| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefundenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.06.2012, 13:33
| #1 |
 |  Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Hallo, hab seid letzter Woche diese 2 Plagegeister auf meinem XP Rechner. Bin was den PC betrifft nicht so gut informiert,habe mir aber schon mal folgende Programme heruntergeladen und auch laufen gelassen: Defogger dabei kam das heraus defogger_disable by jpshortstuff (23.02.10.1) Log created at 11:56 on 29/05/2012 (Nicole) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- dann noch OTL mit diesen Ergebnissen OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.06.2012 14:23:35 - Run 2 OTL by OldTimer - Version 3.2.46.0 Folder = C:\Dokumente und Einstellungen\Nicole\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,25 Gb Total Physical Memory | 0,61 Gb Available Physical Memory | 48,84% Memory free 2,98 Gb Paging File | 2,24 Gb Available in Paging File | 75,26% Paging File free Paging file location(s): C:\pagefile.sys 1920 3840 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74,52 Gb Total Space | 1,67 Gb Free Space | 2,25% Space Free | Partition Type: NTFS Computer Name: KRANET | User Name: Nicole | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Nicole\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\WMPRWISE.EXE () PRC - C:\Programme\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - c:\Programme\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Digital Trends Club\Payback-Process-Connector.exe () PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Programme\Digital Trends Club\Payback-Reporting.exe () PRC - C:\Programme\Digital Trends Club\Payback-Updater.exe () PRC - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\tsnp325.exe () ========== Modules (No Company Name) ========== MOD - C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\ntuser.dat () MOD - C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\desktop.ini () MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\Programme\Digital Trends Club\Payback-Process-Connector.exe () MOD - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe () MOD - C:\Programme\Digital Trends Club\Payback-Reporting.exe () MOD - C:\Programme\Digital Trends Club\Payback-Updater.exe () MOD - C:\Programme\Digital Trends Club\updatercom.dll () MOD - C:\Programme\EMBIRD32\EMBIRDCP.DLL () MOD - C:\Programme\WinRar\RarExt.dll () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\tsnp325.exe () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (CGVPNCliSrvc) -- C:\Programme\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH) SRV - (Payback-Reporting-Service) -- C:\Programme\Digital Trends Club\Payback-Reporting.exe () SRV - (Payback-Update-Service) -- C:\Programme\Digital Trends Club\Payback-Updater.exe () SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (ACDaemon) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (uCamMonitor) -- C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (TlntSvr) -- C:\WINDOWS\system32\tlntsvr.exe (Microsoft Corporation) SRV - (NetDDEdsdm) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation) SRV - (NetDDE) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation) SRV - (ClipSrv) -- C:\WINDOWS\system32\clipsrv.exe (Microsoft Corporation) SRV - (RemoteRegistry) -- C:\WINDOWS\system32\regsvc.dll (Microsoft Corporation) SRV - (Messenger) -- C:\WINDOWS\system32\msgsvc.dll (Microsoft Corporation) SRV - (RemoteAccess) -- C:\WINDOWS\system32\mprdim.dll (Microsoft Corporation) SRV - (Alerter) -- C:\WINDOWS\system32\alrsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssudobex) SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudobex.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH) DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (htcnprot) -- C:\WINDOWS\system32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project) DRV - (HTCAND32) -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV - (fdrawcmd) -- C:\WINDOWS\system32\drivers\fdrawcmd.sys (simonowen.com) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.) DRV - (ArcSoftKsUFilter) -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV - (Pcmcia) -- C:\WINDOWS\System32\drivers\pcmcia.sys (Microsoft Corporation) DRV - (dmboot) -- C:\WINDOWS\system32\drivers\dmboot.sys (Microsoft Corp., Veritas Software) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (Udfs) -- C:\WINDOWS\System32\drivers\udfs.sys (Microsoft Corporation) DRV - (SNP325) USB PC Camera (SNPSTD325) -- C:\WINDOWS\system32\drivers\snp325.sys (Sonix Co. Ltd.) DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.) DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation) DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation) DRV - (busbcrw) -- C:\WINDOWS\system32\drivers\busbcrw.sys (Brother Industries, Ltd.) DRV - (cbidf2k) -- C:\WINDOWS\System32\drivers\cbidf2k.sys (Microsoft Corporation) DRV - (ACPIEC) -- C:\WINDOWS\System32\drivers\acpiec.sys (Microsoft Corporation) DRV - (WS2IFSL) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys (Microsoft Corporation) DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Roxio) DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Roxio) DRV - (sisagp) -- C:\WINDOWS\system32\drivers\SISAGPX.SYS (Silicon Integrated Systems Corporation) DRV - (mgau) -- C:\WINDOWS\system32\drivers\mgaum.sys (Matrox Graphics Inc.) DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie8_startpage IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/ IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {6678C3F5-77F0-4283-828D-B664B3643EEA} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{1C49115E-B88F-4C74-BFE5-D9C593008173}: "URL" = hxxp://go.web.de/br/ie8_search_amazon/?keywords={searchTerms} IE - HKCU\..\SearchScopes\{6678C3F5-77F0-4283-828D-B664B3643EEA}: "URL" = hxxp://go.web.de/br/ie8_search_web/?su={searchTerms} IE - HKCU\..\SearchScopes\{D1ADC4B8-AB0B-432E-9EE9-865FA2746E55}: "URL" = hxxp://go.web.de/br/ie8_search_ebay/?q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://dtcproxy.gacela.eu/impact-de/autoproxyconfig.php?id=15433&type=IE&version=12.1.1113 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1 FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Programme\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Programme\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gacela2@nurago.com: C:\Programme\Digital Trends Club\ [2012.06.04 14:13:13 | 000,000,000 | ---D | M] [2010.10.28 14:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Mozilla\Extensions [2010.10.28 14:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2012.03.21 19:18:16 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.07.04 19:36:28 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAMME\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM O1 HOSTS File: ([2003.04.02 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (WEB.DE Konfiguration) - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Digital Trends Club) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Programme\Digital Trends Club\Gacela2.dll (Payback) O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [TrojanScanner] C:\Programme\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe () O4 - HKCU..\Run: [RoboForm] C:\Programme\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O8 - Extra context menu item: RF - Formular ausfüllen - C:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: RF - Formular speichern - C:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8 - Extra context menu item: RF - Menü anpassen - C:\Programme\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : Über Digital Trends Club - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Programme\Digital Trends Club\Gacela2.dll (Payback) O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{554CC898-B3A9-4923-877A-F0E3F325300E}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.10.26 16:36:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{5066a7a3-906f-11e1-af47-0010dcda616c}\Shell - "" = AutoRun O33 - MountPoints2\{5066a7a3-906f-11e1-af47-0010dcda616c}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{5066a7a3-906f-11e1-af47-0010dcda616c}\Shell\AutoRun\command - "" = F:\HTC_Sync_Manager_PC.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.06.04 13:46:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2012.05.29 12:19:07 | 002,127,448 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Nicole\Desktop\tdsskiller.exe [2012.05.29 12:18:59 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\Nicole\Desktop\aswMBR.exe [2012.05.29 11:51:21 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Nicole\Desktop\OTL.exe [2012.05.29 11:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2012.05.29 11:35:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Simply Super Software [2012.05.29 11:35:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Trojan Remover [2012.05.29 11:35:11 | 000,598,528 | ---- | C] (Igor Pavlov) -- C:\WINDOWS\System32\ztv7z.dll [2012.05.29 11:35:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll [2012.05.29 11:35:08 | 000,000,000 | ---D | C] -- C:\Programme\Trojan Remover [2012.05.29 11:35:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Simply Super Software [2012.05.29 11:35:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software [2012.05.25 16:39:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN [2012.05.25 16:38:07 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN [2012.05.25 16:37:19 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2012.05.25 16:36:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Oracle [2012.05.25 16:36:12 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012.05.25 16:36:12 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.05.25 16:36:01 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.05.25 16:36:01 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.05.24 18:47:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe [2012.05.15 07:22:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\Help [2012.05.15 07:22:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Help [2012.05.11 09:58:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Calibre Bibliothek [2012.05.11 09:58:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\calibre [2012.05.11 09:56:57 | 000,000,000 | ---D | C] -- C:\Programme\Calibre2 [2012.05.11 09:56:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\calibre - E-book Management [2012.05.10 20:51:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\My Digital Editions [2012.05.10 16:13:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.04 14:21:51 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Nicole\Desktop\OTL.exe [2012.06.04 14:12:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.06.04 14:10:01 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.06.04 13:42:40 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.06.04 13:42:01 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.06.04 13:41:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.05.29 15:54:35 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Nicole\Desktop\MBR.dat [2012.05.29 12:19:07 | 002,127,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Nicole\Desktop\tdsskiller.exe [2012.05.29 12:18:59 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\Nicole\Desktop\aswMBR.exe [2012.05.29 11:56:15 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Nicole\defogger_reenable [2012.05.29 11:50:51 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Nicole\Desktop\Defogger.exe [2012.05.25 16:35:44 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.05.25 16:35:44 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.05.25 16:35:44 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.05.25 16:35:44 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012.05.24 18:23:07 | 000,002,523 | ---- | M] () -- C:\Dokumente und Einstellungen\Nicole\Desktop\Microsoft Excel.lnk [2012.05.22 19:16:21 | 000,000,174 | ---- | M] () -- C:\password.klc [2012.05.22 19:16:12 | 000,000,174 | ---- | M] () -- C:\WINDOWS\password.klc [2012.05.18 15:10:07 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.05.14 14:51:34 | 000,002,495 | ---- | M] () -- C:\Dokumente und Einstellungen\Nicole\Desktop\Microsoft Word.lnk [2012.05.11 10:16:37 | 000,000,699 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\calibre - E-book management.lnk [2012.05.11 09:59:09 | 000,001,783 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Digital Editions.lnk [2012.05.11 09:39:05 | 000,130,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.05.10 21:00:18 | 000,448,952 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.05.10 21:00:18 | 000,432,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.05.10 21:00:18 | 000,080,392 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.05.10 21:00:18 | 000,067,794 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.05.10 20:55:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.05.08 14:39:34 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.05.08 14:39:34 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2012.05.07 17:01:21 | 000,001,709 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.05.29 15:54:35 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\Desktop\MBR.dat [2012.05.29 11:56:15 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\defogger_reenable [2012.05.29 11:50:49 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\Desktop\Defogger.exe [2012.05.29 11:35:11 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar39.dll [2012.05.29 11:35:11 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2012.05.29 11:35:11 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2012.05.29 11:35:11 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2012.05.29 11:35:11 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2012.05.22 19:16:21 | 000,000,174 | ---- | C] () -- C:\password.klc [2012.05.15 19:34:57 | 000,078,360 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2012.05.11 09:59:09 | 000,001,783 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Digital Editions.lnk [2012.05.11 09:57:44 | 000,000,699 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\calibre - E-book management.lnk [2012.03.28 22:11:08 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2012.03.28 22:11:06 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2012.03.28 22:11:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012.03.28 