:\Windows\system32\oracledbconsoleorcl.dll  (File not found)
"Ersvc" (smrt) - ? - C:\Windows\system32\A88xXBar.dll  (File not found)
"Fetnd5bv" (passthru) - ? - C:\Windows\system32\w810mdm.dll  (File not found)
"FlexBios" (tvtnetwk) - ? - C:\Windows\system32\sysdown.dll  (File not found)
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"Fsaa" (iviVD) - ? - C:\Windows\system32\mcrdsvc.dll  (File not found)
"Ftsata2" (bdfdll) - ? - C:\Windows\system32\rsvp.dll  (File not found)
"GBDevice" (bdfsdrv) - ? - C:\Windows\system32\sfvfs02.dll  (File not found)
"Gernuwa" (cdaudio) - ? - C:\Windows\system32\C-Dilla.dll  (File not found)
"Gpc" (ltck000c) - ? - C:\Windows\system32\eventsystem.dll  (File not found)
"Grmnusb" (asc3550) - ? - C:\Windows\system32\irda.dll  (File not found)
"Gtndis5" (pxfhbus) - ? - C:\Windows\system32\pilogsrv.dll  (File not found)
"Gv3" (sysmgmthp) - ? - C:\Windows\system32\STV680m.dll  (File not found)
"GV600_4" (cwafeventrouter) - ? - C:\Windows\system32\FVXSCSI.dll  (File not found)
"HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
"I2omgmt" (cdr4_2k) - ? - C:\Windows\system32\apphostsvc.dll  (File not found)
"Ibmcicstransactiongateway" (cvspydr2) - ? - C:\Windows\system32\NWSAP.dll  (File not found)
"IBMTPCHK" (naveng) - ? - C:\Windows\system32\wintabservice.dll  (File not found)
"Inspect" (oracledbconsoleorcl) - ? - C:\Windows\system32\aaksrv.dll  (File not found)
"Int15.sys" (netsvc) - ? - C:\Windows\system32\sermouse.dll  (File not found)
"IOSLINK" (cmuda3) - ? - C:\Windows\system32\redbook.dll  (File not found)
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"Irsir" (CdaD10BA) - ? - C:\Windows\system32\sandboxu.dll  (File not found)
"ISMBIOS" (truecrypt) - ? - C:\Windows\system32\ctdvda2k.dll  (File not found)
"Ivscheduler" (zpcache) - ? - C:\Windows\system32\igfx.dll  (File not found)
"Kbfiltr" (MMRTKRNL) - ? - C:\Windows\system32\symfw.dll  (File not found)
"Kraidsvc" (scsiaccess) - ? - C:\Windows\system32\sysenforce.dll  (File not found)
"LC7981" (vmodem) - ? - C:\Windows\system32\tdrpman.dll  (File not found)
"Lckfldservice" (mpfservice) - ? - C:\Windows\system32\db2remotecmd.dll  (File not found)
"Lemsgt" (w810mdfl) - ? - C:\Windows\system32\iPassPeriodicUpdateService.dll  (File not found)
"LoopBeMidi1" (vetfddnt) - ? - C:\Windows\system32\dnwhodisp.dll  (File not found)
"Lsdiorw" (WIBUKEY) - ? - C:\Windows\system32\intelppm.dll  (File not found)
"LUsbFilt" (pdlnecfg) - ? - C:\Windows\system32\snpstd2.dll  (File not found)
"Lvpr2mon" (Ncrc710) - ? - C:\Windows\system32\vpctcom.dll  (File not found)
"Lvtuner" (se45mdm) - ? - C:\Windows\system32\GVCplDrv.dll  (File not found)
"Lxcz_device" (vc8secs) - ? - C:\Windows\system32\AEAudioService.dll  (File not found)
"Lxrjd31s" (USRpdA) - ? - C:\Windows\system32\rdpcdd.dll  (File not found)
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Mcmispupdmgr" (pdreli) - ? - C:\Windows\system32\Cam5603C.dll  (File not found)
"Mcontrol" (tfsnifs) - ? - C:\Windows\system32\procexp90.dll  (File not found)
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Mindrepair" (ntsyslog) - ? - C:\Windows\system32\ndiscm.dll  (File not found)
"MKEMUSB" (scramby) - ? - C:\Windows\system32\SiSGbeXP.dll  (File not found)
"MRESP50a64" (Slpsvdr) - ? - C:\Windows\system32\SE27mgmt.dll  (File not found)
"Msloop" (nisum) - ? - C:\Windows\system32\USB_RNDIS.dll  (File not found)
"Mssql$pinnaclesys" (wmccdsls) - ? - C:\Windows\system32\klblmain.dll  (File not found)
"Mssql$soshome22" (inport) - ? - C:\Windows\system32\ncupdatesvc.dll  (File not found)
"Mssqlserverolapservice" (HSFHWALI) - ? - C:\Windows\system32\pacsptisvr.dll  (File not found)
"Mysql" (mcpromgr) - ? - C:\Windows\system32\AVWLP_USB.dll  (File not found)
"NAL" (sansaservice) - ? - C:\Windows\system32\SecureStorageService.dll  (File not found)
"Navex15" (nv) - ? - C:\Windows\system32\z800mdm.dll  (File not found)
"Nchssvad" (ccproxy) - ? - C:\Windows\system32\eSettingsService.dll  (File not found)
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"NetMsmqActivator" (slapd-config52) - ? - C:\Windows\system32\usbio.dll  (File not found)
"Ngdbserv" (BrSerIf) - ? - C:\Windows\system32\cachemanxp.dll  (File not found)
"Nicser_wmp11" (s125bus) - ? - C:\Windows\system32\DELL_A02.dll  (File not found)
"NICSer_WPC54G" (vet-rec) - ? - C:\Windows\system32\wpshelper.dll  (File not found)
"Ni_nic" (WinFl32) - ? - C:\Windows\system32\savrtpel.dll  (File not found)
"Npkcsvc" (as32svc) - ? - C:\Windows\system32\sgectl.dll  (File not found)
"Npkcusb" (symc8xx) - ? - C:\Windows\system32\DSXUSB.dll  (File not found)
"Nsvclog" (oracleorahomeagent) - ? - C:\Windows\system32\LHidFilt.dll  (File not found)
"Nvstor64" (hsxhwazl) - ? - C:\Windows\system32\aolservice.dll  (File not found)
"NVTCP" (PTDCMdm) - ? - C:\Windows\system32\CdaC15BA.dll  (File not found)
"NWDHCP" (ROOTUSB) - ? - C:\Windows\system32\cwafrmiregistry.dll  (File not found)
"NxNetMon" (evteng) - ? - C:\Windows\system32\dlaudfam.dll  (File not found)
"Obvious" (DevUpper) - ? - C:\Windows\system32\IFP700.dll  (File not found)
"Odclientservice" (se58mdfl) - ? - C:\Windows\system32\epson_pm_rpcv2_01.dll  (File not found)
"Omniusbl" (ati2mtaa) - ? - C:\Windows\system32\usbhub.dll  (File not found)
"Oracle_load_balancer_60_client-forms6ip14" (symidsco) - ? - C:\Windows\system32\zdeviceservice.dll  (File not found)
"P1131vid" (lirsgt) - ? - C:\Windows\system32\SRVLOC.dll  (File not found)
"Pdlndldl" (T6963C) - ? - C:\Windows\system32\starwindservice.dll  (File not found)
"Pelmouse" (MRESP50) - ? - C:\Windows\system32\srescan.dll  (File not found)
"Perc2" (inotask) - ? - C:\Windows\system32\modemcsa.dll  (File not found)
"Pfc" (wanatw) - ? - C:\Windows\system32\atierecord.dll  (File not found)
"Pgsql-8.0" (LVRS) - ? - C:\Windows\system32\dptrackerd.dll  (File not found)
"Phc600" (MREMP50a64) - ? - C:\Windows\system32\VirtualCam.dll  (File not found)
"Pivot" (SE2Bmdfl) - ? - C:\Windows\system32\hpconfig.dll  (File not found)
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"Prevxagent" (sandboxu) - ? - C:\Windows\system32\nimdbgk.dll  (File not found)
"ProcObsrv" (G400DH) - ? - C:\Windows\system32\pcscnsrv.dll  (File not found)
"Prohlp02" (tmactmon) - ? - C:\Windows\system32\sptisrv.dll  (File not found)
"Protexislicensing" (netw4x32) - ? - C:\Windows\system32\com4qlb.dll  (File not found)
"Proxyhostmirrordisplay" (BrScnUsb) - ? - C:\Windows\system32\ZDCNDIS5.dll  (File not found)
"Psdistributionagent" (XBCD) - ? - C:\Windows\system32\LVPrcMon.dll  (File not found)
"PSSdk21" (dlbu_device) - ? - C:\Windows\system32\CADlink.dll  (File not found)
"PTDCVsp" (imagesrv) - ? - C:\Windows\system32\netdde.dll  (File not found)
"Ptilink" (asp.net) - ? - C:\Windows\system32\GTPTSER.dll  (File not found)
"Pxfhmdfl" (sit_mdm) - ? - C:\Windows\system32\mouhid.dll  (File not found)
"R300" (SSHDRV61) - ? - C:\Windows\system32\rca.dll  (File not found)
"Radiosvr" (lxcc_device) - ? - C:\Windows\system32\retrowdsvc.dll  (File not found)
"Retrolauncher" (dphost) - ? - C:\Windows\system32\Dfs.dll  (File not found)
"ROCKEYNT" (netddedsdm) - ? - C:\Windows\system32\tfsndrct.dll  (File not found)
"Rpcnet" (SE26mgmt) - ? - C:\Windows\system32\aspi32.dll  (File not found)
"RR2Vbi" (smcirda) - ? - C:\Windows\system32\crystalinputfileserver.dll  (File not found)
"Rt61" (BCMModem) - ? - C:\Windows\system32\nalntservice.dll  (File not found)
"Rtm" (PID_08A0) - ? - C:\Windows\system32\BVRPMPR5.dll  (File not found)
"S217nd5" (OEM02Vfx) - ? - C:\Windows\system32\webrootenterpriseclientservice.dll  (File not found)
"S7oppilx" (winachsf) - ? - C:\Windows\system32\sfsync02.dll  (File not found)
"SaiMini" (MRESP50a64) - ? - C:\Windows\system32\EPOWER.dll  (File not found)
"ScFBPNT3" (streamip) - ? - C:\Windows\system32\s125bus.dll  (File not found)
"Screadspool" (puscsrvc) - ? - C:\Windows\system32\backupexecagentbrowser.dll  (File not found)
"SE27mdm" (prismxl) - ? - C:\Windows\system32\iaimfp1.dll  (File not found)
"SE2Dobex" (intelroam) - ? - C:\Windows\system32\retroexplauncher.dll  (File not found)
"Senfilt" (TuneUp.ProgramStatisticsSvc) - ? - C:\Windows\system32\harmony.dll  (File not found)
"Sfsync04" (cwafnotesservice) - ? - C:\Windows\system32\ehrecvr.dll  (File not found)
"SGHIDI" (mhn) - ? - C:\Windows\system32\Fd16_700.dll  (File not found)
"Sk99202k" (NSSvcMgr) - ? - C:\Windows\system32\cdralw2k.dll  (File not found)
"SlNtHal" (ctxcpusched) - ? - C:\Windows\system32\SrvcEPECioctl.dll  (File not found)
"Sonypvu1" (Ndismeetro) - ? - C:\Windows\system32\oraclewebassistant.dll  (File not found)
"Sprtsvc_ddoctorv2" (mraid35x) - ? - C:\Windows\system32\CnxTrLan.dll  (File not found)
"SQLAgent$LG_LP2" (netmdsb) - ? - C:\Windows\system32\elockservice.dll  (File not found)
"Ssm_bus" (hdthermal) - ? - C:\Windows\system32\nscirda.dll  (File not found)
"StkScan" (pxfhserd) - ? - C:\Windows\system32\cfsvcs.dll  (File not found)
"Streamloadservice" (tlntsvr) - ? - C:\Windows\system32\wmdmpmsn.dll  (File not found)
"Svv" (tavsvc) - ? - C:\Windows\system32\nwlnkspx.dll  (File not found)
"Symndis" (elbydelay) - ? - C:\Windows\system32\issimon.dll  (File not found)
"Szkg" (yats32) - ? - C:\Windows\system32\w810bus.dll  (File not found)
"TeamViewer 5" (TeamViewer5) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
"Tifm" (DKbFltr) - ? - C:\Windows\system32\cdrbsdrv.dll  (File not found)
"Tmlisten" (USB_NDIS_51) - ? - C:\Windows\system32\UimBus.dll  (File not found)
"Tng-dtmg" (iaimfp3) - ? - C:\Windows\system32\DCFS2K.dll  (File not found)
"Toshidpt" (aeaudio) - ? - C:\Windows\system32\se2Dunic.dll  (File not found)
"Tosrfsnd" (sfusvc) - ? - C:\Windows\system32\filterservice.dll  (File not found)
"TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
"TuneUp.ProgramStatisticsSvc" (s217bus) - ? - C:\Windows\system32\pnmsrv.dll  (File not found)
"UCTblHid" (winvnc) - ? - C:\Windows\system32\FTSER2K.dll  (File not found)
"Ufad-ws60" (issimon) - ? - C:\Windows\system32\rtl8187Se.dll  (File not found)
"UMAXPCLS" (ipassconnectengine) - ? - C:\Windows\system32\RMSvc.dll  (File not found)
"Umpusbxp" (snpstd) - ? - C:\Windows\system32\sonicstagemonitoring.dll  (File not found)
"USB11LDR" (tfsnpool) - ? - C:\Windows\system32\EL2000.dll  (File not found)
"USBMN1X1" (symantecantibotagent) - ? - C:\Windows\system32\_iomega_active_disk_service_.dll  (File not found)
"Usbsermptxp" (wstcodec) - ? - C:\Windows\system32\dmio.dll  (File not found)
"Useraccess7" (hcf_msft) - ? - C:\Windows\system32\messenger.dll  (File not found)
"USR1806V" (NetwareWorkstation) - ? - C:\Windows\system32\s3savagenb.dll  (File not found)
"V0070VID" (SE27mdfl) - ? - C:\Windows\system32\ossrv.dll  (File not found)
"VAIOMediaPlatform-PhotoServer-HTTP" (eliservice) - ? - C:\Windows\system32\webrootadminconsole.dll  (File not found)
"VICESYS" (streamloadservice) - ? - C:\Windows\system32\StkAMini.dll  (File not found)
"VirtualFD" (slee_81_service) - ? - C:\Windows\system32\Defrag32b.dll  (File not found)
"Vmkbd2" (konfig) - ? - C:\Windows\system32\pchost.dll  (File not found)
"Vrmonsvc" (genregistrar) - ? - C:\Windows\system32\meiudf.dll  (File not found)
"W550mdm" (lvprcsrv) - ? - C:\Windows\system32\BrScnUsb.dll  (File not found)
"W700mdm" (mlkkbdntdriver) - ? - C:\Windows\system32\getPlusHelper.dll  (File not found)
"W8100PCI" (zendcoreapache) - ? - C:\Windows\system32\pcampr5.dll  (File not found)
"Wap3gx" (UimBus) - ? - C:\Windows\system32\BootScreen.dll  (File not found)
"Was" (vaiomediaplatform-videoserver-appserver) - ? - C:\Windows\system32\datasvr.dll  (File not found)
"Websenseclientdeployservice" (TcUsb) - ? - C:\Windows\system32\rtl8139.dll  (File not found)
"Wfxsvc" (USB28xxBGA) - ? - C:\Windows\system32\pivot.dll  (File not found)
"WimFltr" (elnkfwppservice) - ? - C:\Windows\system32\SNMPTRAP.dll  (File not found)
"Winachcf" (SABProcEnum) - ? - C:\Windows\system32\asapiw2k.dll  (File not found)
"Winpowerrmi" (pdscheduler) - ? - C:\Windows\system32\NETMDUSB.dll  (File not found)
"Winvnc" (klblmain) - ? - C:\Windows\system32\usbsermpt.dll  (File not found)
"Winvnc4" (btaudio) - ? - C:\Windows\system32\winvnc4.dll  (File not found)
"Wmdmpmsp" (viairda) - ? - C:\Windows\system32\avg7core.dll  (File not found)
"WNCPKT" (cxlpt) - ? - C:\Windows\system32\TuneUp.Defrag.dll  (File not found)
"WNIPROT5" (jconfigd) - ? - C:\Windows\system32\TMBMServer.dll  (File not found)
"Wpsnuio" (stirusb) - ? - C:\Windows\system32\sweepsrv.sys.dll  (File not found)
"WUSB54Gv4SVC" (idebusdr) - ? - C:\Windows\system32\cmdagent.dll  (File not found)
"Z525mdm" (websensewfreportserver) - ? - C:\Windows\system32\HBtnKey.dll  (File not found)
"Zppinger" (ONSIO) - ? - C:\Windows\system32\omsad.dll  (File not found)
"Zunenetworksvc" (pxfhmdm) - ? - C:\Windows\system32\se44bus.dll  (File not found)
"{85ccb53b-23d8-4e73-b1b7-9ddb71827d9b}" (MSIRCOMM) - ? - C:\Windows\system32\webcompserver.dll  (File not found)
"{95808DC4-FA4A-4c74-92FE-5B863F82066B}" (mwsejcap) - ? - C:\Windows\system32\PTDCMdm.dll  (File not found)

