| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google funktioniert nicht mehrWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.10.2012, 20:02
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Google funktioniert nicht mehr Hm, da ist immer noch Toolbar-Müll drin Bitte mal den aktuellen adwCleaner runterladen, also die alte adwcleaner löschen und neu runterladen adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.10.2012, 20:14
| #17 |
 | Google funktioniert nicht mehrCode:
ATTFilter # AdwCleaner v2.003 - Datei am 10/04/2012 um 21:12:27 erstellt
# Aktualisiert am 23/09/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : *** - QUASIMODO
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\***\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [2340 octets] - [02/10/2012 20:47:14]
AdwCleaner[S1].txt - [2659 octets] - [03/10/2012 19:07:37]
AdwCleaner[R2].txt - [721 octets] - [04/10/2012 21:12:27]
########## EOF - C:\AdwCleaner[R2].txt - [780 octets] ##########
|
|
05.10.2012, 09:46
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google funktioniert nicht mehr Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
IE - HKU\S-1-5-21-1582357080-547377736-1665707571-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-21-1582357080-547377736-1665707571-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-21-1582357080-547377736-1665707571-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-1582357080-547377736-1665707571-1007\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1582357080-547377736-1665707571-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
[2012.09.29 21:25:54 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-1.xml
[2008.11.16 13:37:50 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-2.xml
[2008.12.18 15:39:44 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-3.xml
[2009.02.15 12:21:25 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-4.xml
[2009.03.10 20:03:57 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-5.xml
[2009.03.30 20:29:12 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-6.xml
[2009.05.05 18:37:14 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-7.xml
[2009.06.13 23:13:39 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-8.xml
[2009.09.17 21:58:12 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-9.xml
[2008.10.15 20:59:55 | 000,000,951 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin.xml
[2012.10.01 14:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
O4 - HKU\.DEFAULT..\Run: [rundll32.exe] File not found
O4 - HKU\.DEFAULT..\Run: [WAB] C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia\Common\2a13802619.exe File not found
O4 - HKU\S-1-5-18..\Run: [rundll32.exe] File not found
O4 - HKU\S-1-5-18..\Run: [WAB] C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia\Common\2a13802619.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1582357080-547377736-1665707571-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O15 - HKU\S-1-5-21-1582357080-547377736-1665707571-1007\..Trusted Ranges: Range37 ([*] in Lokales Intranet)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.08.17 14:44:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{248ff1b0-1e1b-11de-8d77-0013ce2858e2}\Shell\AutoRun\command - "" = E:\System\Security\DriveGuard.exe -run
O33 - MountPoints2\{248ff1b0-1e1b-11de-8d77-0013ce2858e2}\Shell\Explore\Command - "" = E:\System\Security\DriveGuard.exe -run
O33 - MountPoints2\{248ff1b0-1e1b-11de-8d77-0013ce2858e2}\Shell\Open\Command - "" = E:\System\Security\DriveGuard.exe -run
O33 - MountPoints2\{2c0bbe00-0b15-11dd-8b15-0013ce2858e2}\Shell\AutoRun\command - "" = E:\System\Security\DriveGuard.exe -run
O33 - MountPoints2\{2c0bbe00-0b15-11dd-8b15-0013ce2858e2}\Shell\Explore\Command - "" = E:\System\Security\DriveGuard.exe -run
O33 - MountPoints2\{2c0bbe00-0b15-11dd-8b15-0013ce2858e2}\Shell\Open\Command - "" = E:\System\Security\DriveGuard.exe -run
O33 - MountPoints2\{9ee7fea0-ca51-11de-8eed-0013ce2858e2}\Shell - "" = AutoRun
O33 - MountPoints2\{9ee7fea0-ca51-11de-8eed-0013ce2858e2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9ee7fea0-ca51-11de-8eed-0013ce2858e2}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a76e5cc2-cb99-11de-8eef-0013ce2858e2}\Shell - "" = AutoRun
O33 - MountPoints2\{a76e5cc2-cb99-11de-8eef-0013ce2858e2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a76e5cc2-cb99-11de-8eef-0013ce2858e2}\Shell\AutoRun\command - "" = E:\VersionControl.exe
O33 - MountPoints2\{bdd80d50-cbe2-11de-8ef4-0013ce2858e2}\Shell - "" = AutoRun
O33 - MountPoints2\{bdd80d50-cbe2-11de-8ef4-0013ce2858e2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bdd80d50-cbe2-11de-8ef4-0013ce2858e2}\Shell\AutoRun\command - "" = E:\VersionControl.exe
O33 - MountPoints2\{feb63b30-ca3c-11de-8eea-0013ce2858e2}\Shell - "" = AutoRun
O33 - MountPoints2\{feb63b30-ca3c-11de-8eea-0013ce2858e2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{feb63b30-ca3c-11de-8eea-0013ce2858e2}\Shell\AutoRun\command - "" = E:\Install.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\VersionControl.exe
:Files
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia\Common
C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ Toolbar
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
|
05.10.2012, 11:09
| #19 |
| | Google funktioniert nicht mehr So hier ist das Fix-Log, leider tut Google noch immer nicht... Code:
ATTFilter All processes killed
========== OTL ==========
HKU\S-1-5-21-1582357080-547377736-1665707571-1007\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-1582357080-547377736-1665707571-1007\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1582357080-547377736-1665707571-1007\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" removed from keyword.URL
Prefs.js: 4 removed from network.proxy.type
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\searchplugins\icqplugin.xml moved successfully.
C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\META-INF folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome\tb-amulet-of-protection\content folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome\tb-amulet-of-protection folder moved successfully.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome scheduled to be moved on reboot.
C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib\google3 folder moved successfully.
C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib\firefox folder moved successfully.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions scheduled to be moved on reboot.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\rundll32.exe deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\WAB deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\rundll32.exe not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\WAB not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry value HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range37\\* deleted successfully.
Invalid CLSID key: *
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{248ff1b0-1e1b-11de-8d77-0013ce2858e2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{248ff1b0-1e1b-11de-8d77-0013ce2858e2}\ not found.
File E:\System\Security\DriveGuard.exe -run not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{248ff1b0-1e1b-11de-8d77-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{248ff1b0-1e1b-11de-8d77-0013ce2858e2}\ not found.
File E:\System\Security\DriveGuard.exe -run not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{248ff1b0-1e1b-11de-8d77-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{248ff1b0-1e1b-11de-8d77-0013ce2858e2}\ not found.
File E:\System\Security\DriveGuard.exe -run not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c0bbe00-0b15-11dd-8b15-0013ce2858e2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c0bbe00-0b15-11dd-8b15-0013ce2858e2}\ not found.
File E:\System\Security\DriveGuard.exe -run not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c0bbe00-0b15-11dd-8b15-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c0bbe00-0b15-11dd-8b15-0013ce2858e2}\ not found.
File E:\System\Security\DriveGuard.exe -run not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c0bbe00-0b15-11dd-8b15-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c0bbe00-0b15-11dd-8b15-0013ce2858e2}\ not found.
File E:\System\Security\DriveGuard.exe -run not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ee7fea0-ca51-11de-8eed-0013ce2858e2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ee7fea0-ca51-11de-8eed-0013ce2858e2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ee7fea0-ca51-11de-8eed-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ee7fea0-ca51-11de-8eed-0013ce2858e2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ee7fea0-ca51-11de-8eed-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ee7fea0-ca51-11de-8eed-0013ce2858e2}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a76e5cc2-cb99-11de-8eef-0013ce2858e2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a76e5cc2-cb99-11de-8eef-0013ce2858e2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a76e5cc2-cb99-11de-8eef-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a76e5cc2-cb99-11de-8eef-0013ce2858e2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a76e5cc2-cb99-11de-8eef-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a76e5cc2-cb99-11de-8eef-0013ce2858e2}\ not found.
File E:\VersionControl.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdd80d50-cbe2-11de-8ef4-0013ce2858e2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdd80d50-cbe2-11de-8ef4-0013ce2858e2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdd80d50-cbe2-11de-8ef4-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdd80d50-cbe2-11de-8ef4-0013ce2858e2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdd80d50-cbe2-11de-8ef4-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdd80d50-cbe2-11de-8ef4-0013ce2858e2}\ not found.
