Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg

McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg


Log-Analyse und Auswertung: McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 30.07.2014, 00:44   #1
rootkit014
 
McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg - Beitrag

McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg


Liebe Helferin, lieber Helfer,

seit gestern abend funktioniert plötzlich das Internet an meinem PC nicht mehr, obwohl alle anderen Computer weiterhin Zugriff haben. Gleichzeitig funktioniert der Live-Scan von McAfee nicht mehr. Weder der Scan noch die Firewall lassen sich manuell aktivieren. Wenn es funktioniert, dann nur für wenige Sekunden, bis das Programm wird auf "deaktiviert" umschaltet.

Ein erster Scan mit Malwarebytes Anti-Malware hat neben einer Vielzahl von PUPs zwei Trojaner und ein Backdoor gefunden. Alle Funde habe ich in die Quarantäne verschoben. Das Problem war dadurch jedoch nicht gelöst. Da sich die Schadsoftware scheinbar sehr tief eingegraben hat, komme ich einfach nicht weiter.

Bei dem Betriebssystem handelt es sich um Windows XP Build 2600 Service Pack 3.

Ich hoffe, ihr könnt mir irgendwie helfen. Vielen lieben Dank im Voraus!!!

Liebe Grüße
Daniel

Hier sind meine Log-Files:

1. defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:22 on 30/07/2014 (******)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read e55f1a183fbfe661.sys
Unable to read rdbss.sys
Unable to read rdpcdd.sys
Unable to read rdpdr.sys
Unable to read rdpwd.sys
Unable to read recagent.sys
Unable to read redbook.sys
Unable to read rfcomm.sys
Unable to read rio8drv.sys
Unable to read riodrv.sys
Unable to read rmcast.sys
Unable to read rndismp.sys
Unable to read rndismpx.sys
Unable to read rootmdm.sys
Unable to read s3gnbm.sys
Unable to read scsiport.sys
Unable to read sdbus.sys
Unable to read secdrv.sys
Unable to read serenum.sys
Unable to read serial.sys
Unable to read sffdisk.sys
Unable to read sffp_mmc.sys
Unable to read sffp_sd.sys
Unable to read sfloppy.sys
Unable to read sisagp.sys
Unable to read SLIP.sys
Unable to read slnt7554.sys
Unable to read slntamr.sys
Unable to read slnthal.sys
Unable to read slwdmsup.sys
Unable to read smbali.sys
Unable to read smclib.sys
Unable to read sonydcam.sys
Unable to read splitter.sys
Unable to read sr.sys
Unable to read srv.sys
Unable to read ssadadb.sys
Unable to read ssadbus.sys
Unable to read ssadcm.sys
Unable to read ssadcmnt.sys
Unable to read ssadmdfl.sys
Unable to read ssadmdm.sys
Unable to read ssadserd.sys
Unable to read ssadwh.sys
Unable to read ssadwhnt.sys
Unable to read ssudbus.sys
Unable to read ssudmdm.sys
Unable to read ss_bus.sys
Unable to read ss_cm.sys
Unable to read ss_cmnt.sys
Unable to read ss_mdfl.sys
Unable to read ss_mdm.sys
Unable to read ss_wh.sys
Unable to read ss_whnt.sys
Unable to read stream.sys
Unable to read StreamIP.sys
Unable to read swenum.sys
Unable to read swmidi.sys
Unable to read sysaudio.sys
Unable to read tape.sys
Unable to read tcpip.sys
Unable to read tcpip6.sys
Unable to read tdi.sys
Unable to read tdpipe.sys
Unable to read tdtcp.sys
Unable to read termdd.sys
Unable to read tosdvd.sys
Unable to read tsbvcap.sys
Unable to read tunmp.sys
Unable to read uagp35.sys
Unable to read udfs.sys
Unable to read update.sys
Unable to read usb8023.sys
Unable to read usb8023x.sys
Unable to read usbaapl.sys
Unable to read usbaudio.sys
Unable to read usbcamd.sys
Unable to read usbcamd2.sys
Unable to read usbccgp.sys
Unable to read usbd.sys
Unable to read usbehci.sys
Unable to read usbhub.sys
Unable to read usbintel.sys
Unable to read usbohci.sys
Unable to read usbport.sys
Unable to read usbprint.sys
Unable to read USBSTOR.SYS
Unable to read usbvideo.sys
Unable to read vdmindvd.sys
Unable to read vga.sys
Unable to read viaagp.sys
Unable to read viahduaa.sys
Unable to read videoprt.sys
Unable to read volsnap.sys
Unable to read wacompen.sys
Unable to read wadv07nt.sys
Unable to read wadv08nt.sys
Unable to read wadv09nt.sys
Unable to read wadv11nt.sys
Unable to read wanarp.sys
Unable to read wanatw4.sys
Unable to read watv06nt.sys
Unable to read watv10nt.sys
Unable to read wceusbsh.sys
Unable to read wdf01000.sys
Unable to read wdfldr.sys
Unable to read wdmaud.sys
Unable to read wmilib.sys
Unable to read wpdusb.sys
Unable to read ws2ifsl.sys
Unable to read WSTCODEC.SYS
Unable to read WudfPf.sys
Unable to read WudfRd.sys