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
Zuletzt Avast:
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-07 21:05:05
-----------------------------
21:05:05.594    OS Version: Windows 6.1.7601 Service Pack 1
21:05:05.594    Number of processors: 2 586 0x170A
21:05:05.594    ComputerName: ALAPEX  UserName: ******
21:05:06.826    Initialize success
21:06:39.865    AVAST engine defs: 12040701
21:07:16.510    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:07:16.510    Disk 0 Vendor: FUJITSU_MJA2320BH_G2 0084001C Size: 305245MB BusType: 11
21:07:16.604    Disk 0 MBR read successfully
21:07:16.604    Disk 0 MBR scan
21:07:16.604    Disk 0 Windows 7 default MBR code
21:07:16.619    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
21:07:16.635    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       284903 MB offset 206848
21:07:16.650    Disk 0 Partition - 00     0F Extended LBA              5130 MB offset 583689645
21:07:16.682    Disk 0 Partition 3 00     12  Compaq diag NTFS        15109 MB offset 594198528
21:07:16.822    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS         5122 MB offset 583705710
21:07:16.869    Disk 0 scanning sectors +625142448
21:07:17.040    Disk 0 scanning C:\Windows\system32\drivers
21:07:44.341    Service scanning
21:08:28.272    Modules scanning
21:08:48.271    Disk 0 trace - called modules:
21:08:48.302    ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys 
21:08:48.302    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8613c7b8]
21:08:48.318    3 CLASSPNP.SYS[8b00459e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85c79338]
21:08:49.425    AVAST engine scan C:\Windows
21:08:53.060    AVAST engine scan C:\Windows\system32
21:11:43.915    AVAST engine scan C:\Windows\system32\drivers
21:11:57.627    AVAST engine scan C:\Users\******
21:25:39.585    AVAST engine scan C:\ProgramData
21:26:02.033    Scan finished successfully
21:26:17.181    Disk 0 MBR has been saved successfully to "C:\Users\******\Desktop\MBR.dat"
21:26:17.181    The log file has been saved successfully to "C:\Users\******\Desktop\aswMBR.txt"
__________________
Alt 08.04.2012, 16:18   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Das mit netsvc versuch ich noch zu klären

Mach bitte erstmal zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
__________________
Alt 08.04.2012, 18:17   #19
dumdididum
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Mann, mann, mann.. selbst am Feiertag aktiv und am helfen

Also nichts zu finden, nur so ein kleines Plätzle

MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.08.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
****** :: ALAPEX [Administrator]

Schutz: Deaktiviert

08.04.2012 17:19:51
mbam-log-2012-04-08 (17-19-51).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 315652
Laufzeit: 1 Stunde(n), 5 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
SAS:
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 04/08/2012 at 07:11 PM

Application Version : 5.0.1146

Core Rules Database Version : 8424
Trace Rules Database Version: 6236

Scan type       : Complete Scan
Total Scan Time : 00:44:02

Operating System Information
Windows 7 Professional 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 528
Memory threats detected   : 0
Registry items scanned    : 35546
Registry threats detected : 0
File items scanned        : 38955
File threats detected     : 1

Adware.Tracking Cookie
	.kaspersky.122.2o7.net [ C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\57J1UG5T.DEFAULT\COOKIES.SQLITE ]

Alt 09.04.2012, 15:38   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Ok, dann machen wir uns mal an die Dienste ran. Falls etwas schief geht würde ich dir ein Komplettbackup empfehlen, also erstell am besten ein Systemimage (Abbild) der Systempartition C, das geht über ein Drittprogramm oder mit Windows7 auch mit Bordmitteln => Windows 7 - System Image erstellen
Ziel des Images sollte am besten eine externe Festplatte mit genügend Speicher sein.

Sag Bescheid wenn du das erstmal erstellt hast.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 09.04.2012, 18:34   #21
dumdididum
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


erledigt

Alt 09.04.2012, 18:47   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Sehr schön. Damit kannst du zur Not das System wieder vollständig wiederherstellen und zwar so wie es unmittelbar vor dem Zeitpunkt der Imageerstellung war. Sollte auch in dem von mir verlinkten Artikel stehen wie das funktioniert.

