Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus.

im abgesicherten modus hat es zum glück funktioniert, danke.

hier das log:

Code: Alles auswählenAufklappen

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{060E900E-CF90-4A92-BEAE-F0157EBAA885}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{060E900E-CF90-4A92-BEAE-F0157EBAA885}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{3B04FF80-30F7-4015-98F0-5F4E1773443C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B04FF80-30F7-4015-98F0-5F4E1773443C}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{5B424269-F93D-420B-A117-F88206465508}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B424269-F93D-420B-A117-F88206465508}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{9097F35E-2D15-4382-82A1-D623BE92B975}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9097F35E-2D15-4382-82A1-D623BE92B975}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{9B765276-5685-4824-8058-D39AE46D2366}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9B765276-5685-4824-8058-D39AE46D2366}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{B2A1C263-31CD-4CF2-9711-478F6952DDA5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2A1C263-31CD-4CF2-9711-478F6952DDA5}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{BB9C89E7-2FC7-46E3-962A-5BAE0E06DEE6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB9C89E7-2FC7-46E3-962A-5BAE0E06DEE6}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{BF1AA78B-F6DD-4499-A0D8-977D8EFFAAAB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF1AA78B-F6DD-4499-A0D8-977D8EFFAAAB}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Freeware.de Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFSB10&ctid=CT2736476&SearchSource=2&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ deleted successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\Plugins folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\modules folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\META-INF folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\lib folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\skin folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\sl folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\lib folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\core folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\WEATHER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TWITTER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\Optimizer folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\404 folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\menu\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\menu\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\menu\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\menu folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\gf\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\gf\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\gf folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\dlg folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\js folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options\js\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\myStuffDialogs folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\features\js\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\features\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\features folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\api folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ac\res folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ac\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ac\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ac folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\aboutBox\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\aboutBox\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\aboutBox folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025} scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\ffxtlbr@zonealarm.com\content\imgs\flgs folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\ffxtlbr@zonealarm.com\content\imgs folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\ffxtlbr@zonealarm.com\content folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\ffxtlbr@zonealarm.com folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\conduit.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-30.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-31.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-32.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\siteadvisor-1.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\siteadvisor.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\winamp-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}\ deleted successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}\ deleted successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&ICQ Toolbar Search\ deleted successfully.
C:\Programme\ICQToolbar\toolbaru.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{90AE5DAF-82F2-4662-B445-C6878D31A68B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90AE5DAF-82F2-4662-B445-C6878D31A68B}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb63512e-aeb4-11db-994c-00040ec2b791}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eb63512e-aeb4-11db-994c-00040ec2b791}\ not found.
File L:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eff4c8a4-b57c-11de-a023-001111d29f63}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8FF81EB0 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8140CB50 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8FB6501C deleted successfully.
========== FILES ==========
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc496 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc491.de folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc489 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc488 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc392 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc391 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc388 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc383 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc382 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc373\Rankings\Prognos Zukunftsatlas folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc373\Rankings folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc373 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Zoo Leipzig 2009 (Einjähriges) folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Zabeltitz Sommer 2009 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Urlaub Warnemünde 2009.2 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Urlaub Warnemünde 2009 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Urlaub Berlin 2010\Urlaub Berlin 2010 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Urlaub Berlin 2010 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Tierpark Cottbus April 2010 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Schneu folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\434566753 schnucki\Weihnachten 2008 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\434566753 schnucki\Silvester 2008 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\434566753 schnucki\Schneu folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\434566753 schnucki folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11) folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc335 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc332 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc312 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc302 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc299 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc285 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc284\Literatur folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc284 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc282\Vorlesung folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc282 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc274 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc272 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc271\Gründungsmanagement - Literatur folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc271 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc265 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc264\Lumix\FZ38 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc264\Lumix folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc264 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc263\DiaShow 7 Ultimate (Demo) folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc263 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc262.00 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc261.8 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc260 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc259 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc258 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc257 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc252 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc229 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc224 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006 folder moved successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh folder moved successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8 folder moved successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm folder moved successfully.
C:\Programme\ICQ6Toolbar folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\ICQ Toolbar folder moved successfully.
C:\WINDOWS\Installer\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\@ moved successfully.
C:\Dokumente und Einstellungen\Christopher\Lokale Einstellungen\Anwendungsdaten\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\@ moved successfully.
C:\WINDOWS\Installer\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\L folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Lokale Einstellungen\Anwendungsdaten\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\L folder moved successfully.
C:\WINDOWS\Installer\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\U folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Lokale Einstellungen\Anwendungsdaten\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\U folder moved successfully.
File\Folder C:\WINDOWS\Installer\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\n not found.
File\Folder C:\Dokumente und Einstellungen\Christopher\Lokale Einstellungen\Anwendungsdaten\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\u not found.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\.# folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Besitzer
 
User: Christopher
->Temp folder emptied: 2122279495 bytes
->Temporary Internet Files folder emptied: 11908350 bytes
->Java cache emptied: 27011381 bytes
->FireFox cache emptied: 112796478 bytes
->Google Chrome cache emptied: 6098411 bytes
->Flash cache emptied: 1924339 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: LocalService
->Temp folder emptied: 2193848 bytes
->Temporary Internet Files folder emptied: 2375016 bytes
->FireFox cache emptied: 6368313 bytes
->Flash cache emptied: 764 bytes
 
User: NetworkService
->Temp folder emptied: 2131528 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 109681 bytes
%systemroot%\System32 .tmp files removed: 3871111 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 128684118 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 2.315,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Besitzer
 
User: Christopher
->Flash cache emptied: 0 bytes
 
User: Default User
 
User: LocalService
->Flash cache emptied: 0 bytes
 
User: NetworkService
 
Total Flash Files Cleaned = 0,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.57.0 log created on 08132012_192951

Files\Folders moved on Reboot...
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
File\Folder C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\searchProtectorSettingsDialog\images not found!
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025} scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\searchProtectorSettingsDialog\images not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025} not found!

Registry entries deleted on Reboot...
         

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

ich glaub ich hab eine schlechte nachricht. folgende warnmeldung hat antivir gestern gegeben:

Code: Alles auswählenAufklappen

ATTFilter

In der Datei 'C:\System Volume Information\_restore{08A5F15B-D5F0-4D17-893D-8B358608DCF6}\RP1931\A0607542.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Trash.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
         

ich hab es in die quarantäne verschoben.




hier das tdss-log von heute:

Code: Alles auswählenAufklappen

ATTFilter

08:37:56.0890 3268	TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
08:37:56.0906 3268	============================================================
08:37:56.0906 3268	Current date / time: 2012/08/14 08:37:56.0906
08:37:56.0906 3268	SystemInfo:
08:37:56.0906 3268	
08:37:56.0906 3268	OS Version: 5.1.2600 ServicePack: 3.0
08:37:56.0906 3268	Product type: Workstation
08:37:56.0906 3268	ComputerName: D67S0N1J
08:37:56.0906 3268	UserName: Christopher
08:37:56.0906 3268	Windows directory: C:\WINDOWS
08:37:56.0906 3268	System windows directory: C:\WINDOWS
08:37:56.0906 3268	Processor architecture: Intel x86
08:37:56.0906 3268	Number of processors: 2
08:37:56.0906 3268	Page size: 0x1000
08:37:56.0906 3268	Boot type: Normal boot
08:37:56.0906 3268	============================================================
08:37:57.0468 3268	Drive \Device\Harddisk0\DR0 - Size: 0x4A81740000 (298.02 Gb), SectorSize: 0x200, Cylinders: 0x97F8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:37:57.0484 3268	Drive \Device\Harddisk1\DR4 - Size: 0xF1000000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:37:57.0484 3268	============================================================
08:37:57.0484 3268	\Device\Harddisk0\DR0:
08:37:57.0484 3268	MBR partitions:
08:37:57.0484 3268	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x24E728CB
08:37:57.0484 3268	\Device\Harddisk1\DR4:
08:37:57.0484 3268	MBR partitions:
08:37:57.0484 3268	============================================================
08:37:57.0515 3268	C: <-> \Device\Harddisk0\DR0\Partition0
08:37:57.0531 3268	============================================================
08:37:57.0531 3268	Initialize success
08:37:57.0531 3268	============================================================
08:38:51.0218 3040	============================================================
08:38:51.0218 3040	Scan started
08:38:51.0218 3040	Mode: Manual; SigCheck; TDLFS; 
08:38:51.0218 3040	============================================================
08:38:51.0875 3040	Abiosdsk - ok
08:38:51.0906 3040	abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
08:38:53.0234 3040	abp480n5 - ok
08:38:53.0281 3040	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:38:53.0578 3040	ACPI - ok
08:38:53.0609 3040	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:38:53.0765 3040	ACPIEC - ok
08:38:53.0812 3040	AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:38:53.0843 3040	AdobeFlashPlayerUpdateSvc - ok
08:38:53.0859 3040	adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
08:38:54.0000 3040	adpu160m - ok
08:38:54.0046 3040	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:38:54.0203 3040	aec - ok
08:38:54.0234 3040	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:38:54.0296 3040	AFD - ok
08:38:54.0343 3040	agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
08:38:54.0484 3040	agp440 - ok
08:38:54.0500 3040	agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
08:38:54.0625 3040	agpCPQ - ok
08:38:54.0625 3040	Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
08:38:54.0703 3040	Aha154x - ok
08:38:54.0703 3040	aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
08:38:54.0828 3040	aic78u2 - ok
08:38:54.0843 3040	aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
08:38:54.0968 3040	aic78xx - ok
08:38:55.0000 3040	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
08:38:55.0171 3040	Alerter - ok
08:38:55.0203 3040	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
08:38:55.0265 3040	ALG - ok
08:38:55.0281 3040	AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
08:38:55.0421 3040	AliIde - ok
08:38:55.0421 3040	alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
08:38:55.0562 3040	alim1541 - ok
08:38:55.0578 3040	amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
08:38:55.0703 3040	amdagp - ok
08:38:55.0718 3040	amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
08:38:55.0781 3040	amsint - ok
08:38:55.0890 3040	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
08:38:55.0921 3040	AntiVirSchedulerService - ok
08:38:55.0953 3040	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
08:38:55.0984 3040	AntiVirService - ok
08:38:55.0984 3040	AppMgmt - ok
08:38:56.0046 3040	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:38:56.0171 3040	Arp1394 - ok
08:38:56.0187 3040	asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
08:38:56.0328 3040	asc - ok
08:38:56.0343 3040	asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
08:38:56.0406 3040	asc3350p - ok
08:38:56.0406 3040	asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
08:38:56.0531 3040	asc3550 - ok
08:38:56.0625 3040	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:38:56.0718 3040	aspnet_state - ok
08:38:56.0750 3040	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:38:56.0859 3040	AsyncMac - ok
08:38:56.0875 3040	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:38:57.0015 3040	atapi - ok
08:38:57.0015 3040	Atdisk - ok
08:38:57.0093 3040	atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
08:38:57.0156 3040	atksgt - ok
08:38:57.0171 3040	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:38:57.0296 3040	Atmarpc - ok
08:38:57.0328 3040	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
08:38:57.0468 3040	AudioSrv - ok
08:38:57.0484 3040	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:38:57.0609 3040	audstub - ok
08:38:57.0640 3040	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
08:38:57.0656 3040	avgntflt - ok
08:38:57.0703 3040	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
08:38:57.0718 3040	avipbb - ok
08:38:57.0734 3040	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
08:38:57.0765 3040	avkmgr - ok
08:38:57.0828 3040	AVM IGD CTRL Service (4ecb2653bfe9116c031a94f708343a16) C:\Programme\FRITZ!DSL\IGDCTRL.EXE
08:38:57.0859 3040	AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - warning
08:38:57.0859 3040	AVM IGD CTRL Service - detected UnsignedFile.Multi.Generic (1)
08:38:57.0921 3040	AVM WLAN Connection Service (c6f4c466b654c1be98af31418bb5ac30) C:\Programme\avmwlanstick\WlanNetService.exe
08:38:57.0968 3040	AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
08:38:57.0968 3040	AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
08:38:58.0031 3040	avmeject        (263cf9d248fd5e020a1333ed4f7eaa88) C:\WINDOWS\system32\drivers\avmeject.sys
08:38:58.0078 3040	avmeject ( UnsignedFile.Multi.Generic ) - warning
08:38:58.0078 3040	avmeject - detected UnsignedFile.Multi.Generic (1)
08:38:58.0125 3040	b57w2k          (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
08:38:58.0234 3040	b57w2k - ok
08:38:58.0281 3040	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:38:58.0406 3040	Beep - ok
08:38:58.0453 3040	bgsvcgen        (acc9c8c560c567fad6f79c977ab2ea09) C:\WINDOWS\system32\bgsvcgen.exe
08:38:58.0484 3040	bgsvcgen - ok
08:38:58.0531 3040	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
08:38:58.0843 3040	BITS - ok
08:38:58.0890 3040	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
08:38:59.0031 3040	Browser - ok
08:38:59.0046 3040	cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
08:38:59.0187 3040	cbidf - ok
08:38:59.0187 3040	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:38:59.0312 3040	cbidf2k - ok
08:38:59.0343 3040	cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
08:38:59.0421 3040	cd20xrnt - ok
08:38:59.0421 3040	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:38:59.0546 3040	Cdaudio - ok
08:38:59.0578 3040	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:38:59.0703 3040	Cdfs - ok
08:38:59.0750 3040	cdrbsdrv        (e0042bd5bef17a6a3ef1df576bde24d1) C:\WINDOWS\system32\drivers\cdrbsdrv.sys
08:38:59.0765 3040	cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning
08:38:59.0765 3040	cdrbsdrv - detected UnsignedFile.Multi.Generic (1)
08:38:59.0781 3040	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:38:59.0921 3040	Cdrom - ok
08:38:59.0921 3040	Changer - ok
08:38:59.0968 3040	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
08:39:00.0140 3040	CiSvc - ok
08:39:00.0187 3040	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
08:39:00.0359 3040	ClipSrv - ok
08:39:00.0453 3040	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:39:00.0546 3040	clr_optimization_v2.0.50727_32 - ok
08:39:00.0593 3040	CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
08:39:00.0734 3040	CmdIde - ok
08:39:00.0734 3040	COMSysApp - ok
08:39:00.0765 3040	Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
08:39:00.0890 3040	Cpqarray - ok
08:39:00.0921 3040	cpuz132         (097a0a4899b759a4f032bd464963b4be) C:\WINDOWS\system32\drivers\cpuz132_x32.sys
08:39:00.0937 3040	cpuz132 ( UnsignedFile.Multi.Generic ) - warning
08:39:00.0937 3040	cpuz132 - detected UnsignedFile.Multi.Generic (1)
08:39:00.0984 3040	Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\WINDOWS\system32\CTsvcCDA.EXE
08:39:00.0984 3040	Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
08:39:00.0984 3040	Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)
08:39:01.0015 3040	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
08:39:01.0140 3040	CryptSvc - ok
08:39:01.0218 3040	ctac32k         (1e41b8a10b9d78240c8bfacc269db155) C:\WINDOWS\system32\drivers\ctac32k.sys
08:39:01.0437 3040	ctac32k - ok
08:39:01.0500 3040	ctaud2k         (9bf1aa0eac9c7d33ce4d8a152e151f60) C:\WINDOWS\system32\drivers\ctaud2k.sys
08:39:01.0578 3040	ctaud2k - ok
08:39:01.0593 3040	ctdvda2k        (29f78d59b053cb8778f8426e4e24099c) C:\WINDOWS\system32\drivers\ctdvda2k.sys
08:39:01.0656 3040	ctdvda2k - ok
08:39:01.0656 3040	ctprxy2k        (a6f4c70da545230d001915d8eb08d881) C:\WINDOWS\system32\drivers\ctprxy2k.sys
08:39:01.0703 3040	ctprxy2k - ok
08:39:01.0750 3040	ctsfm2k         (b39e55c1c5e28e016ee3848f2e34c205) C:\WINDOWS\system32\drivers\ctsfm2k.sys
08:39:01.0781 3040	ctsfm2k - ok
08:39:01.0796 3040	dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
08:39:01.0921 3040	dac2w2k - ok
08:39:01.0937 3040	dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
08:39:02.0062 3040	dac960nt - ok
08:39:02.0125 3040	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
08:39:02.0218 3040	DcomLaunch - ok
08:39:02.0296 3040	de_serv         (8261afab6196157d7e19f4b2f3fbc383) C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
08:39:02.0296 3040	de_serv ( UnsignedFile.Multi.Generic ) - warning
08:39:02.0296 3040	de_serv - detected UnsignedFile.Multi.Generic (1)
08:39:02.0343 3040	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
08:39:02.0500 3040	Dhcp - ok
08:39:02.0500 3040	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:39:02.0625 3040	Disk - ok
08:39:02.0640 3040	dmadmin - ok
08:39:02.0687 3040	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
08:39:02.0859 3040	dmboot - ok
08:39:02.0875 3040	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
08:39:03.0031 3040	dmio - ok
08:39:03.0062 3040	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:39:03.0187 3040	dmload - ok
08:39:03.0234 3040	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
08:39:03.0359 3040	dmserver - ok
08:39:03.0375 3040	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:39:03.0515 3040	DMusic - ok
08:39:03.0546 3040	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
08:39:03.0671 3040	Dnscache - ok
08:39:03.0687 3040	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
08:39:03.0812 3040	Dot3svc - ok
08:39:03.0843 3040	dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
08:39:03.0953 3040	dpti2o - ok
08:39:03.0984 3040	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:39:04.0093 3040	drmkaud - ok
08:39:04.0125 3040	drvmcdb         (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
08:39:04.0140 3040	drvmcdb ( UnsignedFile.Multi.Generic ) - warning
08:39:04.0140 3040	drvmcdb - detected UnsignedFile.Multi.Generic (1)
08:39:04.0156 3040	drvnddm         (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
08:39:04.0156 3040	drvnddm ( UnsignedFile.Multi.Generic ) - warning
08:39:04.0156 3040	drvnddm - detected UnsignedFile.Multi.Generic (1)
08:39:04.0171 3040	E100B           (a6de5342417fec3c0aa8efebb899c431) C:\WINDOWS\system32\DRIVERS\e100b325.sys
08:39:04.0296 3040	E100B - ok
08:39:04.0328 3040	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
08:39:04.0453 3040	EapHost - ok
08:39:04.0500 3040	emupia          (5d70013d7e6602ec0a482f2985558c2d) C:\WINDOWS\system32\drivers\emupia2k.sys