-=E.O.F=-
2. FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by ****** (administrator) on ******-PC1 on 30-07-2014 00:24:19
Running from H:\
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Programme\WinZipper\winzipersvc.exe
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\UMVPFSrv.exe
(AOL LLC) C:\Programme\Gemeinsame Dateien\aol\acs\AOLacsd.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Programme\Sony\PlayMemories Home\dfs.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(McAfee, Inc.) C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Programme\Gemeinsame Dateien\Mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Sony Corporation) C:\Programme\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() D:\Tobit Radio.fx\Server\rfx-server.exe
(Skype Technologies S.A.) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Brother Industries, Ltd.) C:\Programme\Browny02\Brother\BrStMonW.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Brother Industries, Ltd.) C:\Programme\Brother\ControlCenter3\BrccMCtl.exe
(Apple Inc.) C:\Programme\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Programme\Microsoft ActiveSync\wcescomm.exe
(McAfee, Inc.) C:\Programme\Gemeinsame Dateien\Mcafee\Platform\McUICnt.exe
(Samsung) C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AOL, LLC.) C:\Programme\AOL 9.0 VR\waol.exe
(Microsoft Corporation) C:\PROGRA~1\MI3AA1~1\rapimgr.exe
(America Online, Inc.) C:\Programme\Gemeinsame Dateien\aol\1336674111\ee\aolsoftware.exe
(Brother Industries, Ltd.) C:\Programme\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Programme\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(AOL, LLC.) C:\Programme\AOL 9.0 VR\shellmon.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\VIRUSS~1\McVsShld.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-1085031214-1604221776-1417001333-1005\...\Run: [H/PC Connection Agent] => C:\Programme\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-1085031214-1604221776-1417001333-1005\...\Run: [] => C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKU\S-1-5-21-1085031214-1604221776-1417001333-1005\...\Run: [AOL Fast Start] => C:\Programme\AOL 9.0 VR\AOL.EXE [50480 2007-06-21] (AOL, LLC.)
HKU\S-1-5-21-1085031214-1604221776-1417001333-1005\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1085031214-1604221776-1417001333-1005\...\Policies\Explorer: [NoControlPanel] 0
Startup: C:\Dokumente und Einstellungen\Martina\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\******\Anwendungsdaten\Dropbox\bin\Dropbox.exe (No File)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST3500418AS_6VM31WBYXXXX6VM31WBY&ts=1393436437
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1402602195&from=wpm0612&uid=ST3500418AS_6VM31WBYXXXX6VM31WBY
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1402602195&from=wpm0612&uid=ST3500418AS_6VM31WBYXXXX6VM31WBY
URLSearchHook: HKCU - (No Name) - {1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} -  No File
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - DefaultScope {1964435A-24BE-4281-B985-756DFB79784A} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE544&p={SearchTerms}
SearchScopes: HKCU - {1964435A-24BE-4281-B985-756DFB79784A} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE544&p={SearchTerms}
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://suche.aol.de/suche/web/search.jsp?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AOL Toolbar Launcher -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1336581757631
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Firefox\Profiles\zix0i0wy.default
FF NewTab: hxxp://www.delta-homes.com/newtab/?utm_source=b&utm_medium=wpm0226&utm_campaign=ST3500418AS_6VM31WBYXXXX6VM31WBY&utm_content=nt&from=wpm0226&uid=ST3500418AS_6VM31WBYXXXX6VM31WBY&ts=1393436437
FF DefaultSearchEngine: Sichere Suche
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE544&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT - C:\Programme\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Start - C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Firefox\Profiles\zix0i0wy.default\Extensions\faststartff@gmail.com [2014-07-11]
FF Extension: Personas Plus - C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Firefox\Profiles\zix0i0wy.default\Extensions\personas@christopher.beard.xpi [2012-12-15]
FF Extension: Skype Click to Call - C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-26]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Programme\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Programme\McAfee\SiteAdvisor [2012-05-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-06-24]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Dokumente und Einstellungen\******\Anwendungsdaten\Mozilla\Firefox\Profiles\zix0i0wy.default\extensions\quick_start@gmail.com
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\Mozilla\Firefox\Profiles\ylidlgq2.default\extensions\faststartff@gmail.com
FF HKLM\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\Mozilla\Firefox\Profiles\ylidlgq2.default\extensions\shortcutff@gmail.com