File E:\VersionControl.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{feb63b30-ca3c-11de-8eea-0013ce2858e2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{feb63b30-ca3c-11de-8eea-0013ce2858e2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{feb63b30-ca3c-11de-8eea-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{feb63b30-ca3c-11de-8eea-0013ce2858e2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{feb63b30-ca3c-11de-8eea-0013ce2858e2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{feb63b30-ca3c-11de-8eea-0013ce2858e2}\ not found.
File E:\Install.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\VersionControl.exe not found.
========== FILES ==========
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia\Common folder moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ Toolbar folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\***\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Besitzer
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49286 bytes
User: LocalService
->Temp folder emptied: 82513 bytes
->Temporary Internet Files folder emptied: 32969 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 34710 bytes
User: ***
->Temp folder emptied: 365063 bytes
->Temporary Internet Files folder emptied: 10145913 bytes
->Java cache emptied: 22417305 bytes
->FireFox cache emptied: 54814814 bytes
->Flash cache emptied: 652 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 22610432 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22432 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 105,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.70.2 log created on 10052012_115413
Files\Folders moved on Reboot...
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\amulet-jslib scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} scheduled to be moved on reboot.
Folder move failed. C:\Programme\Mozilla Firefox\extensions scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
05.10.2012, 14:12
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google funktioniert nicht mehr Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.10.2012, 20:31
| #21 |
| | Google funktioniert nicht mehrCode:
ATTFilter 21:15:59.0376 3880 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:15:59.0687 3880 ============================================================
21:15:59.0687 3880 Current date / time: 2012/10/05 21:15:59.0687
21:15:59.0687 3880 SystemInfo:
21:15:59.0687 3880
21:15:59.0687 3880 OS Version: 5.1.2600 ServicePack: 3.0
21:15:59.0687 3880 Product type: Workstation
21:15:59.0687 3880 ComputerName: QUASIMODO
21:15:59.0687 3880 UserName: ***
21:15:59.0687 3880 Windows directory: C:\WINDOWS
21:15:59.0687 3880 System windows directory: C:\WINDOWS
21:15:59.0687 3880 Processor architecture: Intel x86
21:15:59.0687 3880 Number of processors: 1
21:15:59.0687 3880 Page size: 0x1000
21:15:59.0687 3880 Boot type: Normal boot
21:15:59.0687 3880 ============================================================
21:16:02.0120 3880 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:16:02.0120 3880 ============================================================
21:16:02.0120 3880 \Device\Harddisk0\DR0:
21:16:02.0120 3880 MBR partitions:
21:16:02.0120 3880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94A84E8
21:16:02.0120 3880 ============================================================
21:16:02.0130 3880 C: <-> \Device\Harddisk0\DR0\Partition1
21:16:02.0140 3880 ============================================================
21:16:02.0140 3880 Initialize success
21:16:02.0140 3880 ============================================================
21:17:42.0484 0496 ============================================================
21:17:42.0484 0496 Scan started
21:17:42.0484 0496 Mode: Manual; SigCheck; TDLFS;
21:17:42.0484 0496 ============================================================
21:17:42.0685 0496 ================ Scan system memory ========================
21:17:44.0688 0496 System memory - ok
21:17:44.0698 0496 ================ Scan services =============================
21:17:44.0788 0496 Abiosdsk - ok
21:17:44.0798 0496 abp480n5 - ok
21:17:44.0838 0496 [ 95CDD68B6DCA09F581B043734854C87D ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:17:44.0838 0496 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: 95CDD68B6DCA09F581B043734854C87D, Fake md5: AC407F1A62C3A300B4F2B5A9F1D55B2C
21:17:44.0838 0496 ACPI ( Virus.Win32.Rloader.a ) - infected
21:17:44.0838 0496 ACPI - detected Virus.Win32.Rloader.a (0)
21:17:44.0878 0496 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:17:46.0630 0496 ACPIEC - ok
21:17:46.0691 0496 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:17:46.0711 0496 AdobeFlashPlayerUpdateSvc - ok
21:17:46.0721 0496 adpu160m - ok
21:17:46.0751 0496 [ F13D8E7E1FAA31019C25EB17B5FB2662 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
21:17:46.0791 0496 aeaudio ( UnsignedFile.Multi.Generic ) - warning
21:17:46.0791 0496 aeaudio - detected UnsignedFile.Multi.Generic (1)
21:17:46.0801 0496 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:17:46.0951 0496 aec - ok
21:17:47.0011 0496 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:17:47.0041 0496 AFD - ok
21:17:47.0091 0496 [ 029E01CB2938BEC5AF31BF47B6AF0159 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
21:17:47.0211 0496 AgereSoftModem ( UnsignedFile.Multi.Generic ) - warning
21:17:47.0211 0496 AgereSoftModem - detected UnsignedFile.Multi.Generic (1)
21:17:47.0221 0496 Aha154x - ok
21:17:47.0231 0496 aic78u2 - ok
21:17:47.0241 0496 aic78xx - ok
21:17:47.0271 0496 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:17:47.0402 0496 Alerter - ok
21:17:47.0422 0496 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
21:17:47.0542 0496 ALG - ok
21:17:47.0542 0496 AliIde - ok
21:17:47.0552 0496 amsint - ok
21:17:47.0642 0496 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
21:17:47.0662 0496 AntiVirSchedulerService - ok
21:17:47.0692 0496 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
21:17:47.0702 0496 AntiVirService - ok
21:17:47.0712 0496 AppMgmt - ok
21:17:47.0732 0496 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:17:47.0842 0496 Arp1394 - ok
21:17:47.0842 0496 asc - ok
21:17:47.0852 0496 asc3350p - ok
21:17:47.0862 0496 asc3550 - ok
21:17:47.0912 0496 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
21:17:47.0922 0496 aspnet_state ( UnsignedFile.Multi.Generic ) - warning
21:17:47.0922 0496 aspnet_state - detected UnsignedFile.Multi.Generic (1)
21:17:47.0932 0496 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:17:48.0042 0496 AsyncMac - ok
21:17:48.0072 0496 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:17:48.0193 0496 atapi - ok
21:17:48.0203 0496 Atdisk - ok
21:17:48.0243 0496 [ 2C450E1E3442F3B776B301A67E8C47F0 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:17:48.0293 0496 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
21:17:48.0293 0496 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
21:17:48.0353 0496 [ B8142104502F794689C1C0BCBFB53B98 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:17:48.0493 0496 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
21:17:48.0493 0496 ati2mtag - detected UnsignedFile.Multi.Generic (1)
21:17:48.0523 0496 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:17:48.0633 0496 Atmarpc - ok
21:17:48.0653 0496 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:17:48.0773 0496 AudioSrv - ok
21:17:48.0804 0496 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:17:48.0924 0496 audstub - ok
21:17:48.0944 0496 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:17:49.0084 0496 avgntflt - ok
21:17:49.0114 0496 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:17:49.0134 0496 avipbb - ok
21:17:49.0154 0496 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:17:49.0164 0496 avkmgr - ok
21:17:49.0284 0496 [ 553E94AE71D233C14A8C8B4AF9286ED0 ] BecHelperService C:\Programme\3 Mobile Broadband\3Connect\BecHelperService.exe
21:17:49.0364 0496 BecHelperService - ok
21:17:49.0404 0496 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:17:49.0545 0496 Beep - ok
21:17:49.0595 0496 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
21:17:49.0735 0496 BITS - ok
21:17:49.0765 0496 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
21:17:49.0805 0496 Browser - ok
21:17:49.0815 0496 Ca504av - ok
21:17:49.0845 0496 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:17:49.0975 0496 cbidf2k - ok
21:17:50.0025 0496 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:17:50.0145 0496 CCDECODE - ok
21:17:50.0155 0496 cd20xrnt - ok
21:17:50.0186 0496 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:17:50.0296 0496 Cdaudio - ok
21:17:50.0306 0496 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:17:50.0426 0496 Cdfs - ok
21:17:50.0436 0496 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:17:50.0546 0496 Cdrom - ok