08:39:04.0531 3040	emupia - ok
08:39:04.0546 3040	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
08:39:04.0687 3040	ERSvc - ok
08:39:04.0718 3040	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
08:39:04.0765 3040	Eventlog - ok
08:39:04.0828 3040	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
08:39:04.0890 3040	EventSystem - ok
08:39:04.0921 3040	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:39:05.0046 3040	Fastfat - ok
08:39:05.0109 3040	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
08:39:05.0171 3040	FastUserSwitchingCompatibility - ok
08:39:05.0234 3040	Fax             (08b8b302af0d1b3b8543429bbac8f21f) C:\WINDOWS\system32\fxssvc.exe
08:39:05.0390 3040	Fax - ok
08:39:05.0406 3040	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:39:05.0546 3040	Fdc - ok
08:39:05.0562 3040	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
08:39:05.0687 3040	Fips - ok
08:39:05.0703 3040	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:39:05.0828 3040	Flpydisk - ok
08:39:05.0875 3040	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:39:06.0000 3040	FltMgr - ok
08:39:06.0109 3040	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:39:06.0140 3040	FontCache3.0.0.0 - ok
08:39:06.0156 3040	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:39:06.0296 3040	Fs_Rec - ok
08:39:06.0312 3040	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:39:06.0421 3040	Ftdisk - ok
08:39:06.0484 3040	FWLANUSB        (ff12fa487265da2ac7de4be53f72ff1a) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
08:39:06.0593 3040	FWLANUSB - ok
08:39:06.0609 3040	gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
08:39:06.0734 3040	gameenum - ok
08:39:06.0796 3040	GcKernel        (72fe2bea6863d4eb93442a1c4fb5ca48) C:\WINDOWS\system32\DRIVERS\GcKernel.sys
08:39:06.0859 3040	GcKernel - ok
08:39:06.0906 3040	GEARAspiWDM     (32a73a8952580b284a47290adb62032a) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
08:39:06.0921 3040	GEARAspiWDM - ok
08:39:06.0953 3040	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:39:07.0093 3040	Gpc - ok
08:39:07.0156 3040	gupdate - ok
08:39:07.0156 3040	gupdatem - ok
08:39:07.0218 3040	gusvc           (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
08:39:07.0265 3040	gusvc - ok
08:39:07.0359 3040	ha10kx2k        (7ec50a84b89dae3458cb0308739b80de) C:\WINDOWS\system32\drivers\ha10kx2k.sys
08:39:07.0437 3040	ha10kx2k - ok
08:39:07.0484 3040	hap16v2k        (02a6bad64177c56d8b86b198b38db361) C:\WINDOWS\system32\drivers\hap16v2k.sys
08:39:07.0515 3040	hap16v2k - ok
08:39:07.0593 3040	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:39:07.0718 3040	helpsvc - ok
08:39:07.0765 3040	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
08:39:07.0890 3040	HidServ - ok
08:39:07.0921 3040	HIDSwvd         (bd205320308fb41c88a4049a2d1764b4) C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys
08:39:07.0984 3040	HIDSwvd - ok
08:39:08.0015 3040	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:39:08.0140 3040	HidUsb - ok
08:39:08.0171 3040	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
08:39:08.0296 3040	hkmsvc - ok
08:39:08.0343 3040	hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
08:39:08.0453 3040	hpn - ok
08:39:08.0484 3040	HPZid412        (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
08:39:08.0625 3040	HPZid412 - ok
08:39:08.0671 3040	HPZipr12        (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
08:39:08.0765 3040	HPZipr12 - ok
08:39:08.0781 3040	HPZius12        (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
08:39:08.0875 3040	HPZius12 - ok
08:39:08.0937 3040	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:39:09.0015 3040	HTTP - ok
08:39:09.0078 3040	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
08:39:09.0187 3040	HTTPFilter - ok
08:39:09.0250 3040	hwdatacard      (07853191b1bdee5b39be4cfcfe3b9ad4) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
08:39:09.0312 3040	hwdatacard - ok
08:39:09.0343 3040	i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
08:39:09.0453 3040	i2omgmt - ok
08:39:09.0500 3040	i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
08:39:09.0625 3040	i2omp - ok
08:39:09.0640 3040	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:39:09.0765 3040	i8042prt - ok
08:39:09.0859 3040	IAANTMon        (a38bf37fd0795382655f756dd4446fa0) C:\Programme\Intel\Intel Application Accelerator\iaantmon.exe
08:39:09.0875 3040	IAANTMon ( UnsignedFile.Multi.Generic ) - warning
08:39:09.0875 3040	IAANTMon - detected UnsignedFile.Multi.Generic (1)
08:39:09.0937 3040	iaStor          (d7731536e183b4397402ca6f9e1d52f7) C:\WINDOWS\system32\drivers\iaStor.sys
08:39:10.0031 3040	iaStor - ok
08:39:10.0031 3040	ICQ Service - ok
08:39:10.0156 3040	IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
08:39:10.0156 3040	IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:39:10.0156 3040	IDriverT - detected UnsignedFile.Multi.Generic (1)
08:39:10.0312 3040	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:39:10.0437 3040	idsvc - ok
08:39:10.0593 3040	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:39:10.0718 3040	Imapi - ok
08:39:10.0781 3040	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
08:39:10.0921 3040	ImapiService - ok
08:39:10.0937 3040	ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
08:39:11.0062 3040	ini910u - ok
08:39:11.0078 3040	IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:39:11.0203 3040	IntelIde - ok
08:39:11.0312 3040	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:39:11.0437 3040	intelppm - ok
08:39:11.0453 3040	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:39:11.0578 3040	Ip6Fw - ok
08:39:11.0593 3040	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:39:11.0718 3040	IpFilterDriver - ok
08:39:11.0765 3040	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:39:11.0875 3040	IpInIp - ok
08:39:11.0921 3040	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:39:12.0062 3040	IpNat - ok
08:39:12.0156 3040	iPodService     (962bc769d1008d83f6a00b9de887eef4) C:\Programme\iPod\bin\iPodService.exe
08:39:12.0203 3040	iPodService ( UnsignedFile.Multi.Generic ) - warning
08:39:12.0203 3040	iPodService - detected UnsignedFile.Multi.Generic (1)
08:39:12.0234 3040	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:39:12.0406 3040	IPSec - ok
08:39:12.0437 3040	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:39:12.0500 3040	IRENUM - ok
08:39:12.0531 3040	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:39:12.0656 3040	isapnp - ok
08:39:12.0671 3040	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:39:12.0796 3040	Kbdclass - ok
08:39:12.0812 3040	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:39:12.0937 3040	kbdhid - ok
08:39:12.0968 3040	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:39:13.0093 3040	kmixer - ok
08:39:13.0109 3040	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:39:13.0203 3040	KSecDD - ok
08:39:13.0281 3040	L8042Kbd        (ad1541d5ff5b3f903da34737b6ba9a53) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
08:39:13.0328 3040	L8042Kbd - ok
08:39:13.0343 3040	L8042mou        (e9d3c991f28f01415a7b56a854d243d8) C:\WINDOWS\system32\Drivers\L8042mou.sys
08:39:13.0406 3040	L8042mou - ok
08:39:13.0468 3040	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
08:39:13.0500 3040	lanmanserver - ok
08:39:13.0546 3040	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
08:39:13.0656 3040	lanmanworkstation - ok
08:39:13.0656 3040	lbrtfdc - ok
08:39:13.0703 3040	LHidKe          (e47f94327e369ed6916049febf5f85e5) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
08:39:13.0718 3040	LHidKe - ok
08:39:13.0750 3040	LHidUsbK        (a54c75e7481272eaaa6245683c89ecaa) C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
08:39:13.0796 3040	LHidUsbK - ok
08:39:13.0843 3040	lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
08:39:13.0875 3040	lirsgt - ok
08:39:13.0890 3040	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
08:39:14.0015 3040	LmHosts - ok
08:39:14.0031 3040	LMouKE          (0e34232fca6f20172b1d8b6e8a9a26d1) C:\WINDOWS\system32\Drivers\LMouKE.sys
08:39:14.0046 3040	LMouKE - ok
08:39:14.0078 3040	MBAMProtector   (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
08:39:14.0093 3040	MBAMProtector - ok
08:39:14.0187 3040	MBAMService     (43683e970f008c93c9429ef428147a54) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
08:39:14.0234 3040	MBAMService - ok
08:39:14.0265 3040	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
08:39:14.0390 3040	Messenger - ok
08:39:14.0437 3040	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:39:14.0546 3040	mnmdd - ok
08:39:14.0593 3040	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
08:39:14.0734 3040	mnmsrvc - ok
08:39:14.0843 3040	MOBCleanup - ok
08:39:14.0859 3040	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
08:39:14.0984 3040	Modem - ok
08:39:15.0015 3040	MODEMCSA        (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
08:39:15.0140 3040	MODEMCSA - ok
08:39:15.0156 3040	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:39:15.0296 3040	Mouclass - ok
08:39:15.0312 3040	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:39:15.0437 3040	mouhid - ok
08:39:15.0453 3040	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:39:15.0562 3040	MountMgr - ok
08:39:15.0640 3040	MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
08:39:15.0656 3040	MozillaMaintenance - ok
08:39:15.0671 3040	mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
08:39:15.0812 3040	mraid35x - ok
08:39:15.0843 3040	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:39:15.0968 3040	MRxDAV - ok
08:39:16.0015 3040	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:39:16.0109 3040	MRxSmb - ok
08:39:16.0140 3040	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
08:39:16.0281 3040	MSDTC - ok
08:39:16.0312 3040	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:39:16.0437 3040	Msfs - ok
08:39:16.0453 3040	MSIServer - ok
08:39:16.0468 3040	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:39:16.0578 3040	MSKSSRV - ok
08:39:16.0609 3040	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:39:16.0734 3040	MSPCLOCK - ok
08:39:16.0750 3040	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:39:16.0859 3040	MSPQM - ok
08:39:16.0906 3040	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:39:17.0031 3040	mssmbios - ok
08:39:17.0062 3040	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:39:17.0109 3040	Mup - ok
08:39:17.0171 3040	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
08:39:17.0312 3040	napagent - ok
08:39:17.0343 3040	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:39:17.0453 3040	NDIS - ok
08:39:17.0484 3040	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:39:17.0531 3040	NdisTapi - ok
08:39:17.0546 3040	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:39:17.0671 3040	Ndisuio - ok
08:39:17.0703 3040	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:39:17.0812 3040	NdisWan - ok
08:39:17.0843 3040	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:39:17.0906 3040	NDProxy - ok
08:39:17.0921 3040	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:39:18.0046 3040	NetBIOS - ok
08:39:18.0109 3040	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:39:18.0234 3040	NetBT - ok
08:39:18.0296 3040	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
08:39:18.0421 3040	NetDDE - ok
08:39:18.0437 3040	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
08:39:18.0546 3040	NetDDEdsdm - ok
08:39:18.0593 3040	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:18.0718 3040	Netlogon - ok
08:39:18.0765 3040	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
08:39:18.0890 3040	Netman - ok
08:39:19.0015 3040	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:39:19.0046 3040	NetTcpPortSharing - ok
08:39:19.0078 3040	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:39:19.0203 3040	NIC1394 - ok
08:39:19.0312 3040	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
08:39:19.0343 3040	Nla - ok
08:39:19.0421 3040	NMSAccess       (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Programme\CDBurnerXP\NMSAccessU.exe
08:39:19.0453 3040	NMSAccess - ok
08:39:19.0484 3040	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:39:19.0593 3040	Npfs - ok
08:39:19.0640 3040	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:39:19.0843 3040	Ntfs - ok