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

Locked "e55f1a183fbfe661" service could not be unlocked. <===== ATTENTION

R2 AOL ACS; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
R3 BrYNSvc; C:\Programme\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 DeviceFinderService; C:\Programme\Sony\PlayMemories Home\dfs.exe [149088 2012-11-27] ()
S2 HomeNetSvc; C:\Programme\Gemeinsame Dateien\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553288 2014-05-26] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182184 2013-06-23] (Oracle Corporation)
R2 McAfee SiteAdvisor Service; C:\Programme\Gemeinsame Dateien\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S2 McAPExe; C:\Programme\McAfee\MSC\McAPExe.exe [145568 2014-04-25] (McAfee, Inc.)
U2 mcbootdelaystartsvc; C:\Programme\Gemeinsame Dateien\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 McMPFSvc; C:\Programme\Gemeinsame Dateien\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Programme\Gemeinsame Dateien\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Programme\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Programme\Gemeinsame Dateien\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Programme\Gemeinsame Dateien\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S2 mfecore; C:\Programme\Gemeinsame Dateien\McAfee\AMCore\mcshield.exe [655936 2014-06-18] (McAfee, Inc.)
S2 mfefire; C:\Programme\Gemeinsame Dateien\McAfee\SystemCore\\mfefire.exe [169800 2014-06-20] (McAfee, Inc.)
S2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [179600 2014-06-20] (McAfee, Inc.)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-06-26] (Mozilla Foundation)
R2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296 2013-01-31] (NVIDIA Corporation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Programme\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
R2 Radio.fx; D:\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 Skype C2C Service; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 UMVPFSrv; C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 winzipersvc; C:\Programme\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S2 Util WebConnect; "C:\Programme\WebConnect\bin\utilWebConnect.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybrid; C:\WINDOWS\System32\DRIVERS\3xHybrid.sys [945152 2004-10-06] () [File not signed]
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [188800 2008-04-14] () [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [12160 2004-08-04] () [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] () [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] () [File not signed]
S3 AMBFilt; C:\WINDOWS\System32\drivers\AMBFilt.sys [1656960 2009-06-26] () [File not signed]
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] () [File not signed]
S3 androidusb; C:\WINDOWS\System32\Drivers\ssadadb.sys [30312 2012-06-27] () [File not signed]
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] () [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] () [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] () [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] () [File not signed]
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2004-08-04] () [File not signed]
S3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] () [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2004-08-04] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] () [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-08-04] () [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] () [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] () [File not signed]
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [62832 2014-06-20] () [File not signed]
S3 dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [20032 2012-12-18] () [File not signed]
S3 dg_ssudbus; C:\WINDOWS\System32\DRIVERS\ssudbus.sys [83168 2012-09-20] () [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-14] () [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [800384 2008-04-14] () [File not signed]
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [154112 2008-04-14] () [File not signed]
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2004-08-04] () [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] () [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] () [File not signed]
R4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] () [File not signed]
S1 Fdc; C:\WINDOWS\system32\Drivers\Fdc.sys [27392 2008-04-14] () [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44672 2008-04-14] () [File not signed]
S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-14] () [File not signed]
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-14] () [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2004-08-04] () [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [126336 2004-08-04] () [File not signed]
R3 GEARAspiWDM; C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys [26840 2012-08-21] () [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] () [File not signed]
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] () [File not signed]
R3 hidusb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] () [File not signed]
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [147912 2013-09-23] () [File not signed]
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] () [File not signed]
S1 i8042prt; C:\WINDOWS\system32\Drivers\i8042prt.sys [52992 2008-04-14] () [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] () [File not signed]
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-14] () [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-08-04] () [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] () [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] () [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] () [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] () [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37632 2008-04-14] () [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [25216 2008-04-14] () [File not signed]
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14720 2008-04-14] () [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] () [File not signed]
S3 KMWDFILTER; C:\WINDOWS\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] () [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] () [File not signed]
S3 LVRS; C:\WINDOWS\System32\DRIVERS\lvrs.sys [312096 2012-01-18] () [File not signed]
S3 LVUVC; C:\WINDOWS\System32\DRIVERS\lvuvc.sys [4332960 2012-01-18] () [File not signed]
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [135968 2014-06-20] () [File not signed]
S3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [238176 2014-06-20] (McAfee, Inc.)
S3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [67816 2014-06-20] () [File not signed]
S3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [369248 2014-06-20] () [File not signed]
S0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [576048 2014-06-20] (McAfee, Inc.)
S3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [349192 2014-06-18] () [File not signed]
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [81296 2014-06-18] () [File not signed]
S3 mfendisk; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [87520 2014-06-20] () [File not signed]
S3 mfendiskmp; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [87520 2014-06-20] () [File not signed]
S1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [93624 2014-06-20] (McAfee, Inc.)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-08-04] () [File not signed]
S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30336 2008-04-14] () [File not signed]
S3 MonFilt; C:\WINDOWS\System32\drivers\MonFilt.sys [1389056 2008-12-02] () [File not signed]
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23552 2008-04-14] () [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12288 2004-08-04] () [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] () [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] () [File not signed]