22:11:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012.03.28 22:11:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2012.02.15 15:03:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.11.25 15:40:20 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011.08.31 14:07:12 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpx32.dll [2011.08.31 13:24:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe [2011.08.31 13:24:12 | 000,835,584 | ---- | C] () -- C:\WINDOWS\vsnp325.exe [2011.08.31 13:24:12 | 000,270,336 | ---- | C] () -- C:\WINDOWS\tsnp325.exe [2011.08.31 13:24:12 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snp325.ini [2011.08.31 13:24:04 | 000,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp325.dll [2011.08.31 13:24:04 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnp325.dll [2011.08.31 13:24:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp325.dll [2011.07.18 14:14:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WOC_CDDA.ini [2010.11.19 18:12:36 | 000,017,655 | ---- | C] () -- C:\WINDOWS\cddabase.ini [2010.11.12 15:00:36 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\downloads.m3u [2010.11.12 14:26:42 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.11.12 09:22:06 | 000,009,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.30 15:04:49 | 000,000,120 | ---- | C] () -- C:\WINDOWS\WINRESAZ.INI [2010.10.29 12:17:43 | 000,251,407 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\default.rss [2010.10.29 12:01:53 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010.10.28 14:06:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2010.10.28 14:05:37 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010.10.27 15:48:09 | 000,092,240 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2010.10.27 15:48:09 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2010.10.27 15:48:09 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2010.10.27 15:48:09 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2010.10.27 15:48:09 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2010.10.27 15:48:09 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2010.10.27 15:48:09 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2010.10.27 15:48:09 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2010.10.27 15:48:09 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2010.10.27 15:48:09 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2010.10.27 15:48:09 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2010.10.27 15:48:09 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2010.10.27 15:48:09 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2010.10.27 15:48:09 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2010.10.27 15:48:09 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2010.10.27 15:48:09 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2010.10.27 15:48:09 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2010.10.27 15:45:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX3800EFGIPSD.ini [2010.10.27 09:16:09 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2010.10.27 05:48:07 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010.10.26 16:38:55 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010.10.26 16:38:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010.10.26 16:37:49 | 000,130,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.10.26 16:33:01 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat < End of report > Extras:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.06.2012 14:23:35 - Run 2
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Dokumente und Einstellungen\Nicole\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,25 Gb Total Physical Memory | 0,61 Gb Available Physical Memory | 48,84% Memory free
2,98 Gb Paging File | 2,24 Gb Available in Paging File | 75,26% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 1,67 Gb Free Space | 2,25% Space Free | Partition Type: NTFS
Computer Name: KRANET | User Name: Nicole | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime
"{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help
"{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C00C7C5-E615-4139-B817-7F4003DE68C0}" = Nero PhotoSnap Help
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{362C8212-C6CA-4BBC-A9BA-A0C134C4F02E}" = PED-Basic
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A423411-E28A-4A13-BDB0-8E8BC42FFA29}" = HTC Sync
"{4AEFE4FD-8EF1-4D61-B3CF-52016EAE6692}" = Hama Webcam Suite
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Office-Bibliothek
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5D5509EA-B85A-411E-AB75-59069A411876}" = COMPUTERBILD App-Center
"{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help
"{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print
"{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
"{5F0545E7-3F0F-4730-AF70-26E61DBDF263}" = Digital Trends Club
"{62326989-2861-4911-A39E-26373BD3FF66}" = Duden Korrektor PLUS
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76EA55BD-535F-4AB4-AD80-A8CA331F4E6F}" = Windows Messenger 5.1
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77E33D87-255E-413E-9C8D-EED2A7F9BEBF}" = Nero Live Help
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7D62ABA3-35EC-623E-2C5F-1B3332CB705B}" = Media Go Video Playback Engine 1.64.108.02280
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8AEBFD30-B94F-4A49-8106-03039708BDD4}" = Duden Korrektor Patch 012009
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{98A67610-A3B5-4098-A423-3708040026D3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9a50833e-a578-4405-b0e7-90b465352768}" = Nero 9
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9FDEF7FC-0D03-4CAE-9DC3-1F436A93BDA4}" = Pulse Ambassador
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5425D07-D972-47DA-8133-4D33876D44A4}" = calibre
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAF8EEF3-2ED7-4FE0-BCF4-77F36D17F722}" = SewIconz
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}" = Nero Recode Help
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86
"{CC550492-0747-48E4-A37C-5A2A0C815489}" = Roxio WinOnCD 6 DVD Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DC226AC9-0314-496C-BE6A-B6A132628466}" = SiSAGP driver
"{DF6A95F5-ADC1-406A-BDC6-2AA7CC0182AA}" = Nero Live
"{E0E4D444-6898-42D0-9A9C-F2B3790B2820}" = GOLDPATT V1.30
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.14
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = hama PC-Webcam RW-100
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"1&1 Mail & Media GmbH 1und1InternetExplorerAddon" = WEB.DE Internet Explorer Addon
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer
"7-Zip" = 7-Zip 9.15 beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AI RoboForm" = RoboForm 7-7-7 (All Users)
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira Free Antivirus
"CyberGhost VPN_is1" = CyberGhost VPN
"Digital Editions" = Adobe Digital Editions
"Embird 2010" = Embird 2010
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"ESDX3800 Benutzerhandbuch" = ESDX3800 Benutzerhandbuch
"fdrawcmd" = Fdrawcmd.sys 1.0.1.10
"fotokasten comfort_is1" = fotokasten comfort 4.2
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"JDownloader" = JDownloader
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"PoiEdit" = PoiEdit
"PrintKey2000" = PrintKey2000
"Pulse Ambassador" = Pulse Ambassador
"TomTom HOME" = TomTom HOME 2.8.2.2264
"Trojan Remover_is1" = Trojan Remover 6.8.3
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 2.0.1
"WBFS Manager 3.0" = WBFS Manager 3.0
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 08.05.2012 08:41:23 | Computer Name = KRANET | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 11.05.2012 10:29:31 | Computer Name = KRANET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul mshtml.dll, Version 8.0.6001.19222, Fehleradresse 0x0025351d.
Error - 11.05.2012 10:33:12 | Computer Name = KRANET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x0004487f.
Error - 25.05.2012 11:32:14 | Computer Name = KRANET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul mshtml.dll, Version 8.0.6001.19222, Fehleradresse 0x0025351d.
Error - 29.05.2012 05:34:35 | Computer Name = KRANET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul mshtml.dll, Version 8.0.6001.19222, Fehleradresse 0x001bc659.
Error - 29.05.2012 06:14:38 | Computer Name = KRANET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung notepad.exe, Version 5.1.2600.5512, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x456713e8.
Error - 29.05.2012 06:15:03 | Computer Name = KRANET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung notepad.exe, Version 5.1.2600.5512, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x456713e8.
Error - 04.06.2012 07:42:39 | Computer Name = KRANET | Source = WinMgmt | ID = 28
Description = WinMgmt konnte die Kernteile nicht initialisieren. Mögliche Ursache
hierfür könnte eine beschädigte WinMgmt-Version, ein WinMgmt-Repositoryaktualisierungsfehler
oder nicht genügend Speicherplatz oder Arbeitsspeicher sein.
Error - 04.06.2012 08:15:20 | Computer Name = KRANET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung otl.exe, Version 3.2.44.0, fehlgeschlagenes
Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x00012afb.
Error - 04.06.2012 08:15:33 | Computer Name = KRANET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung otl.exe, Version 3.2.44.0, fehlgeschlagenes
Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x00012afb.
[ System Events ]
Error - 14.05.2012 07:39:14 | Computer Name = KRANET | Source = System Error | ID = 1003
Description = Fehlercode 100000d1, 1. Parameter b8a0a3b0, 2. Parameter 00000002,
3. Parameter 00000000, 4. Parameter b8a0a3b0.
Error - 14.05.2012 09:44:23 | Computer Name = KRANET | Source = NetBT | ID = 4321
Description = Der Name "KRANET :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.129.57.122 registriert werden. Der Computer mit IP-Adresse 10.129.57.122
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 14.05.2012 23:20:09 | Computer Name = KRANET | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
(0x80072751)
Error - 14.05.2012 23:20:09 | Computer Name = KRANET | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 22.05.2012 13:54:35 | Computer Name = KRANET | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 10.129.133.54 für die Netzwerkkarte mit der Netzwerkadresse
00FFE03BC93F wurde durch den DHCP-Server 10.129.133.53 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 23.05.2012 10:43:22 | Computer Name = KRANET | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
(0x80072751)
Error - 23.05.2012 10:43:22 | Computer Name = KRANET | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 25.05.2012 09:58:43 | Computer Name = KRANET | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 29.05.2012 05:16:15 | Computer Name = KRANET | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 29.05.2012 06:34:49 | Computer Name = KRANET | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
[ TuneUp Events ]
Error - 02.02.2012 09:29:58 | Computer Name = KRANET | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
< End of report >
Dann hab ich noch: aswMBR aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-05-29 12:35:14 ----------------------------- 12:35:14.484 OS Version: Windows 5.1.2600 Service Pack 3 12:35:14.484 Number of processors: 1 586 0x207 12:35:14.484 ComputerName: KRANET UserName: Nicole 12:35:15.312 Initialize success 13:45:41.187 AVAST engine defs: 12052800 13:51:00.484 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 13:51:00.500 Disk 0 Vendor: ST380022A 3.30 Size: 76319MB BusType: 3 13:51:00.531 Disk 0 MBR read successfully 13:51:00.531 Disk 0 MBR scan 13:51:00.765 Disk 0 Windows XP default MBR code 13:51:00.796 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63 13:51:00.921 Disk 0 scanning sectors +156280320 13:51:01.218 Disk 0 scanning C:\WINDOWS\system32\drivers 13:51:27.359 Service scanning 13:52:15.062 Modules scanning 13:52:30.828 Disk 0 trace - called modules: 13:52:30.828 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 13:52:30.828 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8971cab8] 13:52:30.859 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\00000060[0x896e8e98] 13:52:30.875 5 ACPI.sys[f75ad620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8971fd98] 13:52:31.390 AVAST engine scan C:\WINDOWS 13:52:38.609 AVAST engine scan C:\WINDOWS\system32 13:58:54.296 AVAST engine scan C:\WINDOWS\system32\drivers 13:59:24.453 AVAST engine scan C:\Dokumente und Einstellungen\Nicole 14:23:51.296 File: C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\U\00000001.