08:39:19.0890 3040	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:20.0000 3040	NtLmSsp - ok
08:39:20.0062 3040	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
08:39:20.0234 3040	NtmsSvc - ok
08:39:20.0281 3040	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:39:20.0406 3040	Null - ok
08:39:20.0828 3040	nv              (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:39:21.0203 3040	nv - ok
08:39:21.0359 3040	NVSvc           (1633409e67f1bd6e5ac8ecb9cd5d2027) C:\WINDOWS\system32\nvsvc32.exe
08:39:21.0453 3040	NVSvc - ok
08:39:21.0484 3040	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:39:21.0609 3040	NwlnkFlt - ok
08:39:21.0609 3040	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:39:21.0734 3040	NwlnkFwd - ok
08:39:21.0765 3040	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:39:21.0890 3040	ohci1394 - ok
08:39:21.0921 3040	omci            (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
08:39:21.0937 3040	omci ( UnsignedFile.Multi.Generic ) - warning
08:39:21.0937 3040	omci - detected UnsignedFile.Multi.Generic (1)
08:39:21.0984 3040	ossrv           (c52548b920482db03af8b49babd9fc48) C:\WINDOWS\system32\drivers\ctoss2k.sys
08:39:22.0015 3040	ossrv - ok
08:39:22.0031 3040	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
08:39:22.0156 3040	Parport - ok
08:39:22.0187 3040	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:39:22.0296 3040	PartMgr - ok
08:39:22.0328 3040	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
08:39:22.0453 3040	ParVdm - ok
08:39:22.0468 3040	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
08:39:22.0593 3040	PCI - ok
08:39:22.0593 3040	PCIDump - ok
08:39:22.0609 3040	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:39:22.0734 3040	PCIIde - ok
08:39:22.0765 3040	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:39:22.0906 3040	Pcmcia - ok
08:39:22.0906 3040	PDCOMP - ok
08:39:22.0921 3040	PDFRAME - ok
08:39:22.0937 3040	PDRELI - ok
08:39:22.0937 3040	PDRFRAME - ok
08:39:22.0953 3040	perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
08:39:23.0078 3040	perc2 - ok
08:39:23.0093 3040	perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
08:39:23.0203 3040	perc2hib - ok
08:39:23.0265 3040	PfModNT         (fefc8ebc170615068c3305dbee2667dd) C:\WINDOWS\system32\drivers\PfModNT.sys
08:39:23.0281 3040	PfModNT - ok
08:39:23.0343 3040	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
08:39:23.0359 3040	PlugPlay - ok
08:39:23.0406 3040	Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
08:39:23.0406 3040	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:39:23.0406 3040	Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:39:23.0421 3040	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:23.0546 3040	PolicyAgent - ok
08:39:23.0578 3040	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:39:23.0703 3040	PptpMiniport - ok
08:39:23.0750 3040	prodrv06        (6d3b2fc5dec2f59b28fe5fa17250a7b0) C:\WINDOWS\System32\drivers\prodrv06.sys
08:39:23.0750 3040	prodrv06 ( UnsignedFile.Multi.Generic ) - warning
08:39:23.0750 3040	prodrv06 - detected UnsignedFile.Multi.Generic (1)
08:39:23.0781 3040	prohlp02        (c5f47b7ec2ec906847d5f80ba779a5bd) C:\WINDOWS\system32\drivers\prohlp02.sys
08:39:23.0796 3040	prohlp02 ( UnsignedFile.Multi.Generic ) - warning
08:39:23.0796 3040	prohlp02 - detected UnsignedFile.Multi.Generic (1)
08:39:23.0812 3040	prosync1        (f3471e7971ee62420451d958da635064) C:\WINDOWS\system32\drivers\prosync1.sys
08:39:23.0828 3040	prosync1 ( UnsignedFile.Multi.Generic ) - warning
08:39:23.0828 3040	prosync1 - detected UnsignedFile.Multi.Generic (1)
08:39:23.0828 3040	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:23.0937 3040	ProtectedStorage - ok
08:39:23.0968 3040	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:39:24.0093 3040	PSched - ok
08:39:24.0125 3040	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:39:24.0250 3040	Ptilink - ok
08:39:24.0265 3040	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:39:24.0281 3040	PxHelp20 - ok
08:39:24.0312 3040	ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
08:39:24.0421 3040	ql1080 - ok
08:39:24.0437 3040	Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
08:39:24.0562 3040	Ql10wnt - ok
08:39:24.0562 3040	ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
08:39:24.0687 3040	ql12160 - ok
08:39:24.0687 3040	ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
08:39:24.0812 3040	ql1240 - ok
08:39:24.0828 3040	ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
08:39:24.0937 3040	ql1280 - ok
08:39:24.0953 3040	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:39:25.0078 3040	RasAcd - ok
08:39:25.0109 3040	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
08:39:25.0234 3040	RasAuto - ok
08:39:25.0250 3040	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:39:25.0359 3040	Rasl2tp - ok
08:39:25.0421 3040	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
08:39:25.0546 3040	RasMan - ok
08:39:25.0562 3040	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:39:25.0687 3040	RasPppoe - ok
08:39:25.0687 3040	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:39:25.0812 3040	Raspti - ok
08:39:25.0843 3040	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:39:25.0953 3040	Rdbss - ok
08:39:25.0968 3040	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:39:26.0078 3040	RDPCDD - ok
08:39:26.0140 3040	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:39:26.0265 3040	rdpdr - ok
08:39:26.0296 3040	RDPWD           (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
08:39:26.0343 3040	RDPWD - ok
08:39:26.0359 3040	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
08:39:26.0500 3040	RDSessMgr - ok
08:39:26.0531 3040	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:39:26.0640 3040	redbook - ok
08:39:26.0687 3040	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
08:39:26.0812 3040	RemoteAccess - ok
08:39:26.0828 3040	ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
08:39:26.0953 3040	ROOTMODEM - ok
08:39:26.0984 3040	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
08:39:27.0125 3040	RpcLocator - ok
08:39:27.0187 3040	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
08:39:27.0234 3040	RpcSs - ok
08:39:27.0265 3040	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
08:39:27.0375 3040	RSVP - ok
08:39:27.0421 3040	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:27.0531 3040	SamSs - ok
08:39:27.0546 3040	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
08:39:27.0671 3040	SCardSvr - ok
08:39:27.0734 3040	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
08:39:27.0859 3040	Schedule - ok
08:39:27.0890 3040	se44bus         (3097cff31374e309a8950775111a52bd) C:\WINDOWS\system32\DRIVERS\se44bus.sys
08:39:28.0140 3040	se44bus - ok
08:39:28.0171 3040	se44mdfl        (4a03dd4fb5b7cb2c53d8fe8848455a4e) C:\WINDOWS\system32\DRIVERS\se44mdfl.sys
08:39:28.0203 3040	se44mdfl - ok
08:39:28.0234 3040	se44mdm         (2ca2e66a945b5de1228ab5f5341d0e97) C:\WINDOWS\system32\DRIVERS\se44mdm.sys
08:39:28.0265 3040	se44mdm - ok
08:39:28.0296 3040	se44mgmt        (1977fb3c58c7c714a0ba8ad7960efb26) C:\WINDOWS\system32\DRIVERS\se44mgmt.sys
08:39:28.0312 3040	se44mgmt - ok
08:39:28.0359 3040	se44nd5         (9bd87c965eb93475bcbd732936f46e7c) C:\WINDOWS\system32\DRIVERS\se44nd5.sys
08:39:28.0390 3040	se44nd5 - ok
08:39:28.0437 3040	se44obex        (5eff45d05677695417c523d89c1757b6) C:\WINDOWS\system32\DRIVERS\se44obex.sys
08:39:28.0484 3040	se44obex - ok
08:39:28.0500 3040	se44unic        (037d2d26f91ca67bad9da36fe5c88640) C:\WINDOWS\system32\DRIVERS\se44unic.sys
08:39:28.0515 3040	se44unic - ok
08:39:28.0671 3040	SearchAnonymizer (0f4a80438e7286a0e623582f5f2395bd) C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
08:39:28.0687 3040	SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
08:39:28.0687 3040	SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
08:39:28.0718 3040	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:39:28.0781 3040	Secdrv - ok
08:39:28.0812 3040	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
08:39:28.0921 3040	seclogon - ok
08:39:28.0953 3040	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
08:39:29.0062 3040	SENS - ok
08:39:29.0093 3040	Ser2pl          (b490ad520257dda26c1d587a71e527b5) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
08:39:29.0109 3040	Ser2pl ( UnsignedFile.Multi.Generic ) - warning
08:39:29.0109 3040	Ser2pl - detected UnsignedFile.Multi.Generic (1)
08:39:29.0140 3040	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:39:29.0250 3040	serenum - ok
08:39:29.0265 3040	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
08:39:29.0390 3040	Serial - ok
08:39:29.0453 3040	sfhlp01         (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
08:39:29.0468 3040	sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
08:39:29.0468 3040	sfhlp01 - detected UnsignedFile.Multi.Generic (1)
08:39:29.0484 3040	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:39:29.0593 3040	Sfloppy - ok
08:39:29.0656 3040	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
08:39:29.0671 3040	ShellHWDetection - ok
08:39:29.0687 3040	Simbad - ok
08:39:29.0718 3040	sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
08:39:29.0843 3040	sisagp - ok
08:39:29.0859 3040	siusbmod        (9fe3c19c993179c1266bd2b6cfb83e6b) C:\WINDOWS\system32\DRIVERS\siusbmod.sys
08:39:29.0859 3040	siusbmod ( UnsignedFile.Multi.Generic ) - warning
08:39:29.0859 3040	siusbmod - detected UnsignedFile.Multi.Generic (1)
08:39:29.0890 3040	Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
08:39:29.0968 3040	Sparrow - ok
08:39:29.0984 3040	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:39:30.0093 3040	splitter - ok
08:39:30.0125 3040	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
08:39:30.0187 3040	Spooler - ok
08:39:30.0281 3040	sptd            (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\System32\Drivers\sptd.sys
08:39:30.0343 3040	sptd - ok
08:39:30.0359 3040	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
08:39:30.0421 3040	sr - ok
08:39:30.0468 3040	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
08:39:30.0546 3040	srservice - ok
08:39:30.0593 3040	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:39:30.0718 3040	Srv - ok
08:39:30.0734 3040	sscdbhk5        (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
08:39:30.0765 3040	sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
08:39:30.0765 3040	sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
08:39:30.0781 3040	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
08:39:30.0859 3040	SSDPSRV - ok
08:39:30.0890 3040	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
08:39:30.0906 3040	ssmdrv - ok
08:39:30.0906 3040	ssrtln          (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
08:39:30.0921 3040	ssrtln ( UnsignedFile.Multi.Generic ) - warning
08:39:30.0921 3040	ssrtln - detected UnsignedFile.Multi.Generic (1)
08:39:30.0953 3040	StarOpen        (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
08:39:30.0953 3040	StarOpen ( UnsignedFile.Multi.Generic ) - warning
08:39:30.0953 3040	StarOpen - detected UnsignedFile.Multi.Generic (1)
08:39:31.0015 3040	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
08:39:31.0187 3040	stisvc - ok
08:39:31.0250 3040	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:39:31.0390 3040	swenum - ok
08:39:31.0453 3040	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:39:31.0593 3040	swmidi - ok
08:39:31.0593 3040	SwPrv - ok
08:39:31.0625 3040	symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
08:39:31.0765 3040	symc810 - ok
08:39:31.0781 3040	symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
08:39:31.0890 3040	symc8xx - ok
08:39:31.0906 3040	sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
08:39:32.0031 3040	sym_hi - ok
08:39:32.0046 3040	sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
08:39:32.0156 3040	sym_u3 - ok
08:39:32.0187 3040	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:39:32.0312 3040	sysaudio - ok
08:39:32.0343 3040	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
08:39:32.0468 3040	SysmonLog - ok
08:39:32.0484 3040	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
08:39:32.0625 3040	TapiSrv - ok
08:39:32.0687 3040	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:39:32.0765 3040	Tcpip - ok