21:17:50.0606 0496 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
21:17:50.0656 0496 CFSvcs ( UnsignedFile.Multi.Generic ) - warning
21:17:50.0656 0496 CFSvcs - detected UnsignedFile.Multi.Generic (1)
21:17:50.0656 0496 Changer - ok
21:17:50.0696 0496 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:17:50.0816 0496 CiSvc - ok
21:17:50.0836 0496 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:17:50.0957 0496 ClipSrv - ok
21:17:50.0977 0496 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:17:51.0097 0496 CmBatt - ok
21:17:51.0107 0496 CmdIde - ok
21:17:51.0107 0496 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:17:51.0227 0496 Compbatt - ok
21:17:51.0237 0496 COMSysApp - ok
21:17:51.0247 0496 Cpqarray - ok
21:17:51.0277 0496 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:17:51.0397 0496 CryptSvc - ok
21:17:51.0407 0496 dac2w2k - ok
21:17:51.0407 0496 dac960nt - ok
21:17:51.0457 0496 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:17:51.0578 0496 DcomLaunch - ok
21:17:51.0618 0496 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:17:51.0718 0496 Dhcp - ok
21:17:51.0748 0496 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:17:51.0868 0496 Disk - ok
21:17:51.0868 0496 dmadmin - ok
21:17:51.0928 0496 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:17:52.0098 0496 dmboot - ok
21:17:52.0118 0496 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:17:52.0238 0496 dmio - ok
21:17:52.0279 0496 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:17:52.0389 0496 dmload - ok
21:17:52.0429 0496 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:17:52.0549 0496 dmserver - ok
21:17:52.0569 0496 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:17:52.0679 0496 DMusic - ok
21:17:52.0729 0496 [ A4855EAD4A204B6D536CC91D937CBF68 ] dnbudf C:\WINDOWS\system32\drivers\dnbudf.sys
21:17:52.0779 0496 dnbudf ( UnsignedFile.Multi.Generic ) - warning
21:17:52.0779 0496 dnbudf - detected UnsignedFile.Multi.Generic (1)
21:17:52.0809 0496 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:17:52.0879 0496 Dnscache - ok
21:17:52.0939 0496 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:17:53.0070 0496 Dot3svc - ok
21:17:53.0070 0496 dpti2o - ok
21:17:53.0090 0496 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:17:53.0200 0496 drmkaud - ok
21:17:53.0230 0496 [ 96BC8F872F0270C10EDC3931F1C03776 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
21:17:53.0250 0496 drvmcdb ( UnsignedFile.Multi.Generic ) - warning
21:17:53.0250 0496 drvmcdb - detected UnsignedFile.Multi.Generic (1)
21:17:53.0260 0496 [ 5AFBEC7A6AC61B211633DFDB1D9E0C89 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
21:17:53.0270 0496 drvnddm ( UnsignedFile.Multi.Generic ) - warning
21:17:53.0270 0496 drvnddm - detected UnsignedFile.Multi.Generic (1)
21:17:53.0300 0496 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:17:53.0410 0496 EapHost - ok
21:17:53.0450 0496 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:17:53.0560 0496 ERSvc - ok
21:17:53.0600 0496 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
21:17:53.0651 0496 Eventlog - ok
21:17:53.0691 0496 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
21:17:53.0771 0496 EventSystem - ok
21:17:53.0831 0496 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:17:53.0931 0496 Fastfat - ok
21:17:54.0001 0496 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:17:54.0071 0496 FastUserSwitchingCompatibility - ok
21:17:54.0101 0496 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:17:54.0201 0496 Fdc - ok
21:17:54.0211 0496 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:17:54.0331 0496 Fips - ok
21:17:54.0352 0496 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:17:54.0462 0496 Flpydisk - ok
21:17:54.0502 0496 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:17:54.0612 0496 FltMgr - ok
21:17:54.0642 0496 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:17:54.0802 0496 Fs_Rec - ok
21:17:54.0842 0496 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:17:54.0972 0496 Ftdisk - ok
21:17:55.0032 0496 [ B45F1DF1CCE34E2AF422F0ED78CD70EF ] FWLANUSB C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
21:17:55.0083 0496 FWLANUSB - ok
21:17:55.0123 0496 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:17:55.0233 0496 Gpc - ok
21:17:55.0283 0496 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:17:55.0403 0496 helpsvc - ok
21:17:55.0413 0496 HidServ - ok
21:17:55.0433 0496 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:17:55.0553 0496 HidUsb - ok
21:17:55.0593 0496 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:17:55.0693 0496 hkmsvc - ok
21:17:55.0744 0496 [ E4E0B356A8756066CF89080D9DA69F22 ] HPFXBULK C:\WINDOWS\system32\drivers\hpfxbulk.sys
21:17:55.0744 0496 HPFXBULK ( UnsignedFile.Multi.Generic ) - warning
21:17:55.0744 0496 HPFXBULK - detected UnsignedFile.Multi.Generic (1)
21:17:55.0754 0496 hpn - ok
21:17:55.0794 0496 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:17:55.0874 0496 HTTP - ok
21:17:55.0894 0496 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:17:56.0024 0496 HTTPFilter - ok
21:17:56.0054 0496 [ 4A77F036F7234ED24351AC486D2A29B9 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
21:17:56.0144 0496 hwdatacard - ok
21:17:56.0154 0496 i2omgmt - ok
21:17:56.0164 0496 i2omp - ok
21:17:56.0194 0496 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:17:56.0294 0496 i8042prt - ok
21:17:56.0314 0496 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:17:56.0424 0496 Imapi - ok
21:17:56.0455 0496 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
21:17:56.0575 0496 ImapiService - ok
21:17:56.0585 0496 ini910u - ok
21:17:56.0605 0496 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
21:17:56.0705 0496 IntelIde - ok
21:17:56.0725 0496 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:17:56.0835 0496 intelppm - ok
21:17:56.0855 0496 [ 9D7069D72C0C72952F05E1688A5AE89D ] iomdisk C:\WINDOWS\system32\DRIVERS\iomdisk.sys
21:17:56.0855 0496 iomdisk ( UnsignedFile.Multi.Generic ) - warning
21:17:56.0855 0496 iomdisk - detected UnsignedFile.Multi.Generic (1)
21:17:56.0875 0496 [ 19EF7FB809D3073EE60F85464E9C4C51 ] Iomega App Services C:\PROGRA~1\Iomega\System32\AppServices.exe
21:17:56.0885 0496 Iomega App Services ( UnsignedFile.Multi.Generic ) - warning
21:17:56.0885 0496 Iomega App Services - detected UnsignedFile.Multi.Generic (1)
21:17:56.0905 0496 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:17:57.0005 0496 Ip6Fw - ok
21:17:57.0045 0496 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:17:57.0176 0496 IpFilterDriver - ok
21:17:57.0226 0496 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:17:57.0336 0496 IpInIp - ok
21:17:57.0356 0496 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:17:57.0476 0496 IpNat - ok
21:17:57.0486 0496 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:17:57.0606 0496 IPSec - ok
21:17:57.0626 0496 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:17:57.0736 0496 IRENUM - ok
21:17:57.0746 0496 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:17:57.0857 0496 isapnp - ok
21:17:57.0967 0496 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
21:17:57.0977 0496 JavaQuickStarterService - ok
21:17:58.0007 0496 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:17:58.0107 0496 Kbdclass - ok
21:17:58.0137 0496 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:17:58.0277 0496 kmixer - ok
21:17:58.0307 0496 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:17:58.0397 0496 KSecDD - ok
21:17:58.0437 0496 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:17:58.0487 0496 lanmanserver - ok
21:17:58.0528 0496 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:17:58.0568 0496 lanmanworkstation - ok
21:17:58.0568 0496 lbrtfdc - ok
21:17:58.0618 0496 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:17:58.0718 0496 LmHosts - ok
21:17:58.0758 0496 [ 59F57B06D1E3C7A3F22D62C7C5B4C3C3 ] massfilter C:\WINDOWS\system32\drivers\massfilter.sys
21:17:58.0848 0496 massfilter - ok
21:17:58.0928 0496 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
21:17:58.0948 0496 McComponentHostService - ok
21:17:59.0028 0496 [ 4E10E84320A8EC1C12BD0D00973B22AB ] mdvrmng C:\WINDOWS\system32\drivers\mdvrmng.sys
21:17:59.0058 0496 mdvrmng ( UnsignedFile.Multi.Generic ) - warning
21:17:59.0058 0496 mdvrmng - detected UnsignedFile.Multi.Generic (1)
21:17:59.0088 0496 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:17:59.0219 0496 Messenger - ok
21:17:59.0239 0496 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:17:59.0359 0496 mnmdd - ok
21:17:59.0399 0496 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:17:59.0499 0496 mnmsrvc - ok
21:17:59.0539 0496 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:17:59.0649 0496 Modem - ok
21:17:59.0669 0496 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:17:59.0779 0496 Mouclass - ok