@ **INFECTED** Win32:Malware-gen 14:57:04.546 AVAST engine scan C:\Dokumente und Einstellungen\All Users 15:07:41.812 Scan finished successfully 15:54:35.171 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Nicole\Desktop\MBR.dat" 15:54:35.171 The log file has been saved successfully to "C:\Dokumente und Einstellungen\Nicole\Desktop\aswMBR.txt" und noch tdsskiller: 15:55:08.0312 2912 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31 15:55:08.0828 2912 ============================================================ 15:55:08.0828 2912 Current date / time: 2012/05/29 15:55:08.0828 15:55:08.0828 2912 SystemInfo: 15:55:08.0828 2912 15:55:08.0828 2912 OS Version: 5.1.2600 ServicePack: 3.0 15:55:08.0828 2912 Product type: Workstation 15:55:08.0828 2912 ComputerName: KRANET 15:55:08.0843 2912 UserName: Nicole 15:55:08.0843 2912 Windows directory: C:\WINDOWS 15:55:08.0843 2912 System windows directory: C:\WINDOWS 15:55:08.0843 2912 Processor architecture: Intel x86 15:55:08.0843 2912 Number of processors: 1 15:55:08.0843 2912 Page size: 0x1000 15:55:08.0843 2912 Boot type: Normal boot 15:55:08.0843 2912 ============================================================ 15:55:10.0906 2912 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 15:55:10.0921 2912 ============================================================ 15:55:10.0921 2912 \Device\Harddisk0\DR0: 15:55:10.0953 2912 MBR partitions: 15:55:10.0953 2912 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1 15:55:10.0953 2912 ============================================================ 15:55:10.0968 2912 C: <-> \Device\Harddisk0\DR0\Partition0 15:55:10.0984 2912 ============================================================ 15:55:10.0984 2912 Initialize success 15:55:10.0984 2912 ============================================================ 15:55:17.0843 3880 ============================================================ 15:55:17.0843 3880 Scan started 15:55:17.0843 3880 Mode: Manual; 15:55:17.0843 3880 ============================================================ 15:55:18.0500 3880 Abiosdsk - ok 15:55:18.0531 3880 abp480n5 - ok 15:55:18.0687 3880 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe 15:55:18.0687 3880 ACDaemon - ok 15:55:18.0765 3880 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:55:18.0765 3880 ACPI - ok 15:55:18.0828 3880 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 15:55:18.0828 3880 ACPIEC - ok 15:55:18.0953 3880 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 15:55:18.0953 3880 AdobeFlashPlayerUpdateSvc - ok 15:55:18.0984 3880 adpu160m - ok 15:55:19.0031 3880 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 15:55:19.0031 3880 aec - ok 15:55:19.0093 3880 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys 15:55:19.0093 3880 Afc - ok 15:55:19.0187 3880 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 15:55:19.0203 3880 AFD - ok 15:55:19.0234 3880 Aha154x - ok 15:55:19.0265 3880 aic78u2 - ok 15:55:19.0296 3880 aic78xx - ok 15:55:19.0609 3880 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 15:55:19.0765 3880 ALCXWDM - ok 15:55:19.0890 3880 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll 15:55:19.0890 3880 Alerter - ok 15:55:19.0968 3880 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe 15:55:19.0968 3880 ALG - ok 15:55:20.0000 3880 AliIde - ok 15:55:20.0031 3880 amsint - ok 15:55:20.0171 3880 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe 15:55:20.0171 3880 AntiVirSchedulerService - ok 15:55:20.0234 3880 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe 15:55:20.0234 3880 AntiVirService - ok 15:55:20.0312 3880 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll 15:55:20.0312 3880 AppMgmt - ok 15:55:20.0375 3880 ArcSoftKsUFilter (35a6a419d7526f5cf824afb23afa08d6) C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys 15:55:20.0375 3880 ArcSoftKsUFilter - ok 15:55:20.0437 3880 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 15:55:20.0437 3880 Arp1394 - ok 15:55:20.0484 3880 asc - ok 15:55:20.0515 3880 asc3350p - ok 15:55:20.0546 3880 asc3550 - ok 15:55:20.0671 3880 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 15:55:20.0671 3880 aspnet_state - ok 15:55:20.0718 3880 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:55:20.0734 3880 AsyncMac - ok 15:55:20.0781 3880 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 15:55:20.0781 3880 atapi - ok 15:55:20.0796 3880 Atdisk - ok 15:55:20.0843 3880 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:55:20.0859 3880 Atmarpc - ok 15:55:20.0921 3880 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll 15:55:20.0921 3880 AudioSrv - ok 15:55:21.0000 3880 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 15:55:21.0000 3880 audstub - ok 15:55:21.0062 3880 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 15:55:21.0062 3880 avgntflt - ok 15:55:21.0140 3880 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys 15:55:21.0140 3880 avipbb - ok 15:55:21.0218 3880 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys 15:55:21.0218 3880 avkmgr - ok 15:55:21.0296 3880 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 15:55:21.0296 3880 Beep - ok 15:55:21.0390 3880 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll 15:55:21.0406 3880 BITS - ok 15:55:21.0500 3880 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll 15:55:21.0500 3880 Browser - ok 15:55:21.0562 3880 busbcrw (32f39b678b5cd3bdaa2cff481bcea695) C:\WINDOWS\system32\Drivers\busbcrw.sys 15:55:21.0562 3880 busbcrw - ok 15:55:21.0656 3880 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 15:55:21.0656 3880 cbidf2k - ok 15:55:21.0703 3880 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 15:55:21.0718 3880 CCDECODE - ok 15:55:21.0765 3880 cd20xrnt - ok 15:55:21.0828 3880 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 15:55:21.0828 3880 Cdaudio - ok 15:55:21.0890 3880 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 15:55:21.0890 3880 Cdfs - ok 15:55:21.0984 3880 Cdr4_xp (a328422b01ed00546d94e54ac542b1ab) C:\WINDOWS\system32\drivers\Cdr4_xp.sys 15:55:22.0000 3880 Cdr4_xp - ok 15:55:22.0046 3880 Cdralw2k (c475cff774b6a9531ab537dbdc2aa5d3) C:\WINDOWS\system32\drivers\Cdralw2k.sys 15:55:22.0046 3880 Cdralw2k - ok 15:55:22.0093 3880 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:55:22.0093 3880 Cdrom - ok 15:55:22.0375 3880 CGVPNCliSrvc (3d23b88a78a22dd32895fc8e2acda244) C:\Programme\CyberGhost VPN\CGVPNCliService.exe 15:55:22.0453 3880 CGVPNCliSrvc - ok 15:55:22.0562 3880 Changer - ok 15:55:22.0625 3880 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe 15:55:22.0625 3880 CiSvc - ok 15:55:22.0671 3880 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe 15:55:22.0671 3880 ClipSrv - ok 15:55:22.0796 3880 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:55:22.0796 3880 clr_optimization_v2.0.50727_32 - ok 15:55:22.0828 3880 CmdIde - ok 15:55:22.0859 3880 COMSysApp - ok 15:55:22.0921 3880 Cpqarray - ok 15:55:23.0000 3880 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll 15:55:23.0000 3880 CryptSvc - ok 15:55:23.0015 3880 dac2w2k - ok 15:55:23.0031 3880 dac960nt - ok 15:55:23.0125 3880 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll 15:55:23.0140 3880 DcomLaunch - ok 15:55:23.0203 3880 dg_ssudbus (73fc5bc52572084ec1241514cf6230a0) C:\WINDOWS\system32\DRIVERS\ssudbus.sys 15:55:23.0218 3880 dg_ssudbus - ok 15:55:23.0296 3880 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll 15:55:23.0296 3880 Dhcp - ok 15:55:23.0359 3880 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 15:55:23.0359 3880 Disk - ok 15:55:23.0406 3880 dmadmin - ok 15:55:23.0500 3880 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 15:55:23.0546 3880 dmboot - ok 15:55:23.0593 3880 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 15:55:23.0593 3880 dmio - ok 15:55:23.0656 3880 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 15:55:23.0656 3880 dmload - ok 15:55:23.0734 3880 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll 15:55:23.0734 3880 dmserver - ok 15:55:23.0765 3880 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 15:55:23.0781 3880 DMusic - ok 15:55:23.0843 3880 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll 15:55:23.0859 3880 Dnscache - ok 15:55:23.0921 3880 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll 15:55:23.0921 3880 Dot3svc - ok 15:55:23.0953 3880 dpti2o - ok 15:55:24.0015 3880 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 15:55:24.0015 3880 drmkaud - ok 15:55:24.0078 3880 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll 15:55:24.0078 3880 EapHost - ok 15:55:24.0140 3880 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll 15:55:24.0140 3880 ERSvc - ok 15:55:24.0218 3880 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe 15:55:24.0218 3880 Eventlog - ok 15:55:24.0312 3880 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll 15:55:24.0312 3880 EventSystem - ok 15:55:24.0375 3880 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 15:55:24.0375 3880 Fastfat - ok 15:55:24.0437 3880 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll 15:55:24.0437 3880 FastUserSwitchingCompatibility - ok 15:55:24.0468 3880 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 15:55:24.0484 3880 Fdc - ok 15:55:24.0546 3880 fdrawcmd (75c1e92f6ac3da41728731ea2e20fbce) C:\WINDOWS\system32\drivers\fdrawcmd.sys 15:55:24.0546 3880 fdrawcmd - ok 15:55:24.0625 3880 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 15:55:24.0625 3880 Fips - ok 15:55:24.0671 3880 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 15:55:24.0671 3880 Flpydisk - ok 15:55:24.0750 3880 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 15:55:24.0765 3880 FltMgr - ok 15:55:25.0000 3880 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 15:55:25.0031 3880 FontCache3.0.0.0 - ok 15:55:25.0093 3880 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:55:25.0093 3880 Fs_Rec - ok 15:55:25.0156 3880 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:55:25.0156 3880 Ftdisk - ok 15:55:25.0203 3880 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys 15:55:25.0203 3880 gameenum - ok 15:55:25.0281 3880 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys 15:55:25.0281 3880 ggflt - ok 15:55:25.0343 3880 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys 15:55:25.0343 3880 ggsemc - ok 15:55:25.0421 3880 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:55:25.0421 3880 Gpc - ok 15:55:25.0546 3880 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe 15:55:25.0546 3880 gupdate - ok 15:55:25.0562 3880 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe 15:55:25.0562 3880 gupdatem - ok 15:55:25.0625 3880 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe 15:55:25.0640 3880 gusvc - ok 15:55:25.0750 3880 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:55:25.0750 3880 helpsvc - ok 15:55:25.0781 3880 HidServ - ok 15:55:25.0843 3880 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll 15:55:25.0859 3880 hkmsvc - ok 15:55:25.0906 3880 hpn - ok 15:55:25.0953 3880 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys 15:55:25.0953 3880 HTCAND32 - ok 15:55:26.0015 3880 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys 15:55:26.0015 3880 htcnprot - ok 15:55:26.0109 3880 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 15:55:26.0125 3880 HTTP - ok 15:55:26.0203 3880 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll 15:55:26.0203 3880 HTTPFilter - ok 15:55:26.0250 3880 i2omgmt - ok 15:55:26.0281 3880 i2omp - ok 15:55:26.0343 3880 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:55:26.0343 3880 i8042prt - ok 15:55:26.0468 3880 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:55:26.0531 3880 idsvc - ok 15:55:26.0578 3880 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 15:55:26.0578 3880 Imapi - ok 15:55:26.0640 3880 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\System32\imapi.exe 15:55:26.0640 3880 ImapiService - ok 15:55:26.0703 3880 ini910u - ok 15:55:26.0750 3880 IntelIde - ok 15:55:26.0828 3880 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 15:55:26.0828 3880 intelppm - ok 15:55:26.0859 3880 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 15:55:26.0859 3880 ip6fw - ok 15:55:26.0937 3880 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:55:26.0937 3880 IpFilterDriver - ok 15:55:26.0968 3880 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:55:26.0968 3880 IpInIp - ok 15:55:27.0031 3880 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:55:27.0046 3880 IpNat - ok 15:55:27.0093 3880 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:55:27.0093 3880 IPSec - ok 15:55:27.0140 3880 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 15:55:27.0140 3880 IRENUM - ok 15:55:27.0203 3880 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:55:27.0218 3880 isapnp - ok 15:55:27.0390 3880 JavaQuickStarterService (1fdb89b860eb7ba96a45e749a784227e) C:\Programme\Java\jre7\bin\jqs.exe 15:55:27.0390 3880 JavaQuickStarterService - ok 15:55:27.0437 3880 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:55:27.0453 3880 Kbdclass - ok 15:55:27.0500 3880 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 15:55:27.0500 3880 kmixer - ok 15:55:27.0562 3880 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 15:55:27.0562 3880 KSecDD - ok 15:55:27.0625 3880 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll 15:55:27.0625 3880 lanmanserver - ok 15:55:27.0703 3880 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll 15:55:27.0703 3880 lanmanworkstation - ok 15:55:27.0750 3880 lbrtfdc - ok 15:55:27.0843 3880 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll 15:55:27.0843 3880 LmHosts - ok 15:55:27.0906 3880 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll 15:55:27.0906 3880 Messenger - ok 15:55:27.0968 3880 mgau (42978087fe8079bb06136be57fe99f65) C:\WINDOWS\system32\DRIVERS\mgaum.sys 15:55:28.0000 3880 mgau - ok 15:55:28.0062 3880 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 15:55:28.0062 3880 mnmdd - ok 15:55:28.0125 3880 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe 15:55:28.0125 3880 mnmsrvc - ok 15:55:28.0171 3880 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 15:55:28.0171 3880 Modem - ok 15:55:28.0218 3880 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:55:28.0234 3880 Mouclass - ok 15:55:28.0265 3880 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 15:55:28.0265 3880 MountMgr - ok 15:55:28.0281 3880 mraid35x - ok 15:55:28.0343 3880 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:55:28.0343 3880 MRxDAV - ok 15:55:28.0453 3880 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:55:28.0484 3880 MRxSmb - ok 15:55:28.0546 3880 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\System32\msdtc.exe 15:55:28.0546 3880 MSDTC - ok 15:55:28.0609 3880 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 15:55:28.0609 3880 Msfs - ok 15:55:28.0640 3880 MSIServer - ok 15:55:28.0687 3880 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:55:28.0687 3880 MSKSSRV - ok 15:55:28.0703 3880 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:55:28.0703 3880 MSPCLOCK - ok 15:55:28.0750 3880 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 15:55:28.0750 3880 MSPQM - ok 15:55:28.0796 3880 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:55:28.0812 3880 mssmbios - ok 15:55:28.0890 3880 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 15:55:28.0890 3880 MSTEE - ok 15:55:28.0953 3880 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys 15:55:28.0953 3880 ms_mpu401 - ok 15:55:29.0015 3880 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 15:55:29.0015 3880 Mup - ok 15:55:29.0062 3880 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 15:55:29.0062 3880 NABTSFEC - ok 15:55:29.0156 3880 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll 15:55:29.0171 3880 napagent - ok 15:55:29.0250 3880 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 15:55:29.0250 3880 NDIS - ok 15:55:29.0296 3880 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 15:55:29.0296 3880 NdisIP - ok 15:55:29.0359 3880 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:55:29.0359 3880 NdisTapi - ok 15:55:29.0390 3880 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:55:29.0406 3880 Ndisuio - ok 15:55:29.0437 3880 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:55:29.0437 3880 NdisWan - ok 15:55:29.0515 3880 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 15:55:29.0515 