08:39:32.0796 3040	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:39:32.0921 3040	TDPIPE - ok
08:39:32.0968 3040	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:39:33.0093 3040	TDTCP - ok
08:39:33.0109 3040	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:39:33.0234 3040	TermDD - ok
08:39:33.0296 3040	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
08:39:33.0437 3040	TermService - ok
08:39:33.0500 3040	tfsnboio        (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
08:39:33.0531 3040	tfsnboio ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0531 3040	tfsnboio - detected UnsignedFile.Multi.Generic (1)
08:39:33.0546 3040	tfsncofs        (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
08:39:33.0562 3040	tfsncofs ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0562 3040	tfsncofs - detected UnsignedFile.Multi.Generic (1)
08:39:33.0562 3040	tfsndrct        (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
08:39:33.0578 3040	tfsndrct ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0578 3040	tfsndrct - detected UnsignedFile.Multi.Generic (1)
08:39:33.0609 3040	tfsndres        (d4400188782aa797598958969c9657d4) C:\WINDOWS\system32\dla\tfsndres.sys
08:39:33.0609 3040	tfsndres ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0609 3040	tfsndres - detected UnsignedFile.Multi.Generic (1)
08:39:33.0640 3040	tfsnifs         (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
08:39:33.0640 3040	tfsnifs ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0640 3040	tfsnifs - detected UnsignedFile.Multi.Generic (1)
08:39:33.0656 3040	tfsnopio        (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
08:39:33.0656 3040	tfsnopio ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0656 3040	tfsnopio - detected UnsignedFile.Multi.Generic (1)
08:39:33.0671 3040	tfsnpool        (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
08:39:33.0671 3040	tfsnpool ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0671 3040	tfsnpool - detected UnsignedFile.Multi.Generic (1)
08:39:33.0687 3040	tfsnudf         (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
08:39:33.0703 3040	tfsnudf ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0703 3040	tfsnudf - detected UnsignedFile.Multi.Generic (1)
08:39:33.0718 3040	tfsnudfa        (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
08:39:33.0718 3040	tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0718 3040	tfsnudfa - detected UnsignedFile.Multi.Generic (1)
08:39:33.0765 3040	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
08:39:33.0781 3040	Themes - ok
08:39:33.0828 3040	TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys
08:39:33.0921 3040	TosIde - ok
08:39:33.0953 3040	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
08:39:34.0078 3040	TrkWks - ok
08:39:34.0140 3040	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:39:34.0281 3040	Udfs - ok
08:39:34.0296 3040	ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
08:39:34.0359 3040	ultra - ok
08:39:34.0421 3040	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:39:34.0593 3040	Update - ok
08:39:34.0656 3040	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
08:39:34.0734 3040	upnphost - ok
08:39:34.0781 3040	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
08:39:34.0906 3040	UPS - ok
08:39:34.0953 3040	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:39:35.0078 3040	usbccgp - ok
08:39:35.0093 3040	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:39:35.0218 3040	usbehci - ok
08:39:35.0234 3040	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:39:35.0359 3040	usbhub - ok
08:39:35.0390 3040	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:39:35.0531 3040	usbprint - ok
08:39:35.0531 3040	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:39:35.0656 3040	usbscan - ok
08:39:35.0671 3040	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:39:35.0812 3040	USBSTOR - ok
08:39:35.0828 3040	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:39:35.0937 3040	usbuhci - ok
08:39:36.0000 3040	UserAccess7     (d40a2f00da5a23a254c7b9c1678043c1) C:\WINDOWS\system32\UAService7.exe
08:39:36.0015 3040	UserAccess7 ( UnsignedFile.Multi.Generic ) - warning
08:39:36.0015 3040	UserAccess7 - detected UnsignedFile.Multi.Generic (1)
08:39:36.0046 3040	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:39:36.0171 3040	VgaSave - ok
08:39:36.0203 3040	viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
08:39:36.0312 3040	viaagp - ok
08:39:36.0328 3040	ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
08:39:36.0437 3040	ViaIde - ok
08:39:36.0500 3040	vmm             (e41fef9e3056fe88c71e411f705be41e) C:\WINDOWS\system32\Drivers\vmm.sys
08:39:36.0531 3040	vmm - ok
08:39:36.0531 3040	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
08:39:36.0656 3040	VolSnap - ok
08:39:36.0671 3040	VPCNetS2        (f96a678debdccb0b4bb7f38cb2580589) C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
08:39:36.0703 3040	VPCNetS2 - ok
08:39:36.0750 3040	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
08:39:36.0828 3040	VSS - ok
08:39:36.0875 3040	w200bus         (34923e278eac7ddcea717ae1fcf592f6) C:\WINDOWS\system32\DRIVERS\w200bus.sys
08:39:36.0953 3040	w200bus - ok
08:39:37.0000 3040	w200mdfl        (eff90a983cd3deab05922242e8072dc6) C:\WINDOWS\system32\DRIVERS\w200mdfl.sys
08:39:37.0125 3040	w200mdfl - ok
08:39:37.0171 3040	w200mdm         (f03da4fbb2708a0b5409ea63e88c0f50) C:\WINDOWS\system32\DRIVERS\w200mdm.sys
08:39:37.0218 3040	w200mdm - ok
08:39:37.0250 3040	w200mgmt        (1522d6387e6bb54aef9824b1733832db) C:\WINDOWS\system32\DRIVERS\w200mgmt.sys
08:39:37.0265 3040	w200mgmt - ok
08:39:37.0296 3040	w200obex        (8405be0bba1ccf26d0fbdd26be03c816) C:\WINDOWS\system32\DRIVERS\w200obex.sys
08:39:37.0328 3040	w200obex - ok
08:39:37.0406 3040	w32time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
08:39:37.0531 3040	w32time - ok
08:39:37.0562 3040	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:39:37.0687 3040	Wanarp - ok
08:39:37.0703 3040	WDICA - ok
08:39:37.0734 3040	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:39:37.0859 3040	wdmaud - ok
08:39:37.0906 3040	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
08:39:38.0031 3040	WebClient - ok
08:39:38.0125 3040	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
08:39:38.0250 3040	winmgmt - ok
08:39:38.0312 3040	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
08:39:38.0406 3040	WmdmPmSN - ok
08:39:38.0453 3040	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:39:38.0593 3040	WmiApSrv - ok
08:39:38.0687 3040	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
08:39:38.0796 3040	WMPNetworkSvc - ok
08:39:38.0828 3040	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
08:39:38.0859 3040	WpdUsb - ok
08:39:38.0875 3040	WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:39:38.0984 3040	WS2IFSL - ok
08:39:39.0015 3040	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
08:39:39.0187 3040	wuauserv - ok
08:39:39.0250 3040	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:39:39.0296 3040	WudfPf - ok
08:39:39.0296 3040	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:39:39.0328 3040	WudfRd - ok
08:39:39.0343 3040	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
08:39:39.0375 3040	WudfSvc - ok
08:39:39.0437 3040	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
08:39:39.0625 3040	WZCSVC - ok
08:39:39.0671 3040	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
08:39:39.0843 3040	xmlprov - ok
08:39:39.0875 3040	MBR (0x1B8)     (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
08:39:40.0453 3040	\Device\Harddisk0\DR0 - ok
08:39:40.0468 3040	MBR (0x1B8)     (53adf81be61316f4f38c854dcd59bc05) \Device\Harddisk1\DR4
08:39:50.0609 3040	\Device\Harddisk1\DR4 - ok
08:39:50.0625 3040	Boot (0x1200)   (6a3c7c285378ca155b34b4f236f50650) \Device\Harddisk0\DR0\Partition0
08:39:50.0625 3040	\Device\Harddisk0\DR0\Partition0 - ok
08:39:50.0625 3040	============================================================
08:39:50.0625 3040	Scan finished
08:39:50.0625 3040	============================================================
08:39:50.0734 2200	Detected object count: 34
08:39:50.0734 2200	Actual detected object count: 34
08:40:20.0984 2200	AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200	AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:20.0984 2200	AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200	AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:20.0984 2200	avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200	avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:20.0984 2200	cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200	cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:20.0984 2200	cpuz132 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200	cpuz132 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0000 2200	Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200	Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0000 2200	de_serv ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200	de_serv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0000 2200	drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200	drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0000 2200	drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200	drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0000 2200	IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200	IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0000 2200	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0015 2200	iPodService ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200	iPodService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0015 2200	omci ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200	omci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0015 2200	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0015 2200	prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200	prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0015 2200	prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200	prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0015 2200	prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200	prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0015 2200	SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200	SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0031 2200	Ser2pl ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200	Ser2pl ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0031 2200	sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200	sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0031 2200	siusbmod ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200	siusbmod ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0031 2200	sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200	sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0031 2200	ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200	ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0031 2200	StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200	StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0031 2200	tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200	tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0046 2200	tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200	tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0046 2200	tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200	tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0046 2200	tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200	tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0046 2200	tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200	tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0046 2200	tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200	tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0046 2200	tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200	tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0046 2200	tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200	tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0062 2200	tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0062 2200	tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip 
08:40:21.0062 2200	UserAccess7 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0062 2200	UserAccess7 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop.