21:17:59.0809 0496 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:17:59.0940 0496 mouhid - ok
21:17:59.0960 0496 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:18:00.0070 0496 MountMgr - ok
21:18:00.0120 0496 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:18:00.0130 0496 MozillaMaintenance - ok
21:18:00.0140 0496 mraid35x - ok
21:18:00.0150 0496 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:18:00.0250 0496 MRxDAV - ok
21:18:00.0300 0496 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:18:00.0380 0496 MRxSmb - ok
21:18:00.0420 0496 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:18:00.0530 0496 MSDTC - ok
21:18:00.0540 0496 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:18:00.0651 0496 Msfs - ok
21:18:00.0651 0496 MSIServer - ok
21:18:00.0681 0496 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:18:00.0781 0496 MSKSSRV - ok
21:18:00.0811 0496 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:18:00.0931 0496 MSPCLOCK - ok
21:18:00.0941 0496 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:18:01.0061 0496 MSPQM - ok
21:18:01.0161 0496 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:18:01.0261 0496 mssmbios - ok
21:18:01.0271 0496 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:18:01.0382 0496 MSTEE - ok
21:18:01.0412 0496 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:18:01.0442 0496 Mup - ok
21:18:01.0462 0496 [ 661D806EA4154B43C0A6FC2F916F69C1 ] MxlW2k C:\WINDOWS\system32\drivers\MxlW2k.sys
21:18:01.0472 0496 MxlW2k ( UnsignedFile.Multi.Generic ) - warning
21:18:01.0472 0496 MxlW2k - detected UnsignedFile.Multi.Generic (1)
21:18:01.0492 0496 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:18:01.0622 0496 NABTSFEC - ok
21:18:01.0662 0496 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
21:18:01.0782 0496 napagent - ok
21:18:01.0812 0496 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:18:01.0922 0496 NDIS - ok
21:18:01.0952 0496 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:18:02.0053 0496 NdisIP - ok
21:18:02.0083 0496 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:18:02.0133 0496 NdisTapi - ok
21:18:02.0143 0496 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:18:02.0273 0496 Ndisuio - ok
21:18:02.0303 0496 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:18:02.0423 0496 NdisWan - ok
21:18:02.0453 0496 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:18:02.0483 0496 NDProxy - ok
21:18:02.0503 0496 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:18:02.0613 0496 NetBIOS - ok
21:18:02.0633 0496 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:18:02.0744 0496 NetBT - ok
21:18:02.0774 0496 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
21:18:02.0894 0496 NetDDE - ok
21:18:02.0894 0496 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:18:03.0004 0496 NetDDEdsdm - ok
21:18:03.0054 0496 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys
21:18:03.0074 0496 Netdevio ( UnsignedFile.Multi.Generic ) - warning
21:18:03.0074 0496 Netdevio - detected UnsignedFile.Multi.Generic (1)
21:18:03.0104 0496 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:18:03.0204 0496 Netlogon - ok
21:18:03.0234 0496 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
21:18:03.0354 0496 Netman - ok
21:18:03.0374 0496 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:18:03.0485 0496 NIC1394 - ok
21:18:03.0525 0496 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
21:18:03.0555 0496 Nla - ok
21:18:03.0575 0496 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:18:03.0685 0496 Npfs - ok
21:18:03.0725 0496 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:18:03.0875 0496 Ntfs - ok
21:18:03.0885 0496 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:18:03.0985 0496 NtLmSsp - ok
21:18:04.0086 0496 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:18:04.0266 0496 NtmsSvc - ok
21:18:04.0296 0496 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:18:04.0406 0496 Null - ok
21:18:04.0446 0496 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:18:04.0566 0496 NwlnkFlt - ok
21:18:04.0576 0496 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:18:04.0696 0496 NwlnkFwd - ok
21:18:04.0726 0496 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:18:04.0847 0496 ohci1394 - ok
21:18:04.0907 0496 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:18:04.0927 0496 ose - ok
21:18:05.0257 0496 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:18:05.0538 0496 osppsvc - ok
21:18:05.0628 0496 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:18:05.0788 0496 Parport - ok
21:18:05.0798 0496 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:18:05.0908 0496 PartMgr - ok
21:18:05.0938 0496 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:18:06.0058 0496 ParVdm - ok
21:18:06.0058 0496 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:18:06.0219 0496 PCI - ok
21:18:06.0239 0496 PCIDump - ok
21:18:06.0249 0496 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:18:06.0359 0496 PCIIde - ok
21:18:06.0369 0496 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
21:18:06.0479 0496 Pcmcia - ok
21:18:06.0489 0496 PDCOMP - ok
21:18:06.0499 0496 PDFRAME - ok
21:18:06.0499 0496 PDRELI - ok
21:18:06.0509 0496 PDRFRAME - ok
21:18:06.0519 0496 perc2 - ok
21:18:06.0529 0496 perc2hib - ok
21:18:06.0549 0496 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
21:18:06.0589 0496 PlugPlay - ok
21:18:06.0599 0496 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:18:06.0709 0496 PolicyAgent - ok
21:18:06.0729 0496 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:18:06.0829 0496 PptpMiniport - ok
21:18:06.0839 0496 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:18:06.0950 0496 ProtectedStorage - ok
21:18:06.0950 0496 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:18:07.0070 0496 PSched - ok
21:18:07.0100 0496 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:18:07.0230 0496 Ptilink - ok
21:18:07.0250 0496 [ 25F7C4453F189F79EB3846D3E23805A0 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:18:07.0260 0496 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
21:18:07.0260 0496 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
21:18:07.0270 0496 ql1080 - ok
21:18:07.0280 0496 Ql10wnt - ok
21:18:07.0290 0496 ql12160 - ok
21:18:07.0290 0496 ql1240 - ok
21:18:07.0300 0496 ql1280 - ok
21:18:07.0340 0496 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:18:07.0460 0496 RasAcd - ok
21:18:07.0500 0496 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:18:07.0621 0496 RasAuto - ok
21:18:07.0641 0496 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:18:07.0761 0496 Rasl2tp - ok
21:18:07.0791 0496 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:18:07.0911 0496 RasMan - ok
21:18:07.0921 0496 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:18:08.0031 0496 RasPppoe - ok
21:18:08.0051 0496 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:18:08.0191 0496 Raspti - ok
21:18:08.0231 0496 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:18:08.0332 0496 Rdbss - ok
21:18:08.0362 0496 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:18:08.0492 0496 RDPCDD - ok
21:18:08.0522 0496 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:18:08.0602 0496 RDPWD - ok
21:18:08.0622 0496 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:18:08.0722 0496 RDSessMgr - ok
21:18:08.0732 0496 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:18:08.0852 0496 redbook - ok
21:18:08.0892 0496 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:18:09.0013 0496 RemoteAccess - ok
21:18:09.0063 0496 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:18:09.0173 0496 RpcLocator - ok
21:18:09.0193 0496 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:18:09.0243 0496 RpcSs - ok
21:18:09.0303 0496 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:18:09.0423 0496 RSVP - ok
21:18:09.0443 0496 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
21:18:09.0543 0496 SamSs - ok
21:18:09.0573 0496 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:18:09.0694 0496 SCardSvr - ok
21:18:09.0724 0496 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:18:09.0844 0496 Schedule - ok
21:18:09.0874 0496 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:18:09.0994 0496 sdbus - ok
21:18:10.0044 0496 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:18:10.0144 0496 Secdrv - ok
21:18:10.0184 0496 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
21:18:10.0304 0496 seclogon - ok
21:18:10.0314 0496 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
21:18:10.0435 0496 SENS - ok
21:18:10.0465 0496 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
21:18:10.0575 0496 Serial - ok
21:18:10.0615 0496 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
21:18:10.0725 0496 sffdisk - ok
21:18:10.0765 0496 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
21:18:10.0875 0496 sffp_sd - ok
21:18:10.0895 0496 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:18:11.0005 0496 Sfloppy - ok