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] () [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] () [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] () [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] () [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] () [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] () [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] () [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] () [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] () [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] () [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] () [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] () [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] () [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] () [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] () [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] () [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] () [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] () [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] () [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] () [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2004-08-04] () [File not signed]
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [12648960 2013-03-23] () [File not signed]
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54400 2008-03-25] () [File not signed]
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [145952 2008-08-18] () [File not signed]
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-03-25] () [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-08-04] () [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-08-04] () [File not signed]
S3 Parport; C:\WINDOWS\system32\Drivers\Parport.sys [80384 2008-04-14] () [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] () [File not signed]
S2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [7040 2004-08-04] () [File not signed]
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] () [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2004-08-04] () [File not signed]
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120576 2008-04-14] () [File not signed]
S3 PID_PEPI; C:\WINDOWS\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] () [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] () [File not signed]
S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [39936 2008-04-14] () [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] () [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-08-04] () [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-08-04] () [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] () [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] () [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-08-04] () [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] () [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-08-04] () [File not signed]
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] () [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57728 2008-04-14] () [File not signed]
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] () [File not signed]
R3 Serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] () [File not signed]
R1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [65536 2008-04-14] () [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] () [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-14] () [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] () [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] () [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] () [File not signed]
S3 ssadbus; C:\WINDOWS\System32\DRIVERS\ssadbus.sys [121064 2012-06-27] () [File not signed]
S3 ssadmdfl; C:\WINDOWS\System32\DRIVERS\ssadmdfl.sys [12776 2012-06-27] () [File not signed]
S3 ssadmdm; C:\WINDOWS\System32\DRIVERS\ssadmdm.sys [136808 2012-06-27] () [File not signed]
S3 ssadserd; C:\WINDOWS\System32\DRIVERS\ssadserd.sys [114280 2012-06-27] () [File not signed]
S3 ssudmdm; C:\WINDOWS\System32\DRIVERS\ssudmdm.sys [181344 2012-09-20] () [File not signed]
S3 ss_bus; C:\WINDOWS\System32\DRIVERS\ss_bus.sys [98560 2012-06-27] () [File not signed]
S3 ss_mdfl; C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [14848 2012-06-27] () [File not signed]
S3 ss_mdm; C:\WINDOWS\System32\DRIVERS\ss_mdm.sys [123776 2012-06-27] () [File not signed]
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] () [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] () [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] () [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] () [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] () [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] () [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] () [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] () [File not signed]
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] () [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] () [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] () [File not signed]
S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] () [File not signed]
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] () [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] () [File not signed]
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] () [File not signed]
R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-14] () [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-14] () [File not signed]
R3 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] () [File not signed]
S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-17] () [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] () [File not signed]
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1617408 2009-11-25] () [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [53760 2008-04-14] () [File not signed]
S3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] () [File not signed]
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] () [File not signed]
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] () [File not signed]
S3 Wdf01000; C:\WINDOWS\System32\DRIVERS\Wdf01000.sys [492000 2006-11-02] () [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] () [File not signed]
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] () [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] () [File not signed]
R0 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] () [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] () [File not signed]
U5 e55f1a183fbfe661; C:\Windows\System32\Drivers\e55f1a183fbfe661.sys [36480 2014-07-12] () <===== ATTENTION Necurs Rootkit?
S4 IntelIde; No ImagePath
U0 mfewfpk; 
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] () [File not signed]
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-30 00:24 - 2014-07-30 00:24 - 00000000 ____D () C:\FRST
2014-07-30 00:22 - 2014-07-30 00:23 - 00000000 ____D () C:\Dokumente und Einstellungen\******\Desktop\Protokolle
2014-07-30 00:22 - 2014-07-30 00:22 - 00000000 _____ () C:\Dokumente und Einstellungen\******\defogger_reenable
2014-07-29 20:08 - 2014-07-29 20:18 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-29 20:08 - 2014-07-29 20:08 - 00000749 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-07-29 20:08 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-29 20:08 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-27 22:50 - 2014-06-20 11:05 - 00087520 _____ () C:\WINDOWS\system32\Drivers\mfendisk.sys
2014-07-27 22:49 - 2014-06-20 11:05 - 00087520 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfendisk.sys.8115.deleteme
2014-07-21 20:21 - 2014-07-21 22:05 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina\Desktop\Fotos 3829 - 4642
2014-07-15 20:18 - 2014-07-15 20:19 - 00541592 _____ (McAfee, Inc.) C:\Dokumente und Einstellungen\******\Desktop\MVTInstaller.exe
2014-07-15 20:08 - 2014-07-30 00:20 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\McAfee
2014-07-14 18:44 - 2014-07-14 18:44 - 00000000 ____D () C:\Dokumente und Einstellungen\******\Anwendungsdaten\McAfee
2014-07-12 08:34 - 2014-07-12 08:34 - 00036480 _____ () C:\WINDOWS\system32\Drivers\e55f1a183fbfe661.sys