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

hier das ergebnis:

[code]
Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 12-08-14.02 - Christopher 14.08.2012  18:18:58.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1022.423 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Christopher\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\Christopher\WINDOWS
c:\windows\Help\d2hlnk32.dll
c:\windows\Help\d2htls32.dll
c:\windows\IsUn0407.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\FUSION.DLL
c:\windows\system32\URTTemp\MSCOREE.DLL
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\MSCORSN.DLL
c:\windows\system32\URTTemp\MSCORWKS.DLL
c:\windows\system32\URTTemp\MSVCR71.DLL
c:\windows\system32\URTTemp\REGTLIB.EXE
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-07-14 bis 2012-08-14  ))))))))))))))))))))))))))))))
.
.
2012-08-12 17:27 . 2012-08-12 17:27	--------	d-----w-	C:\_OTL
2012-08-07 14:43 . 2012-08-07 14:43	--------	d-----w-	c:\programme\ESET
2012-08-07 12:48 . 2012-08-07 12:48	--------	d-----w-	c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-08-07 12:47	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-07-03 11:46	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-08-07 12:47 . 2012-08-07 12:47	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2012-08-04 15:18 . 2012-08-04 15:20	--------	d-----w-	c:\programme\7-Zip
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 19:40 . 2012-03-31 06:57	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-02 19:40 . 2011-05-23 10:32	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:55 . 2004-08-04 13:00	1866240	----a-w-	c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2007-05-15 13:43	1372672	----a-w-	c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-04 13:00	1172480	----a-w-	c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-04 13:00	152576	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-06-21 13:20	18456	----a-w-	c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2007-06-21 13:20	15896	----a-w-	c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00	329240	----a-w-	c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2004-08-04 13:00	219160	----a-w-	c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2004-08-04 13:00	210968	----a-w-	c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-06-21 13:20	15896	----a-w-	c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2005-05-26 03:16	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2004-08-04 13:00	97304	----a-w-	c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2004-08-04 13:00	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2004-08-04 13:00	35864	----a-w-	c:\windows\system32\WUPS.DLL
2012-06-02 13:19 . 2007-06-21 13:20	23576	----a-w-	c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2004-08-04 13:00	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2009-09-22 05:53	214256	----a-w-	c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-09-22 05:53	275696	----a-w-	c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-09-22 05:53	18160	----a-w-	c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2004-08-04 13:00	604160	----a-w-	c:\windows\system32\crypt32.dll
2012-07-19 11:11 . 2011-09-02 12:07	136672	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
2011-04-14 12:01 . 2010-12-11 15:48	24376	----a-w-	c:\programme\mozilla firefox\components\Scriptff.dll
2006-05-03 10:06	163328	--sh--r-	c:\windows\SYSTEM32\flvDX.dll
2007-02-21 11:47	31232	--sh--r-	c:\windows\SYSTEM32\msfDX.dll
2008-03-16 13:30	216064	--sh--r-	c:\windows\SYSTEM32\nbDX.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-06-28 67128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\programme\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"CTSysVol"="c:\programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"CTHelper"="CTHELPER.EXE" [2004-03-11 28672]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DMXLauncher"="c:\programme\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"bacstray"="c:\programme\Broadcom\BACS\\BacsTray.exe" [2004-04-20 118784]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"AVMWlanClient"="c:\programme\avmwlanstick\FRITZWLANMini.exe" [2007-02-02 283136]
"Ocs_SM"="c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe" [2011-06-12 106496]
"Launch LGDCore"="c:\programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-21 296056]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
Logitech Desktop Messenger.lnk - c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-6-28 67128]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2007-4-11 434176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41	37296	----a-w-	c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-10-12 15:54	57344	----a-w-	c:\programme\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2006-02-23 13:45	278528	----a-w-	c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2011-11-03 09:20	220744	----a-w-	c:\programme\pdf24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38	421888	----a-w-	c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2006-11-23 23:06	487424	----a-r-	c:\programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-21 07:51	296056	----a-w-	c:\program files\Real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-08-27 15:05	247144	----a-w-	c:\programme\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 00:01	110592	----a-w-	c:\programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
R1 avkmgr;avkmgr;c:\windows\SYSTEM32\DRIVERS\avkmgr.sys [10.12.2011 17:09 36000]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [10.12.2011 17:09 86224]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [07.08.2012 14:47 655944]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\SYSTEM32\DRIVERS\fwlanusb.sys [02.12.2005 14:49 265088]
R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [07.08.2012 14:47 22344]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe --> c:\programme\ICQ6Toolbar\ICQ Service.exe [?]
S2 MOBCleanup;MOBCleanup;"c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe" --> c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe [?]
S2 SearchAnonymizer;SearchAnonymizer;c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe [31.05.2011 17:52 40960]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe [31.03.2012 08:57 250056]
S3 avmeject;AVM Eject;c:\windows\SYSTEM32\DRIVERS\avmeject.sys [20.01.2011 17:10 4352]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [03.05.2012 13:10 113120]
S3 siusbmod;siusbmod;c:\windows\SYSTEM32\DRIVERS\siusbmod.sys [27.03.2008 19:14 26624]
S4 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [12.06.2011 17:39 697328]
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:40]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-13 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]
.
2005-05-20 c:\windows\Tasks\ISP-Anmeldungserinnerung 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 02:22]
.
2012-08-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-07-26 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\programme\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - www.google.de
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.newTab - false
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN24950295514244-1001&toolbarId=base&affiliateId=1001&Lan={dfltLng}&utid=cc0f9335000000000000001c4af26575&q=
FF - user.js: extensions.zonealarm.id - cc0f9335000000000000001c4af26575
FF - user.js: extensions.zonealarm.instlDay - 15466
FF - user.js: extensions.zonealarm.vrsn - 1.5.23.8
FF - user.js: extensions.zonealarm.vrsni - 1.5.23.8
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.5.23.816:54
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1001
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN24950295514244-1001
FF - user.js: extensions.zonealarm.dfltLng - de
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-ISW - (no file)
AddRemove-FRITZ!DSL - c:\windows\IsUn0407.exe
AddRemove-Future Cop - c:\windows\unin0407.exe
AddRemove-ICQToolbar - c:\programme\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-MFatigue Uninst - c:\windows\IsUn0407.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
AddRemove-ZoneAlarm Security Toolbar - c:\programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-14 18:31
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5e,83,41,d5,3b,69,51,e1,dc,d2,ed,e5,47,fe,b0,ec,13,ec,ed,78,24,95,4f,
   e4,0a,40,89,00,8e,f7,7d,b7,35,b6,c7,2e,c5,df,7b,78,89,30,ed,ce,30,85,a0,7b,\
"??"=hex:f1,14,a9,de,97,cf,aa,85,e5,5d,d7,b7,5c,0a,de,bf
.
Zeit der Fertigstellung: 2012-08-14  18:34:51
ComboFix-quarantined-files.txt  2012-08-14 16:34
.
Vor Suchlauf: 28 Verzeichnis(se), 198.281.134.080 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 198.767.878.144 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 8D5770633013EC7E09E03BDEF778CEA0
         

--- --- ---

Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code: Alles auswählenAufklappen

ATTFilter

Firefox::
FF - ProfilePath - c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.newTab - false
FF - user.js: extensions.zonealarm.tlbrSrchUrl - http://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN24950295514244-1001&toolbarId=base&affiliateId=1001&Lan={dfltLng}&utid=cc0f9335000000000000001c4af26575&q=
FF - user.js: extensions.zonealarm.id - cc0f9335000000000000001c4af26575
FF - user.js: extensions.zonealarm.instlDay - 15466
FF - user.js: extensions.zonealarm.vrsn - 1.5.23.8
FF - user.js: extensions.zonealarm.vrsni - 1.5.23.8
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.5.23.816:54
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1001
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN24950295514244-1001
FF - user.js: extensions.zonealarm.dfltLng - de
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
         

3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.



6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

und hier das nächste log:

[code]
Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 12-08-14.03 - Christopher 14.08.2012  19:25:40.2.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1022.353 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Christopher\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Christopher\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-07-14 bis 2012-08-14  ))))))))))))))))))))))))))))))
.
.
2012-08-12 17:27 . 2012-08-12 17:27	--------	d-----w-	C:\_OTL
2012-08-07 14:43 . 2012-08-07 14:43	--------	d-----w-	c:\programme\ESET
2012-08-07 12:48 . 2012-08-07 12:48	--------	d-----w-	c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-08-07 12:47	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-07-03 11:46	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-08-07 12:47 . 2012-08-07 12:47	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2012-08-04 15:18 . 2012-08-04 15:20	--------	d-----w-	c:\programme\7-Zip
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 19:40 . 2012-03-31 06:57	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-02 19:40 . 2011-05-23 10:32	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:55 . 2004-08-04 13:00	1866240	----a-w-	c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2007-05-15 13:43	1372672	----a-w-	c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-04 13:00	1172480	----a-w-	c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-04 13:00	152576	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-06-21 13:20	18456	----a-w-	c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2007-06-21 13:20	15896	----a-w-	c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00	329240	----a-w-	c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2004-08-04 13:00	219160	----a-w-	c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2004-08-04 13:00	210968	----a-w-	c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-06-21 13:20	15896	----a-w-	c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2005-05-26 03:16	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2004-08-04 13:00	97304	----a-w-	c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2004-08-04 13:00	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2004-08-04 13:00	35864	----a-w-	c:\windows\system32\WUPS.DLL
2012-06-02 13:19 . 2007-06-21 13:20	23576	----a-w-	c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2004-08-04 13:00	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2009-09-22 05:53	214256	----a-w-	c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-09-22 05:53	275696	----a-w-	c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-09-22 05:53	18160	----a-w-	c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2004-08-04 13:00	604160	----a-w-	c:\windows\system32\crypt32.dll
2012-07-19 11:11 . 2011-09-02 12:07	136672	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
2011-04-14 12:01 . 2010-12-11 15:48	24376	----a-w-	c:\programme\mozilla firefox\components\Scriptff.dll
2006-05-03 10:06	163328	--sh--r-	c:\windows\SYSTEM32\flvDX.dll
2007-02-21 11:47	31232	--sh--r-	c:\windows\SYSTEM32\msfDX.dll
2008-03-16 13:30	216064	--sh--r-	c:\windows\SYSTEM32\nbDX.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-06-28 67128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\programme\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"CTSysVol"="c:\programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"CTHelper"="CTHELPER.EXE" [2004-03-11 28672]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DMXLauncher"="c:\programme\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"bacstray"="c:\programme\Broadcom\BACS\\BacsTray.exe" [2004-04-20 118784]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"AVMWlanClient"="c:\programme\avmwlanstick\FRITZWLANMini.exe" [2007-02-02 283136]
"Ocs_SM"="c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe" [2011-06-12 106496]
"Launch LGDCore"="c:\programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-21 296056]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
Logitech Desktop Messenger.lnk - c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-6-28 67128]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2007-4-11 434176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41	37296	----a-w-	c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-10-12 15:54	57344	----a-w-	c:\programme\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2006-02-23 13:45	278528	----a-w-	c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2011-11-03 09:20	220744	----a-w-	c:\programme\pdf24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38	421888	----a-w-	c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2006-11-23 23:06	487424	----a-r-	c:\programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-21 07:51	296056	----a-w-	c:\program files\Real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-08-27 15:05	247144	----a-w-	c:\programme\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 00:01	110592	----a-w-	c:\programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
.
R1 avkmgr;avkmgr;c:\windows\SYSTEM32\DRIVERS\avkmgr.sys [10.12.2011 17:09 36000]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [10.12.2011 17:09 86224]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [07.08.2012 14:47 655944]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\SYSTEM32\DRIVERS\fwlanusb.sys [02.12.2005 14:49 265088]
R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [07.08.2012 14:47 22344]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe --> c:\programme\ICQ6Toolbar\ICQ Service.exe [?]
S2 MOBCleanup;MOBCleanup;"c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe" --> c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe [?]
S2 SearchAnonymizer;SearchAnonymizer;c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe [31.05.2011 17:52 40960]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe [31.03.2012 08:57 250056]
S3 avmeject;AVM Eject;c:\windows\SYSTEM32\DRIVERS\avmeject.sys [20.01.2011 17:10 4352]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [03.05.2012 13:10 113120]
S3 siusbmod;siusbmod;c:\windows\SYSTEM32\DRIVERS\siusbmod.sys [27.03.2008 19:14 26624]
S4 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [12.06.2011 17:39 697328]
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:40]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-13 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]
.
2005-05-20 c:\windows\Tasks\ISP-Anmeldungserinnerung 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 02:22]
.
2012-08-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-07-26 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\programme\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - www.google.de
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-14 19:38
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5e,83,41,d5,3b,69,51,e1,dc,d2,ed,e5,47,fe,b0,ec,13,ec,ed,78,24,95,4f,
   e4,0a,40,89,00,8e,f7,7d,b7,35,b6,c7,2e,c5,df,7b,78,89,30,ed,ce,30,85,a0,7b,\
"??"=hex:f1,14,a9,de,97,cf,aa,85,e5,5d,d7,b7,5c,0a,de,bf
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(1992)
c:\programme\Logitech\SetPoint\GameHook.dll
c:\programme\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Zeit der Fertigstellung: 2012-08-14  19:41:32
ComboFix-quarantined-files.txt  2012-08-14 17:41
ComboFix2.txt  2012-08-14 16:34
.
Vor Suchlauf: 29 Verzeichnis(se), 198.782.914.560 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 198.753.456.128 Bytes frei
.
- - End Of File - - F87809475B43EC4BBAE13D633A8C5AEA
         