3880 NDProxy - ok 15:55:29.0765 3880 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe 15:55:29.0812 3880 Nero BackItUp Scheduler 4.0 - ok 15:55:29.0890 3880 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 15:55:29.0890 3880 NetBIOS - ok 15:55:29.0937 3880 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 15:55:29.0937 3880 NetBT - ok 15:55:30.0015 3880 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe 15:55:30.0015 3880 NetDDE - ok 15:55:30.0046 3880 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe 15:55:30.0046 3880 NetDDEdsdm - ok 15:55:30.0109 3880 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe 15:55:30.0109 3880 Netlogon - ok 15:55:30.0203 3880 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll 15:55:30.0203 3880 Netman - ok 15:55:30.0343 3880 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:55:30.0437 3880 NetTcpPortSharing - ok 15:55:30.0484 3880 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 15:55:30.0484 3880 NIC1394 - ok 15:55:30.0546 3880 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll 15:55:30.0562 3880 Nla - ok 15:55:30.0640 3880 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 15:55:30.0640 3880 Npfs - ok 15:55:30.0703 3880 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 15:55:30.0734 3880 Ntfs - ok 15:55:30.0765 3880 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe 15:55:30.0796 3880 NtLmSsp - ok 15:55:30.0890 3880 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll 15:55:30.0906 3880 NtmsSvc - ok 15:55:30.0984 3880 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 15:55:30.0984 3880 Null - ok 15:55:31.0015 3880 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:55:31.0015 3880 NwlnkFlt - ok 15:55:31.0078 3880 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:55:31.0078 3880 NwlnkFwd - ok 15:55:31.0125 3880 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 15:55:31.0125 3880 ohci1394 - ok 15:55:31.0171 3880 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys 15:55:31.0171 3880 Parport - ok 15:55:31.0218 3880 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 15:55:31.0218 3880 PartMgr - ok 15:55:31.0265 3880 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 15:55:31.0265 3880 ParVdm - ok 15:55:31.0406 3880 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe 15:55:31.0421 3880 PassThru Service - ok 15:55:31.0515 3880 Payback-Reporting-Service (a41053d054d9904aeb149a927264a531) C:\Programme\Digital Trends Club\Payback-Reporting.exe 15:55:31.0515 3880 Payback-Reporting-Service - ok 15:55:31.0578 3880 Payback-Update-Service (8d6c9fc5c2e7b6bf6544ba2c72cae859) C:\Programme\Digital Trends Club\Payback-Updater.exe 15:55:31.0578 3880 Payback-Update-Service - ok 15:55:31.0640 3880 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 15:55:31.0640 3880 PCI - ok 15:55:31.0671 3880 PCIDump - ok 15:55:31.0750 3880 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys 15:55:31.0750 3880 PCIIde - ok 15:55:31.0812 3880 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys 15:55:31.0812 3880 Pcmcia - ok 15:55:31.0843 3880 PDCOMP - ok 15:55:31.0875 3880 PDFRAME - ok 15:55:31.0906 3880 PDRELI - ok 15:55:31.0937 3880 PDRFRAME - ok 15:55:31.0984 3880 perc2 - ok 15:55:32.0015 3880 perc2hib - ok 15:55:32.0156 3880 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe 15:55:32.0156 3880 PlugPlay - ok 15:55:32.0187 3880 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe 15:55:32.0203 3880 PolicyAgent - ok 15:55:32.0265 3880 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:55:32.0265 3880 PptpMiniport - ok 15:55:32.0359 3880 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys 15:55:32.0359 3880 Processor - ok 15:55:32.0390 3880 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe 15:55:32.0390 3880 ProtectedStorage - ok 15:55:32.0437 3880 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 15:55:32.0437 3880 PSched - ok 15:55:32.0500 3880 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:55:32.0500 3880 Ptilink - ok 15:55:32.0531 3880 ql1080 - ok 15:55:32.0578 3880 Ql10wnt - ok 15:55:32.0609 3880 ql12160 - ok 15:55:32.0640 3880 ql1240 - ok 15:55:32.0671 3880 ql1280 - ok 15:55:32.0718 3880 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:55:32.0718 3880 RasAcd - ok 15:55:32.0781 3880 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll 15:55:32.0781 3880 RasAuto - ok 15:55:32.0843 3880 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:55:32.0843 3880 Rasl2tp - ok 15:55:32.0921 3880 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll 15:55:32.0937 3880 RasMan - ok 15:55:32.0968 3880 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:55:32.0968 3880 RasPppoe - ok 15:55:33.0000 3880 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 15:55:33.0000 3880 Raspti - ok 15:55:33.0062 3880 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:55:33.0062 3880 Rdbss - ok 15:55:33.0109 3880 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:55:33.0109 3880 RDPCDD - ok 15:55:33.0171 3880 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 15:55:33.0187 3880 rdpdr - ok 15:55:33.0250 3880 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 15:55:33.0265 3880 RDPWD - ok 15:55:33.0343 3880 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe 15:55:33.0359 3880 RDSessMgr - ok 15:55:33.0421 3880 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 15:55:33.0421 3880 redbook - ok 15:55:33.0484 3880 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll 15:55:33.0484 3880 RemoteAccess - ok 15:55:33.0546 3880 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll 15:55:33.0546 3880 RemoteRegistry - ok 15:55:33.0625 3880 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe 15:55:33.0625 3880 RpcLocator - ok 15:55:33.0687 3880 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll 15:55:33.0687 3880 RpcSs - ok 15:55:33.0750 3880 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe 15:55:33.0765 3880 RSVP - ok 15:55:33.0843 3880 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe 15:55:33.0843 3880 SamSs - ok 15:55:33.0906 3880 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe 15:55:33.0906 3880 SCardSvr - ok 15:55:33.0953 3880 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll 15:55:33.0968 3880 Schedule - ok 15:55:34.0046 3880 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:55:34.0046 3880 Secdrv - ok 15:55:34.0109 3880 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll 15:55:34.0125 3880 seclogon - ok 15:55:34.0187 3880 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll 15:55:34.0187 3880 SENS - ok 15:55:34.0234 3880 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 15:55:34.0234 3880 serenum - ok 15:55:34.0265 3880 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 15:55:34.0281 3880 Serial - ok 15:55:34.0390 3880 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 15:55:34.0390 3880 Sfloppy - ok 15:55:34.0468 3880 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll 15:55:34.0468 3880 ShellHWDetection - ok 15:55:34.0500 3880 Simbad - ok 15:55:34.0578 3880 sisagp (941f2dd2cf7f5558d52c62c5fa2cdc06) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys 15:55:34.0578 3880 sisagp - ok 15:55:34.0656 3880 SISNIC (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys 15:55:34.0656 3880 SISNIC - ok 15:55:34.0718 3880 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 15:55:34.0718 3880 SLIP - ok 15:55:35.0437 3880 SNP325 (a12be6b3f784bd66110efc649f31038b) C:\WINDOWS\system32\DRIVERS\snp325.sys 15:55:35.0890 3880 SNP325 - ok 15:55:36.0046 3880 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Programme\Sony\Sony PC Companion\PCCService.exe 15:55:36.0062 3880 Sony PC Companion - ok 15:55:36.0171 3880 Sparrow - ok 15:55:36.0250 3880 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 15:55:36.0250 3880 splitter - ok 15:55:36.0296 3880 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 15:55:36.0296 3880 Spooler - ok 15:55:36.0343 3880 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 15:55:36.0343 3880 sr - ok 15:55:36.0421 3880 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll 15:55:36.0421 3880 srservice - ok 15:55:36.0515 3880 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 15:55:36.0515 3880 Srv - ok 15:55:36.0578 3880 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll 15:55:36.0593 3880 SSDPSRV - ok 15:55:36.0656 3880 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 15:55:36.0656 3880 ssmdrv - ok 15:55:36.0734 3880 ssudmdm (e3d493bfb7cd108ec50b2f560c96367c) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 15:55:36.0734 3880 ssudmdm - ok 15:55:36.0812 3880 ssudobex (e2cb338eb98172120c5a44dea5e7a87f) C:\WINDOWS\system32\DRIVERS\ssudobex.sys 15:55:36.0828 3880 ssudobex - ok 15:55:36.0937 3880 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll 15:55:36.0953 3880 stisvc - ok 15:55:37.0046 3880 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 15:55:37.0046 3880 streamip - ok 15:55:37.0109 3880 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 15:55:37.0109 3880 swenum - ok 15:55:37.0156 3880 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 15:55:37.0156 3880 swmidi - ok 15:55:37.0203 3880 SwPrv - ok 15:55:37.0250 3880 symc810 - ok 15:55:37.0281 3880 symc8xx - ok 15:55:37.0312 3880 sym_hi - ok 15:55:37.0359 3880 sym_u3 - ok 15:55:37.0390 3880 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 15:55:37.0406 3880 sysaudio - ok 15:55:37.0453 3880 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe 15:55:37.0453 3880 SysmonLog - ok 15:55:37.0531 3880 tap0901 (1e89de7a4fb7a854ebb241d0aa8996dd) C:\WINDOWS\system32\DRIVERS\tap0901.sys 15:55:37.0531 3880 tap0901 - ok 15:55:37.0609 3880 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll 15:55:37.0625 3880 TapiSrv - ok 15:55:37.0703 3880 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:55:37.0718 3880 Tcpip - ok 15:55:37.0796 3880 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 15:55:37.0796 3880 TDPIPE - ok 15:55:37.0843 3880 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 15:55:37.0843 3880 TDTCP - ok 15:55:37.0875 3880 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 15:55:37.0890 3880 TermDD - ok 15:55:37.0968 3880 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll 15:55:38.0000 3880 TermService - ok 15:55:38.0078 3880 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll 15:55:38.0078 3880 Themes - ok 15:55:38.0156 3880 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe 15:55:38.0156 3880 TlntSvr - ok 15:55:38.0281 3880 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Programme\TomTom HOME 2\TomTomHOMEService.exe 15:55:38.0281 3880 TomTomHOMEService - ok 15:55:38.0312 3880 TosIde - ok 15:55:38.0390 3880 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll 15:55:38.0390 3880 TrkWks - ok 15:55:38.0593 3880 TuneUp.UtilitiesSvc (876a1fe7a7ca957e84c3af797f2e7fc5) C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe 15:55:38.0656 3880 TuneUp.UtilitiesSvc - ok 15:55:38.0718 3880 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys 15:55:38.0734 3880 TuneUpUtilitiesDrv - ok 15:55:38.0859 3880 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe 15:55:38.0875 3880 uCamMonitor - ok 15:55:39.0000 3880 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 15:55:39.0000 3880 Udfs - ok 15:55:39.0046 3880 ultra - ok 15:55:39.0140 3880 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 15:55:39.0156 3880 Update - ok 15:55:39.0234 3880 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll 15:55:39.0234 3880 upnphost - ok 15:55:39.0312 3880 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe 15:55:39.0312 3880 UPS - ok 15:55:39.0390 3880 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:55:39.0406 3880 usbccgp - ok 15:55:39.0468 3880 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:55:39.0468 3880 usbehci - ok 15:55:39.0531 3880 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:55:39.0546 3880 usbhub - ok 15:55:39.0593 3880 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 15:55:39.0593 3880 usbohci - ok 15:55:39.0656 3880 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 15:55:39.0671 3880 usbprint - ok 15:55:39.0734 3880 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 15:55:39.0734 3880 usbscan - ok 15:55:39.0781 3880 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:55:39.0781 3880 USBSTOR - ok 15:55:39.0859 3880 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 15:55:39.0859 3880 VgaSave - ok 15:55:39.0890 3880 ViaIde - ok 15:55:39.0937 3880 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 15:55:39.0953 3880 VolSnap - ok 15:55:40.0031 3880 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe 15:55:40.0046 3880 VSS - ok 15:55:40.0109 3880 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\System32\w32time.dll 15:55:40.0125 3880 W32Time - ok 15:55:40.0171 3880 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:55:40.0187 3880 Wanarp - ok 15:55:40.0281 3880 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys 15:55:40.0296 3880 Wdf01000 - ok 15:55:40.0328 3880 WDICA - ok 15:55:40.0390 3880 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 15:55:40.0390 3880 wdmaud - ok 15:55:40.0453 3880 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll 15:55:40.0468 3880 WebClient - ok 15:55:40.0578 3880 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll 15:55:40.0578 3880 winmgmt - ok 15:55:40.0656 3880 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys 15:55:40.0656 3880 WinUSB - ok 15:55:40.0687 3880 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 15:55:40.0687 3880 WmdmPmSN - ok 15:55:40.0750 3880 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll 15:55:40.0781 3880 Wmi - ok 15:55:40.0890 3880 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe 15:55:40.0906 3880 WmiApSrv - ok 15:55:41.0078 3880 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe 15:55:41.0125 3880 WMPNetworkSvc - ok 15:55:41.0187 3880 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 15:55:41.0187 3880 WS2IFSL - ok 15:55:41.0250 3880 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 15:55:41.0250 3880 WSTCODEC - ok 15:55:41.0281 3880 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll 15:55:41.0296 3880 wuauserv - ok 15:55:41.0390 3880 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll 15:55:41.0421 3880 WZCSVC - ok 15:55:41.0484 3880 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll 15:55:41.0484 3880 xmlprov - ok 15:55:41.0656 3880 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe 15:55:41.0687 3880 YahooAUService - ok 15:55:41.0796 