2014-07-10 22:32 - 2014-07-10 22:37 - 79864488 _____ () C:\Dokumente und Einstellungen\******\Desktop\Mojo- Jack White presents the Best of Third Man Records.zip
2014-07-10 14:29 - 2014-07-10 14:29 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina\Desktop\Gerds Pavillon
2014-07-10 13:58 - 2014-07-12 08:47 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina\Desktop\Landhausbrunch 20 07 2014
2014-07-10 10:23 - 2014-07-10 10:23 - 00001584 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
2014-07-10 10:23 - 2014-07-10 10:23 - 00000000 ____D () C:\Programme\QuickTime
2014-07-10 10:23 - 2014-07-10 10:23 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime
2014-07-08 21:02 - 2014-07-28 17:38 - 00296690 _____ () C:\WINDOWS\setupapi.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-30 00:24 - 2014-07-30 00:24 - 00000000 ____D () C:\FRST
2014-07-30 00:24 - 2012-05-09 18:11 - 00000000 ____D () C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Temp
2014-07-30 00:23 - 2014-07-30 00:22 - 00000000 ____D () C:\Dokumente und Einstellungen\******\Desktop\Protokolle
2014-07-30 00:22 - 2014-07-30 00:22 - 00000000 _____ () C:\Dokumente und Einstellungen\******\defogger_reenable
2014-07-30 00:22 - 2012-05-09 18:11 - 00000000 ____D () C:\Dokumente und Einstellungen\******
2014-07-30 00:20 - 2014-07-15 20:08 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\McAfee
2014-07-30 00:20 - 2012-05-10 20:46 - 00001591 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\McAfee AntiVirus Plus.lnk
2014-07-30 00:17 - 2014-02-26 19:41 - 00000000 ____D () C:\Programme\WinZipper
2014-07-30 00:16 - 2014-03-28 14:02 - 00000226 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2014-07-30 00:16 - 2012-06-22 21:55 - 00000382 _____ () C:\WINDOWS\Tasks\ProgramUpdateCheck.job
2014-07-30 00:16 - 2012-05-09 18:46 - 00000259 _____ () C:\WINDOWS\wiadebug.log
2014-07-30 00:16 - 2012-05-09 18:46 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-07-30 00:16 - 2012-05-09 18:10 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-30 00:16 - 2004-08-04 14:00 - 00000669 _____ () C:\WINDOWS\win.ini
2014-07-29 20:54 - 2012-05-09 18:11 - 00000190 ___SH () C:\Dokumente und Einstellungen\******\ntuser.ini
2014-07-29 20:54 - 2012-05-09 18:10 - 00032552 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-29 20:54 - 2012-05-09 17:56 - 01984878 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-29 20:42 - 2013-08-20 22:42 - 00000420 _____ () C:\WINDOWS\Tasks\At1.job
2014-07-29 20:36 - 2014-06-12 21:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IePluginServices
2014-07-29 20:36 - 2014-01-07 19:19 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WPM
2014-07-29 20:36 - 2012-05-09 19:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2467659$
2014-07-29 20:35 - 2014-02-26 19:41 - 00000000 ____D () C:\Dokumente und Einstellungen\******\Anwendungsdaten\SupTab
2014-07-29 20:35 - 2013-11-23 15:19 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eSafe
2014-07-29 20:35 - 2012-05-10 22:24 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp
2014-07-29 20:31 - 2012-05-10 10:16 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-29 20:18 - 2014-07-29 20:08 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-29 20:08 - 2014-07-29 20:08 - 00000749 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-07-29 20:08 - 2012-05-09 18:44 - 00000000 ___RD () C:\Programme
2014-07-29 20:08 - 2012-05-09 18:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-07-29 20:07 - 2012-08-06 10:07 - 00017408 _____ () C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-29 20:03 - 2012-07-26 16:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Gast\Lokale Einstellungen\Temp
2014-07-29 19:49 - 2012-05-10 22:24 - 00000190 ___SH () C:\Dokumente und Einstellungen\Martina\ntuser.ini
2014-07-29 16:50 - 2012-05-09 18:11 - 00000000 ___HD () C:\Dokumente und Einstellungen\******\Netzwerkumgebung
2014-07-29 16:23 - 2004-08-04 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-28 17:38 - 2014-07-08 21:02 - 00296690 _____ () C:\WINDOWS\setupapi.log
2014-07-28 16:42 - 2012-05-10 20:46 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Mcafee
2014-07-23 20:22 - 2012-05-10 10:16 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-23 20:22 - 2012-05-10 10:16 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-23 13:09 - 2014-01-18 15:08 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\Dropbox
2014-07-21 22:05 - 2014-07-21 20:21 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina\Desktop\Fotos 3829 - 4642
2014-07-15 21:23 - 2012-05-09 17:56 - 00000749 __RHC () C:\WINDOWS\system32\sapi.cpl.manifest
2014-07-15 21:23 - 2012-05-09 17:56 - 00000749 __RHC () C:\WINDOWS\system32\nwc.cpl.manifest
2014-07-15 21:23 - 2012-05-09 17:56 - 00000749 __RHC () C:\WINDOWS\system32\ncpa.cpl.manifest
2014-07-15 21:23 - 2012-05-09 17:56 - 00000749 __RHC () C:\WINDOWS\system32\cdplayer.exe.manifest
2014-07-15 21:23 - 2012-05-09 17:56 - 00000749 ___RH () C:\WINDOWS\WindowsShell.Manifest
2014-07-15 21:23 - 2012-05-09 17:56 - 00000749 ___RH () C:\WINDOWS\system32\wuaucpl.cpl.manifest
2014-07-15 20:23 - 2012-05-09 17:56 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-07-15 20:23 - 2012-05-09 17:56 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-07-15 20:19 - 2014-07-15 20:18 - 00541592 _____ (McAfee, Inc.) C:\Dokumente und Einstellungen\******\Desktop\MVTInstaller.exe
2014-07-15 20:19 - 2012-05-10 20:46 - 00000000 ____D () C:\Programme\McAfee
2014-07-14 18:53 - 2012-05-09 18:43 - 00180716 _____ () C:\WINDOWS\setupact.log
2014-07-14 18:44 - 2014-07-14 18:44 - 00000000 ____D () C:\Dokumente und Einstellungen\******\Anwendungsdaten\McAfee
2014-07-14 18:44 - 2012-05-10 20:31 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
2014-07-12 08:47 - 2014-07-10 13:58 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina\Desktop\Landhausbrunch 20 07 2014
2014-07-12 08:34 - 2014-07-12 08:34 - 00036480 _____ () C:\WINDOWS\system32\Drivers\e55f1a183fbfe661.sys
2014-07-12 07:44 - 2014-01-18 15:08 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\DropboxMaster
2014-07-12 07:44 - 2013-09-12 20:06 - 03355641 _____ () C:\WINDOWS\KB2864063.log
2014-07-10 22:37 - 2014-07-10 22:32 - 79864488 _____ () C:\Dokumente und Einstellungen\******\Desktop\Mojo- Jack White presents the Best of Third Man Records.zip
2014-07-10 14:39 - 2013-08-14 09:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-10 14:37 - 2012-05-10 21:40 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2014-07-10 14:37 - 2012-05-09 19:10 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-10 14:36 - 2012-05-10 22:24 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina
2014-07-10 14:29 - 2014-07-10 14:29 - 00000000 ____D () C:\Dokumente und Einstellungen\Martina\Desktop\Gerds Pavillon
2014-07-10 13:38 - 2012-06-03 13:42 - 00012800 ____C () C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-10 10:23 - 2014-07-10 10:23 - 00001584 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
2014-07-10 10:23 - 2014-07-10 10:23 - 00000000 ____D () C:\Programme\QuickTime
2014-07-10 10:23 - 2014-07-10 10:23 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime
2014-07-10 10:21 - 2012-05-11 18:32 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-07-08 18:58 - 2014-02-12 17:40 - 01059841 _____ () C:\WINDOWS\setupapi.log.0.old
2014-07-08 18:48 - 2014-03-28 14:02 - 00000220 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some content of TEMP:
====================
C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Temp\_is4D5.exe
C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Temp\_is4D6.exe
C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\AskSLib.dll
C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\dotNetFx40_Client_setup.exe
C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp93esd_.dll
C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\ICReinstall_SkypeSetup-16427221-none[1].exe
C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\jre-7u5-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\Quarantine.exe
C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-14 07:22] - [2008-04-14 07:22] - 0053760 ____A () 