--- --- ---

Ok, das ganze nochmal, aber diesmal dieses Script in die CFScript.txt kopieren, es darf nur noch das hier in der CFScript.txt stehen, der Rest wie oben gehabt:

Code: Alles auswählenAufklappen

ATTFilter

Seccenter::
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

Driver::
ICQ Service

Folder::
c:\programme\ICQ6Toolbar
         

erledigt:

[code]
Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 12-08-15.01 - Christopher 15.08.2012  20:25:12.3.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1022.439 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Christopher\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Christopher\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-07-15 bis 2012-08-15  ))))))))))))))))))))))))))))))
.
.
2012-08-12 17:27 . 2012-08-12 17:27	--------	d-----w-	C:\_OTL
2012-08-07 14:43 . 2012-08-07 14:43	--------	d-----w-	c:\programme\ESET
2012-08-07 12:48 . 2012-08-07 12:48	--------	d-----w-	c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-08-07 12:47	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-07-03 11:46	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-08-07 12:47 . 2012-08-07 12:47	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2012-08-04 15:18 . 2012-08-04 15:20	--------	d-----w-	c:\programme\7-Zip
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 19:40 . 2012-03-31 06:57	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-02 19:40 . 2011-05-23 10:32	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:55 . 2004-08-04 13:00	1866240	----a-w-	c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2007-05-15 13:43	1372672	----a-w-	c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-04 13:00	1172480	----a-w-	c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-04 13:00	152576	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-06-21 13:20	18456	----a-w-	c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2007-06-21 13:20	15896	----a-w-	c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00	329240	----a-w-	c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2004-08-04 13:00	219160	----a-w-	c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2004-08-04 13:00	210968	----a-w-	c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-06-21 13:20	15896	----a-w-	c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2005-05-26 03:16	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2004-08-04 13:00	97304	----a-w-	c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2004-08-04 13:00	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2004-08-04 13:00	35864	----a-w-	c:\windows\system32\WUPS.DLL
2012-06-02 13:19 . 2007-06-21 13:20	23576	----a-w-	c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2004-08-04 13:00	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2009-09-22 05:53	214256	----a-w-	c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-09-22 05:53	275696	----a-w-	c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-09-22 05:53	18160	----a-w-	c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2004-08-04 13:00	604160	----a-w-	c:\windows\system32\crypt32.dll
2012-07-19 11:11 . 2011-09-02 12:07	136672	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
2011-04-14 12:01 . 2010-12-11 15:48	24376	----a-w-	c:\programme\mozilla firefox\components\Scriptff.dll
2006-05-03 10:06	163328	--sh--r-	c:\windows\SYSTEM32\flvDX.dll
2007-02-21 11:47	31232	--sh--r-	c:\windows\SYSTEM32\msfDX.dll
2008-03-16 13:30	216064	--sh--r-	c:\windows\SYSTEM32\nbDX.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-08-14_16.31.14   )))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-06-28 67128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\programme\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"CTSysVol"="c:\programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"CTHelper"="CTHELPER.EXE" [2004-03-11 28672]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DMXLauncher"="c:\programme\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"bacstray"="c:\programme\Broadcom\BACS\\BacsTray.exe" [2004-04-20 118784]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"AVMWlanClient"="c:\programme\avmwlanstick\FRITZWLANMini.exe" [2007-02-02 283136]
"Ocs_SM"="c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe" [2011-06-12 106496]
"Launch LGDCore"="c:\programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-21 296056]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
Logitech Desktop Messenger.lnk - c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-6-28 67128]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2007-4-11 434176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41	37296	----a-w-	c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-10-12 15:54	57344	----a-w-	c:\programme\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2006-02-23 13:45	278528	----a-w-	c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2011-11-03 09:20	220744	----a-w-	c:\programme\pdf24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38	421888	----a-w-	c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2006-11-23 23:06	487424	----a-r-	c:\programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-21 07:51	296056	----a-w-	c:\program files\Real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-08-27 15:05	247144	----a-w-	c:\programme\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 00:01	110592	----a-w-	c:\programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
.
R1 avkmgr;avkmgr;c:\windows\SYSTEM32\DRIVERS\avkmgr.sys [10.12.2011 17:09 36000]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [10.12.2011 17:09 86224]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [07.08.2012 14:47 655944]
R2 SearchAnonymizer;SearchAnonymizer;c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe [31.05.2011 17:52 40960]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\SYSTEM32\DRIVERS\fwlanusb.sys [02.12.2005 14:49 265088]
R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [07.08.2012 14:47 22344]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S2 MOBCleanup;MOBCleanup;"c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe" --> c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe [31.03.2012 08:57 250056]
S3 avmeject;AVM Eject;c:\windows\SYSTEM32\DRIVERS\avmeject.sys [20.01.2011 17:10 4352]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [03.05.2012 13:10 113120]
S3 siusbmod;siusbmod;c:\windows\SYSTEM32\DRIVERS\siusbmod.sys [27.03.2008 19:14 26624]
S4 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [12.06.2011 17:39 697328]
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:40]
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-14 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]
.
2005-05-20 c:\windows\Tasks\ISP-Anmeldungserinnerung 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 02:22]
.
2012-08-15 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-07-26 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\programme\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - www.google.de
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-15 20:40
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5e,83,41,d5,3b,69,51,e1,dc,d2,ed,e5,47,fe,b0,ec,13,ec,ed,78,24,95,4f,
   e4,0a,40,89,00,8e,f7,7d,b7,35,b6,c7,2e,c5,df,7b,78,89,30,ed,ce,30,85,a0,7b,\
"??"=hex:f1,14,a9,de,97,cf,aa,85,e5,5d,d7,b7,5c,0a,de,bf
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(2312)
c:\programme\Logitech\SetPoint\GameHook.dll
c:\programme\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\ctagent.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programme\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\FRITZ!DSL\IGDCTRL.EXE
c:\programme\avmwlanstick\WlanNetService.exe
c:\windows\system32\bgsvcgen.exe
c:\windows\system32\CTsvcCDA.EXE
c:\programme\Intel\Intel Application Accelerator\iaantmon.exe
c:\programme\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\UAService7.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\CTHELPER.EXE
c:\programme\Broadcom\BACS\BacsTray.exe
c:\programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-15  20:46:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-08-15 18:46
ComboFix2.txt  2012-08-14 17:41
ComboFix3.txt  2012-08-14 16:34
.
Vor Suchlauf: 29 Verzeichnis(se), 198.595.555.328 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 198.444.511.232 Bytes frei
.
- - End Of File - - EFBBDEFD647BC420E7C729BAB875BD04
         

--- --- ---

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

• Starte die aswMBR.exe - (aswMBR.exe Anleitung)
  Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
• Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
  Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  
• Klicke auf Scan.
• Warte bitte bis Scan finished successfully im DOS-Fenster steht.
• Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

hier zunächst das log von gmer:

[code]
GMER Logfile:

Code: Alles auswählenAufklappen

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-16 13:32:45
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Intel___ rev.0.1.
Running: berw7wji.exe; Driver: C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\fxtyapog.sys


---- System - GMER 1.0.15 ----

SSDT            B832AB44                                                                                              ZwClose
SSDT            B832AAFE                                                                                              ZwCreateKey
SSDT            B832AB4E                                                                                              ZwCreateSection
SSDT            B832AAF4                                                                                              ZwCreateThread
SSDT            B832AB03                                                                                              ZwDeleteKey
SSDT            B832AB0D                                                                                              ZwDeleteValueKey
SSDT            B832AB3F                                                                                              ZwDuplicateObject
SSDT            B832AB12                                                                                              ZwLoadKey
SSDT            B832AAE0                                                                                              ZwOpenProcess
SSDT            B832AAE5                                                                                              ZwOpenThread
SSDT            B832AB67                                                                                              ZwQueryValueKey
SSDT            B832AB1C                                                                                              ZwReplaceKey
SSDT            B832AB58                                                                                              ZwRequestWaitReplyPort
SSDT            B832AB17                                                                                              ZwRestoreKey
SSDT            B832AB53                                                                                              ZwSetContextThread
SSDT            B832AB5D                                                                                              ZwSetSecurityObject
SSDT            B832AB08                                                                                              ZwSetValueKey
SSDT            B832AB62                                                                                              ZwSystemDebugControl
SSDT            B832AAEF                                                                                              ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                              section is writeable [0xF4DCB3A0, 0x5CC259, 0xE8000020]
.text           C:\WINDOWS\system32\DRIVERS\atksgt.sys                                                                section is writeable [0xB0FED300, 0x3B6D8, 0xE8000020]
.text           C:\WINDOWS\system32\DRIVERS\lirsgt.sys                                                                section is writeable [0xF7932300, 0x1BEE, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text           C:\program files\real\realplayer\update\realsched.exe[2524] kernel32.dll!SetUnhandledExceptionFilter  7C84495D 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- Devices - GMER 1.0.15 ----

Device          \Driver\prodrv06 \Device\ProDrv06                                                                     E1FE4478
Device          \Driver\iaStor \Device\Ide\iaStor0                                                                    prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\atapi \Device\Ide\IdePort0                                                                    prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4                                                           prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c                                                           prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\iaStor \Device\Ide\IAAStorageDevice-0                                                         prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\prohlp02 \Device\ProHlp02                                                                     E10016D0

AttachedDevice  \FileSystem\Fastfat \Fat                                                                              fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device          \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer                                                    tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer                                                     tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer                                                         tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer                                                      tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer                                                     tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Cdfs \Cdfs                                                                                tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----
         

--- --- ---


und hier das andere:

Code: Alles auswählenAufklappen

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-16 13:42:03
-----------------------------
13:42:03.609    OS Version: Windows 5.1.2600 Service Pack 3
13:42:03.609    Number of processors: 2 586 0x403
13:42:03.609    ComputerName: D67S0N1J  UserName: 
13:42:04.468    Initialize success
13:45:25.281    AVAST engine defs: 12081600
13:45:48.531    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
13:45:48.531    Disk 0 Vendor: Intel___ 0.1. Size: 305175MB BusType: 3
13:45:48.734    Disk 0 MBR read successfully
13:45:48.734    Disk 0 MBR scan
13:45:49.015    Disk 0 unknown MBR code
13:45:49.046    Disk 0 Partition 1 00     DE Dell Utility Dell 4.1       47 MB offset 63
13:45:49.156    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       302309 MB offset 96390
13:45:49.218    Disk 0 Partition 3 00     DB  CP/M / CTOS MSWIN4.1     2816 MB offset 619225425
13:45:49.390    Disk 0 scanning sectors +624992760
13:45:49.906    Disk 0 scanning C:\WINDOWS\system32\drivers
13:47:17.328    Service scanning
13:47:33.187    Modules scanning
13:49:27.906    Disk 0 trace - called modules:
13:49:27.968    ntkrnlpa.exe CLASSPNP.SYS disk.sys prosync1.sys hal.dll iaStor.sys 
13:49:27.968    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87185030]
13:49:27.984    3 CLASSPNP.SYS[f7612fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86e66030]
13:49:28.968    AVAST engine scan C:\WINDOWS
13:52:26.953    AVAST engine scan C:\WINDOWS\system32
14:11:31.296    AVAST engine scan C:\WINDOWS\system32\drivers
14:14:43.000    AVAST engine scan C:\Dokumente und Einstellungen\Christopher
15:30:52.953    AVAST engine scan C:\Dokumente und Einstellungen\All Users
15:36:51.078    Scan finished successfully
16:24:11.812    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Christopher\Desktop\MBR.dat"
16:24:11.812    The log file has been saved successfully to "C:\Dokumente und Einstellungen\Christopher\Desktop\aswMBR.txt"
         