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: atmeltpm -  File not found
NetSvcs: WinVd32 -  File not found
NetSvcs: s217bus - %systemroot%\system32\pnmsrv.dll File not found
NetSvcs: stirusb - %systemroot%\system32\sweepsrv.sys.dll File not found
NetSvcs: Slpsvdr - %systemroot%\system32\SE27mgmt.dll File not found
NetSvcs: TuneUp.ProgramStatisticsSvc - %systemroot%\system32\harmony.dll File not found
NetSvcs: HSFHWICH - %systemroot%\system32\imagedrv.dll File not found
NetSvcs: ipassconnectengine - %systemroot%\system32\RMSvc.dll File not found
NetSvcs: qbreminderflash - %systemroot%\system32\oracledbconsoleorcl.dll File not found
NetSvcs: hdthermal - %systemroot%\system32\nscirda.dll File not found
NetSvcs: sansaservice - %systemroot%\system32\SecureStorageService.dll File not found
NetSvcs: tavsvc - %systemroot%\system32\nwlnkspx.dll File not found
NetSvcs: bdfdll - %systemroot%\system32\rsvp.dll File not found
NetSvcs: vmodem - %systemroot%\system32\tdrpman.dll File not found
NetSvcs: snpstd - %systemroot%\system32\sonicstagemonitoring.dll File not found
NetSvcs: USB28xxBGA - %systemroot%\system32\pivot.dll File not found
NetSvcs: passthru - %systemroot%\system32\w810mdm.dll File not found
NetSvcs: hwpsgt - %systemroot%\system32\eaps2kbd.dll File not found
NetSvcs: symantecantibotagent - %systemroot%\system32\_iomega_active_disk_service_.dll File not found
NetSvcs: pdiddcci - %systemroot%\system32\flashcomadmin.dll File not found
NetSvcs: MSIRCOMM - %systemroot%\system32\webcompserver.dll File not found
NetSvcs: jconfigd - %systemroot%\system32\TMBMServer.dll File not found
NetSvcs: MMRTKRNL - %systemroot%\system32\symfw.dll File not found
NetSvcs: pxfhmdm - %systemroot%\system32\se44bus.dll File not found
NetSvcs: akshasp - %systemroot%\system32\fssfltr.dll File not found
NetSvcs: winachsf - %systemroot%\system32\sfsync02.dll File not found
NetSvcs: wstcodec - %systemroot%\system32\dmio.dll File not found
NetSvcs: issimon - %systemroot%\system32\rtl8187Se.dll File not found
NetSvcs: ntsyslog - %systemroot%\system32\ndiscm.dll File not found
NetSvcs: smcirda - %systemroot%\system32\crystalinputfileserver.dll File not found
NetSvcs: vaiomediaplatform-videoserver-appserver - %systemroot%\system32\datasvr.dll File not found
NetSvcs: UimBus - %systemroot%\system32\BootScreen.dll File not found
NetSvcs: ilicensesvc - %systemroot%\system32\FirePM.dll File not found
NetSvcs: zenos1 - %systemroot%\system32\TMBUS.dll File not found
NetSvcs: slee_81_service - %systemroot%\system32\Defrag32b.dll File not found
NetSvcs: sonytvc - %systemroot%\system32\CdaD10BA.dll File not found
NetSvcs: lvprcsrv - %systemroot%\system32\BrScnUsb.dll File not found
NetSvcs: atirage3 - %systemroot%\system32\s7oppitx.dll File not found
NetSvcs: WaveEnrollmentService - %systemroot%\system32\IPSECSHM.dll File not found
NetSvcs: RSAFAL - %systemroot%\system32\dpc_srv_webcast.dll File not found
NetSvcs: AVRec - %systemroot%\system32\ati2mpaa.dll File not found
NetSvcs: mwsejcap - %systemroot%\system32\PTDCMdm.dll File not found
NetSvcs: cdr4_2k - %systemroot%\system32\apphostsvc.dll File not found
NetSvcs: pxfhserd - %systemroot%\system32\cfsvcs.dll File not found
NetSvcs: nv - %systemroot%\system32\z800mdm.dll File not found
NetSvcs: bdfsdrv - %systemroot%\system32\sfvfs02.dll File not found
NetSvcs: evteng - %systemroot%\system32\dlaudfam.dll File not found
NetSvcs: truecrypt - %systemroot%\system32\ctdvda2k.dll File not found
NetSvcs: mraid35x - %systemroot%\system32\CnxTrLan.dll File not found
NetSvcs: sit_mdm - %systemroot%\system32\mouhid.dll File not found
NetSvcs: eliservice - %systemroot%\system32\webrootadminconsole.dll File not found
NetSvcs: hsxhwazl - %systemroot%\system32\aolservice.dll File not found
NetSvcs: OEM02Vfx - %systemroot%\system32\webrootenterpriseclientservice.dll File not found
NetSvcs: streamloadservice - %systemroot%\system32\StkAMini.dll File not found
NetSvcs: netmdsb - %systemroot%\system32\elockservice.dll File not found
NetSvcs: mcpromgr - %systemroot%\system32\AVWLP_USB.dll File not found
NetSvcs: as32svc - %systemroot%\system32\sgectl.dll File not found
NetSvcs: cdaudio - %systemroot%\system32\C-Dilla.dll File not found
NetSvcs: ssisvr32 - %systemroot%\system32\nim32.dll File not found
NetSvcs: pxfhbus - %systemroot%\system32\pilogsrv.dll File not found
NetSvcs: omniusb - %systemroot%\system32\hpdj.dll File not found
NetSvcs: USRpdA - %systemroot%\system32\rdpcdd.dll File not found
NetSvcs: ctxcpusched - %systemroot%\system32\SrvcEPECioctl.dll File not found
NetSvcs: sfusvc - %systemroot%\system32\filterservice.dll File not found
NetSvcs: TIEHDUSB - %systemroot%\system32\caboagp.dll File not found
NetSvcs: pdlnecfg - %systemroot%\system32\snpstd2.dll File not found
NetSvcs: scsiaccess - %systemroot%\system32\sysenforce.dll File not found
NetSvcs: dphost - %systemroot%\system32\Dfs.dll File not found
NetSvcs: Ndismeetro - %systemroot%\system32\oraclewebassistant.dll File not found
NetSvcs: dlbu_device - %systemroot%\system32\CADlink.dll File not found
NetSvcs: rpsupdaterr - %systemroot%\system32\intcazaudaddservice.dll File not found
NetSvcs: ZSMC211 - %systemroot%\system32\NVR0Dev.dll File not found
NetSvcs: oracleorahomeagent - %systemroot%\system32\LHidFilt.dll File not found
NetSvcs: cxlpt - %systemroot%\system32\TuneUp.Defrag.dll File not found
NetSvcs: HSFHWALI - %systemroot%\system32\pacsptisvr.dll File not found
NetSvcs: scramby - %systemroot%\system32\SiSGbeXP.dll File not found
NetSvcs: zpcache - %systemroot%\system32\igfx.dll File not found
NetSvcs: inotask - %systemroot%\system32\modemcsa.dll File not found
NetSvcs: tpkmpsvc - %systemroot%\system32\emitray.dll File not found
NetSvcs: vmnetbridge - %systemroot%\system32\VAIOMediaPlatform-VideoServer-HTTP.dll File not found
NetSvcs: AVCamUSB20 - %systemroot%\system32\owstimer.dll File not found
NetSvcs: areschatserver - %systemroot%\system32\cdvp.dll File not found
NetSvcs: HssSrv - %systemroot%\system32\UpdateCenterService.dll File not found
NetSvcs: idebusdr - %systemroot%\system32\cmdagent.dll File not found
NetSvcs: el90xbc - %systemroot%\system32\termdd.dll File not found
NetSvcs: sysmgmthp - %systemroot%\system32\STV680m.dll File not found
NetSvcs: lktimesync - %systemroot%\system32\tsp.dll File not found
NetSvcs: BrSerIf - %systemroot%\system32\cachemanxp.dll File not found
NetSvcs: T6963C - %systemroot%\system32\starwindservice.dll File not found
NetSvcs: w810mdfl - %systemroot%\system32\iPassPeriodicUpdateService.dll File not found
NetSvcs: mhn - %systemroot%\system32\Fd16_700.dll File not found
NetSvcs: intelroam - %systemroot%\system32\retroexplauncher.dll File not found
NetSvcs: srtspx - %systemroot%\system32\SunkFilt39.dll File not found
NetSvcs: PID_08A0 - %systemroot%\system32\BVRPMPR5.dll File not found
NetSvcs: cwafnotesservice - %systemroot%\system32\ehrecvr.dll File not found
NetSvcs: winvnc - %systemroot%\system32\FTSER2K.dll File not found
NetSvcs: cmuda3 - %systemroot%\system32\redbook.dll File not found
NetSvcs: perc2hib - %systemroot%\system32\rdpwd.dll File not found
NetSvcs: DKbFltr - %systemroot%\system32\cdrbsdrv.dll File not found
NetSvcs: se45mdm - %systemroot%\system32\GVCplDrv.dll File not found
NetSvcs: hcf_msft - %systemroot%\system32\messenger.dll File not found
NetSvcs: cpsvc -  File not found
NetSvcs: tfsnpool - %systemroot%\system32\EL2000.dll File not found
NetSvcs: SABProcEnum - %systemroot%\system32\asapiw2k.dll File not found
NetSvcs: WIBUKEY - %systemroot%\system32\intelppm.dll File not found
NetSvcs: se58mdfl - %systemroot%\system32\epson_pm_rpcv2_01.dll File not found
NetSvcs: DivisCTS -  File not found
NetSvcs: USB11LDR -  File not found
NetSvcs: ScFBPNT2 -  File not found
NetSvcs: BootScreen -  File not found
NetSvcs: mctskshd.exe -  File not found
NetSvcs: dlartl_n -  File not found
NetSvcs: tfsncofs -  File not found
NetSvcs: SymIMMP -  File not found
NetSvcs: avcgbdr -  File not found
NetSvcs: iaimfp3 - %systemroot%\system32\DCFS2K.dll File not found
NetSvcs: int15 -  File not found
NetSvcs: oracledbconsoleorcl - %systemroot%\system32\aaksrv.dll File not found
NetSvcs: elnkfwppservice - %systemroot%\system32\SNMPTRAP.dll File not found
NetSvcs: ipahelper.exe -  File not found
NetSvcs: SE26mgmt - %systemroot%\system32\aspi32.dll File not found
NetSvcs: XBCD - %systemroot%\system32\LVPrcMon.dll File not found
NetSvcs: yats32 - %systemroot%\system32\w810bus.dll File not found
NetSvcs: ccproxy - %systemroot%\system32\eSettingsService.dll File not found
NetSvcs: se27nd5 - %systemroot%\system32\rdnaoflsvc.dll File not found
NetSvcs: netsvc - %systemroot%\system32\sermouse.dll File not found
NetSvcs: SSHDRV61 - %systemroot%\system32\rca.dll File not found
NetSvcs: MREMP50a64 - %systemroot%\system32\VirtualCam.dll File not found
NetSvcs: viairda - %systemroot%\system32\avg7core.dll File not found
NetSvcs: btaudio - %systemroot%\system32\winvnc4.dll File not found
NetSvcs: naveng - %systemroot%\system32\wintabservice.dll File not found
NetSvcs: npkcrypt - %systemroot%\system32\NETGEAR_MA111.dll File not found
NetSvcs: ati2mtaa - %systemroot%\system32\usbhub.dll File not found
NetSvcs: inport - %systemroot%\system32\ncupdatesvc.dll File not found
NetSvcs: prismxl - %systemroot%\system32\iaimfp1.dll File not found
NetSvcs: tmactmon - %systemroot%\system32\sptisrv.dll File not found
NetSvcs: symwsc - %systemroot%\system32\WmUsbHid.dll File not found
NetSvcs: SE2Bmdfl - %systemroot%\system32\hpconfig.dll File not found
NetSvcs: ATKGFNEXSrv - %systemroot%\system32\ssm_mdm.dll File not found
NetSvcs: ONSIO - %systemroot%\system32\omsad.dll File not found
NetSvcs: asp.net - %systemroot%\system32\GTPTSER.dll File not found
NetSvcs: z800mgmt - %systemroot%\system32\procexp111.dll File not found
NetSvcs: asc3550 - %systemroot%\system32\irda.dll File not found
NetSvcs: adfs - %systemroot%\system32\adobeactivefilemonitor4.0.dll File not found
NetSvcs: ndassvc - %systemroot%\system32\fdc.dll File not found
NetSvcs: NSSvcMgr - %systemroot%\system32\cdralw2k.dll File not found
NetSvcs: TcUsb - %systemroot%\system32\rtl8139.dll File not found
NetSvcs: USB_NDIS_51 - %systemroot%\system32\UimBus.dll File not found
NetSvcs: pdreli - %systemroot%\system32\Cam5603C.dll File not found
NetSvcs: MRESP50a64 - %systemroot%\system32\EPOWER.dll File not found
NetSvcs: iviVD - %systemroot%\system32\mcrdsvc.dll File not found
NetSvcs: UPATC - %systemroot%\system32\adiusbaw.dll File not found
NetSvcs: zendcoreapache - %systemroot%\system32\pcampr5.dll File not found
NetSvcs: websensewfreportserver - %systemroot%\system32\HBtnKey.dll File not found
NetSvcs: MRESP50 - %systemroot%\system32\srescan.dll File not found
NetSvcs: vsdatant - %systemroot%\system32\S7oppilx.dll File not found
NetSvcs: portmapper - %systemroot%\system32\asapiw2k.dll File not found
NetSvcs: slapd-config52 - %systemroot%\system32\usbio.dll File not found
NetSvcs: vet-rec - %systemroot%\system32\wpshelper.dll File not found
NetSvcs: smrt - %systemroot%\system32\A88xXBar.dll File not found
NetSvcs: cwafeventrouter - %systemroot%\system32\FVXSCSI.dll File not found
NetSvcs: {e2b953a6-195a-44f9-9ba3-3d5f4e32bb55} - %systemroot%\system32\hpci.dll File not found
NetSvcs: eaps2kbd - %systemroot%\system32\qcmerced.dll File not found
NetSvcs: streamip - %systemroot%\system32\s125bus.dll File not found
NetSvcs: s117mgmt - %systemroot%\system32\enodpl.dll File not found
NetSvcs: puscsrvc - %systemroot%\system32\backupexecagentbrowser.dll File not found
NetSvcs: lirsgt - %systemroot%\system32\SRVLOC.dll File not found
NetSvcs: mi-raysat_3dsmax8 - %systemroot%\system32\akshasp.dll File not found
NetSvcs: datunidr - %systemroot%\system32\CE3.dll File not found
NetSvcs: nisum - %systemroot%\system32\USB_RNDIS.dll File not found
NetSvcs: CdaD10BA - %systemroot%\system32\sandboxu.dll File not found
NetSvcs: mlkkbdntdriver - %systemroot%\system32\getPlusHelper.dll File not found
NetSvcs: netddedsdm - %systemroot%\system32\tfsndrct.dll File not found
NetSvcs: netw4x32 - %systemroot%\system32\com4qlb.dll File not found
NetSvcs: s125bus - %systemroot%\system32\DELL_A02.dll File not found
NetSvcs: tfsnifs - %systemroot%\system32\procexp90.dll File not found
NetSvcs: ixiaendpoint - %systemroot%\system32\ssidrv.dll File not found
NetSvcs: dladresn - %systemroot%\system32\hdaudbus.dll File not found
NetSvcs: se44bus - %systemroot%\system32\osanbm.dll File not found
NetSvcs: G400DH - %systemroot%\system32\pcscnsrv.dll File not found
NetSvcs: beatjammusicstreamingserver - %systemroot%\system32\Udfreadr_xp.dll File not found
NetSvcs: symidsco - %systemroot%\system32\zdeviceservice.dll File not found
NetSvcs: imagesrv - %systemroot%\system32\netdde.dll File not found
NetSvcs: MobilityService - %systemroot%\system32\LKbdFlt2.dll File not found
NetSvcs: cvspydr2 - %systemroot%\system32\NWSAP.dll File not found
NetSvcs: WinFl32 - %systemroot%\system32\savrtpel.dll File not found
NetSvcs: klblmain - %systemroot%\system32\usbsermpt.dll File not found
NetSvcs: lxcc_device - %systemroot%\system32\retrowdsvc.dll File not found
NetSvcs: regsrvc - %systemroot%\system32\mcp.dll File not found
NetSvcs: ROOTUSB - %systemroot%\system32\cwafrmiregistry.dll File not found
NetSvcs: tlntsvr - %systemroot%\system32\wmdmpmsn.dll File not found
NetSvcs: AdfuUd - %systemroot%\system32\WmiAcpi.dll File not found
NetSvcs: pdscheduler - %systemroot%\system32\NETMDUSB.dll File not found
NetSvcs: symc8xx - %systemroot%\system32\DSXUSB.dll File not found
NetSvcs: fa_scheduler - %systemroot%\system32\usnjsvc.dll File not found
NetSvcs: SE27mdfl - %systemroot%\system32\ossrv.dll File not found
NetSvcs: BrScnUsb - %systemroot%\system32\ZDCNDIS5.dll File not found
NetSvcs: ltck000c - %systemroot%\system32\eventsystem.dll File not found
NetSvcs: mpfservice - %systemroot%\system32\db2remotecmd.dll File not found
NetSvcs: wmccdsls - %systemroot%\system32\klblmain.dll File not found
NetSvcs: Ncrc710 - %systemroot%\system32\vpctcom.dll File not found
NetSvcs: vetfddnt - %systemroot%\system32\dnwhodisp.dll File not found
NetSvcs: haspnt - %systemroot%\system32\DVDRC.dll File not found
NetSvcs: vc8secs - %systemroot%\system32\AEAudioService.dll File not found
NetSvcs: elbydelay - %systemroot%\system32\issimon.dll File not found
NetSvcs: konfig - %systemroot%\system32\pchost.dll File not found
NetSvcs: genregistrar - %systemroot%\system32\meiudf.dll File not found
NetSvcs: MS1000 - %systemroot%\system32\se2Bunic.dll File not found
NetSvcs: wanatw - %systemroot%\system32\atierecord.dll File not found
NetSvcs: DevUpper - %systemroot%\system32\IFP700.dll File not found
NetSvcs: BCMModem - %systemroot%\system32\nalntservice.dll File not found
NetSvcs: McciCMService - %systemroot%\system32\W55U01.dll File not found
NetSvcs: NetwareWorkstation - %systemroot%\system32\s3savagenb.dll File not found
NetSvcs: LVRS - %systemroot%\system32\dptrackerd.dll File not found
NetSvcs: tvtnetwk - %systemroot%\system32\sysdown.dll File not found
NetSvcs: PTDCMdm - %systemroot%\system32\CdaC15BA.dll File not found
NetSvcs: aeaudio - %systemroot%\system32\se2Dunic.dll File not found
NetSvcs: update -  File not found
NetSvcs: sandboxu - %systemroot%\system32\nimdbgk.dll File not found
NetSvcs: SeratoUsb -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.04.2012, 11:39   #23
dumdididum
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Alles erfolgreich