3880 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0 15:55:42.0359 3880 \Device\Harddisk0\DR0 - ok 15:55:42.0421 3880 Boot (0x1200) (61189a690e36d9dfea564a75ccc38855) \Device\Harddisk0\DR0\Partition0 15:55:42.0421 3880 \Device\Harddisk0\DR0\Partition0 - ok 15:55:42.0437 3880 ============================================================ 15:55:42.0437 3880 Scan finished 15:55:42.0437 3880 ============================================================ 15:55:42.0484 0212 Detected object count: 0 15:55:42.0484 0212 Actual detected object count: 0 15:57:10.0421 3424 ============================================================ 15:57:10.0421 3424 Scan started 15:57:10.0421 3424 Mode: Manual; TDLFS; 15:57:10.0421 3424 ============================================================ 15:57:10.0984 3424 Abiosdsk - ok 15:57:11.0015 3424 abp480n5 - ok 15:57:11.0156 3424 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe 15:57:11.0156 3424 ACDaemon - ok 15:57:11.0250 3424 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:57:11.0250 3424 ACPI - ok 15:57:11.0312 3424 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 15:57:11.0312 3424 ACPIEC - ok 15:57:11.0437 3424 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 15:57:11.0437 3424 AdobeFlashPlayerUpdateSvc - ok 15:57:11.0468 3424 adpu160m - ok 15:57:11.0515 3424 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 15:57:11.0515 3424 aec - ok 15:57:11.0593 3424 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys 15:57:11.0593 3424 Afc - ok 15:57:11.0656 3424 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 15:57:11.0671 3424 AFD - ok 15:57:11.0703 3424 Aha154x - ok 15:57:11.0734 3424 aic78u2 - ok 15:57:11.0781 3424 aic78xx - ok 15:57:12.0078 3424 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 15:57:12.0125 3424 ALCXWDM - ok 15:57:12.0250 3424 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll 15:57:12.0250 3424 Alerter - ok 15:57:12.0312 3424 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe 15:57:12.0312 3424 ALG - ok 15:57:12.0343 3424 AliIde - ok 15:57:12.0375 3424 amsint - ok 15:57:12.0531 3424 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe 15:57:12.0531 3424 AntiVirSchedulerService - ok 15:57:12.0578 3424 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe 15:57:12.0578 3424 AntiVirService - ok 15:57:12.0656 3424 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll 15:57:12.0656 3424 AppMgmt - ok 15:57:12.0718 3424 ArcSoftKsUFilter (35a6a419d7526f5cf824afb23afa08d6) C:\WINDOWS\system32\DRIVERS\ArcSoftKsUFilter.sys 15:57:12.0718 3424 ArcSoftKsUFilter - ok 15:57:12.0796 3424 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 15:57:12.0812 3424 Arp1394 - ok 15:57:12.0843 3424 asc - ok 15:57:12.0875 3424 asc3350p - ok 15:57:12.0906 3424 asc3550 - ok 15:57:13.0093 3424 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 15:57:13.0093 3424 aspnet_state - ok 15:57:13.0140 3424 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:57:13.0140 3424 AsyncMac - ok 15:57:13.0203 3424 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 15:57:13.0203 3424 atapi - ok 15:57:13.0234 3424 Atdisk - ok 15:57:13.0281 3424 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:57:13.0281 3424 Atmarpc - ok 15:57:13.0359 3424 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll 15:57:13.0359 3424 AudioSrv - ok 15:57:13.0437 3424 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 15:57:13.0437 3424 audstub - ok 15:57:13.0484 3424 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 15:57:13.0500 3424 avgntflt - ok 15:57:13.0562 3424 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys 15:57:13.0562 3424 avipbb - ok 15:57:13.0656 3424 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys 15:57:13.0656 3424 avkmgr - ok 15:57:13.0734 3424 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 15:57:13.0734 3424 Beep - ok 15:57:13.0843 3424 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll 15:57:13.0843 3424 BITS - ok 15:57:13.0921 3424 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll 15:57:13.0921 3424 Browser - ok 15:57:13.0984 3424 busbcrw (32f39b678b5cd3bdaa2cff481bcea695) C:\WINDOWS\system32\Drivers\busbcrw.sys 15:57:13.0984 3424 busbcrw - ok 15:57:14.0078 3424 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 15:57:14.0078 3424 cbidf2k - ok 15:57:14.0125 3424 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 15:57:14.0140 3424 CCDECODE - ok 15:57:14.0171 3424 cd20xrnt - ok 15:57:14.0234 3424 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 15:57:14.0234 3424 Cdaudio - ok 15:57:14.0312 3424 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 15:57:14.0312 3424 Cdfs - ok 15:57:14.0359 3424 Cdr4_xp (a328422b01ed00546d94e54ac542b1ab) C:\WINDOWS\system32\drivers\Cdr4_xp.sys 15:57:14.0359 3424 Cdr4_xp - ok 15:57:14.0406 3424 Cdralw2k (c475cff774b6a9531ab537dbdc2aa5d3) C:\WINDOWS\system32\drivers\Cdralw2k.sys 15:57:14.0406 3424 Cdralw2k - ok 15:57:14.0453 3424 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:57:14.0453 3424 Cdrom - ok 15:57:14.0734 3424 CGVPNCliSrvc (3d23b88a78a22dd32895fc8e2acda244) C:\Programme\CyberGhost VPN\CGVPNCliService.exe 15:57:14.0750 3424 CGVPNCliSrvc - ok 15:57:14.0859 3424 Changer - ok 15:57:14.0937 3424 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe 15:57:14.0937 3424 CiSvc - ok 15:57:14.0984 3424 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe 15:57:14.0984 3424 ClipSrv - ok 15:57:15.0140 3424 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:57:15.0140 3424 clr_optimization_v2.0.50727_32 - ok 15:57:15.0171 3424 CmdIde - ok 15:57:15.0203 3424 COMSysApp - ok 15:57:15.0265 3424 Cpqarray - ok 15:57:15.0328 3424 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll 15:57:15.0328 3424 CryptSvc - ok 15:57:15.0359 3424 dac2w2k - ok 15:57:15.0406 3424 dac960nt - ok 15:57:15.0500 3424 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll 15:57:15.0515 3424 DcomLaunch - ok 15:57:15.0578 3424 dg_ssudbus (73fc5bc52572084ec1241514cf6230a0) C:\WINDOWS\system32\DRIVERS\ssudbus.sys 15:57:15.0578 3424 dg_ssudbus - ok 15:57:15.0640 3424 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll 15:57:15.0640 3424 Dhcp - ok 15:57:15.0718 3424 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 15:57:15.0718 3424 Disk - ok 15:57:15.0750 3424 dmadmin - ok 15:57:15.0859 3424 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 15:57:15.0859 3424 dmboot - ok 15:57:15.0906 3424 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 15:57:15.0906 3424 dmio - ok 15:57:15.0968 3424 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 15:57:15.0968 3424 dmload - ok 15:57:16.0046 3424 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll 15:57:16.0046 3424 dmserver - ok 15:57:16.0078 3424 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 15:57:16.0093 3424 DMusic - ok 15:57:16.0156 3424 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll 15:57:16.0156 3424 Dnscache - ok 15:57:16.0187 3424 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll 15:57:16.0203 3424 Dot3svc - ok 15:57:16.0234 3424 dpti2o - ok 15:57:16.0296 3424 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 15:57:16.0296 3424 drmkaud - ok 15:57:16.0343 3424 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll 15:57:16.0343 3424 EapHost - ok 15:57:16.0421 3424 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll 15:57:16.0421 3424 ERSvc - ok 15:57:16.0484 3424 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe 15:57:16.0500 3424 Eventlog - ok 15:57:16.0562 3424 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll 15:57:16.0578 3424 EventSystem - ok 15:57:16.0625 3424 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 15:57:16.0656 3424 Fastfat - ok 15:57:16.0718 3424 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll 15:57:16.0718 3424 FastUserSwitchingCompatibility - ok 15:57:16.0750 3424 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 15:57:16.0750 3424 Fdc - ok 15:57:16.0812 3424 fdrawcmd (75c1e92f6ac3da41728731ea2e20fbce) C:\WINDOWS\system32\drivers\fdrawcmd.sys 15:57:16.0812 3424 fdrawcmd - ok 15:57:16.0875 3424 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 15:57:16.0875 3424 Fips - ok 15:57:16.0921 3424 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 15:57:16.0921 3424 Flpydisk - ok 15:57:16.0984 3424 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 15:57:16.0984 3424 FltMgr - ok 15:57:17.0187 3424 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 15:57:17.0187 3424 FontCache3.0.0.0 - ok 15:57:17.0250 3424 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:57:17.0250 3424 Fs_Rec - ok 15:57:17.0296 3424 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:57:17.0296 3424 Ftdisk - ok 15:57:17.0343 3424 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys 15:57:17.0343 3424 gameenum - ok 15:57:17.0406 3424 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys 15:57:17.0421 3424 ggflt - ok 15:57:17.0484 3424 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys 15:57:17.0484 3424 ggsemc - ok 15:57:17.0562 3424 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:57:17.0562 3424 Gpc - ok 15:57:17.0687 3424 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe 15:57:17.0687 3424 gupdate - ok 15:57:17.0718 3424 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe 15:57:17.0718 3424 gupdatem - ok 15:57:17.0796 3424 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe 15:57:17.0796 3424 gusvc - ok 15:57:17.0906 3424 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:57:17.0921 3424 helpsvc - ok 15:57:17.0953 3424 HidServ - ok 15:57:18.0015 3424 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll 15:57:18.0015 3424 hkmsvc - ok 15:57:18.0046 3424 hpn - ok 15:57:18.0125 3424 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys 15:57:18.0125 3424 HTCAND32 - ok 15:57:18.0187 3424 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys 15:57:18.0187 3424 htcnprot - ok 15:57:18.0250 3424 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 15:57:18.0250 3424 HTTP - ok 15:57:18.0328 3424 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll 15:57:18.0328 3424 HTTPFilter - ok 15:57:18.0359 3424 i2omgmt - ok 15:57:18.0390 3424 i2omp - ok 15:57:18.0468 3424 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:57:18.0468 3424 i8042prt - ok 15:57:18.0578 3424 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:57:18.0593 3424 idsvc - ok 15:57:18.0640 3424 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 15:57:18.0640 3424 Imapi - ok 15:57:18.0718 3424 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\System32\imapi.exe 15:57:18.0718 3424 ImapiService - ok 15:57:18.0765 3424 ini910u - ok 15:57:18.0812 3424 IntelIde - ok 15:57:18.0890 3424 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 15:57:18.0890 3424 intelppm - ok 15:57:18.0921 3424 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 15:57:18.0937 3424 ip6fw - ok 15:57:19.0015 3424 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:57:19.0015 3424 IpFilterDriver - ok 15:57:19.0046 3424 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:57:19.0046 3424 IpInIp - ok 15:57:19.0125 3424 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:57:19.0125 3424 IpNat - ok 15:57:19.0171 3424 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:57:19.0171 3424 IPSec - ok 15:57:19.0234 3424 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 15:57:19.0234 3424 IRENUM - ok 15:57:19.0296 3424 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:57:19.0296 3424 isapnp - ok 15:57:19.0484 3424 JavaQuickStarterService (1fdb89b860eb7ba96a45e749a784227e) C:\Programme\Java\jre7\bin\jqs.exe 15:57:19.0484 3424 JavaQuickStarterService - ok 15:57:19.0546 3424 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:57:19.0546 3424 Kbdclass - ok 15:57:19.0593 3424 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 15:57:19.0609 3424 kmixer - ok 15:57:19.0671 3424 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 15:57:19.0671 3424 KSecDD - ok 15:57:19.0765 3424 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll 15:57:19.0781 3424 lanmanserver - ok 15:57:19.0843 3424 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll 15:57:19.0859 3424 lanmanworkstation - ok 15:57:19.0890 3424 lbrtfdc - ok 15:57:19.0984 3424 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll 15:57:19.0984 3424 LmHosts - ok 15:57:20.0062 3424 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll 15:57:20.0062 3424 Messenger - ok 15:57:20.0140 3424 mgau (42978087fe8079bb06136be57fe99f65) C:\WINDOWS\system32\DRIVERS\mgaum.sys 15:57:20.0140 3424 mgau - ok 15:57:20.0203 3424 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 15:57:20.0203 3424 mnmdd - ok 15:57:20.0250 3424 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe 15:57:20.0265 3424 mnmsrvc - ok 15:57:20.0312 3424 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 15:57:20.0312 3424 Modem - ok 15:57:20.0343 3424 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:57:20.0343 3424 Mouclass - ok 15:57:20.0390 3424 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 15:57:20.0390 3424 MountMgr - ok 15:57:20.0421 3424 mraid35x - ok 15:57:20.0484 3424 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:57:20.0515 3424 MRxDAV - ok 15:57:20.0593 3424 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:57:20.0593 3424 MRxSmb - ok 15:57:20.0656 3424 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\System32\msdtc.exe 15:57:20.0671 3424 MSDTC - ok 15:57:20.0734 3424 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 15:57:20.0734 3424 Msfs - ok 15:57:20.0781 3424 MSIServer - ok 15:57:20.0843 3424 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:57:20.0843 3424 MSKSSRV - ok 15:57:20.0890 3424 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:57:20.0890 3424 MSPCLOCK - ok 15:57:20.0921 3424 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 15:57:20.0921 3424 MSPQM - ok 15:57:20.0968 3424 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:57:20.0968 3424 mssmbios - ok 15:57:21.0046 3424 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 15:57:21.0046 3424 MSTEE - ok 15:57:21.0093 3424 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys 15:57:21.0109 3424 ms_mpu401 - ok 15:57:21.0171 3424 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 15:57:21.0171 3424 Mup - ok 15:57:21.0234 3424 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 15:57:21.0234 3424 NABTSFEC - ok 15:57:21.0312 3424 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll 15:57:21.0328 3424 napagent - ok 15:57:21.0375 3424 