C:\WINDOWS\system32\Drivers\volsnap.sys No Company Name <===== ATTENTION!


==================== End Of Log ============================
3. Addition.txt s. Anhang (leider nur als .zip)

4. Gmer.txt
Beim Start von GMER kam folgende Fehlermeldung (auch im abgesicherten Modus): "LoadDriver("C:\DOKUME~1\*NAME*~1\LOKALE~1\Temp\kwlcrkob.sys") error 0xC0000001: Ein dauerhafter Unterschlüssel kann nicht unter einem temporären übergeordneten Schlüssel erstellt werden."
Im abgesicherten Modus ließ sich folgender Fehler vermeiden: "C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird." (bei Start des Programms und bei Start des Scans)
weitere Pfade beim Scan:
~\software
C:\Dokumente und Einstellunegn\******\ntuser.dat

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-30 00:51:37
Windows 5.1.2600 Service Pack 3 
Running: tp5i162g.exe


---- Services - GMER 2.1 ----

Service  C:\WINDOWS\System32\Drivers\e55f1a183fbfe661.sys (*** hidden *** )                                        [BOOT] e55f1a183fbfe661                             <-- ROOTKIT !!!

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\Video\{6E4EE30B-822D-4636-B49E-B82720F06157}\0000@D3D_\x3332\x3331  2089309684
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Video\{DE8CA2BC-35E9-4CEB-8330-EAB7F056F2D0}\0000@D3D_\x3332\x3331  2089309684
Reg      HKLM\SYSTEM\CurrentControlSet\Services\e55f1a183fbfe661@ImagePath                                         \SystemRoot\System32\Drivers\e55f1a183fbfe661.sys
Reg      HKLM\SYSTEM\CurrentControlSet\Services\e55f1a183fbfe661@Group                                             Boot Bus Extender
Reg      HKLM\SYSTEM\CurrentControlSet\Services\e55f1a183fbfe661@ErrorControl                                      0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\e55f1a183fbfe661@Type                                              1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\e55f1a183fbfe661@Start                                             0
Reg      HKLM\SYSTEM\CurrentControlSet\Services\e55f1a183fbfe661@Tag                                               1
Reg      HKLM\SYSTEM\CurrentControlSet\Services\e55f1a183fbfe661@DisplayName                                       syshost.exe
Reg      HKLM\SYSTEM\CurrentControlSet\Services\e55f1a183fbfe661                                                   
Reg      HKLM\SYSTEM\ControlSet003\Control\Video\{6E4EE30B-822D-4636-B49E-B82720F06157}\0000@D3D_\x3332\x3331      2089309684
Reg      HKLM\SYSTEM\ControlSet003\Control\Video\{DE8CA2BC-35E9-4CEB-8330-EAB7F056F2D0}\0000@D3D_\x3332\x3331      2089309684
Reg      HKLM\SYSTEM\ControlSet003\Services\e55f1a183fbfe661@ImagePath                                             \SystemRoot\System32\Drivers\e55f1a183fbfe661.sys
Reg      HKLM\SYSTEM\ControlSet003\Services\e55f1a183fbfe661@Group                                                 Boot Bus Extender
Reg      HKLM\SYSTEM\ControlSet003\Services\e55f1a183fbfe661@ErrorControl                                          0
Reg      HKLM\SYSTEM\ControlSet003\Services\e55f1a183fbfe661@Type                                                  1
Reg      HKLM\SYSTEM\ControlSet003\Services\e55f1a183fbfe661@Start                                                 0
Reg      HKLM\SYSTEM\ControlSet003\Services\e55f1a183fbfe661@Tag                                                   1
Reg      HKLM\SYSTEM\ControlSet003\Services\e55f1a183fbfe661@DisplayName                                           syshost.exe

---- EOF - GMER 2.1 ----
5. Protokoll von Malwarebytes:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 29.07.2014
Scan Time: 20:19:29
Logfile: Malwarebytes.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: ******

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 328056
Time Elapsed: 13 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 3
PUP.Optional.IePluginService.A, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IePluginService\PluginService.exe, 988, Delete-on-Reboot, [463703db22588aaca199c9cfbf4233cd]
PUP.Optional.IePluginService.A, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IePluginServices\PluginService.exe, 1048, Delete-on-Reboot, [daa3c717b7c305312a10c9cf17ead62a]
PUP.Optional.WpManager, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WPM\wprotectmanager.exe, 1164, Delete-on-Reboot, [017c8b53a2d8a98d71f49a08986935cb]

Modules: 0
(No malicious items detected)

Registry Keys: 34
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, Quarantined, [463703db22588aaca199c9cfbf4233cd], 
PUP.Optional.IePluginService.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IePlugins, Quarantined, [463703db22588aaca199c9cfbf4233cd], 
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Quarantined, [daa3c717b7c305312a10c9cf17ead62a], 
PUP.Optional.WpManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Wpm, Quarantined, [017c8b53a2d8a98d71f49a08986935cb], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [1568f6e8ceac20167d60ef8559a945bb], 
PUP.Optional.WebConnect.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2316C625-B487-4410-A1A5-FF040B65245F}, Quarantined, [89f4ffdfb8c264d2180e1f55a2608878], 
PUP.Optional.WebConnect.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2316C625-B487-4410-A1A5-FF040B65245F}, Quarantined, [89f4ffdfb8c264d2180e1f55a2608878], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [a6d728b65327a88e32e43b04f50de11f], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [a6d728b65327a88e32e43b04f50de11f], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [a6d728b65327a88e32e43b04f50de11f], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [a6d728b65327a88e32e43b04f50de11f], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [a6d728b65327a88e32e43b04f50de11f], 
PUP.Optional.Delta.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, Quarantined, [017c924ce49662d4dc2777fc39c931cf], 
PUP.Optional.Delta.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, Quarantined, [017c924ce49662d4dc2777fc39c931cf], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, Quarantined, [dca15a84bdbdcb6b313846fbe71bf20e], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, Quarantined, [dca15a84bdbdcb6b313846fbe71bf20e], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, Quarantined, [dca15a84bdbdcb6b313846fbe71bf20e], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, Quarantined, [dca15a84bdbdcb6b313846fbe71bf20e], 
PUP.Optional.Delta.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Quarantined, [2f4e17c76c0edb5bc73b6d067989ac54], 
PUP.Optional.Delta.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Quarantined, [2f4e17c76c0edb5bc73b6d067989ac54], 
PUP.Optional.Babylon.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SETUP.EXE, Quarantined, [e19c558986f47abc9e69e686ed1332ce], 
PUP.Optional.Aartemis.A, HKLM\SOFTWARE\AARTEMISSOFTWARE\aartemishp, Quarantined, [7d0038a62357181ec0f3f1a5748e7090], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [4f2eb826acceb185d0d67d398f74956b], 
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SYSHOST32, Quarantined, [bbc2a43accae270fcd9196ebe71c5fa1], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLive, Quarantined, [56276d71d0aa87affb3d317b739009f7], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, Quarantined, [bdc008d6afcb77bfc3b0b1e4a26041bf], 
PUP.Optional.LyriXeeker.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\LyriXeeker, Quarantined, [e09da638d8a295a1ecad01b1bb48ef11], 
PUP.Optional.Qone8, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [bcc1dfffd9a16dc9c3e2199de71c33cd], 
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, Quarantined, [b1ccd905f486a096aae3eec2e51e7c84], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [631aa53968122d09f187435149b938c8], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [6f0ea23c2654bb7b824c109a7192c040], 
PUP.Optional.Qone8, HKU\S-1-5-21-1085031214-1604221776-1417001333-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [6d102bb34e2c37ffa9fc447255aedd23], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLive, Quarantined, [6d101cc2b5c5e74fa5937537d330f40c], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [3845eef05c1eb77fa42a5b4f48bb5ba5], 