Code:
ATTFilter
========== OTL ==========
FastUserSwitchingCompatibility removed from NetSvcs value successfully!
Nla removed from NetSvcs value successfully!
Ntmssvc removed from NetSvcs value successfully!
NWCWorkstation removed from NetSvcs value successfully!
Nwsapagent removed from NetSvcs value successfully!
SRService removed from NetSvcs value successfully!
WmdmPmSp removed from NetSvcs value successfully!
atmeltpm removed from NetSvcs value successfully!
WinVd32 removed from NetSvcs value successfully!
s217bus removed from NetSvcs value successfully!
Service s217bus stopped successfully!
Service s217bus deleted successfully!
stirusb removed from NetSvcs value successfully!
Service stirusb stopped successfully!
Service stirusb deleted successfully!
Slpsvdr removed from NetSvcs value successfully!
Service Slpsvdr stopped successfully!
Service Slpsvdr deleted successfully!
TuneUp.ProgramStatisticsSvc removed from NetSvcs value successfully!
Service TuneUp.ProgramStatisticsSvc stopped successfully!
Service TuneUp.ProgramStatisticsSvc deleted successfully!
HSFHWICH removed from NetSvcs value successfully!
Service HSFHWICH stopped successfully!
Service HSFHWICH deleted successfully!
ipassconnectengine removed from NetSvcs value successfully!
Service ipassconnectengine stopped successfully!
Service ipassconnectengine deleted successfully!
qbreminderflash removed from NetSvcs value successfully!
Service qbreminderflash stopped successfully!
Service qbreminderflash deleted successfully!
hdthermal removed from NetSvcs value successfully!
Service hdthermal stopped successfully!
Service hdthermal deleted successfully!
sansaservice removed from NetSvcs value successfully!
Service sansaservice stopped successfully!
Service sansaservice deleted successfully!
tavsvc removed from NetSvcs value successfully!
Service tavsvc stopped successfully!
Service tavsvc deleted successfully!
bdfdll removed from NetSvcs value successfully!
Service bdfdll stopped successfully!
Service bdfdll deleted successfully!
vmodem removed from NetSvcs value successfully!
Service vmodem stopped successfully!
Service vmodem deleted successfully!
snpstd removed from NetSvcs value successfully!
Service snpstd stopped successfully!
Service snpstd deleted successfully!
USB28xxBGA removed from NetSvcs value successfully!
Service USB28xxBGA stopped successfully!
Service USB28xxBGA deleted successfully!
passthru removed from NetSvcs value successfully!
Service passthru stopped successfully!
Service passthru deleted successfully!
hwpsgt removed from NetSvcs value successfully!
Service hwpsgt stopped successfully!
Service hwpsgt deleted successfully!
symantecantibotagent removed from NetSvcs value successfully!
Service symantecantibotagent stopped successfully!
Service symantecantibotagent deleted successfully!
pdiddcci removed from NetSvcs value successfully!
Service pdiddcci stopped successfully!
Service pdiddcci deleted successfully!
MSIRCOMM removed from NetSvcs value successfully!
Service MSIRCOMM stopped successfully!
Service MSIRCOMM deleted successfully!
jconfigd removed from NetSvcs value successfully!
Service jconfigd stopped successfully!
Service jconfigd deleted successfully!
MMRTKRNL removed from NetSvcs value successfully!
Service MMRTKRNL stopped successfully!
Service MMRTKRNL deleted successfully!
pxfhmdm removed from NetSvcs value successfully!
Service pxfhmdm stopped successfully!
Service pxfhmdm deleted successfully!
akshasp removed from NetSvcs value successfully!
Service akshasp stopped successfully!
Service akshasp deleted successfully!
winachsf removed from NetSvcs value successfully!
Service winachsf stopped successfully!
Service winachsf deleted successfully!
wstcodec removed from NetSvcs value successfully!
Service wstcodec stopped successfully!
Service wstcodec deleted successfully!
issimon removed from NetSvcs value successfully!
Service issimon stopped successfully!
Service issimon deleted successfully!
ntsyslog removed from NetSvcs value successfully!
Service ntsyslog stopped successfully!
Service ntsyslog deleted successfully!
smcirda removed from NetSvcs value successfully!
Service smcirda stopped successfully!
Service smcirda deleted successfully!
vaiomediaplatform-videoserver-appserver removed from NetSvcs value successfully!
Service vaiomediaplatform-videoserver-appserver stopped successfully!
Service vaiomediaplatform-videoserver-appserver deleted successfully!
UimBus removed from NetSvcs value successfully!
Service UimBus stopped successfully!
Service UimBus deleted successfully!
ilicensesvc removed from NetSvcs value successfully!
Service ilicensesvc stopped successfully!
Service ilicensesvc deleted successfully!
zenos1 removed from NetSvcs value successfully!
Service zenos1 stopped successfully!
Service zenos1 deleted successfully!
slee_81_service removed from NetSvcs value successfully!
Service slee_81_service stopped successfully!
Service slee_81_service deleted successfully!
sonytvc removed from NetSvcs value successfully!
Service sonytvc stopped successfully!
Service sonytvc deleted successfully!
lvprcsrv removed from NetSvcs value successfully!
Service lvprcsrv stopped successfully!
Service lvprcsrv deleted successfully!
atirage3 removed from NetSvcs value successfully!
Service atirage3 stopped successfully!
Service atirage3 deleted successfully!
WaveEnrollmentService removed from NetSvcs value successfully!
Service WaveEnrollmentService stopped successfully!
Service WaveEnrollmentService deleted successfully!
RSAFAL removed from NetSvcs value successfully!
Service RSAFAL stopped successfully!
Service RSAFAL deleted successfully!
AVRec removed from NetSvcs value successfully!
Service AVRec stopped successfully!
Service AVRec deleted successfully!
mwsejcap removed from NetSvcs value successfully!
Service mwsejcap stopped successfully!
Service mwsejcap deleted successfully!
cdr4_2k removed from NetSvcs value successfully!
Service cdr4_2k stopped successfully!
Service cdr4_2k deleted successfully!
pxfhserd removed from NetSvcs value successfully!
Service pxfhserd stopped successfully!
Service pxfhserd deleted successfully!
nv removed from NetSvcs value successfully!
Service nv stopped successfully!
Service nv deleted successfully!
bdfsdrv removed from NetSvcs value successfully!
Service bdfsdrv stopped successfully!
Service bdfsdrv deleted successfully!
evteng removed from NetSvcs value successfully!
Service evteng stopped successfully!
Service evteng deleted successfully!
truecrypt removed from NetSvcs value successfully!
Service truecrypt stopped successfully!
Service truecrypt deleted successfully!
mraid35x removed from NetSvcs value successfully!
Service mraid35x stopped successfully!
Service mraid35x deleted successfully!
sit_mdm removed from NetSvcs value successfully!
Service sit_mdm stopped successfully!
Service sit_mdm deleted successfully!
eliservice removed from NetSvcs value successfully!
Service eliservice stopped successfully!
Service eliservice deleted successfully!
hsxhwazl removed from NetSvcs value successfully!
Service hsxhwazl stopped successfully!
Service hsxhwazl deleted successfully!
OEM02Vfx removed from NetSvcs value successfully!
Service OEM02Vfx stopped successfully!
Service OEM02Vfx deleted successfully!
streamloadservice removed from NetSvcs value successfully!
Service streamloadservice stopped successfully!
Service streamloadservice deleted successfully!
netmdsb removed from NetSvcs value successfully!
Service netmdsb stopped successfully!
Service netmdsb deleted successfully!
mcpromgr removed from NetSvcs value successfully!
Service mcpromgr stopped successfully!
Service mcpromgr deleted successfully!
as32svc removed from NetSvcs value successfully!
Service as32svc stopped successfully!
Service as32svc deleted successfully!
cdaudio removed from NetSvcs value successfully!
Service cdaudio stopped successfully!
Service cdaudio deleted successfully!
ssisvr32 removed from NetSvcs value successfully!
Service ssisvr32 stopped successfully!
Service ssisvr32 deleted successfully!
pxfhbus removed from NetSvcs value successfully!
Service pxfhbus stopped successfully!
Service pxfhbus deleted successfully!
omniusb removed from NetSvcs value successfully!
Service omniusb stopped successfully!
Service omniusb deleted successfully!
USRpdA removed from NetSvcs value successfully!
Service USRpdA stopped successfully!
Service USRpdA deleted successfully!
ctxcpusched removed from NetSvcs value successfully!
Service ctxcpusched stopped successfully!
Service ctxcpusched deleted successfully!
sfusvc removed from NetSvcs value successfully!
Service sfusvc stopped successfully!
Service sfusvc deleted successfully!
TIEHDUSB removed from NetSvcs value successfully!
Service TIEHDUSB stopped successfully!
Service TIEHDUSB deleted successfully!
pdlnecfg removed from NetSvcs value successfully!
Service pdlnecfg stopped successfully!
Service pdlnecfg deleted successfully!
scsiaccess removed from NetSvcs value successfully!
Service scsiaccess stopped successfully!
Service scsiaccess deleted successfully!
dphost removed from NetSvcs value successfully!
Service dphost stopped successfully!
Service dphost deleted successfully!
Ndismeetro removed from NetSvcs value successfully!
Service Ndismeetro stopped successfully!
Service Ndismeetro deleted successfully!
dlbu_device removed from NetSvcs value successfully!
Service dlbu_device stopped successfully!
Service dlbu_device deleted successfully!
rpsupdaterr removed from NetSvcs value successfully!
Service rpsupdaterr stopped successfully!
Service rpsupdaterr deleted successfully!
ZSMC211 removed from NetSvcs value successfully!
Service ZSMC211 stopped successfully!
Service ZSMC211 deleted successfully!
oracleorahomeagent removed from NetSvcs value successfully!
Service oracleorahomeagent stopped successfully!
Service oracleorahomeagent deleted successfully!
cxlpt removed from NetSvcs value successfully!
Service cxlpt stopped successfully!
Service cxlpt deleted successfully!
HSFHWALI removed from NetSvcs value successfully!
Service HSFHWALI stopped successfully!
Service HSFHWALI deleted successfully!
scramby removed from NetSvcs value successfully!
Service scramby stopped successfully!
Service scramby deleted successfully!
zpcache removed from NetSvcs value successfully!
Service zpcache stopped successfully!
Service zpcache deleted successfully!
inotask removed from NetSvcs value successfully!
Service inotask stopped successfully!
Service inotask deleted successfully!
tpkmpsvc removed from NetSvcs value successfully!
Service tpkmpsvc stopped successfully!
Service tpkmpsvc deleted successfully!
vmnetbridge removed from NetSvcs value successfully!
Service vmnetbridge stopped successfully!
Service vmnetbridge deleted successfully!
AVCamUSB20 removed from NetSvcs value successfully!
Service AVCamUSB20 stopped successfully!
Service AVCamUSB20 deleted successfully!
areschatserver removed from NetSvcs value successfully!
Service areschatserver stopped successfully!
Service areschatserver deleted successfully!
HssSrv removed from NetSvcs value successfully!
Service HssSrv stopped successfully!
Service HssSrv deleted successfully!
idebusdr removed from NetSvcs value successfully!
Service idebusdr stopped successfully!
Service idebusdr deleted successfully!
el90xbc removed from NetSvcs value successfully!
Service el90xbc stopped successfully!
Service el90xbc deleted successfully!
sysmgmthp removed from NetSvcs value successfully!
Service sysmgmthp stopped successfully!
Service sysmgmthp deleted successfully!
lktimesync removed from NetSvcs value successfully!
Service lktimesync stopped successfully!
Service lktimesync deleted successfully!
BrSerIf removed from NetSvcs value successfully!
Service BrSerIf stopped successfully!
Service BrSerIf deleted successfully!
T6963C removed from NetSvcs value successfully!
Service T6963C stopped successfully!
Service T6963C deleted successfully!
w810mdfl removed from NetSvcs value successfully!
Service w810mdfl stopped successfully!
Service w810mdfl deleted successfully!
mhn removed from NetSvcs value successfully!
Service mhn stopped successfully!
Service mhn deleted successfully!
intelroam removed from NetSvcs value successfully!
Service intelroam stopped successfully!
Service intelroam deleted successfully!
srtspx removed from NetSvcs value successfully!
Service srtspx stopped successfully!
Service srtspx deleted successfully!
PID_08A0 removed from NetSvcs value successfully!
Service PID_08A0 stopped successfully!
Service PID_08A0 deleted successfully!
cwafnotesservice removed from NetSvcs value successfully!
Service cwafnotesservice stopped successfully!
Service cwafnotesservice deleted successfully!
winvnc removed from NetSvcs value successfully!
Service winvnc stopped successfully!
Service winvnc deleted successfully!
cmuda3 removed from NetSvcs value successfully!
Service cmuda3 stopped successfully!
Service cmuda3 deleted successfully!
perc2hib removed from NetSvcs value successfully!
Service perc2hib stopped successfully!
Service perc2hib deleted successfully!
DKbFltr removed from NetSvcs value successfully!
Service DKbFltr stopped successfully!
Service DKbFltr deleted successfully!
se45mdm removed from NetSvcs value successfully!
Service se45mdm stopped successfully!
Service se45mdm deleted successfully!
hcf_msft removed from NetSvcs value successfully!
Service hcf_msft stopped successfully!
Service hcf_msft deleted successfully!
cpsvc removed from NetSvcs value successfully!
tfsnpool removed from NetSvcs value successfully!
Service tfsnpool stopped successfully!
Service tfsnpool deleted successfully!
SABProcEnum removed from NetSvcs value successfully!
Service SABProcEnum stopped successfully!
Service SABProcEnum deleted successfully!
WIBUKEY removed from NetSvcs value successfully!
Service WIBUKEY stopped successfully!
Service WIBUKEY deleted successfully!
se58mdfl removed from NetSvcs value successfully!
Service se58mdfl stopped successfully!
Service se58mdfl deleted successfully!
DivisCTS removed from NetSvcs value successfully!