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 15:57:21.0375 3424 NDIS - ok 15:57:21.0453 3424 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 15:57:21.0453 3424 NdisIP - ok 15:57:21.0531 3424 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:57:21.0531 3424 NdisTapi - ok 15:57:21.0562 3424 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:57:21.0562 3424 Ndisuio - ok 15:57:21.0625 3424 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:57:21.0625 3424 NdisWan - ok 15:57:21.0671 3424 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 15:57:21.0671 3424 NDProxy - ok 15:57:21.0906 3424 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe 15:57:21.0906 3424 Nero BackItUp Scheduler 4.0 - ok 15:57:21.0984 3424 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 15:57:21.0984 3424 NetBIOS - ok 15:57:22.0031 3424 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 15:57:22.0031 3424 NetBT - ok 15:57:22.0125 3424 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe 15:57:22.0125 3424 NetDDE - ok 15:57:22.0156 3424 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe 15:57:22.0156 3424 NetDDEdsdm - ok 15:57:22.0234 3424 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe 15:57:22.0234 3424 Netlogon - ok 15:57:22.0312 3424 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll 15:57:22.0328 3424 Netman - ok 15:57:22.0468 3424 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:57:22.0484 3424 NetTcpPortSharing - ok 15:57:22.0531 3424 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 15:57:22.0531 3424 NIC1394 - ok 15:57:22.0625 3424 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll 15:57:22.0625 3424 Nla - ok 15:57:22.0703 3424 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 15:57:22.0703 3424 Npfs - ok 15:57:22.0765 3424 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 15:57:22.0781 3424 Ntfs - ok 15:57:22.0812 3424 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe 15:57:22.0812 3424 NtLmSsp - ok 15:57:22.0875 3424 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll 15:57:22.0890 3424 NtmsSvc - ok 15:57:22.0953 3424 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 15:57:22.0953 3424 Null - ok 15:57:23.0046 3424 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:57:23.0062 3424 NwlnkFlt - ok 15:57:23.0093 3424 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:57:23.0093 3424 NwlnkFwd - ok 15:57:23.0156 3424 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 15:57:23.0156 3424 ohci1394 - ok 15:57:23.0203 3424 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys 15:57:23.0203 3424 Parport - ok 15:57:23.0234 3424 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 15:57:23.0234 3424 PartMgr - ok 15:57:23.0281 3424 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 15:57:23.0281 3424 ParVdm - ok 15:57:23.0421 3424 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe 15:57:23.0421 3424 PassThru Service - ok 15:57:23.0515 3424 Payback-Reporting-Service (a41053d054d9904aeb149a927264a531) C:\Programme\Digital Trends Club\Payback-Reporting.exe 15:57:23.0515 3424 Payback-Reporting-Service - ok 15:57:23.0578 3424 Payback-Update-Service (8d6c9fc5c2e7b6bf6544ba2c72cae859) C:\Programme\Digital Trends Club\Payback-Updater.exe 15:57:23.0578 3424 Payback-Update-Service - ok 15:57:23.0656 3424 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 15:57:23.0656 3424 PCI - ok 15:57:23.0671 3424 PCIDump - ok 15:57:23.0734 3424 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys 15:57:23.0734 3424 PCIIde - ok 15:57:23.0781 3424 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys 15:57:23.0781 3424 Pcmcia - ok 15:57:23.0828 3424 PDCOMP - ok 15:57:23.0859 3424 PDFRAME - ok 15:57:23.0906 3424 PDRELI - ok 15:57:23.0937 3424 PDRFRAME - ok 15:57:23.0968 3424 perc2 - ok 15:57:24.0000 3424 perc2hib - ok 15:57:24.0140 3424 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe 15:57:24.0156 3424 PlugPlay - ok 15:57:24.0171 3424 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe 15:57:24.0171 3424 PolicyAgent - ok 15:57:24.0234 3424 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:57:24.0234 3424 PptpMiniport - ok 15:57:24.0312 3424 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys 15:57:24.0312 3424 Processor - ok 15:57:24.0343 3424 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe 15:57:24.0343 3424 ProtectedStorage - ok 15:57:24.0390 3424 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 15:57:24.0390 3424 PSched - ok 15:57:24.0437 3424 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:57:24.0453 3424 Ptilink - ok 15:57:24.0484 3424 ql1080 - ok 15:57:24.0515 3424 Ql10wnt - ok 15:57:24.0562 3424 ql12160 - ok 15:57:24.0593 3424 ql1240 - ok 15:57:24.0625 3424 ql1280 - ok 15:57:24.0671 3424 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:57:24.0671 3424 RasAcd - ok 15:57:24.0718 3424 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll 15:57:24.0734 3424 RasAuto - ok 15:57:24.0781 3424 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:57:24.0781 3424 Rasl2tp - ok 15:57:24.0859 3424 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll 15:57:24.0875 3424 RasMan - ok 15:57:24.0906 3424 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:57:24.0921 3424 RasPppoe - ok 15:57:24.0953 3424 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 15:57:24.0953 3424 Raspti - ok 15:57:25.0000 3424 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:57:25.0000 3424 Rdbss - ok 15:57:25.0046 3424 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:57:25.0062 3424 RDPCDD - ok 15:57:25.0125 3424 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 15:57:25.0125 3424 rdpdr - ok 15:57:25.0218 3424 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys 15:57:25.0218 3424 RDPWD - ok 15:57:25.0281 3424 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe 15:57:25.0281 3424 RDSessMgr - ok 15:57:25.0343 3424 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 15:57:25.0359 3424 redbook - ok 15:57:25.0421 3424 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll 15:57:25.0421 3424 RemoteAccess - ok 15:57:25.0484 3424 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll 15:57:25.0484 3424 RemoteRegistry - ok 15:57:25.0562 3424 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe 15:57:25.0562 3424 RpcLocator - ok 15:57:25.0625 3424 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll 15:57:25.0625 3424 RpcSs - ok 15:57:25.0703 3424 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe 15:57:25.0703 3424 RSVP - ok 15:57:25.0765 3424 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe 15:57:25.0765 3424 SamSs - ok 15:57:25.0828 3424 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe 15:57:25.0828 3424 SCardSvr - ok 15:57:25.0906 3424 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll 15:57:25.0906 3424 Schedule - ok 15:57:25.0984 3424 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:57:25.0984 3424 Secdrv - ok 15:57:26.0031 3424 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll 15:57:26.0031 3424 seclogon - ok 15:57:26.0078 3424 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll 15:57:26.0078 3424 SENS - ok 15:57:26.0125 3424 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 15:57:26.0125 3424 serenum - ok 15:57:26.0156 3424 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 15:57:26.0156 3424 Serial - ok 15:57:26.0265 3424 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 15:57:26.0265 3424 Sfloppy - ok 15:57:26.0359 3424 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll 15:57:26.0359 3424 ShellHWDetection - ok 15:57:26.0390 3424 Simbad - ok 15:57:26.0453 3424 sisagp (941f2dd2cf7f5558d52c62c5fa2cdc06) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys 15:57:26.0468 3424 sisagp - ok 15:57:26.0531 3424 SISNIC (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys 15:57:26.0531 3424 SISNIC - ok 15:57:26.0578 3424 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 15:57:26.0578 3424 SLIP - ok 15:57:27.0234 3424 SNP325 (a12be6b3f784bd66110efc649f31038b) C:\WINDOWS\system32\DRIVERS\snp325.sys 15:57:27.0343 3424 SNP325 - ok 15:57:27.0484 3424 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Programme\Sony\Sony PC Companion\PCCService.exe 15:57:27.0484 3424 Sony PC Companion - ok 15:57:27.0562 3424 Sparrow - ok 15:57:27.0640 3424 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 15:57:27.0640 3424 splitter - ok 15:57:27.0703 3424 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 15:57:27.0703 3424 Spooler - ok 15:57:27.0750 3424 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 15:57:27.0750 3424 sr - ok 15:57:27.0812 3424 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll 15:57:27.0812 3424 srservice - ok 15:57:27.0921 3424 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 15:57:27.0921 3424 Srv - ok 15:57:28.0000 3424 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll 15:57:28.0015 3424 SSDPSRV - ok 15:57:28.0078 3424 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 15:57:28.0078 3424 ssmdrv - ok 15:57:28.0140 3424 ssudmdm (e3d493bfb7cd108ec50b2f560c96367c) C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 15:57:28.0140 3424 ssudmdm - ok 15:57:28.0203 3424 ssudobex (e2cb338eb98172120c5a44dea5e7a87f) C:\WINDOWS\system32\DRIVERS\ssudobex.sys 15:57:28.0203 3424 ssudobex - ok 15:57:28.0281 3424 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll 15:57:28.0281 3424 stisvc - ok 15:57:28.0343 3424 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 15:57:28.0343 3424 streamip - ok 15:57:28.0406 3424 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 15:57:28.0406 3424 swenum - ok 15:57:28.0453 3424 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 15:57:28.0453 3424 swmidi - ok 15:57:28.0484 3424 SwPrv - ok 15:57:28.0531 3424 symc810 - ok 15:57:28.0562 3424 symc8xx - ok 15:57:28.0593 3424 sym_hi - ok 15:57:28.0625 3424 sym_u3 - ok 15:57:28.0687 3424 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 15:57:28.0687 3424 sysaudio - ok 15:57:28.0750 3424 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe 15:57:28.0750 3424 SysmonLog - ok 15:57:28.0812 3424 tap0901 (1e89de7a4fb7a854ebb241d0aa8996dd) C:\WINDOWS\system32\DRIVERS\tap0901.sys 15:57:28.0812 3424 tap0901 - ok 15:57:28.0906 3424 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll 15:57:28.0906 3424 TapiSrv - ok 15:57:29.0000 3424 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:57:29.0000 3424 Tcpip - ok 15:57:29.0031 3424 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 15:57:29.0031 3424 TDPIPE - ok 15:57:29.0062 3424 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 15:57:29.0062 3424 TDTCP - ok 15:57:29.0109 3424 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 15:57:29.0109 3424 TermDD - ok 15:57:29.0187 3424 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll 15:57:29.0203 3424 TermService - ok 15:57:29.0265 3424 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll 15:57:29.0281 3424 Themes - ok 15:57:29.0343 3424 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe 15:57:29.0343 3424 TlntSvr - ok 15:57:29.0437 3424 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Programme\TomTom HOME 2\TomTomHOMEService.exe 15:57:29.0437 3424 TomTomHOMEService - ok 15:57:29.0468 3424 TosIde - ok 15:57:29.0546 3424 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll 15:57:29.0562 3424 TrkWks - ok 15:57:29.0750 3424 TuneUp.UtilitiesSvc (876a1fe7a7ca957e84c3af797f2e7fc5) C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe 15:57:29.0765 3424 TuneUp.UtilitiesSvc - ok 15:57:29.0828 3424 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys 15:57:29.0828 3424 TuneUpUtilitiesDrv - ok 15:57:29.0968 3424 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe 15:57:29.0968 3424 uCamMonitor - ok 15:57:30.0109 3424 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 15:57:30.0109 3424 Udfs - ok 15:57:30.0140 3424 ultra - ok 15:57:30.0218 3424 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 15:57:30.0234 3424 Update - ok 15:57:30.0312 3424 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll 15:57:30.0312 3424 upnphost - ok 15:57:30.0343 3424 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe 15:57:30.0343 3424 UPS - ok 15:57:30.0421 3424 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:57:30.0437 3424 usbccgp - ok 15:57:30.0500 3424 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:57:30.0500 3424 usbehci - ok 15:57:30.0546 3424 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:57:30.0546 3424 usbhub - ok 15:57:30.0625 3424 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 15:57:30.0625 3424 usbohci - ok 15:57:30.0687 3424 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 15:57:30.0703 3424 usbprint - ok 15:57:30.0734 3424 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 15:57:30.0734 3424 usbscan - ok 15:57:30.0812 3424 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:57:30.0812 3424 USBSTOR - ok 15:57:30.0859 3424 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 15:57:30.0859 3424 VgaSave - ok 15:57:30.0890 3424 ViaIde - ok 15:57:30.0968 3424 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 15:57:30.0968 3424 VolSnap - ok 15:57:31.0046 3424 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe 15:57:31.0062 3424 VSS - ok 15:57:31.0109 3424 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\System32\w32time.dll 15:57:31.0125 3424 W32Time - ok 15:57:31.0171 3424 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:57:31.0171 3424 Wanarp - ok 15:57:31.0265 3424 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys 15:57:31.0281 3424 Wdf01000 - ok 15:57:31.0312 3424 WDICA - ok 15:57:31.0359 3424 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 15:57:31.0359 3424 wdmaud - ok 15:57:31.0437 3424 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll 15:57:31.0437 3424 WebClient - ok 15:57:31.0562 3424 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll 15:57:31.0562 3424 winmgmt - ok 15:57:31.0656 3424 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys 15:57:31.0671 3424 WinUSB - ok 15:57:31.0734 3424 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll 15:57:31.0734 3424 WmdmPmSN - ok 15:57:31.0828 3424 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll 15:57:31.0843 3424 Wmi - ok 15:57:31.0937 3424 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe 15:57:31.0937 3424 WmiApSrv - ok 15:57:32.0109 3424 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe 15:57:32.0125 3424 WMPNetworkSvc - ok 15:57:32.0187 3424 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 15:57:32.0187 3424 WS2IFSL - ok 15:57:32.0234 3424 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 15:57:32.0234 3424 WSTCODEC - ok 15:57:32.0296 3424 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll 15:57:32.0312 3424 wuauserv - ok 15:57:32.0390 3424 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll 15:57:32.0406 3424 WZCSVC - ok 15:57:32.0453 3424 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll 15:57:32.0468 3424 xmlprov - ok 15:57:32.0609 3424 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe 15:57:32.0625 3424 YahooAUService - ok 15:57:32.0734 3424 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0 15:57:33.0406 3424 \Device\Harddisk0\DR0 - ok 15:57:33.0453 3424 Boot (0x1200) (61189a690e36d9dfea564a75ccc38855) \Device\Harddisk0\DR0\Partition0 15:57:33.0453 3424 \Device\Harddisk0\DR0\Partition0 - ok 15:57:33.0453 3424 ============================================================ 15:57:33.0453 3424 Scan finished 15:57:33.0453 3424 ============================================================ 15:57:33.0531 2044 Detected object count: 0 15:57:33.0531 2044 Actual detected object count: 0 15:58:10.0375 2872 Deinitialize success Die Daten sind zwar fast alle von letzter Woche aber da ich krank war konnte ich nicht früher an den PC. Ich habe nichts verstellt und es pipst alle paar Minuten und er meldet mir die 2Plagegeister. Ich hoffe mit den daten könnt ihr was anfangen, weil für mich klingt das mehr wie chinesische Dörfer. Gruß Nicole |