21:18:11.0066 0496 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:18:11.0196 0496 SharedAccess - ok
21:18:11.0216 0496 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:18:11.0226 0496 ShellHWDetection - ok
21:18:11.0236 0496 Simbad - ok
21:18:11.0286 0496 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
21:18:11.0326 0496 SkypeUpdate - ok
21:18:11.0346 0496 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:18:11.0466 0496 SLIP - ok
21:18:11.0496 0496 [ 014AB093E6452EA88031BB6E22919BB5 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
21:18:11.0536 0496 smwdm ( UnsignedFile.Multi.Generic ) - warning
21:18:11.0536 0496 smwdm - detected UnsignedFile.Multi.Generic (1)
21:18:11.0576 0496 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
21:18:11.0586 0496 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning
21:18:11.0586 0496 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1)
21:18:11.0586 0496 Sparrow - ok
21:18:11.0616 0496 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:18:11.0727 0496 splitter - ok
21:18:11.0757 0496 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:18:11.0797 0496 Spooler - ok
21:18:11.0817 0496 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:18:11.0937 0496 sr - ok
21:18:11.0967 0496 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
21:18:12.0077 0496 srservice - ok
21:18:12.0127 0496 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:18:12.0217 0496 Srv - ok
21:18:12.0227 0496 [ 98625722AD52B40305E74AAA83C93086 ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
21:18:12.0247 0496 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
21:18:12.0247 0496 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
21:18:12.0257 0496 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:18:12.0377 0496 SSDPSRV - ok
21:18:12.0417 0496 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
21:18:12.0428 0496 ssmdrv - ok
21:18:12.0428 0496 [ D79412E3942C8A257253487536D5A994 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
21:18:12.0448 0496 ssrtln ( UnsignedFile.Multi.Generic ) - warning
21:18:12.0448 0496 ssrtln - detected UnsignedFile.Multi.Generic (1)
21:18:12.0498 0496 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:18:12.0608 0496 stisvc - ok
21:18:12.0648 0496 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:18:12.0758 0496 streamip - ok
21:18:12.0788 0496 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:18:12.0888 0496 swenum - ok
21:18:12.0908 0496 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:18:13.0018 0496 swmidi - ok
21:18:13.0028 0496 SwPrv - ok
21:18:13.0038 0496 symc810 - ok
21:18:13.0038 0496 symc8xx - ok
21:18:13.0149 0496 SYMIDSCO - ok
21:18:13.0149 0496 sym_hi - ok
21:18:13.0159 0496 sym_u3 - ok
21:18:13.0199 0496 [ F6770219B73BD989D5613D2E9C78A227 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:18:13.0219 0496 SynTP ( UnsignedFile.Multi.Generic ) - warning
21:18:13.0219 0496 SynTP - detected UnsignedFile.Multi.Generic (1)
21:18:13.0239 0496 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:18:13.0359 0496 sysaudio - ok
21:18:13.0409 0496 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:18:13.0539 0496 SysmonLog - ok
21:18:13.0559 0496 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:18:13.0679 0496 TapiSrv - ok
21:18:13.0729 0496 [ BAC31DEB0B3150B617322E06B174A227 ] TAPPSRV C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe
21:18:13.0729 0496 TAPPSRV ( UnsignedFile.Multi.Generic ) - warning
21:18:13.0729 0496 TAPPSRV - detected UnsignedFile.Multi.Generic (1)
21:18:13.0769 0496 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:18:13.0820 0496 Tcpip - ok
21:18:13.0850 0496 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:18:13.0970 0496 TDPIPE - ok
21:18:14.0010 0496 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:18:14.0110 0496 TDTCP - ok
21:18:14.0130 0496 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:18:14.0250 0496 TermDD - ok
21:18:14.0280 0496 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
21:18:14.0400 0496 TermService - ok
21:18:14.0430 0496 [ D0177776E11B0B3F272EEBD262A69661 ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
21:18:14.0430 0496 tfsnboio ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0430 0496 tfsnboio - detected UnsignedFile.Multi.Generic (1)
21:18:14.0450 0496 [ 599804BC938B8305A5422319774DA871 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
21:18:14.0450 0496 tfsncofs ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0450 0496 tfsncofs - detected UnsignedFile.Multi.Generic (1)
21:18:14.0460 0496 [ A1902C00ADC11C4D83F8E3ED947A6A32 ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
21:18:14.0480 0496 tfsndrct ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0480 0496 tfsndrct - detected UnsignedFile.Multi.Generic (1)
21:18:14.0500 0496 [ 6740BD5E6A73A48E896FE80134AEAAD5 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
21:18:14.0511 0496 tfsndres ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0511 0496 tfsndres - detected UnsignedFile.Multi.Generic (1)
21:18:14.0531 0496 [ C4F2DEA75300971CDAEE311007DE138D ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
21:18:14.0531 0496 tfsnifs ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0531 0496 tfsnifs - detected UnsignedFile.Multi.Generic (1)
21:18:14.0551 0496 [ 272925BE0EA919F08286D2EE6F102B0F ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
21:18:14.0561 0496 tfsnopio ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0561 0496 tfsnopio - detected UnsignedFile.Multi.Generic (1)
21:18:14.0561 0496 [ 7B7D955E5CEBC2FB88B03EF875D52A2F ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
21:18:14.0581 0496 tfsnpool ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0581 0496 tfsnpool - detected UnsignedFile.Multi.Generic (1)
21:18:14.0591 0496 [ E3D01263109D800C1967C12C10A0B018 ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
21:18:14.0611 0496 tfsnudf ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0611 0496 tfsnudf - detected UnsignedFile.Multi.Generic (1)
21:18:14.0621 0496 [ B9E9C377906E3A65BC74598FFF7F7458 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
21:18:14.0631 0496 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0631 0496 tfsnudfa - detected UnsignedFile.Multi.Generic (1)
21:18:14.0661 0496 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:18:14.0671 0496 Themes - ok
21:18:14.0721 0496 [ 046EA1353DD599DAC9ABDCD13504B06C ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
21:18:14.0751 0496 tifm21 ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0751 0496 tifm21 - detected UnsignedFile.Multi.Generic (1)
21:18:14.0751 0496 TosIde - ok
21:18:14.0801 0496 [ E46FB54BE8A2A395FE96633B838BAAFE ] tosporte C:\WINDOWS\system32\DRIVERS\tosporte.sys
21:18:14.0801 0496 tosporte ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0801 0496 tosporte - detected UnsignedFile.Multi.Generic (1)
21:18:14.0831 0496 [ 1D4F013B80787FB4DD2A8C5179D6EB4D ] Tosrfbd C:\WINDOWS\system32\Drivers\tosrfbd.sys
21:18:14.0851 0496 Tosrfbd ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0851 0496 Tosrfbd - detected UnsignedFile.Multi.Generic (1)
21:18:14.0861 0496 [ D185BE751021BCF1E5D58566D408314A ] Tosrfcom C:\WINDOWS\system32\Drivers\tosrfcom.sys
21:18:14.0881 0496 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0881 0496 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
21:18:14.0881 0496 [ 7D80888ABA0B6127AC298EFA48BEF058 ] tosrfec C:\WINDOWS\system32\DRIVERS\tosrfec.sys
21:18:14.0891 0496 tosrfec ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0891 0496 tosrfec - detected UnsignedFile.Multi.Generic (1)
21:18:14.0901 0496 [ 37BCBCCC4A71ABBEAEE90FD25E1132B2 ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
21:18:14.0911 0496 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0911 0496 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
21:18:14.0931 0496 [ DDB8A339E57D514768F45D33B11BDB50 ] Tosrfusb C:\WINDOWS\system32\Drivers\tosrfusb.sys
21:18:14.0941 0496 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
21:18:14.0941 0496 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
21:18:14.0981 0496 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:18:15.0111 0496 TrkWks - ok
21:18:15.0161 0496 [ C51BFED6C2D9D6512E346F25D92AD8D9 ] TVALD C:\WINDOWS\system32\DRIVERS\NBSMI.sys
21:18:15.0161 0496 TVALD ( UnsignedFile.Multi.Generic ) - warning
21:18:15.0161 0496 TVALD - detected UnsignedFile.Multi.Generic (1)
21:18:15.0252 0496 [ 29C1C3DF7C29490B504DA3E3B9099928 ] Tvs C:\WINDOWS\system32\DRIVERS\Tvs.sys
21:18:15.0272 0496 Tvs ( UnsignedFile.Multi.Generic ) - warning
21:18:15.0272 0496 Tvs - detected UnsignedFile.Multi.Generic (1)
21:18:15.0312 0496 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:18:15.0422 0496 Udfs - ok
21:18:15.0422 0496 ultra - ok