USB11LDR removed from NetSvcs value successfully!
ScFBPNT2 removed from NetSvcs value successfully!
BootScreen removed from NetSvcs value successfully!
mctskshd.exe removed from NetSvcs value successfully!
dlartl_n removed from NetSvcs value successfully!
tfsncofs removed from NetSvcs value successfully!
SymIMMP removed from NetSvcs value successfully!
avcgbdr removed from NetSvcs value successfully!
iaimfp3 removed from NetSvcs value successfully!
Service iaimfp3 stopped successfully!
Service iaimfp3 deleted successfully!
int15 removed from NetSvcs value successfully!
oracledbconsoleorcl removed from NetSvcs value successfully!
Service oracledbconsoleorcl stopped successfully!
Service oracledbconsoleorcl deleted successfully!
elnkfwppservice removed from NetSvcs value successfully!
Service elnkfwppservice stopped successfully!
Service elnkfwppservice deleted successfully!
ipahelper.exe removed from NetSvcs value successfully!
SE26mgmt removed from NetSvcs value successfully!
Service SE26mgmt stopped successfully!
Service SE26mgmt deleted successfully!
XBCD removed from NetSvcs value successfully!
Service XBCD stopped successfully!
Service XBCD deleted successfully!
yats32 removed from NetSvcs value successfully!
Service yats32 stopped successfully!
Service yats32 deleted successfully!
ccproxy removed from NetSvcs value successfully!
Service ccproxy stopped successfully!
Service ccproxy deleted successfully!
se27nd5 removed from NetSvcs value successfully!
Service se27nd5 stopped successfully!
Service se27nd5 deleted successfully!
netsvc removed from NetSvcs value successfully!
Service netsvc stopped successfully!
Service netsvc deleted successfully!
SSHDRV61 removed from NetSvcs value successfully!
Service SSHDRV61 stopped successfully!
Service SSHDRV61 deleted successfully!
MREMP50a64 removed from NetSvcs value successfully!
Service MREMP50a64 stopped successfully!
Service MREMP50a64 deleted successfully!
viairda removed from NetSvcs value successfully!
Service viairda stopped successfully!
Service viairda deleted successfully!
btaudio removed from NetSvcs value successfully!
Service btaudio stopped successfully!
Service btaudio deleted successfully!
naveng removed from NetSvcs value successfully!
Service naveng stopped successfully!
Service naveng deleted successfully!
npkcrypt removed from NetSvcs value successfully!
Service npkcrypt stopped successfully!
Service npkcrypt deleted successfully!
ati2mtaa removed from NetSvcs value successfully!
Service ati2mtaa stopped successfully!
Service ati2mtaa deleted successfully!
inport removed from NetSvcs value successfully!
Service inport stopped successfully!
Service inport deleted successfully!
prismxl removed from NetSvcs value successfully!
Service prismxl stopped successfully!
Service prismxl deleted successfully!
tmactmon removed from NetSvcs value successfully!
Service tmactmon stopped successfully!
Service tmactmon deleted successfully!
symwsc removed from NetSvcs value successfully!
Service symwsc stopped successfully!
Service symwsc deleted successfully!
SE2Bmdfl removed from NetSvcs value successfully!
Service SE2Bmdfl stopped successfully!
Service SE2Bmdfl deleted successfully!
ATKGFNEXSrv removed from NetSvcs value successfully!
Service ATKGFNEXSrv stopped successfully!
Service ATKGFNEXSrv deleted successfully!
ONSIO removed from NetSvcs value successfully!
Service ONSIO stopped successfully!
Service ONSIO deleted successfully!
asp.net removed from NetSvcs value successfully!
Service asp.net stopped successfully!
Service asp.net deleted successfully!
z800mgmt removed from NetSvcs value successfully!
Service z800mgmt stopped successfully!
Service z800mgmt deleted successfully!
asc3550 removed from NetSvcs value successfully!
Service asc3550 stopped successfully!
Service asc3550 deleted successfully!
adfs removed from NetSvcs value successfully!
Service adfs stopped successfully!
Service adfs deleted successfully!
ndassvc removed from NetSvcs value successfully!
Service ndassvc stopped successfully!
Service ndassvc deleted successfully!
NSSvcMgr removed from NetSvcs value successfully!
Service NSSvcMgr stopped successfully!
Service NSSvcMgr deleted successfully!
TcUsb removed from NetSvcs value successfully!
Service TcUsb stopped successfully!
Service TcUsb deleted successfully!
USB_NDIS_51 removed from NetSvcs value successfully!
Service USB_NDIS_51 stopped successfully!
Service USB_NDIS_51 deleted successfully!
pdreli removed from NetSvcs value successfully!
Service pdreli stopped successfully!
Service pdreli deleted successfully!
MRESP50a64 removed from NetSvcs value successfully!
Service MRESP50a64 stopped successfully!
Service MRESP50a64 deleted successfully!
iviVD removed from NetSvcs value successfully!
Service iviVD stopped successfully!
Service iviVD deleted successfully!
UPATC removed from NetSvcs value successfully!
Service UPATC stopped successfully!
Service UPATC deleted successfully!
zendcoreapache removed from NetSvcs value successfully!
Service zendcoreapache stopped successfully!
Service zendcoreapache deleted successfully!
websensewfreportserver removed from NetSvcs value successfully!
Service websensewfreportserver stopped successfully!
Service websensewfreportserver deleted successfully!
MRESP50 removed from NetSvcs value successfully!
Service MRESP50 stopped successfully!
Service MRESP50 deleted successfully!
vsdatant removed from NetSvcs value successfully!
Service vsdatant stopped successfully!
Service vsdatant deleted successfully!
portmapper removed from NetSvcs value successfully!
Service portmapper stopped successfully!
Service portmapper deleted successfully!
slapd-config52 removed from NetSvcs value successfully!
Service slapd-config52 stopped successfully!
Service slapd-config52 deleted successfully!
vet-rec removed from NetSvcs value successfully!
Service vet-rec stopped successfully!
Service vet-rec deleted successfully!
smrt removed from NetSvcs value successfully!
Service smrt stopped successfully!
Service smrt deleted successfully!
cwafeventrouter removed from NetSvcs value successfully!
Service cwafeventrouter stopped successfully!
Service cwafeventrouter deleted successfully!
{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55} removed from NetSvcs value successfully!
Service {e2b953a6-195a-44f9-9ba3-3d5f4e32bb55} stopped successfully!
Service {e2b953a6-195a-44f9-9ba3-3d5f4e32bb55} deleted successfully!
eaps2kbd removed from NetSvcs value successfully!
Service eaps2kbd stopped successfully!
Service eaps2kbd deleted successfully!
streamip removed from NetSvcs value successfully!
Service streamip stopped successfully!
Service streamip deleted successfully!
s117mgmt removed from NetSvcs value successfully!
Service s117mgmt stopped successfully!
Service s117mgmt deleted successfully!
puscsrvc removed from NetSvcs value successfully!
Service puscsrvc stopped successfully!
Service puscsrvc deleted successfully!
lirsgt removed from NetSvcs value successfully!
Service lirsgt stopped successfully!
Service lirsgt deleted successfully!
mi-raysat_3dsmax8 removed from NetSvcs value successfully!
Service mi-raysat_3dsmax8 stopped successfully!
Service mi-raysat_3dsmax8 deleted successfully!
datunidr removed from NetSvcs value successfully!
Service datunidr stopped successfully!
Service datunidr deleted successfully!
nisum removed from NetSvcs value successfully!
Service nisum stopped successfully!
Service nisum deleted successfully!
CdaD10BA removed from NetSvcs value successfully!
Service CdaD10BA stopped successfully!
Service CdaD10BA deleted successfully!
mlkkbdntdriver removed from NetSvcs value successfully!
Service mlkkbdntdriver stopped successfully!
Service mlkkbdntdriver deleted successfully!
netddedsdm removed from NetSvcs value successfully!
Service netddedsdm stopped successfully!
Service netddedsdm deleted successfully!
netw4x32 removed from NetSvcs value successfully!
Service netw4x32 stopped successfully!
Service netw4x32 deleted successfully!
s125bus removed from NetSvcs value successfully!
Service s125bus stopped successfully!
Service s125bus deleted successfully!
tfsnifs removed from NetSvcs value successfully!
Service tfsnifs stopped successfully!
Service tfsnifs deleted successfully!
ixiaendpoint removed from NetSvcs value successfully!
Service ixiaendpoint stopped successfully!
Service ixiaendpoint deleted successfully!
dladresn removed from NetSvcs value successfully!
Service dladresn stopped successfully!
Service dladresn deleted successfully!
se44bus removed from NetSvcs value successfully!
Service se44bus stopped successfully!
Service se44bus deleted successfully!
G400DH removed from NetSvcs value successfully!
Service G400DH stopped successfully!
Service G400DH deleted successfully!
beatjammusicstreamingserver removed from NetSvcs value successfully!
Service beatjammusicstreamingserver stopped successfully!
Service beatjammusicstreamingserver deleted successfully!
symidsco removed from NetSvcs value successfully!
Service symidsco stopped successfully!
Service symidsco deleted successfully!
imagesrv removed from NetSvcs value successfully!
Service imagesrv stopped successfully!
Service imagesrv deleted successfully!
MobilityService removed from NetSvcs value successfully!
Service MobilityService stopped successfully!
Service MobilityService deleted successfully!
cvspydr2 removed from NetSvcs value successfully!
Service cvspydr2 stopped successfully!
Service cvspydr2 deleted successfully!
WinFl32 removed from NetSvcs value successfully!
Service WinFl32 stopped successfully!
Service WinFl32 deleted successfully!
klblmain removed from NetSvcs value successfully!
Service klblmain stopped successfully!
Service klblmain deleted successfully!
lxcc_device removed from NetSvcs value successfully!
Service lxcc_device stopped successfully!
Service lxcc_device deleted successfully!
regsrvc removed from NetSvcs value successfully!
Service regsrvc stopped successfully!
Service regsrvc deleted successfully!
ROOTUSB removed from NetSvcs value successfully!
Service ROOTUSB stopped successfully!
Service ROOTUSB deleted successfully!
tlntsvr removed from NetSvcs value successfully!
Service tlntsvr stopped successfully!
Service tlntsvr deleted successfully!
AdfuUd removed from NetSvcs value successfully!
Service AdfuUd stopped successfully!
Service AdfuUd deleted successfully!
pdscheduler removed from NetSvcs value successfully!
Service pdscheduler stopped successfully!
Service pdscheduler deleted successfully!
symc8xx removed from NetSvcs value successfully!
Service symc8xx stopped successfully!
Service symc8xx deleted successfully!
fa_scheduler removed from NetSvcs value successfully!
Service fa_scheduler stopped successfully!
Service fa_scheduler deleted successfully!
SE27mdfl removed from NetSvcs value successfully!
Service SE27mdfl stopped successfully!
Service SE27mdfl deleted successfully!
BrScnUsb removed from NetSvcs value successfully!
Service BrScnUsb stopped successfully!
Service BrScnUsb deleted successfully!
ltck000c removed from NetSvcs value successfully!
Service ltck000c stopped successfully!
Service ltck000c deleted successfully!
mpfservice removed from NetSvcs value successfully!
Service mpfservice stopped successfully!
Service mpfservice deleted successfully!
wmccdsls removed from NetSvcs value successfully!
Service wmccdsls stopped successfully!
Service wmccdsls deleted successfully!
Ncrc710 removed from NetSvcs value successfully!
Service Ncrc710 stopped successfully!
Service Ncrc710 deleted successfully!
vetfddnt removed from NetSvcs value successfully!
Service vetfddnt stopped successfully!
Service vetfddnt deleted successfully!
haspnt removed from NetSvcs value successfully!
Service haspnt stopped successfully!
Service haspnt deleted successfully!
vc8secs removed from NetSvcs value successfully!
Service vc8secs stopped successfully!
Service vc8secs deleted successfully!
elbydelay removed from NetSvcs value successfully!
Service elbydelay stopped successfully!
Service elbydelay deleted successfully!
konfig removed from NetSvcs value successfully!
Service konfig stopped successfully!
Service konfig deleted successfully!
genregistrar removed from NetSvcs value successfully!
Service genregistrar stopped successfully!
Service genregistrar deleted successfully!
MS1000 removed from NetSvcs value successfully!
Service MS1000 stopped successfully!
Service MS1000 deleted successfully!
wanatw removed from NetSvcs value successfully!
Service wanatw stopped successfully!
Service wanatw deleted successfully!
DevUpper removed from NetSvcs value successfully!
Service DevUpper stopped successfully!
Service DevUpper deleted successfully!
BCMModem removed from NetSvcs value successfully!
Service BCMModem stopped successfully!
Service BCMModem deleted successfully!
McciCMService removed from NetSvcs value successfully!
Service McciCMService stopped successfully!
Service McciCMService deleted successfully!
NetwareWorkstation removed from NetSvcs value successfully!
Service NetwareWorkstation stopped successfully!
Service NetwareWorkstation deleted successfully!
LVRS removed from NetSvcs value successfully!
Service LVRS stopped successfully!
Service LVRS deleted successfully!
tvtnetwk removed from NetSvcs value successfully!
Service tvtnetwk stopped successfully!
Service tvtnetwk deleted successfully!
PTDCMdm removed from NetSvcs value successfully!
Service PTDCMdm stopped successfully!
Service PTDCMdm deleted successfully!
aeaudio removed from NetSvcs value successfully!
Service aeaudio stopped successfully!
Service aeaudio deleted successfully!
update removed from NetSvcs value successfully!
sandboxu removed from NetSvcs value successfully!
Service sandboxu stopped successfully!
Service sandboxu deleted successfully!
SeratoUsb removed from NetSvcs value successfully!
LogonHours removed from NetSvcs value successfully!
PCAudit removed from NetSvcs value successfully!
helpsvc removed from NetSvcs value successfully!
uploadmgr removed from NetSvcs value successfully!
 