|
05.06.2012, 20:59
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefundenZitat:
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
06.06.2012, 06:45
| #3 |
| | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Hallo Cosinus,
__________________sorry an die Logfiles hab ich vor lauter Daten gar nicht mehr gedacht  Code:
ATTFilter Die Datei 'C:\WINDOWS\Installer\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\n'
enthielt einen Virus oder unerwünschtes Programm 'TR/Sirefef.P.331' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '53614d08.qua' verschoben!
Code:
ATTFilter In der Datei 'C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\desktop.ini'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
Code:
ATTFilter In der Datei 'C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\U\80000000.@'
wurde ein Virus oder unerwünschtes Programm 'TR/Sirefef.AG.35' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
 Wenn du noch mehr Infos brauchst muss du mir leider sagen wo sie auf meinem PC versteckt sind  weiß nicht so richtig bescheid  Gruß Nicole |
|
06.06.2012, 13:03
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen! Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.06.2012, 15:39
| #5 |
| | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden hallo hier schon mal das erste: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.07.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Nicole :: KRANET [Administrator] Schutz: Aktiviert 07.06.2012 11:54:31 mbam-log-2012-06-07 (11-54-31).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 296584 Laufzeit: 3 Stunde(n), 34 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 5 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32| (Trojan.Zaccess) -> Bösartig: (\\.\globalroot\systemroot\Installer\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\n.) Gut: (%systemroot%\system32\wbem\wbemess.dll) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 10 C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\ntuser.dat (Misused.Legit) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Wii Spiele\WBFS Manager\WBFS_Manager.exe (PUP.Adbundler) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\n (Trojan.Dropper.PE4) -> Löschen bei Neustart. C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\U\00000001.@ (Trojan.Small) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\U\80000000.@ (Trojan.Sirefef) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\System Volume Information\_restore{B4598107-2B0E-4C7D-8BEF-CDD884D07B55}\RP410\A0128523.EXE (Trojan.Agent.TBM) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\WINDOWS\Installer\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\U\00000001.@ (Trojan.Small) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\WINDOWS\Installer\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\U\80000000.@ (Trojan.Sirefef) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\WINDOWS\Installer\{b5074b19-bc89-3a5a-9767-69e0003d7a7c}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
09.06.2012, 10:25
| #6 |
| | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Hallo Cosinus, habe Probleme das Programm Eset auszuführen. Bei ca 40 % bricht er jedesmal ab und startet den Rechner neu. Werde am Montag noch mal in aller Ruhe schauen wo der Fehler liegt. Schönes WE Nicole |
|
11.06.2012, 15:30
| #7 |
| | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Hallo , heute hat es geklappt hier das Log: Code:
ATTFilter ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=8305a20721b7c84f87c0f2b7b3d10999
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-11 02:18:13
# local_time=2012-06-11 04:18:13 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=crash
# scanned=91553
# found=3
# cleaned=0
# scan_time=6057
C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\16\2a799610-69949f49 Mehrere Bedrohungen (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\31\281e7c9f-611ad14c Java/Agent.CK Trojaner (Säubern nicht möglich) 00000000000000000000000000000000 I
C:\WINDOWS\FixCamera.exe Variante von Win32/KillProc.A Anwendung (Säubern nicht möglich) 00000000000000000000000000000000 I
gruß Nicole |
|
11.06.2012, 15:57
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.06.2012, 14:39
| #9 |
| | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Hier das neue OTL Log: OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.06.2012 15:23:27 - Run 3 OTL by OldTimer - Version 3.2.46.0 Folder = C:\Dokumente und Einstellungen\Nicole\Desktop\Neuer Ordner Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,25 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 71,97% Memory free 2,98 Gb Paging File | 2,70 Gb Available in Paging File | 90,46% Paging File free Paging file location(s): C:\pagefile.sys 1920 3840 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74,52 Gb Total Space | 35,81 Gb Free Space | 48,05% Space Free | Partition Type: NTFS Computer Name: KRANET | User Name: Nicole | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Nicole\Desktop\Neuer Ordner\OTL.exe (OldTimer Tools) PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Programme\Digital Trends Club\Payback-Reporting.exe () PRC - C:\Programme\Digital Trends Club\Payback-Updater.exe () PRC - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\tsnp325.exe () ========== Modules (No Company Name) ========== MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe () MOD - C:\Programme\Digital Trends Club\Payback-Reporting.exe () MOD - C:\Programme\Digital Trends Club\Payback-Updater.exe () MOD - C:\Programme\Digital Trends Club\updatercom.dll () MOD - C:\Programme\EMBIRD32\EMBIRDCP.DLL () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\WINDOWS\tsnp325.exe () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (CGVPNCliSrvc) -- C:\Programme\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (Payback-Reporting-Service) -- C:\Programme\Digital Trends Club\Payback-Reporting.exe () SRV - (Payback-Update-Service) -- C:\Programme\Digital Trends Club\Payback-Updater.exe () SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (ACDaemon) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (uCamMonitor) -- C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (TlntSvr) -- C:\WINDOWS\system32\tlntsvr.exe (Microsoft Corporation) SRV - (NetDDEdsdm) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation) SRV - (NetDDE) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation) SRV - (ClipSrv) -- C:\WINDOWS\system32\clipsrv.exe (Microsoft Corporation) SRV - (RemoteRegistry) -- C:\WINDOWS\system32\regsvc.dll (Microsoft Corporation) SRV - (Messenger) -- C:\WINDOWS\system32\msgsvc.dll (Microsoft Corporation) SRV - (RemoteAccess) -- C:\WINDOWS\system32\mprdim.dll (Microsoft Corporation) SRV - (Alerter) -- C:\WINDOWS\system32\alrsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (ssudobex) SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudobex.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH) DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (htcnprot) -- C:\WINDOWS\system32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (HTCAND32) -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV - (fdrawcmd) -- C:\WINDOWS\system32\drivers\fdrawcmd.sys (simonowen.com) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.) DRV - (ArcSoftKsUFilter) -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV - (Pcmcia) -- C:\WINDOWS\System32\drivers\pcmcia.sys (Microsoft Corporation) DRV - (dmboot) -- C:\WINDOWS\system32\drivers\dmboot.sys (Microsoft Corp., Veritas Software) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (Udfs) -- C:\WINDOWS\System32\drivers\udfs.sys (Microsoft Corporation) DRV - (SNP325) USB PC Camera (SNPSTD325) -- C:\WINDOWS\system32\drivers\snp325.sys (Sonix Co. Ltd.) DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.) DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation) DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation) DRV - (busbcrw) -- C:\WINDOWS\system32\drivers\busbcrw.sys (Brother Industries, Ltd.) DRV - (cbidf2k) -- C:\WINDOWS\System32\drivers\cbidf2k.sys (Microsoft Corporation) DRV - (ACPIEC) -- C:\WINDOWS\System32\drivers\acpiec.sys (Microsoft Corporation) DRV - (WS2IFSL) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys (Microsoft Corporation) DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Roxio) DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Roxio) DRV - (sisagp) -- C:\WINDOWS\system32\drivers\SISAGPX.SYS (Silicon Integrated Systems Corporation) DRV - (mgau) -- C:\WINDOWS\system32\drivers\mgaum.sys (Matrox Graphics Inc.) DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie8_startpage IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/ IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\..\SearchScopes,DefaultScope = {6678C3F5-77F0-4283-828D-B664B3643EEA} IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\..\SearchScopes\{1C49115E-B88F-4C74-BFE5-D9C593008173}: "URL" = hxxp://go.web.de/br/ie8_search_amazon/?keywords={searchTerms} IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\..\SearchScopes\{6678C3F5-77F0-4283-828D-B664B3643EEA}: "URL" = hxxp://go.web.de/br/ie8_search_web/?su={searchTerms} IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\..\SearchScopes\{D1ADC4B8-AB0B-432E-9EE9-865FA2746E55}: "URL" = hxxp://go.web.de/br/ie8_search_ebay/?q={searchTerms} IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-57989841-1482476501-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1 FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Programme\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Programme\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gacela2@nurago.com: C:\Programme\Digital Trends Club\ [2012.06.12 14:57:58 | 000,000,000 | ---D | M] [2010.10.28 14:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Mozilla\Extensions [2010.10.28 14:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2012.03.21 19:18:16 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.07.04 19:36:28 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAMME\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM O1 HOSTS File: ([2003.04.02 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (WEB.DE Konfiguration) - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Digital Trends Club) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Programme\Digital Trends Club\Gacela2.dll (Payback) O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-57989841-1482476501-682003330-1003\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKU\S-1-5-21-57989841-1482476501-682003330-1003\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-57989841-1482476501-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O8 - Extra context menu item: RF - Formular ausfüllen - C:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: RF - Formular speichern - C:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8 - Extra context menu item: RF - Menü anpassen - C:\Programme\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : Über Digital Trends Club - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Programme\Digital Trends Club\Gacela2.dll (Payback) O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{554CC898-B3A9-4923-877A-F0E3F325300E}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.10.26 16:36:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{5066a7a3-906f-11e1-af47-0010dcda616c}\Shell - "" = AutoRun O33 - MountPoints2\{5066a7a3-906f-11e1-af47-0010dcda616c}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{5066a7a3-906f-11e1-af47-0010dcda616c}\Shell\AutoRun\command - "" = F:\HTC_Sync_Manager_PC.