21:18:15.0462 0496 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:18:15.0612 0496 Update - ok
21:18:15.0642 0496 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:18:15.0792 0496 upnphost - ok
21:18:15.0822 0496 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
21:18:15.0953 0496 UPS - ok
21:18:15.0953 0496 USBCamera - ok
21:18:15.0983 0496 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:18:16.0083 0496 usbccgp - ok
21:18:16.0123 0496 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:18:16.0233 0496 usbehci - ok
21:18:16.0243 0496 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:18:16.0343 0496 usbhub - ok
21:18:16.0373 0496 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:18:16.0493 0496 usbprint - ok
21:18:16.0513 0496 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:18:16.0634 0496 usbscan - ok
21:18:16.0654 0496 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:18:16.0764 0496 USBSTOR - ok
21:18:16.0784 0496 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:18:16.0884 0496 usbuhci - ok
21:18:16.0904 0496 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:18:17.0034 0496 VgaSave - ok
21:18:17.0034 0496 ViaIde - ok
21:18:17.0104 0496 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:18:17.0214 0496 VolSnap - ok
21:18:17.0254 0496 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
21:18:17.0365 0496 VSS - ok
21:18:17.0475 0496 [ F0608F3B5B6D16F4870E867F9D069B6B ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
21:18:17.0705 0496 w29n51 - ok
21:18:17.0725 0496 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
21:18:17.0835 0496 W32Time - ok
21:18:17.0865 0496 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:18:17.0986 0496 Wanarp - ok
21:18:17.0996 0496 WDICA - ok
21:18:18.0016 0496 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:18:18.0136 0496 wdmaud - ok
21:18:18.0166 0496 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:18:18.0286 0496 WebClient - ok
21:18:18.0336 0496 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:18:18.0456 0496 winmgmt - ok
21:18:18.0506 0496 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:18:18.0576 0496 WmdmPmSN - ok
21:18:18.0606 0496 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:18:18.0727 0496 WmiApSrv - ok
21:18:18.0807 0496 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
21:18:18.0907 0496 WMPNetworkSvc - ok
21:18:18.0947 0496 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:18:19.0057 0496 wscsvc - ok
21:18:19.0087 0496 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:18:19.0197 0496 WSTCODEC - ok
21:18:19.0207 0496 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:18:19.0327 0496 wuauserv - ok
21:18:19.0357 0496 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:18:19.0408 0496 WudfPf - ok
21:18:19.0418 0496 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:18:19.0438 0496 WudfRd - ok
21:18:19.0468 0496 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:18:19.0508 0496 WudfSvc - ok
21:18:19.0558 0496 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:18:19.0698 0496 WZCSVC - ok
21:18:19.0728 0496 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:18:19.0848 0496 xmlprov - ok
21:18:19.0888 0496 [ E279C4E1287751DFFA0A1F3EC4097491 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
21:18:19.0908 0496 yukonwxp ( UnsignedFile.Multi.Generic ) - warning
21:18:19.0908 0496 yukonwxp - detected UnsignedFile.Multi.Generic (1)
21:18:19.0958 0496 [ D169ECBDE1291B7D720441550D15D104 ] ZTEusbmdm6k C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
21:18:20.0169 0496 ZTEusbmdm6k - ok
21:18:20.0229 0496 [ D169ECBDE1291B7D720441550D15D104 ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
21:18:20.0249 0496 ZTEusbnmea - ok
21:18:20.0259 0496 [ D169ECBDE1291B7D720441550D15D104 ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
21:18:20.0269 0496 ZTEusbser6k - ok
21:18:20.0289 0496 ================ Scan global ===============================
21:18:20.0329 0496 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:18:20.0369 0496 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:18:20.0389 0496 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:18:20.0399 0496 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
21:18:20.0399 0496 [Global] - ok
21:18:20.0409 0496 ================ Scan MBR ==================================
21:18:20.0419 0496 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
21:18:20.0739 0496 \Device\Harddisk0\DR0 - ok
21:18:20.0739 0496 ================ Scan VBR ==================================
21:18:20.0739 0496 [ B43A79840B9FF5CDA70F9A0CA5CBC34D ] \Device\Harddisk0\DR0\Partition1
21:18:20.0739 0496 \Device\Harddisk0\DR0\Partition1 - ok
21:18:20.0749 0496 ============================================================
21:18:20.0749 0496 Scan finished
21:18:20.0749 0496 ============================================================
21:18:20.0880 3416 Detected object count: 42
21:18:20.0880 3416 Actual detected object count: 42
21:19:14.0607 3416 ACPI ( Virus.Win32.Rloader.a ) - skipped by user
21:19:14.0607 3416 ACPI ( Virus.Win32.Rloader.a ) - User select action: Skip
21:19:14.0607 3416 aeaudio ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0607 3416 aeaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0607 3416 AgereSoftModem ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0607 3416 AgereSoftModem ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0607 3416 aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0607 3416 aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0607 3416 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0607 3416 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0607 3416 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0607 3416 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0607 3416 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0607 3416 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0607 3416 dnbudf ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0607 3416 dnbudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 HPFXBULK ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 HPFXBULK ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 iomdisk ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 iomdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 Iomega App Services ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 Iomega App Services ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 mdvrmng ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 mdvrmng ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 MxlW2k ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 MxlW2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0617 3416 smwdm ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0617 3416 smwdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 TAPPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 TAPPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0627 3416 tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0627 3416 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 tifm21 ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 tifm21 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 tosporte ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 Tosrfbd ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 Tosrfcom ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 tosrfec ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 tosrfec ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 Tosrfhid ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 Tosrfusb ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0637 3416 TVALD ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0637 3416 TVALD ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0647 3416 Tvs ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0647 3416 Tvs ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:19:14.0647 3416 yukonwxp ( UnsignedFile.Multi.Generic ) - skipped by user
21:19:14.0647 3416 yukonwxp ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
07.10.2012, 03:51
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google funktioniert nicht mehr Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.10.2012, 10:10
| #23 |
| | Google funktioniert nicht mehr [code] Combofix Logfile: Code:
ATTFilter ComboFix 12-10-04.02 - *** 07.10.2012 10:26:58.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.1023.641 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Default User\WINDOWS
c:\dokumente und einstellungen\***\4.0
c:\dokumente und einstellungen\***\Eigene Dateien\~WRL0002.tmp
c:\dokumente und einstellungen\***\Eigene Dateien\~WRL0005.tmp
c:\dokumente und einstellungen\***\WINDOWS
c:\windows\IsUn0407.exe
c:\windows\setupapi.log
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\unin0407.exe
c:\windows\winhelp.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-07 bis 2012-10-07 ))))))))))))))))))))))))))))))
.
.