Registry Values: 4
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SYSHOST32|ImagePath, "C:\WINDOWS\Installer\{BA980A79-5D7B-FCA3-6063-161340150D6B}\syshost.exe" /service, Quarantined, [bbc2a43accae270fcd9196ebe71c5fa1]
PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM|ImagePath, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WPM\wprotectmanager.exe -service, Quarantined, [de9fad31fe7cb4829bec2c8f2ad99c64]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0Z1N1J, Quarantined, [6f0ea23c2654bb7b824c109a7192c040]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1085031214-1604221776-1417001333-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0L1N1H2O1S, Quarantined, [3845eef05c1eb77fa42a5b4f48bb5ba5]

Registry Data: 5
PUP.Optional.Aartemis, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Programme\Internet Explorer\iexplore.exe hxxp://aartemis.com/?type=sc&ts=1385212789&from=cor&uid=ST3500418AS_6VM31WBYXXXX6VM31WBY, Good: (iexplore.exe), Bad: (C:\Programme\Internet Explorer\iexplore.exe hxxp://aartemis.com/?type=sc&ts=1385212789&from=cor&uid=ST3500418AS_6VM31WBYXXXX6VM31WBY),Replaced,[e6970dd13b3fc67050041f10f311fa06]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[3647f0eed7a36fc7053e60cf29dbc23e]
PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify, 1, Good: (0), Bad: (1),Replaced,[dca1b12da6d42a0c22df6cbea064639d]
PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FirewallDisableNotify, 1, Good: (0), Bad: (1),Replaced,[e29b8f4f99e11d1956acb377df2539c7]
PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify, 1, Good: (0), Bad: (1),Replaced,[3d40fce296e4c670dd2670bae321f907]

Folders: 8
PUP.Optional.eSafe.A, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eSafe\log, Quarantined, [89f45b83087239fd415feaa6b949da26], 
PUP.Optional.Aartemis.A, C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\aartemis, Quarantined, [5c214896fa806cca3abdeace0102e61a], 
PUP.Optional.Aartemis.A, C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\aartemis\log, Quarantined, [5c214896fa806cca3abdeace0102e61a], 
PUP.Optional.Delta.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\mt_ffx\Delta, Quarantined, [4b321cc2b6c469cdfbadc7bf828004fc], 
PUP.Optional.Delta.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\mt_ffx\Delta\delta, Quarantined, [4b321cc2b6c469cdfbadc7bf828004fc], 
PUP.Optional.Delta.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\mt_ffx\Delta\delta\1.8.24.6, Quarantined, [4b321cc2b6c469cdfbadc7bf828004fc], 
PUP.Optional.IePluginService.A, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IePluginService, Delete-on-Reboot, [9ae3e4fa4a30cc6a4420b3d6956de818], 
PUP.Optional.IePluginService.A, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IePluginService\update, Quarantined, [9ae3e4fa4a30cc6a4420b3d6956de818], 

Files: 27
PUP.Optional.IePluginService.A, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IePluginService\PluginService.exe, Delete-on-Reboot, [463703db22588aaca199c9cfbf4233cd], 
PUP.Optional.IePluginService.A, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IePluginServices\PluginService.exe, Delete-on-Reboot, [daa3c717b7c305312a10c9cf17ead62a], 
PUP.Optional.WpManager, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WPM\wprotectmanager.exe, Delete-on-Reboot, [017c8b53a2d8a98d71f49a08986935cb], 
PUP.Optional.SupTab.A, C:\Dokumente und Einstellungen\******\Anwendungsdaten\SupTab\SupTab.dll, Quarantined, [710c2bb3532779bd3cfb2c57956bcc34], 
PUP.Optional.Delta.A, C:\Dokumente und Einstellungen\Gast\Lokale Einstellungen\Temp\is357113909\DeltaTB.exe, Quarantined, [532a9d414c2eae88094cc980709118e8], 
PUP.Optional.DealPly.A, C:\Dokumente und Einstellungen\Gast\Lokale Einstellungen\Temp\is357113909\dp.exe, Quarantined, [710c89558dedbf777a2267ed22e2d52b], 
PUP.Optional.Installcore, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\ICReinstall_AdobeReaderSetup-11727605-none[1].exe, Quarantined, [acd130ae552577bf7d3ed545c83cb34d], 
PUP.Optional.Installcore, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\ICReinstall_FinalMediaPlayerSetup-3514721-none[1].exe, Quarantined, [87f64f8f2c4e00361bd542d0be46e51b], 
PUP.Optional.Installcore, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\ICReinstall_PDFCreatorSetup-10437732-none[1].exe, Quarantined, [2c519b4368128aaca536100410f4f907], 
PUP.Optional.Wsys.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\fullpackage_temp1385212782\tmp\eGdpSvc.exe, Quarantined, [750828b626549b9be04b4f1953aee21e], 
PUP.Optional.CRX.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\bus444\CrxUpdater_d.exe, Quarantined, [05785589c4b642f404b88b8b798b6997], 
PUP.Optional.CRX.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\bus459\CrxUpdater_d.exe, Quarantined, [67165a84047649ed5d5f1afc768e6997], 
PUP.Optional.CRX.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\bus45E\CrxUpdater_d.exe, Quarantined, [423bc21c4e2c7fb7cbf143d306fe4ab6], 
PUP.Optional.CRX.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\bus46B\CrxUpdater_d.exe, Quarantined, [116cd905adcd5dd9b00cc84e976dbb45], 
PUP.Optional.CRX.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\bus484\CrxUpdater_d.exe, Quarantined, [cfaeb02eee8cb38313a9b85ee024956b], 
PUP.Optional.Babylon.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\A780778A-BAB0-7891-9B88-5D2B01EC372E\Latest\BExternal.dll, Quarantined, [0a7320be0c6eac8a6265115fbb459b65], 
PUP.Optional.BabSolution.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\A780778A-BAB0-7891-9B88-5D2B01EC372E\Latest\BUSolution.dll, Quarantined, [562749958bef1e1829298dc16b96aa56], 
PUP.Optional.Babylon.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\A780778A-BAB0-7891-9B88-5D2B01EC372E\Latest\CrxInstaller.dll, Quarantined, [3d40bd21fc7e8da9070091ca9869af51], 
PUP.Optional.Babylon.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\A780778A-BAB0-7891-9B88-5D2B01EC372E\Latest\MntrDLLInstall.dll, Quarantined, [94e98f4f76047fb7bd4b48136a978a76], 
PUP.Optional.Delta, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\A780778A-BAB0-7891-9B88-5D2B01EC372E\Latest\MyDeltaTB.exe, Quarantined, [d7a6796592e8989e0fe5ce7cc9386c94], 
PUP.Optional.Babylon.A, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\A780778A-BAB0-7891-9B88-5D2B01EC372E\Latest\Setup.exe, Quarantined, [e19c558986f47abc9e69e686ed1332ce], 
PUP.Optional.eSafe.A, C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eSafe\log\eGdpSvc.LOG, Quarantined, [89f45b83087239fd415feaa6b949da26], 
Backdoor.ProRat, C:\Dokumente und Einstellungen\Martina\Lokale Einstellungen\Temp\pey7F7.tmp, Quarantined, [8eef39a5b0ca84b21354efff62a030d0], 
PUP.Optional.Aartemis.A, C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\aartemis\cor_aartemis.json, Quarantined, [5c214896fa806cca3abdeace0102e61a], 
PUP.Optional.Aartemis.A, C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\aartemis\DataBase, Quarantined, [5c214896fa806cca3abdeace0102e61a], 
PUP.Optional.Aartemis.A, C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\aartemis\QQBrowserFrame.dll, Quarantined, [5c214896fa806cca3abdeace0102e61a], 
PUP.Optional.Aartemis.A, C:\Dokumente und Einstellungen\Martina\Anwendungsdaten\aartemis\log\aartemis.LOG, Quarantined, [5c214896fa806cca3abdeace0102e61a], 