OTL by OldTimer - Version 3.2.39.2 log created on 04102012_123536

Alt 10.04.2012, 13:40   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Ok, gut. Dann mach mal bitte ein neues Log mit OSAM, ich möchte sehen wie viele Einträge da noch sind.

Anschließend würde ich gern nochmal einen Gang mit CF machen um zu sehen, ob es noch immer NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge anzeigt
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.04.2012, 13:57   #25
dumdididum
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 14:43:54 on 10.04.2012

OS: Windows 7  Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 11.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000Core.job" - "Google Inc." - C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000UA.job" - "Google Inc." - C:\Users\Alex\AppData\Local\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"QuickTime.cpl" - "Apple Computer, Inc." - C:\Windows\system32\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aswArKrn" (aswArKrn) - ? - C:\Users\Alex\AppData\Local\Temp\aswArKrn.sys  (File not found)
"catchme" (catchme) - ? - C:\Users\Alex\AppData\Local\Temp\catchme.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"NetLimiter Ndis Protocol Service" (NLNdisPT) - ? - C:\Windows\System32\DRIVERS\nlndis.sys  (File not found)
"NLNdisMP" (NLNdisMP) - ? - C:\Windows\System32\DRIVERS\nlndis.sys  (File not found)
"PSSDK42" (PSSDK42) - "microOLAP Technologies LTD" - C:\Windows\system32\Drivers\pssdk42.sys
"Realtek IR Driver" (RtsUIR) - ? - C:\Windows\System32\DRIVERS\Rts516xIR.sys  (File not found)
"Realtek Smartcard Reader Driver" (USBCCID) - ? - C:\Windows\System32\DRIVERS\RtsUCcid.sys  (File not found)
"SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
"SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
"USB2.0 PC Camera (SNP2UVC)" (SNP2UVC) - ? - C:\Windows\System32\DRIVERS\snp2uvc.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - "The Document Foundation" - C:\Program Files\LibreOffice 3.5\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{94586423-855F-4EB2-9F6A-D9DA5658DBE3} "Context menu" - ? - C:\PROGRA~1\FREEM4~1\m4a_menu.dll  (File found, but it contains no detailed information)
{0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} "CSendToContextMenu Object" - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\btmshell.dll
{D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll
{83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{AE424E85-F6DF-4910-A6A9-438797986431} "LibreOffice Property Handler" - "The Document Foundation" - C:\Program Files\LibreOffice 3.5\program\shlxthdl\propertyhdl.dll
{862D80CE-A2A4-45D4-8008-7F40766F5FEA} "My Bluetooth" - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\btmshell.dll
{CF822AB4-6DB5-4FDA-BC28-E61DF36D2583} "PDF-XChange PDF Preview Provider" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{67EB453C-1BE1-48EC-AAF3-23B10277FCC1} "PDF-XChange PDF Property Handler" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{EBD0B8F4-A9A0-41B7-9695-030CD264D9C8} "PDF-XChange PDF Thumbnail Provider" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -   (File not found | COM-object registry key not found)
{2d3dd4c0-3bd7-11d2-821e-444553540000} "WdmidleDeviceShellExtension" - ? - c:\program files\lenovo\energy management\powcpl.dll  (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} "&NetWorx Desk Band" - "SoftPerfect Research" - C:\PROGRA~1\NetWorx\deskband.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Stardock ObjectDock.lnk" - "Stardock" - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Energy Management" - "Lenovo (Beijing) Limited" - C:\Program Files\Lenovo\Energy Management\Energy Management.exe
"EnergyUtility" - "Lenovo(beijing) Limited" - C:\Program Files\Lenovo\Energy Management\utility.exe
"NetWorx" - "SoftPerfect Research" - "C:\Program Files\NetWorx\networx.exe" /auto

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Bluetooth Device Manager" (Bluetooth Device Manager) - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
"Bluetooth Media Service" (Bluetooth Media Service) - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
"Bluetooth OBEX Service" (Bluetooth OBEX Service) - "Motorola, Inc." - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"SAS Core Service" (!SASCORE) - "SUPERAntiSpyware.com" - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
"TeamViewer 5" (TeamViewer5) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
Soll ich gleich CF durchlaufen lassen oder wieder mit einem Script?

Alt 10.04.2012, 14:05   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Nee, wie beim ersten Mal, lad die combofix.exe bitte neu runter


ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.04.2012, 14:25   #27
dumdididum
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Hm, nach dem Suchlauf kam die Meldung "Papierkorb auf C: ist beschädigt. Soll dieser geleert werden" oder so ähnlich. Außerdem ist der Eintrag noch vorhanden Allerdings ist nur noch ein Bruchteil an Einträgen vorhanden im Vergleich zum ersten Log...