2012-10-05 09:54 . 2012-10-05 09:54 -------- d-----w- C:\_OTL
2012-10-02 12:39 . 2012-10-02 12:39 -------- d-----w- c:\programme\ESET
2012-10-01 12:34 . 2012-10-01 12:34 -------- d-----w- c:\programme\Mozilla Maintenance Service
2012-09-29 20:12 . 2012-09-29 20:12 -------- d-----w- c:\dokumente und einstellungen\***\Logs
2012-09-29 20:12 . 2012-09-29 20:12 -------- d-----w- c:\dokumente und einstellungen\***\imvcache
2012-09-29 20:12 . 2012-09-29 20:12 -------- d-----w- c:\dokumente und einstellungen\***\Cache
2012-09-08 18:12 . 2012-09-08 18:12 -------- d-----w- c:\programme\Gemeinsame Dateien\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-07 15:04 . 2011-08-29 14:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-01 10:06 . 2012-09-01 10:06 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-01 10:05 . 2007-05-15 19:37 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-09-01 10:05 . 2010-08-10 17:54 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-29 08:51 . 2012-03-31 07:05 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-29 08:51 . 2011-06-11 15:07 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 15:05 . 2005-08-17 12:30 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:05 . 2005-08-17 12:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:05 . 2005-08-17 12:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2005-08-17 12:29 385024 ----a-w- c:\windows\system32\html.iec
2012-09-06 01:26 . 2012-10-01 12:34 266720 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\programme\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]
"SpybotSD TeaTimer"="c:\programme\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\programme\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 98394]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 688218]
"SoundMAXPnP"="c:\programme\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-07-27 1388544]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-12 88358]
"TPSMain"="TPSMain.exe" [2005-08-03 266240]
"NDSTray.exe"="NDSTray.exe" [BU]
"Tvs"="c:\programme\TOSHIBA\Tvs\TvsTray.exe" [2005-04-05 73728]
"TFncKy"="TFncKy.exe" [BU]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"THotkey"="c:\programme\Toshiba\Toshiba Applet\thotkey.exe" [2005-07-06 356352]
"PadTouch"="c:\programme\TOSHIBA\Touch and Launch\PadExe.exe" [2004-11-17 1077327]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2008-09-06 413696]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-07-31 348664]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^Microsoft Office-Schnellstart.lnk]
path=c:\dokumente und einstellungen\***\Startmenü\Programme\Autostart\Microsoft Office-Schnellstart.lnk
backup=c:\windows\pss\Microsoft Office-Schnellstart.lnkStartup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^OpenOffice.org 2.2.lnk]
path=c:\dokumente und einstellungen\***\Startmenü\Programme\Autostart\OpenOffice.org 2.2.lnk
backup=c:\windows\pss\OpenOffice.org 2.2.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-23 19:33 57344 ----a-w- c:\programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVMWlanClient]
2006-06-23 09:24 343552 ----a-w- c:\programme\avmwlanstick\FRITZWLanMini.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-10-19 00:12 1983816 ----a-w- c:\programme\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n'Drop_Autolaunch]
2003-09-15 09:07 118784 ----a-w- c:\programme\Iomega HotBurn Pro\Autolaunch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
2004-01-14 01:10 409600 ----a-w- c:\programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22 1695232 ----a-w- c:\programme\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 14:09 413696 ----a-w- c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
2005-05-13 09:01 118784 ----a-w- c:\programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [18.03.2012 09:35 36000]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [18.03.2012 09:35 86224]
R2 BecHelperService;BecHelperService;c:\programme\3 Mobile Broadband\3Connect\BecHelperService.exe [24.03.2010 00:28 1737464]
S2 Ca504av;Mega Camera, WDM Video Capture;c:\windows\system32\Drivers\Ca504av.sys --> c:\windows\system32\Drivers\Ca504av.sys [?]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [13.07.2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31.03.2012 09:05 250568]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\drivers\fwlanusb.sys [08.05.2010 16:42 264704]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [07.09.2009 16:55 7680]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\programme\McAfee Security Scan\2.0.181\McCHSvc.exe [15.01.2010 14:49 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [01.10.2012 14:34 114144]
S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09.01.2010 21:37 4640000]
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - dnbudf
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 08:51]
.
2008-11-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2005-09-23 c:\windows\Tasks\Registrierungserinnerung 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-08-17 02:22]
.
2005-09-23 c:\windows\Tasks\Registrierungserinnerung 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-08-17 02:22]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uInternet Settings,ProxyOverride = fritz.box;192.168.178.1
IE: &MSN Suche - c:\programme\MSN Toolbar Suite\TB\02.05.0000.1082\de-de\msntb.dll/search.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Easy-WebPrint - Drucken - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Easy-WebPrint - Schnelldruck - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint - Vorschau - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint - Zu Druckliste hinzufügen - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\hll6qefd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-Adobe Reader Speed Launcher - c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe
AddRemove-3D Ultra MiniGolf Deluxe - c:\windows\IsUn0407.exe
AddRemove-Easy-WebPrint - c:\windows\IsUn0407.exe
AddRemove-LucasArts' Curse of Monkey Island - c:\windows\unin0407.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
AddRemove-MUSICMATCH Jukebox - c:\windows\IsUn0407.exe
AddRemove-PC-Diagnose-Tool - c:\windows\IsUn0407.exe
AddRemove-Power Saver - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-10-07 10:32
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Iomega Activity Disk2]
"ImagePath"="\"\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##tro-ps-s-7-cifs#sys#datanob]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
"_CommentFromDesktopINI"=""
"_LabelFromDesktopINI"=""
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##tro-ps-s-7-cifs#sys#datanob#ref_sys#Ref_MS_Appl]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
"_CommentFromDesktopINI"=""
"_LabelFromDesktopINI"=""
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##tro-ps-s-7-cifs#sys#datanob#SW_Dev_Tools]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
"_CommentFromDesktopINI"=""
"_LabelFromDesktopINI"=""
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,01,00,01,01,ee,ff,ff,ff,ff,
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G]
@DACL=(02 0000)
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{016bc767-2c5a-11da-8710-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0fdc8215-c0be-11de-8ee8-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{118c9510-0efb-11dd-8b1c-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32c785a0-cc5a-11de-8ef6-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,01,00,01,01,ee,ff,ff,ff,ff,
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32c785a1-cc5a-11de-8ef6-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ad72ca2-7fd2-11dd-8c57-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bd66b20-542e-11da-8726-a32114d7a519}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43514c60-1492-11da-9478-806d6172696f}]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43514c61-1492-11da-9478-806d6172696f}]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52b2a460-1456-11da-8525-806d6172696f}]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52b2a461-1456-11da-8525-806d6172696f}]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a9b90d2-e5ce-11de-8f18-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6da7d5f0-0308-11dc-885f-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71635d60-13ba-11da-b664-806d6172696f}]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71635d61-13ba-11da-b664-806d6172696f}]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d4b7611-db64-11dd-8ced-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82ea63b0-41d3-11dd-8ba5-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8b19a6e1-c105-11db-87d9-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96b92fe0-ca3d-11de-8eeb-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{97867230-40b8-11db-8761-ac350fb0bf1a}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ee7fea2-ca51-11de-8eed-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ee7fea3-ca51-11de-8eed-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ef073e0-886e-11e1-9083-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9efd0a20-2c44-11da-870b-806d6172696f}]
@DACL=(02 0000)
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9efd0a21-2c44-11da-870b-806d6172696f}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,cf,5f,5f,5f,5f,cf,cf,5f,5f,
5f,cf,cf,cf,5f,5f,5f,cf,cf,cf,5f,5f,5f,cf,cf,cf,5f,5f,5f,cf,cf,cf,5f,5f,cf,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a02ee100-0f2b-11da-a467-806d6172696f}]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,cf,5f,5f,5f,5f,cf,cf,5f,5f,
5f,cf,cf,cf,5f,5f,5f,cf,cf,cf,5f,5f,cf,5f,5f,5f,5f,5f,cf,5f,5f,5f,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a02ee101-0f2b-11da-a467-806d6172696f}]
@DACL=(02 0000)
@SACL=
"BaseClass"="Drive"
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a76e5cc0-cb99-11de-8eef-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,01,00,01,01,ee,ff,ff,ff,ff,
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a76e5cc3-cb99-11de-8eef-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b2388dd0-1b57-11dd-8b37-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd2cc67e-75e1-11dc-8973-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5c24c21-0c5c-11df-8f5f-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3fe9660-cbf1-11de-8ef5-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,01,00,01,01,ee,ff,ff,ff,ff,
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3fe9661-cbf1-11de-8ef5-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7a09fc7-36d6-11e1-902f-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0029cf0-92b5-11dd-8c71-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e459d790-5aaf-11df-8fc4-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,01,00,01,01,ee,ff,ff,ff,ff,
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ebb78680-caa1-11e1-911c-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_USERS\S-1-5-21-1582357080-547377736-1665707571-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec3ec200-6b2f-11de-8e14-0013ce2858e2}]
@DACL=(02 0000)
"BaseClass"="Drive"
"_AutorunStatus"=hex:01,00,01,00,00,01,00,df,df,5f,df,5f,5f,5f,5f,df,df,5f,5f,
5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,5f,df,df,df,5f,5f,df,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}]
@DACL=(02 0000)
"MenuText"="Sun Java Konsole"
"CLSID"="{1FBA04EE-3024-11d2-8F1F-0000F87ABD16}"
"ClsidExtension"="{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}]
@DACL=(02 0000)
"KeyPath"="Yes"
"ButtonText"="An OneNote senden"
"MenuText"="An OneNote s&enden"
"ToolTip"="An OneNote senden"
"Default Visible"="Yes"
"HotIcon"="c:\\PROGRA~1\\MICROS~2\\Office14\\ONBttnIE.dll,103"
"Icon"="c:\\PROGRA~1\\MICROS~2\\Office14\\ONBttnIE.dll,103"
"CLSID"="{1FBA04EE-3024-11d2-8F1F-0000F87ABD16}"
"ClsidExtension"="{48E73304-E1D6-4330-914C-F5F514E3486C}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}]
@DACL=(02 0000)
"KeyPath"="Yes"
"ButtonText"="Verknüpfte &OneNote-Notizen"
"MenuText"="Verknüpfte &OneNote-Notizen"
"ToolTip"="Verknüpfte OneNote-Notizen"
"Default Visible"="Yes"
"HotIcon"="c:\\PROGRA~1\\MICROS~2\\Office14\\ONBTTN~1.DLL,103"
"Icon"="c:\\PROGRA~1\\MICROS~2\\Office14\\ONBTTN~1.DLL,103"
"CLSID"="{1FBA04EE-3024-11d2-8F1F-0000F87ABD16}"
"ClsidExtension"="{FFFDC614-B694-4AE6-AB38-5D6374584B52}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}]
@DACL=(02 0000)
"CLSID"="{1FBA04EE-3024-11D2-8F1F-0000F87ABD16}"
"ClsidExtension"="{53707962-6F74-2D53-2644-206D7942484F}"
"Default Visible"="Yes"
"MenuStatusBar"="Configure how Spybot - Search & Destroy protects your IE."