Was ist mit OSAM?

oh sry, das hat ich vergessen zu posten

Code: Alles auswählenAufklappen

ATTFilter

OSAM Logfile:

	
Code: 

Alles auswählenAufklappen 
ATTFilter

  
	
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 13:40:39 on 16.08.2012

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 14.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"HPpromotions journeysoftware.job" - "hp" - C:\Programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"RealUpgradeLogonTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"BACSCPL.cpl" - ? - C:\WINDOWS\system32\BACSCPL.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl
"PhysX.cpl" - ? - C:\WINDOWS\system32\PhysX.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"ECSEPM" - "Sony Ericsson Mobile Communications AB" - C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\ecsepm.cpl
"IAA" - "Intel Corporation" - C:\Programme\Intel\Intel Application Accelerator\cpl\iaa.cpl
"Pando" - "Pando Networks" - C:\Programme\Pando Networks\Media Booster\PMB.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"atksgt" (atksgt) - ? - C:\WINDOWS\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avkmgr.sys
"AVM Eject" (avmeject) - "AVM Berlin" - C:\WINDOWS\System32\drivers\avmeject.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"cdrbsdrv" (cdrbsdrv) - "B.H.A Corporation" - C:\WINDOWS\system32\drivers\cdrbsdrv.sys
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"cpuz132" (cpuz132) - "Windows (R) Codename Longhorn DDK provider" - C:\WINDOWS\system32\drivers\cpuz132_x32.sys
"drvmcdb" (drvmcdb) - "Sonic Solutions" - C:\WINDOWS\System32\drivers\drvmcdb.sys
"drvnddm" (drvnddm) - "Sonic Solutions" - C:\WINDOWS\System32\drivers\drvnddm.sys
"fxtyapog" (fxtyapog) - ? - C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\fxtyapog.sys  (Hidden registry entry, rootkit activity | File not found)
"GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"lirsgt" (lirsgt) - ? - C:\WINDOWS\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MAT Serial port driver" (Ser2pl) - "Prolific Technology Inc." - C:\WINDOWS\System32\DRIVERS\ser2pl.sys
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\WINDOWS\system32\drivers\mbam.sys
"OMCI WDM Device Driver" (omci) - "Dell Computer Corporation" - C:\WINDOWS\System32\DRIVERS\omci.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"siusbmod" (siusbmod) - "Siemens AG " - C:\WINDOWS\System32\DRIVERS\siusbmod.sys
"sscdbhk5" (sscdbhk5) - "Sonic Solutions" - C:\WINDOWS\System32\drivers\sscdbhk5.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"ssrtln" (ssrtln) - "Sonic Solutions" - C:\WINDOWS\System32\drivers\ssrtln.sys
"StarForce Protection Environment Driver v6" (prodrv06) - "Protection Technology" - C:\WINDOWS\System32\drivers\prodrv06.sys
"StarForce Protection Helper Driver" (sfhlp01) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfhlp01.sys
"StarForce Protection Helper Driver v2" (prohlp02) - "Protection Technology" - C:\WINDOWS\System32\drivers\prohlp02.sys
"StarForce Protection Synchronization Driver v1" (prosync1) - "Protection Technology" - C:\WINDOWS\System32\drivers\prosync1.sys
"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys  (File found, but it contains no detailed information)
"tfsnboio" (tfsnboio) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnboio.sys
"tfsncofs" (tfsncofs) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsncofs.sys
"tfsndrct" (tfsndrct) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsndrct.sys
"tfsndres" (tfsndres) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsndres.sys
"tfsnifs" (tfsnifs) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnifs.sys
"tfsnopio" (tfsnopio) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnopio.sys
"tfsnpool" (tfsnpool) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnpool.sys
"tfsnudf" (tfsnudf) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnudf.sys
"tfsnudfa" (tfsnudfa) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnudfa.sys
"Virtual Machine Monitor" (vmm) - "Microsoft Corporation" - C:\WINDOWS\system32\Drivers\vmm.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Programme\Essentials Codec Pack\Haali\mmfinfo.dll  (File found, but it contains no detailed information)
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{A173B69A-1F9B-4823-9FDA-412F641E65D6} "INSMimeFilterPP Class" - ? - C:\Programme\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{9462A756-7B47-47BC-8C80-C34B9B80B32B} "BackWeb GA Pluggable Protocol" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -   (File not found | COM-object registry key not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll
{5CA3D70E-1895-11CF-8E15-001234567890} "DriveLetterAccess" - "Sonic Solutions" - C:\WINDOWS\system32\dla\tfswshx.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Programme\Essentials Codec Pack\Haali\mmfinfo.dll  (File found, but it contains no detailed information)
{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\Programme\Essentials Codec Pack\Haali\mmfinfo.dll  (File found, but it contains no detailed information)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\Programme\Essentials Codec Pack\Haali\mmfinfo.dll  (File found, but it contains no detailed information)
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "ICQ Lite Shell Extension" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Computer, Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll
{DEE12703-6333-4D4E-8F34-738C4DCC2E04} "RecordNow! SendToExt" - ? - C:\Programme\Sonic\RecordNow!\shlext.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{03DAACC5-10BA-4E3E-9D54-2A569F6B4B87} "Sony Ericsson File Manager" - "Popwire AB" - C:\Programme\Sony Ericsson\Mobile2\File Manager\FM.dll
{738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Sony Ericsson File Manager" - "Popwire AB" - C:\Programme\Sony Ericsson\Mobile2\File Manager\FM.dll
{8932AEFE-9DB6-4f43-AFB2-5682F55E773A} "VPCHostCopyHook" - "Microsoft Corporation" - C:\Programme\Microsoft Virtual PC\VPCShExH.DLL
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Google" - "Google Germany GmbH" - c:\programme\google\googletoolbar3.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{D821DC4A-0814-435E-9820-661C543A4679} "CRLDownloadWrapper Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\crlocx.ocx / hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash32_11_3_300_270.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} "{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}" - ? -   (File not found | COM-object registry key not found) / hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} "{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}" - ? -   (File not found | COM-object registry key not found) / hxxp://download.mcafee.com/molbin/shared/mcgdmgr/de/1,0,0,23/mcgdmgr.cab
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} "{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} "ClsidExtension" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll
"ICQ Lite" - ? - C:\Programme\ICQLite\ICQLite.exe  (File not found)
"ICQ7.5" - "ICQ, LLC." - C:\Programme\ICQ7.5\ICQ.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Google" - "Google Germany GmbH" - c:\programme\google\googletoolbar3.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"DESKTOP.INI" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DESKTOP.INI
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)
"Logitech Desktop Messenger.lnk" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe  (Shortcut exists | File exists)
"Logitech SetPoint.lnk" - "Logitech Inc." - C:\Programme\Logitech\SetPoint\SetPoint.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"DESKTOP.INI" - ? - C:\Dokumente und Einstellungen\Christopher\Startmenü\Programme\Autostart\DESKTOP.INI
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"LDM" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"AVMWlanClient" - "AVM Berlin" - C:\Programme\avmwlanstick\FRITZWLANMini.exe
"bacstray" - "Broadcom Corporation" - C:\Programme\Broadcom\BACS\\BacsTray.exe
"CTDVDDET" - "Creative Technology Ltd" - C:\Programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
"CTHelper" - "Creative Technology Ltd" - CTHELPER.EXE
"CTSysVol" - "Creative Technology Ltd" - C:\Programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
"dla" - "Sonic Solutions" - C:\WINDOWS\system32\dla\tfswctrl.exe
"DMXLauncher" - ? - C:\Programme\Dell\Media Experience\DMXLauncher.exe  (File found, but it contains no detailed information)
"HP Software Update" - "Hewlett-Packard" - C:\Programme\HP\HP Software Update\HPWuSchd2.exe
"IAAnotif" - "Intel Corporation" - C:\Programme\Intel\Intel Application Accelerator\iaanotif.exe
"Launch LGDCore" - "Logitech Inc." - "C:\Programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"nwiz" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet
"Ocs_SM" - "OCS" - C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe
"TkBellExe" - "RealNetworks, Inc." - "C:\program files\real\realplayer\update\realsched.exe"  -osboot
"UpdReg" - "Creative Technology Ltd." - C:\WINDOWS\UpdReg.EXE

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFCreator" - ? - C:\WINDOWS\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll  (File not found)
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"AVM FRITZ!web Routing Service" (de_serv) - "AVM Berlin" - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
"AVM IGD CTRL Service" (AVM IGD CTRL Service) - "AVM Berlin" - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
"AVM WLAN Connection Service" (AVM WLAN Connection Service) - "AVM Berlin" - C:\Programme\avmwlanstick\WlanNetService.exe
"B's Recorder GOLD Library General Service" (bgsvcgen) - "B.H.A Corporation" - C:\WINDOWS\system32\bgsvcgen.exe
"Creative Service for CDROM Access" (Creative Service for CDROM Access) - "Creative Technology Ltd" - C:\WINDOWS\system32\CTsvcCDA.EXE
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"IAA Event Monitor" (IAANTMon) - "Intel Corporation" - C:\Programme\Intel\Intel Application Accelerator\iaantmon.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"iPodService" (iPodService) - "Apple Computer, Inc." - C:\Programme\iPod\bin\iPodService.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
"MOBCleanup" (MOBCleanup) - ? - "C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe"  (File not found)
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
"NMSAccess" (NMSAccess) - ? - C:\Programme\CDBurnerXP\NMSAccessU.exe  (File found, but it contains no detailed information)
"Pml Driver HPZ12" (Pml Driver HPZ12) - "HP" - C:\WINDOWS\system32\HPZipm12.exe
"SearchAnonymizer" (SearchAnonymizer) - ? - C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
"SecuROM User Access Service (V7)" (UserAccess7) - "Sony DADC Austria AG." - C:\WINDOWS\system32\UAService7.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===
         
 
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
         

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!