Code:
ATTFilter
ComboFix 12-04-10.01 - ****** 10.04.2012  15:09:48.4.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.3003.2161 [GMT 2:00]
ausgeführt von:: c:\users\******\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-10 bis 2012-04-10  ))))))))))))))))))))))))))))))
.
.
2012-04-10 13:18 . 2012-04-10 13:18	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-10 10:35 . 2012-04-10 10:35	--------	d-----w-	C:\_OTL
2012-04-08 17:55 . 2012-04-08 17:55	--------	d-----w-	c:\program files\7-Zip
2012-04-08 17:52 . 2012-04-08 17:52	--------	d-----w-	c:\users\******\AppData\Local\Tracker Software
2012-04-08 17:31 . 2012-04-08 17:47	--------	d-----w-	c:\program files\LibreOffice 3.5
2012-04-08 16:26 . 2012-04-08 16:26	--------	d-----w-	c:\users\******\AppData\Roaming\SUPERAntiSpyware.com
2012-04-08 16:25 . 2012-04-08 16:26	--------	d-----w-	c:\program files\SUPERAntiSpyware
2012-04-08 16:25 . 2012-04-08 16:25	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2012-04-07 20:57 . 2012-04-07 20:57	--------	d-----w-	c:\windows\system32\wbem\en-US
2012-04-07 20:41 . 2011-11-19 14:50	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-04-07 20:41 . 2011-11-19 14:50	3913584	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-04-07 20:41 . 2011-12-30 05:27	478720	----a-w-	c:\windows\system32\timedate.cpl
2012-04-07 20:41 . 2011-03-25 02:58	258560	----a-w-	c:\windows\system32\drivers\usbhub.sys
2012-04-07 20:41 . 2011-03-25 02:58	284672	----a-w-	c:\windows\system32\drivers\usbport.sys
2012-04-07 20:41 . 2011-03-25 02:58	75776	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2012-04-07 20:41 . 2011-03-25 02:57	43008	----a-w-	c:\windows\system32\drivers\usbehci.sys
2012-04-07 20:41 . 2011-03-25 02:57	20480	----a-w-	c:\windows\system32\drivers\usbohci.sys
2012-04-07 20:41 . 2011-03-25 02:57	24064	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2012-04-07 20:41 . 2011-03-25 02:57	5888	----a-w-	c:\windows\system32\drivers\usbd.sys
2012-04-07 07:41 . 2012-04-07 07:41	--------	d-----w-	c:\program files\Common Files\Bitdefender
2012-04-06 22:19 . 2012-04-06 22:19	--------	d-----w-	c:\program files\Common Files\Java
2012-04-06 22:06 . 2012-04-07 07:40	--------	d-----w-	c:\programdata\AVAST Software
2012-04-06 22:06 . 2012-04-06 22:06	--------	d-----w-	c:\program files\AVAST Software
2012-04-06 20:56 . 2012-04-06 20:56	--------	d-----w-	c:\program files\ESET
2012-04-06 18:12 . 2012-04-10 13:18	--------	d-----w-	c:\users\******\AppData\Local\temp
2012-04-02 15:21 . 2012-04-02 15:21	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-02 14:08 . 2012-04-02 14:08	--------	d-----w-	c:\program files\CCleaner
2012-04-02 14:02 . 2012-04-02 14:02	--------	d-----w-	C:\TDSSKiller_Quarantine
2012-04-02 13:27 . 2012-04-02 13:28	--------	d-----w-	c:\program files\YTDownloader
2012-04-02 11:19 . 2012-04-02 11:19	--------	d-----w-	c:\users\******\AppData\Roaming\Malwarebytes
2012-04-02 11:19 . 2012-04-02 11:19	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-04-02 11:19 . 2012-04-02 11:19	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-02 11:19 . 2011-12-10 13:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-29 12:00 . 2012-03-29 12:00	--------	d-sh--w-	c:\windows\system32\%APPDATA%
2012-03-29 10:07 . 2012-03-29 10:07	592824	----a-w-	c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-29 10:07 . 2012-03-29 10:07	44472	----a-w-	c:\program files\Mozilla Firefox\mozglue.dll
2012-03-14 13:12 . 2012-02-03 03:54	2343424	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 13:12 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 13:12 . 2012-01-25 05:32	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-14 13:12 . 2012-01-25 05:32	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-14 13:12 . 2012-01-25 05:27	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-14 13:12 . 2012-02-17 05:34	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-14 13:12 . 2012-02-17 04:14	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-14 13:12 . 2012-02-17 04:13	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-06 22:19 . 2010-11-15 10:32	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-04-02 15:21 . 2011-12-11 12:11	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-02 14:02 . 2011-01-31 10:37	218688	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-29 10:07 . 2011-04-11 16:16	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-03 1557800]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-11 7739936]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-09-01 4114288]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"LXCGCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2007-02-22 73728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
.
c:\users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-3-27 3450608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25	59240	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bdinstaller]
2011-07-20 14:24	428632	----a-w-	c:\program files\Common Files\Bitdefender\setupinformation\setuplauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
2009-07-22 17:54	17753352	----a-w-	c:\program files\Motorola\Bluetooth\btmshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20	1305408	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-03-05 15:32	1135912	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11	3325952	----a-w-	c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2007-04-29 20:57	103344	----a-w-	c:\program files\Lexmark 2300 Series\ezprint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2011-02-11 17:26	171032	----a-w-	c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2011-02-11 17:26	137752	----a-w-	c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndicatorListener]
2009-08-12 11:11	107784	----a-w-	c:\program files\Motorola\Bluetooth\mkil.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcgmon.exe]
2007-04-29 20:56	205744	----a-w-	c:\program files\Lexmark 2300 Series\lxcgmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-01-13 12:53	460872	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
2010-03-03 10:13	1824040	----a-w-	c:\program files\ManyCam 2.4\ManyCam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetWorx]
2010-11-22 20:51	3042816	----a-w-	c:\program files\NetWorx\networx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2011-02-11 17:26	172568	----a-w-	c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-11-01 19:44	98304	----a-w-	c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-03-09 09:02	26100520	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02	254696	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-03-07 21:27	3905920	----a-w-	c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 253600]
R3 aswArKrn;aswArKrn;c:\users\******\AppData\Local\Temp\aswArKrn.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2009-07-22 709384]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2009-07-09 40448]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2009-07-13 516608]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-02 218688]
S1 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2010-11-27 38976]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2009-07-22 474888]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2009-07-22 3473672]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 122368]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
.
NETSVCS BENÖTIGT REPARATUR - Derzeitig vorhandene Einträge:
aelookupsvc
certpropsvc
scpolicysvc
lanmanserver
gpsvc
ikeext
audiosrv
ias
irmon
rasauto
rasman
remoteaccess
sens
sharedaccess
tapisrv
wmi
termservice
wuauserv
bits
shellhwdetection
iphlpsvc
seclogon
appinfo
msiscsi
mmcss
wercplsupport
eaphost
profsvc
schedule
hkmsvc
sessionenv
winmgmt
browser
themes
bdesvc
appmgmt
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 15:21]
.
2011-06-11 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2011-06-11 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000Core.job
- c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 08:30]
.
2012-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000UA.job
- c:\users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 08:30]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride =  localhost
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Web-Suche - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\57j1ug5t.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1104)
c:\program files\Stardock\ObjectDock\DockShellHook.dll
.
Zeit der Fertigstellung: 2012-04-10  15:20:50
ComboFix-quarantined-files.txt  2012-04-10 13:20
ComboFix2.txt  2012-04-10 12:54
ComboFix3.txt  2012-04-06 08:06
.
Vor Suchlauf: 13 Verzeichnis(se), 47.114.653.696 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 47.062.806.528 Bytes frei
.
- - End Of File - - 2B2107EFDDF359A12B271B9EDF614556

Alt 10.04.2012, 15:20   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.04.2012, 15:38   #29
dumdididum
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


OTL:
Code:
ATTFilter
OTL logfile created on: 10.04.2012 16:22:25 - Run 4
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\******\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 69,36% Memory free
5,86 Gb Paging File | 5,07 Gb Available in Paging File | 86,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,23 Gb Total Space | 43,92 Gb Free Space | 15,79% Space Free | Partition Type: NTFS
Drive D: | 5,00 Gb Total Space | 3,86 Gb Free Space | 77,26% Space Free | Partition Type: NTFS
 
Computer Name: ALAPEX | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.02 15:49:42 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.22 22:51:12 | 003,042,816 | ---- | M] (SoftPerfect Research) -- C:\Programme\NetWorx\networx.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.03.27 20:49:14 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009.09.01 15:25:36 | 004,114,288 | ---- | M] (Lenovo(beijing) Limited) -- C:\Programme\Lenovo\Energy Management\utility.exe
PRC - [2009.07.22 19:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\obexsrv.exe
PRC - [2009.07.22 19:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe
PRC - [2009.06.25 10:46:08 | 005,064,520 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Programme\Lenovo\Energy Management\Energy Management.exe
PRC - [2007.04.30 20:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Programme\Stardock\ObjectDock\ObjectDock.exe
PRC - [2007.04.29 22:54:44 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcgcoms.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010.04.25 11:48:04 | 000,459,264 | ---- | M] () -- C:\Programme\NetWorx\sqlite.dll
MOD - [2008.12.20 04:20:50 | 000,063,304 | ---- | M] () -- C:\Programme\Lenovo\Energy Management\KbdHook.dll
MOD - [2008.12.20 04:20:08 | 000,051,016 | ---- | M] () -- C:\Programme\Lenovo\Energy Management\HookLib.dll
MOD - [2007.04.30 20:18:50 | 000,112,400 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\DockShellHook.dll
MOD - [2007.04.23 01:19:28 | 000,026,392 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\Docklets\Calendar\Calendar.dll
MOD - [2007.04.21 14:47:52 | 000,059,592 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\zlib.dll
MOD - [2007.04.19 15:23:48 | 000,095,944 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\CrashRpt.dll
MOD - [2002.11.19 15:11:40 | 000,139,264 | ---- | M] () -- C:\Programme\Common Files\Stardock\ODimg.dll
MOD - [2002.03.13 20:46:32 | 000,118,784 | ---- | M] () -- C:\Programme\Stardock\ObjectDock\ODimg.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.04.02 17:21:09 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.03.27 20:49:14 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [On_Demand | Stopped] -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.07.22 19:56:24 | 000,474,888 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Programme\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2009.07.22 19:55:46 | 003,473,672 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV - [2009.07.22 19:54:30 | 000,709,384 | ---- | M] (Motorola, Inc.) [On_Demand | Stopped] -- C:\Programme\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.29 22:54:44 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcgcoms.exe -- (lxcg_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\******\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\******\AppData\Local\Temp\aswArKrn.sys -- (aswArKrn)
DRV - [2012.04.02 16:02:53 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.11.27 14:42:15 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.01.20 06:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009.08.10 18:24:46 | 001,759,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009.07.27 09:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.13 15:01:42 | 000,516,608 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmusb.sys -- (BTMUSB)
DRV - [2009.07.09 18:13:30 | 000,040,448 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmcom.sys -- (BTMCOM)
DRV - [2009.06.24 04:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.05.26 13:12:36 | 000,122,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008.01.14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=MYC&o=&src=crm&q={searchTerms}&locale=
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\..\SearchScopes\{E06F3368-EFB7-4FE6-B75A-58707FD1E9CC}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=382950&p={searchTerms}
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =  localhost
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: coc@ble.pl:2.2.0.3.7
FF - prefs.js..extensions.enabledItems: stop-reload@design-noir.de:1.2
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p="
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\******\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\******\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.29 12:07:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.01 21:44:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.11.01 21:44:40 | 000,000,000 | ---D | M]
 
[2010.03.28 00:41:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions
[2010.03.28 00:41:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.04.02 14:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\57j1ug5t.default\extensions
[2011.07.18 16:26:54 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\57j1ug5t.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.04 13:02:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions
[2010.12.04 13:02:13 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.03.27 21:50:33 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.27 21:49:01 | 000,000,000 | ---D | M] (Yoono) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}
[2010.03.27 21:49:01 | 000,000,000 | ---D | M] (Glasser) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\glasser@sixxgate.com
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (Strata RELOADED) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.0x\mozapps\extensions
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.5x\mozapps\extensions
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.6x\mozapps\extensions
[2010.03.27 21:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\6dneuuzx.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.7x\mozapps\extensions
[2011.02.06 14:02:29 | 000,002,093 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\57j1ug5t.default\searchplugins\pcgh-preisvergleich.xml
[2011.12.11 18:57:50 | 000,003,915 | ---- | M] () -- C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\57j1ug5t.default\searchplugins\sweetim.xml
[2012.04.07 00:19:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.07 00:19:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.04.07 00:19:17 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\57J1UG5T.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\57J1UG5T.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.03.29 12:07:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.07 00:19:06 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.09.11 15:56:28 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2011.02.15 13:49:44 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012.02.15 20:36:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.15 20:36:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.15 20:36:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.15 20:36:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.15 20:36:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.15 20:36:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={3F618B6C-2419-11E1-A630-001F162DB44D}
CHR - default_search_provider: suggest_url = 
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\******\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\******\AppData\Local\Google\Chrome\Application\16.0.912.75\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\******\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\******\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2012.04.06 20:14:02 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Programme\NetWorx\deskband.dll (SoftPerfect Research)
O4 - HKLM..\Run: [Energy Management] C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [LXCGCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.DLL ()
O4 - Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-1416301568-2198918287-4027682294-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAE8C566-DA40-40C0-8551-A21E7A8A98D3}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
 
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: bdinstaller - hkey= - key= - C:\Program Files\Common Files\Bitdefender\setupinformation\setuplauncher.exe (Bitdefender)
MsConfig - StartUpReg: BTMTrayAgent - hkey= - key= -  File not found
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
MsConfig - StartUpReg: EzPrint - hkey= - key= - C:\Program Files\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.)
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= -  File not found
MsConfig - StartUpReg: IgfxTray - hkey= - key= -  File not found
MsConfig - StartUpReg: IndicatorListener - hkey= - key= -  File not found
MsConfig - StartUpReg: lxcgmon.exe - hkey= - key= - C:\Program Files\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.)
MsConfig - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: ManyCam - hkey= - key= - C:\Program Files\ManyCam 2.4\ManyCam.exe (ManyCam LLC)
MsConfig - StartUpReg: NetWorx - hkey= - key= - C:\Program Files\NetWorx\networx.exe (SoftPerfect Research)
MsConfig - StartUpReg: Persistence - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
MsConfig - State: "bootini" - 2
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 0
 