"MenuText"="Spybot - Search & Destroy Configuration"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583}]
@DACL=(02 0000)
"CLSID"="{1FBA04EE-3024-11d2-8F1F-0000F87ABD16}"
"MenuText"="@xpsp3res.dll,-20001"
"Exec"="%windir%\\Network Diagnostic\\xpnetdiag.exe"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}]
@DACL=(02 0000)
"ButtonText"="Messenger"
"CLSID"="{1FBA04EE-3024-11D2-8F1F-0000F87ABD16}"
"Default Visible"="Yes"
"Exec"="c:\\Programme\\Messenger\\msmsgs.exe"
"HotIcon"="c:\\Programme\\Messenger\\msmsgs.exe,302"
"Icon"="c:\\Programme\\Messenger\\msmsgs.exe,301"
"MenuText"="Windows Messenger"
"ToolTip"="Windows Messenger"
.
[HKEY_LOCAL_MACHINE\software\OldTimer Tools\OTL\Files]
@DACL=(02 0000)
"c:\\Programme\\Mozilla Firefox\\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}\\chrome"=""
"c:\\Programme\\Mozilla Firefox\\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}\\amulet-jslib"=""
"c:\\Programme\\Mozilla Firefox\\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}"=""
"c:\\Programme\\Mozilla Firefox\\extensions"=""
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(832)
c:\windows\system32\Ati2evxx.dll
.
Zeit der Fertigstellung: 2012-10-07 10:35:14
ComboFix-quarantined-files.txt 2012-10-07 08:34
.
Vor Suchlauf: 30 Verzeichnis(se), 40.769.617.920 Bytes frei
Nach Suchlauf: 34 Verzeichnis(se), 40.722.956.288 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 2B9D4AF6F72C68FE6F8A20549919B3FA
|
|
07.10.2012, 18:48
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google funktioniert nicht mehr Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.10.2012, 13:10
| #25 |
| | Google funktioniert nicht mehr Der GMER wollte nicht, deshalb nur OSAM und aswMBR Code:
ATTFilter OSAM Logfile: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-08 13:12:23
-----------------------------
13:12:23.087 OS Version: Windows 5.1.2600 Service Pack 3
13:12:23.087 Number of processors: 1 586 0xD08
13:12:23.097 ComputerName: QUASIMODO UserName:
13:12:23.838 Initialize success
13:29:23.213 AVAST engine defs: 12100800
13:30:14.297 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:30:14.297 Disk 0 Vendor: HTS541080G9SA00 MB4OC60D Size: 76319MB BusType: 3
13:30:14.317 Disk 0 MBR read successfully
13:30:14.317 Disk 0 MBR scan
13:30:14.407 Disk 0 unknown MBR code
13:30:14.417 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76112 MB offset 63
13:30:14.447 Disk 0 Partition 2 00 88 Linux plaintext A*Kárò'ó 203 MB offset 155878695
13:30:14.487 Disk 0 scanning sectors +156296385
13:30:14.577 Disk 0 scanning C:\WINDOWS\system32\drivers
13:30:32.283 Service scanning
13:30:32.723 Service ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys **LOCKED** 32
13:30:46.303 Modules scanning
13:31:15.595 Disk 0 trace - called modules:
13:31:15.615 ntoskrnl.exe CLASSPNP.SYS disk.sys iomdisk.sys hal.dll ACPI.sys atapi.sys >>UNKNOWN [0x86ce0da1]<<
13:31:15.625 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f11ab8]
13:31:15.625 3 CLASSPNP.SYS[f758efd7] -> nt!IofCallDriver -> [0x86f7dd78]
13:31:15.625 5 iomdisk.sys[f77c6bc3] -> nt!IofCallDriver -> \Device\0000007c[0x86f7f9e8]
13:31:15.625 7 ACPI.sys[f74e4620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f40940]
13:31:17.388 AVAST engine scan C:\WINDOWS
13:32:26.347 AVAST engine scan C:\WINDOWS\system32
13:37:52.576 AVAST engine scan C:\WINDOWS\system32\drivers
13:38:49.087 AVAST engine scan C:\Dokumente und Einstellungen\***
13:56:26.608 AVAST engine scan C:\Dokumente und Einstellungen\All Users
13:59:45.774 Scan finished successfully
14:00:37.148 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\MBR.dat"
14:00:37.148 The log file has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\aswMBR.txt"
|
|
08.10.2012, 15:30
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google funktioniert nicht mehrCode:
ATTFilter 13:30:14.417 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76112 MB offset 63
13:30:14.447 Disk 0 Partition 2 00 88 Linux plaintext A*Kárò'ó 203 MB offset 155878695
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.10.2012, 19:45
| #27 |
| | Google funktioniert nicht mehr Es ist weder bekannt noch gewollt. Es läuft seit jeher als alleiniges Betriebssystem Windows XP. |
|
09.10.2012, 10:54
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google funktioniert nicht mehr Ok, dann müssen wir das Ergebnis von aswMBR nochmal mit einem anderen Tool überprüfen Live-System PartedMagic / GParted 1. Lade Dir das ISO-Image von PartedMagic herunter, müssten ca. 180 MB sein 2. Brenn es per Imagebrennfunktion auf CD, geht zB mit ImgBurn unter Windows 3. Boote von der gebrannten CD, im Bootmenü von Option 1 starten und warten bis der Linux-Desktop oben ist  4. Du müsstest ein Symbol PartitionEditor auf dem Desktop finden, das doppelklicken 5. Wenn das Tool die Partitionen aufgelistet hat, bitte einen Screenshot mit Hilfe der Taste DRUCK auf der Tastatur erstellen, diesen Screenshot hier posten (idR hast du einen Internetzugang mit PartedMagic, wenn nicht einfach den Screenshot auf einem Stick abspeichern und unter Windows hier posten)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2012, 14:10
| #29 |
| | Google funktioniert nicht mehr Sieht nicht so aus wie in den Beispielbildern... |
|
10.10.2012, 15:14
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google funktioniert nicht mehr Übler Grafikfehler  Botte PartedMagic neu über das FailsafeMenü, versuch mal da andere Optionen zu wählen...genauers kann ich sagen, wenn ich mal eben selbst PartedMagic anschmeiße...moment
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Google funktioniert nicht mehr |
| adresse, antivir, antworten, bewusst, ebenfalls, einstellungen, firefox, folge, funktionier, funktioniert, funktioniert nicht, funktioniert nicht mehr, gen, google, helft, heulen, kurzem, malwarebytes, nicht mehr, pingen, positive, rückmeldung, spybot, verändert, worte, wähle |
Linear-Darstellung