Physical Sectors: 0
(No malicious items detected)


(end)

 

Themen zu McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg
0xc0000001, backdoor.prorat, fast start, firewall nicht aktivierbar, icreinstall, newtab, pum.disabled.securitycenter, pup.optional.aartemis, pup.optional.aartemis.a, pup.optional.babsolution.a, pup.optional.babylon.a, pup.optional.crx.a, pup.optional.dealply.a, pup.optional.delta, pup.optional.delta.a, pup.optional.esafe.a, pup.optional.iepluginservice.a, pup.optional.iminent.a, pup.optional.installcore, pup.optional.installcore.a, pup.optional.lyrixeeker.a, pup.optional.qone8, pup.optional.regcleanerpro.a, pup.optional.suptab.a, pup.optional.wajam.a, pup.optional.webconnect.a, pup.optional.wpmanager, pup.optional.wpmanager.a, pup.optional.wsys.a, quick_start, trojan.agent, vcredist


« Amazon-Icon, GIGA-Android-Startseite und Amazon.de.Url nach Download einer Datei(jedoch keine erkennbarne Probleme) | Notebook immer noch verseucht? »


Ähnliche Themen: McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg


  1. Keine Internetverbindung, Firewall nicht aktivierbar, Explorer crash bei rechtsklick
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (12)
  2. Windows 7/Avira Firewall nicht aktivierbar, Programme funktionieren nicht. Trojanerbefall?
    Log-Analyse und Auswertung - 23.09.2014 (14)
  3. Laptop extrem langsam, Firewall nicht aktivierbar, Malwarebytes hat mehrere Viren gefunden
    Log-Analyse und Auswertung - 11.12.2013 (17)
  4. Windows 7: Windows Firewall nicht aktivierbar, Fehlercode: 0x6D9
    Log-Analyse und Auswertung - 19.10.2013 (13)
  5. Internetverbindung wird ständig getrennt - Virenscan nicht möglich!
    Log-Analyse und Auswertung - 03.05.2013 (0)
  6. Windows Firewall unter Windows 8 nicht mehr aktivierbar
    Alles rund um Windows - 28.01.2013 (5)
  7. "Mit windows update kann derzeit nicht nach updates gesucht werden" / Firewall nicht aktivierbar
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (72)
  8. Avast Antivirus, Windows Firewall & Defender nicht aktivierbar - u.A. CoinMiner Virus
    Plagegeister aller Art und deren Bekämpfung - 01.10.2012 (3)
  9. McAfee aktualisiert sich nicht - Firewall kann man nicht aktivieren
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (5)
  10. Firewall so wie Windows Sicherheitscenter nicht aktivierbar
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (2)
  11. Firewall so wie Windows Sicherheitscenter nicht aktivierbar
    Mülltonne - 25.07.2012 (2)
  12. Nach Security Center 2012 Virus auf Windows7 Sicherheitscenter und Firewall nicht aktivierbar...
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (1)
  13. Sicherheitscenterdienst u Firewall nicht aktivierbar nach smart fortress 2012
    Log-Analyse und Auswertung - 22.03.2012 (36)
  14. Win7 Firewall nicht mehr aktivierbar (Fehlercode 13)
    Log-Analyse und Auswertung - 25.01.2012 (3)
  15. Laptop lahmt, Win-Firewall nicht aktivierbar, mbam-funde, Trojaner-Verdacht..?
    Plagegeister aller Art und deren Bekämpfung - 24.02.2011 (64)
  16. Firewall nicht mehr aktivierbar
    Antiviren-, Firewall- und andere Schutzprogramme - 27.01.2011 (26)
  17. Winxp-Firewall nicht aktivierbar
    Antiviren-, Firewall- und andere Schutzprogramme - 15.12.2009 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg - Liebe Helferin, lieber Helfer, seit gestern abend funktioniert plötzlich das Internet an meinem PC nicht mehr, obwohl alle anderen Computer weiterhin Zugriff haben. Gleichzeitig funktioniert der Live-Scan von McAfee nicht - McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg...
Archiv
Du betrachtest: McAfee Virenscan und Firewall nicht aktivierbar, Internetverbindung weg auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131