SafeBootMin: !SASCORE - C:\Programme\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: !SASCORE - C:\Programme\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1B14700B-466C-D0D1-3853-0943CCBAD9F5} - Microsoft Windows Media Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {97A80FE8-5719-9711-8EBE-1A1A3C25B0A9} - Microsoft Windows Media Player 12.0
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F7D1AC01-F995-870E-F6D9-8B41032812E9} - Browser Customizations
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.10 15:06:42 | 004,455,337 | R--- | C] (Swearware) -- C:\Users\******\Desktop\ComboFix.exe
[2012.04.10 15:04:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.04.10 12:35:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.04.08 19:55:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.04.08 19:55:08 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.04.08 19:52:33 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\Tracker Software
[2012.04.08 19:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.5
[2012.04.08 19:31:04 | 000,000,000 | ---D | C] -- C:\Program Files\LibreOffice 3.5
[2012.04.08 18:26:12 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\SUPERAntiSpyware.com
[2012.04.08 18:25:34 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.04.08 18:25:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.04.08 18:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.04.07 23:52:48 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\logs
[2012.04.07 22:50:33 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.04.07 22:50:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.07 22:50:33 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.04.07 22:50:33 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.07 22:50:33 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.04.07 22:50:33 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.04.07 22:50:33 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.04.07 22:50:33 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.04.07 22:50:33 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.04.07 22:50:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.07 22:50:33 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.04.07 22:50:33 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.04.07 22:50:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.07 22:50:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.04.07 22:50:33 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.04.07 22:50:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.04.07 22:50:33 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.04.07 22:50:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.04.07 22:50:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.04.07 22:50:33 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.04.07 22:50:33 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.04.07 22:50:33 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.04.07 22:50:33 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.04.07 22:50:33 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.04.07 22:50:33 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.04.07 22:50:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.04.07 22:50:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.04.07 22:50:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.04.07 22:50:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.04.07 22:50:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.07 22:50:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.04.07 22:50:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.04.07 22:50:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.04.07 22:50:33 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.04.07 22:50:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.04.07 22:50:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.04.07 22:50:33 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.04.07 22:41:44 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.04.07 22:41:43 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.04.07 22:41:06 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012.04.07 22:41:02 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012.04.07 22:41:02 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012.04.07 22:40:57 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2012.04.07 22:40:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2012.04.07 22:40:44 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012.04.07 22:40:43 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012.04.07 22:40:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012.04.07 22:40:42 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012.04.07 22:40:42 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012.04.07 22:40:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012.04.07 21:04:23 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\******\Desktop\aswMBR.exe
[2012.04.07 20:09:37 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\OSAM
[2012.04.07 18:53:27 | 002,073,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\******\Desktop\TDSSKiller.exe
[2012.04.07 09:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012.04.07 08:49:58 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
[2012.04.07 00:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.04.07 00:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.04.07 00:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.04.06 22:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.04.06 20:12:29 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\temp
[2012.04.06 09:34:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.04.06 09:34:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.04.06 09:34:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.04.06 09:29:47 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.04.06 09:25:21 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.04.02 17:21:09 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.04.02 16:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.04.02 16:02:05 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.04.02 15:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\YTDownloader
[2012.04.02 15:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.04.02 13:19:12 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\Malwarebytes
[2012.04.02 13:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.04.02 13:19:06 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.02 13:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.04.02 13:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.02 12:53:29 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\DUDEN Korrektor 8 MO
[2012.03.29 14:00:34 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.03.14 15:12:46 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.03.14 15:12:44 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.03.14 15:12:11 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.03.14 15:12:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.03.14 15:12:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.03.14 15:12:10 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.03.13 16:08:10 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\Uni
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.10 16:20:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.10 16:17:15 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000UA.job
[2012.04.10 15:23:12 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.10 15:23:12 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.10 15:23:12 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.10 15:23:12 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.10 15:11:15 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.10 15:11:15 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.10 15:07:01 | 004,455,337 | R--- | M] (Swearware) -- C:\Users\******\Desktop\ComboFix.exe
[2012.04.10 15:04:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.10 15:03:55 | 2361,569,280 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.10 09:59:57 | 000,337,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.04.08 18:25:34 | 000,001,965 | ---- | M] () -- C:\Users\******\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.07 22:50:33 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.04.07 22:50:33 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.04.07 22:50:33 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.04.07 22:50:33 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.04.07 22:50:33 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.04.07 22:50:33 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.04.07 22:50:33 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.04.07 22:50:33 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.04.07 22:50:33 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.04.07 22:50:33 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.04.07 22:50:33 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.04.07 22:50:33 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.04.07 22:50:33 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.04.07 22:50:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.04.07 22:50:33 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.04.07 22:50:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.04.07 22:50:33 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.04.07 22:50:33 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.04.07 22:50:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.04.07 22:50:33 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.04.07 22:50:33 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.04.07 22:50:33 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.04.07 22:50:33 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.04.07 22:50:33 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.04.07 22:50:33 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.04.07 22:50:33 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.04.07 22:50:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.04.07 22:50:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.04.07 22:50:33 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.04.07 22:50:33 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.04.07 22:50:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.04.07 22:50:33 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.04.07 22:50:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.04.07 22:50:33 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.04.07 22:50:33 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.04.07 22:50:33 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.04.07 22:50:33 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.04.07 22:50:33 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.04.07 21:04:32 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\******\Desktop\aswMBR.exe
[2012.04.07 20:08:52 | 000,302,592 | ---- | M] () -- C:\Users\******\Desktop\lgpr3wft.exe
[2012.04.07 09:39:09 | 000,867,008 | ---- | M] () -- C:\Users\******\Desktop\bitdefender_isecurity__PADIS_.exe
[2012.04.07 00:19:06 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.04.07 00:19:06 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.04.07 00:19:06 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.04.07 00:19:05 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.04.07 00:07:24 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.04.06 20:14:02 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.04.04 19:55:36 | 002,073,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\******\Desktop\TDSSKiller.exe
[2012.04.02 17:21:09 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.04.02 17:21:09 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.04.02 16:02:53 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012.04.02 15:49:42 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
[2012.04.02 15:28:56 | 000,001,445 | ---- | M] () -- C:\Users\******\Desktop\YouTube Downloader and Converter.lnk
[2012.04.02 15:16:39 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.04.02 13:19:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.27 08:15:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1416301568-2198918287-4027682294-1000Core.job
 
========== Files Created - No Company Name ==========
 
[2012.04.08 18:25:34 | 000,001,965 | ---- | C] () -- C:\Users\******\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.04.07 23:35:24 | 000,001,413 | ---- | C] () -- C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.04.07 22:50:33 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.04.07 20:08:51 | 000,302,592 | ---- | C] () -- C:\Users\******\Desktop\lgpr3wft.exe
[2012.04.07 09:39:07 | 000,867,008 | ---- | C] () -- C:\Users\******\Desktop\bitdefender_isecurity__PADIS_.exe
[2012.04.06 09:34:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.04.06 09:34:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.04.06 09:34:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.04.06 09:34:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.04.06 09:34:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.04.02 17:21:12 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.02 15:28:56 | 000,001,445 | ---- | C] () -- C:\Users\******\Desktop\YouTube Downloader and Converter.lnk
[2012.04.02 15:16:39 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.04.02 13:19:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.02 12:53:24 | 1275,133,952 | ---- | C] () -- C:\Users\******\Desktop\MadmaxO1086SP1.iso
[2012.03.13 16:07:51 | 127,520,431 | ---- | C] () -- C:\Users\******\Desktop\Histo Präparate.pdf
[2011.12.17 19:37:12 | 000,265,209 | ---- | C] () -- C:\Users\******\AppData\Roaming\UserTile.png
[2011.12.11 19:01:16 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.10.30 17:10:25 | 000,000,038 | ---- | C] () -- C:\Windows\Progs_.ini
[2011.05.29 09:18:55 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.02.11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010.07.28 21:01:14 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.07.28 21:01:12 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.07.28 21:01:10 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.03.27 21:52:46 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Adobe
[2011.12.18 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Apple Computer
[2010.10.30 13:12:46 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Auslogics
[2011.12.04 21:02:21 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\calibre
[2012.04.02 16:12:16 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DAEMON Tools Lite
[2010.10.27 14:40:05 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DivX
[2012.03.21 09:48:11 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\foobar2000
[2010.11.27 14:39:14 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Foxit Software
[2010.04.03 20:05:54 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\HP
[2010.03.27 20:38:40 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Identities
[2010.03.29 20:29:53 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\InfraRecorder
[2010.03.27 20:45:53 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\InstallShield
[2011.03.08 14:27:20 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\LibreOffice
[2010.03.27 21:52:46 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Macromedia
[2012.04.02 13:19:12 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Malwarebytes
[2010.04.18 17:01:30 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ManyCam
[2009.07.14 10:56:56 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Media Center Programs
[2012.04.02 16:12:16 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Media Player Classic
[2012.01.18 11:28:40 | 000,000,000 | --SD | M] -- C:\Users\******\AppData\Roaming\Microsoft
[2010.03.27 21:45:10 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Mozilla
[2011.05.21 13:41:29 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\MyPhoneExplorer
[2010.10.12 11:02:25 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\QIP
[2010.11.25 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ratiopharm
[2011.02.01 21:00:55 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SecondLife
[2012.03.11 19:46:15 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Skype
[2012.03.11 17:02:27 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\skypePM
[2012.04.08 18:26:12 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SUPERAntiSpyware.com
[2011.01.31 12:46:35 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TeamViewer
[2010.03.27 22:41:48 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TuneUp Software
[2012.04.02 15:15:07 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\vlc
[2010.03.27 22:22:19 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.02.05 12:18:21 | 000,010,134 | R--- | M] () -- C:\Users\******\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\ERDNT\cache\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

Alt 10.04.2012, 16:10   #30
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Abnow versucht zu entfernen - Reste vorhanden? - Standard

Abnow versucht zu entfernen - Reste vorhanden?


Also die Logs von OSAM und OTL sind jetzt btgl der netsvc Geschichte unauffällig.
Wie verhält sich dein System? Mittlerweile wieder unauffällig? Die letzten Kontrollscans waren ja auch soweit unauffällig.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 3 1 2 3

Themen zu Abnow versucht zu entfernen - Reste vorhanden?
abnow, angemeldet, anhang, beseitigt, brauch, draußen, dreck, entferne, entfernen, erfolg, frage, freundin, gemeldet, laptop, reinigung, reste, sauber, versuch, versucht, vorhanden, wirklich, zwecks


« Smart Defragmenter | Computer gesperrt nach Suisa-Meldung »


Ähnliche Themen: Abnow versucht zu entfernen - Reste vorhanden?


  1. QV06 Virus Reste entfernen
    Log-Analyse und Auswertung - 12.09.2013 (9)
  2. LyricsWoofer selbst entfernt, noch Reste vorhanden?
    Plagegeister aller Art und deren Bekämpfung - 21.07.2013 (3)
  3. search.conduit (Reste) entfernen
    Log-Analyse und Auswertung - 03.07.2013 (9)
  4. SpyHunter 4-Reste entfernen
    Log-Analyse und Auswertung - 26.05.2013 (44)
  5. GVU Trojaner entfernt - noch Reste vorhanden?
    Plagegeister aller Art und deren Bekämpfung - 20.01.2013 (21)
  6. System progressive protection - noch Reste vorhanden?
    Log-Analyse und Auswertung - 08.01.2013 (2)
  7. Trojaner gefunden, Reste wie entfernen?
    Log-Analyse und Auswertung - 11.04.2012 (6)
  8. BKA Trojaner 3.04 Systemwiederherstellung aktiviert noch Reste vom Trojaner vorhanden ?
    Log-Analyse und Auswertung - 09.04.2012 (22)
  9. Abnow entfernt. Reste vorhanden?
    Log-Analyse und Auswertung - 30.03.2012 (7)
  10. abnow entfernen
    Plagegeister aller Art und deren Bekämpfung - 22.03.2012 (3)
  11. ABnow Virus entfernen
    Plagegeister aller Art und deren Bekämpfung - 15.03.2012 (5)
  12. abnow trojaner entfernen?
    Plagegeister aller Art und deren Bekämpfung - 06.03.2012 (3)
  13. abnow entfernen
    Log-Analyse und Auswertung - 28.02.2012 (17)
  14. Abnow.com Trojaner entfernen?
    Log-Analyse und Auswertung - 27.02.2012 (3)
  15. Abnow.com entfernen
    Log-Analyse und Auswertung - 27.02.2012 (1)
  16. Antispyware Soft: alles versucht, Problem noch immer vorhanden
    Plagegeister aller Art und deren Bekämpfung - 15.07.2010 (1)
  17. Letzte Reste von ComboFix entfernen?
    Plagegeister aller Art und deren Bekämpfung - 17.11.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Abnow versucht zu entfernen - Reste vorhanden? - Mit dem ntsvc müsste ich noch klären Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, - Abnow versucht zu entfernen - Reste vorhanden?...
Archiv
Du betrachtest: Abnow versucht zu entfernen - Reste vorhanden? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55