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Sharedaccess - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: sharedaccess - File not found SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5F0F0785-1FB7-46E6-8A29-B08B0FD95CFD} - Flash Player 10 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {FCDC1596-134C-441E-8F15-2F0C59E29AF8} - Silverlight 3 ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: >{E9D28A7F-49A0-41E8-95B7-4C699B1D3A6A} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () CREATERESTOREPOINT System Restore Service not available. ========== Files/Folders - Created Within 30 Days ========== [2012.06.12 14:46:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Roboform [2012.06.12 14:46:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\E Books [2012.06.12 14:43:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Calibre Bibliothek [2012.06.12 14:33:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\NDS [2012.06.12 14:30:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Wii [2012.06.12 14:29:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Urlaub [2012.06.12 14:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Urkunde Notar [2012.06.12 14:15:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\TomTom [2012.06.12 14:02:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Sticken [2012.06.12 14:01:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Steuer [2012.06.12 14:01:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Stammbaum [2012.06.12 14:01:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Schneiderei [2012.06.12 14:00:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Nähen [2012.06.12 13:56:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Handy [2012.06.12 13:56:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Familie Hilger - Serger-Fischer-Bauch [2012.06.12 13:56:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Eigene Wiedergabelisten [2012.06.11 11:47:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\PhotoGenie [2012.06.08 07:53:39 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2012.06.07 11:51:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Malwarebytes [2012.06.07 11:51:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2012.06.07 11:51:18 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.06.07 11:51:18 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2012.06.06 11:33:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Desktop\Neuer Ordner [2012.05.29 11:51:21 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Nicole\Desktop\OTL.exe [2012.05.29 11:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2012.05.29 11:35:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Eigene Dateien\Simply Super Software [2012.05.25 16:39:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN [2012.05.25 16:38:07 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN [2012.05.25 16:37:19 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2012.05.25 16:36:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Oracle [2012.05.25 16:36:12 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012.05.25 16:36:12 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.05.25 16:36:01 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.05.25 16:36:01 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.05.24 18:47:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe [2012.05.15 07:22:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\Help [2012.05.15 07:22:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Help [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.12 15:10:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.06.12 14:27:06 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.06.12 14:26:02 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.06.12 14:25:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.06.12 13:53:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.06.12 13:53:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.06.06 12:54:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.06.04 14:21:51 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Nicole\Desktop\OTL.exe [2012.05.31 15:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2012.05.29 11:56:15 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Nicole\defogger_reenable [2012.05.25 16:35:44 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.05.25 16:35:44 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.05.25 16:35:44 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.05.25 16:35:44 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012.05.24 18:23:07 | 000,002,523 | ---- | M] () -- C:\Dokumente und Einstellungen\Nicole\Desktop\Microsoft Excel.lnk [2012.05.22 19:16:21 | 000,000,174 | ---- | M] () -- C:\password.klc [2012.05.22 19:16:12 | 000,000,174 | ---- | M] () -- C:\WINDOWS\password.klc [2012.05.14 14:51:34 | 000,002,495 | ---- | M] () -- C:\Dokumente und Einstellungen\Nicole\Desktop\Microsoft Word.lnk [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.05.29 11:56:15 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\defogger_reenable [2012.05.22 19:16:21 | 000,000,174 | ---- | C] () -- C:\password.klc [2012.05.15 19:34:57 | 000,078,360 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2012.03.28 22:11:08 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2012.03.28 22:11:06 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2012.03.28 22:11:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012.03.28 22:11:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012.03.28 22:11:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2012.02.15 15:03:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.11.25 15:40:20 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011.08.31 14:07:12 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpx32.dll [2011.08.31 13:24:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe [2011.08.31 13:24:12 | 000,835,584 | ---- | C] () -- C:\WINDOWS\vsnp325.exe [2011.08.31 13:24:12 | 000,270,336 | ---- | C] () -- C:\WINDOWS\tsnp325.exe [2011.08.31 13:24:12 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snp325.ini [2011.08.31 13:24:04 | 000,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp325.dll [2011.08.31 13:24:04 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnp325.dll [2011.08.31 13:24:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp325.dll [2011.07.18 14:14:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WOC_CDDA.ini [2010.11.19 18:12:36 | 000,017,655 | ---- | C] () -- C:\WINDOWS\cddabase.ini [2010.11.12 15:00:36 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\downloads.m3u [2010.11.12 14:26:42 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.11.12 09:22:06 | 000,009,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.30 15:04:49 | 000,000,120 | ---- | C] () -- C:\WINDOWS\WINRESAZ.INI [2010.10.29 12:17:43 | 000,251,407 | ---- | C] () -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\default.rss [2010.10.29 12:01:53 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010.10.28 14:06:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2010.10.28 14:05:37 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2010.10.27 15:48:09 | 000,092,240 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2010.10.27 15:48:09 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2010.10.27 15:48:09 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2010.10.27 15:48:09 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2010.10.27 15:48:09 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2010.10.27 15:48:09 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2010.10.27 15:48:09 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2010.10.27 15:48:09 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2010.10.27 15:48:09 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2010.10.27 15:48:09 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2010.10.27 15:48:09 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2010.10.27 15:48:09 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2010.10.27 15:48:09 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2010.10.27 15:48:09 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2010.10.27 15:48:09 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2010.10.27 15:48:09 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2010.10.27 15:48:09 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2010.10.27 15:45:46 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX3800EFGIPSD.ini [2010.10.27 09:16:09 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2010.10.27 05:48:07 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010.10.26 16:38:55 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010.10.26 16:38:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010.10.26 16:37:49 | 000,130,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.10.26 16:33:01 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.05.11 10:05:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Adobe [2010.11.12 14:30:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Apple Computer [2012.02.05 19:44:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\ArcSoft [2011.10.17 08:24:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Avira [2012.05.11 10:05:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\calibre [2010.11.18 14:42:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Duden [2012.05.22 19:11:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\EMBIRD32 [2010.10.30 15:35:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\EMBIRD32_STUDIO_N [2010.12.20 17:47:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\EPSON [2012.03.26 15:37:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\EurekaLog [2010.10.28 15:02:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\GetRightToGo [2010.10.28 14:18:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Google [2012.05.15 07:22:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Help [2012.04.27 15:51:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\HTC [2012.04.27 15:47:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2010.10.26 17:13:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Identities [2010.11.03 19:20:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\ImgBurn [2011.01.17 15:29:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\InstallShield [2011.05.31 11:52:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Lexware [2010.10.28 10:00:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Macromedia [2012.06.07 11:51:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Malwarebytes [2011.08.31 14:03:06 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Microsoft [2010.10.28 14:30:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Mozilla [2011.01.28 15:45:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Nero [2012.05.25 16:36:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Oracle [2012.03.27 14:28:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\S.A.D [2012.04.13 10:09:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Samsung [2012.03.24 19:39:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Skype [2011.05.05 12:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Sony [2010.11.02 11:14:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Sun [2012.04.13 12:17:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Temp [2010.10.28 14:30:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\TomTom [2012.03.21 20:55:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Toolbar4 [2012.02.02 15:29:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\TuneUp Software [2010.10.28 12:28:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\WinRAR [2011.08.30 13:26:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Yahoo! < %APPDATA%\*.exe /s > [2012.04.27 15:29:21 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2012.05.10 15:47:10 | 000,117,427 | ---- | M] (Adobe Systems, Inc.) -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\digitaleditions\digitaleditions.exe [2011.06.14 10:56:05 | 000,137,750 | R--- | M] () -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe [2011.06.14 10:56:05 | 000,137,750 | R--- | M] () -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe [2011.06.14 10:56:05 | 000,137,750 | R--- | M] () -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe [2011.06.14 10:56:05 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe [2011.01.25 14:29:53 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Microsoft\Installer\{8AEBFD30-B94F-4A49-8106-03039708BDD4}\ARPPRODUCTICON.exe [2012.02.08 14:49:04 | 000,032,768 | R--- | M] () -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Microsoft\Installer\{E0E4D444-6898-42D0-9A9C-F2B3790B2820}\_A1BADF1B6B2E_4C69_9C92_B02018D35954.exe [2011.01.06 01:40:14 | 000,884,512 | ---- | M] (Sun Microsystems, Inc.) -- C:\Dokumente und Einstellungen\Nicole\Anwendungsdaten\Sun\Java\JRERunOnce.exe < %SYSTEMDRIVE%\*.exe > [2010.05.13 23:07:16 | 002,936,320 | ---- | M] (The Jolly-Joker Co.) -- C:\easyusetool_frontend_0514_gsmfree.exe < MD5 for: AGP440.SYS > [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2003.04.02 14:00:00 | 010,180,476 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll < MD5 for: NETLOGON.DLL > [2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll < MD5 for: SCECLI.DLL > [2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll < MD5 for: USER32.DLL > [2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2003.04.02 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2003.04.02 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2010.10.26 17:36:54 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2010.10.26 17:36:54 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2010.10.26 17:36:54 | 000,397,312 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < End of report > [/code] Gruß Nicole |
|
12.06.2012, 15:36
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Hm, mal ne Frage, hast du das Problem zufällig mit TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 etwa seit dem 22. Mai bzw. kurz danach?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.06.2012, 15:42
| #11 |
| | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Hallo Arne, das kann sein,bin nicht so oft an diesem Rechner. Brauche ihn nur zwischendurch wenn der Lappi besetzt ist. Lg Nicole |
|
12.06.2012, 21:03
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefundenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.06.2012, 07:47
| #13 |
| | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Hi, ja Embird ist ein Programm um Stickmuster zu bearbeiten, hab beruflich damit zu tun. Dieses Programm läuft schon seid einigen Jahren auf dem meinem PC und ich hatte noch nie Probleme damit. Lg Nicole |
|
13.06.2012, 09:30
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Die Frage nach der Quelle hast du nicht beantwortet...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.06.2012, 10:27
| #15 |
| | Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden Sorry, da das Programm schon so lange auf dem Rechner ist hatte ich gedacht das dort nichts passiert ist. Ich glaube ich habe es damals direkt von embird.com runtergeladen und später so 2010 ein upgade auf die jetzige Version gemacht. lg Nicole |
|
| Themen zu Trojaner TR/ATRAPS.GEN2 und TR/Sirefef.AG.35 von Avira gefunden |
| .com, 7-zip, antivir, avg, avira, bho, classpnp.sys, cyberghost, desktop.ini, device driver, einstellungen, error, fehler, fehlercode 1, fehlercode 10, firefox, flash player, fontcache, format, hal.dll, helper, homepage, iexplore.exe, ip-adresse, jdownloader, kaspersky, lexware, logfile, nt.dll, ntdll.dll, plug-in, realtek, rundll, scan, searchscopes, security, software, speicherplatz, super, system error, trojaner, trojaner tr/atraps.gen, usb, visual studio, windows internet |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
