|
Log-Analyse und Auswertung: FehlermeldungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
15.11.2009, 03:52 | #1 |
| Fehlermeldung Hallo zusammen, ich hab ein kleines Problem... wenn ich meinen PC hochfahre kommt immer ne Fehlermeldung... Die Skriptdatei "C:\WINXP\system32\winjpg.jpg" wurde nicht gefunden. Kann mir dabei jemand helfen?Bin da echt überfragt... ich hab mal direkt ne Logfile beigefügt... hoffe das das so richtig ist.... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:46:19, on 15.11.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINXP\System32\smss.exe C:\WINXP\system32\winlogon.exe C:\WINXP\system32\services.exe C:\WINXP\system32\lsass.exe C:\WINXP\system32\svchost.exe C:\WINXP\System32\svchost.exe C:\WINXP\system32\svchost.exe C:\WINXP\Explorer.EXE C:\Programme\Alwil Software\Avast4\aswUpdSv.exe C:\Programme\Alwil Software\Avast4\ashServ.exe C:\WINXP\RTHDCPL.EXE C:\WINXP\vsnp2std.exe C:\WINXP\system32\rundll32.exe C:\Programme\Search Settings\SearchSettings.exe C:\WINXP\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINXP\system32\ctfmon.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINXP\system32\nvsvc32.exe C:\WINXP\system32\IoctlSvc.exe C:\WINXP\System32\PAStiSvc.exe C:\WINXP\system32\svchost.exe C:\WINXP\System32\TUProgSt.exe C:\Programme\Alwil Software\Avast4\ashMaiSv.exe C:\Programme\Alwil Software\Avast4\ashWebSv.exe C:\WINXP\System32\svchost.exe C:\Programme\ICQ6.5\ICQ.exe C:\Programme\Windows Live\Messenger\msnmsgr.exe C:\Programme\Windows Live\Contacts\wlcomm.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\DVBT\DetectTray.exe C:\Programme\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\kb128\SearchSettings.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll (file missing) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\kb128\SearchSettings.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINXP\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [tsnp2std] C:\WINXP\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINXP\vsnp2std.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [SearchSettings] C:\Programme\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [CTFMON] C:\WINXP\system32\wscript.exe /E:vbs C:\WINXP\system32\winjpg.jpg O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINXP\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [regdiit] C:\WINXP\system32\win.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programme\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINXP\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINXP\system32\IoctlSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programme\WinPcap\rpcapd.exe O23 - Service: STI Simulator - Unknown owner - C:\WINXP\System32\PAStiSvc.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINXP\System32\TUProgSt.exe -- End of file - 7659 bytes |
15.11.2009, 10:38 | #2 |
/// AVZ-Toolkit Guru | Fehlermeldung Hallöle.
__________________Du hast nicht zufällig bevor der Fehler auftrat einen e-Mail Anhang geöffnet? Scanne bitte mit Malwarebytes und poste das log. Erstelle dananach zwei AVZ logs und poste diese.
__________________ |
15.11.2009, 17:12 | #3 |
| Fehlermeldung malwarebytes
__________________ |
15.11.2009, 17:24 | #4 |
| Fehlermeldung die beiden von AVZ sind zu lang...muss die teilen.... <?xml version="1.0" encoding="windows-1251" ?> - <!-- AVZ XML Report --> - <AVZ Version="4.32" LogDate="15.11.2009 16:55:29" WinDir="C:\WINXP\" ProfileDir="C:\Dokumente und Einstellungen\Administrator" IsWow64="False" CompHash="E742F440730CDF128C89B80AD1D0074D"> - <PROCESS> <ITEM PID="1548" File="c:\progra~1\alwils~1\avast4\ashdisp.exe" CheckResult="0" Descr="avast! service GUI component" LegalCopyright="Copyright (c) 2009 ALWIL Software" Hidden="0" CmdLine="@quot;C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe@quot;" Size="81000" Attr="rsAh" CreateDate="02.11.2009 20:32:53" ChageDate="15.09.2009 12:56:48" MD5="28E9092D50AE450662EEA4719E5AA304" /> <ITEM PID="1984" File="c:\programme\alwil software\avast4\ashserv.exe" CheckResult="0" Descr="avast! antivirus service" LegalCopyright="Copyright (c) 2009 ALWIL Software" Hidden="0" CmdLine="@quot;C:\Programme\Alwil Software\Avast4\ashServ.exe@quot;" Size="138680" Attr="rsAh" CreateDate="02.11.2009 20:32:53" ChageDate="15.09.2009 12:56:43" MD5="35751F0539366A08C966B2FC2D6A3A05" /> <ITEM PID="1904" File="c:\winxp\explorer.exe" CheckResult="0" Descr="Windows Explorer" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Hidden="0" CmdLine="C:\WINXP\Explorer.EXE" Size="1036800" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="418045A93CD87A352098AB7DABE1B53E" /> <ITEM PID="1308" File="c:\winxp\system32\rundll32.exe" CheckResult="0" Descr="Eine DLL-Datei als Anwendung ausfьhren" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Hidden="0" CmdLine="@quot;C:\WINXP\system32\RUNDLL32.EXE@quot; C:\WINXP\system32\NvMcTray.dll,NvTaskbarInit" Size="33792" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="F6B34CD47CAF6D68106B9F8055F35C50" /> <ITEM PID="1316" File="c:\winxp\system32\svchost.exe" CheckResult="0" Descr="Generic Host Process for Win32 Services" LegalCopyright="© Microsoft Corporation. All rights reserved." Hidden="0" CmdLine="C:\WINXP\System32\svchost.exe -k netsvcs" Size="14336" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="4FBC75B74479C7A6F829E0CA19DF3366" /> <ITEM PID="1168" File="c:\winxp\tsnp2std.exe" CheckResult="-1" Descr="tsnp2std Microsoft" LegalCopyright="Copyright (C) 2005" Hidden="0" CmdLine="@quot;C:\WINXP\tsnp2std.exe@quot;" Size="270336" Attr="rsAh" CreateDate="07.04.2009 17:54:07" ChageDate="10.05.2007 16:05:22" MD5="93E13B119D9BA636FBAF1DEE43ABDBE8" /> <ITEM PID="1512" File="c:\winxp\system32\tuprogst.exe" CheckResult="-1" Descr="TuneUp Program Statistics Service" LegalCopyright="© TuneUp Software" Hidden="0" CmdLine="C:\WINXP\System32\TUProgSt.exe" Size="604416" Attr="rsAh" CreateDate="05.04.2009 17:43:36" ChageDate="05.04.2009 17:43:36" MD5="6580ABC55F34B73D66F153EA55034361" /> <ITEM PID="1256" File="c:\winxp\vsnp2std.exe" CheckResult="-1" Descr="CameraMonitor Application" LegalCopyright="Copyright 2002-2005" Hidden="0" CmdLine="@quot;C:\WINXP\vsnp2std.exe@quot;" Size="344064" Attr="rsAh" CreateDate="07.04.2009 17:54:07" ChageDate="10.05.2007 15:58:42" MD5="C2C50A74B27150A0571C1EC0CBDACDC1" /> </PROCESS> - <DLL> <ITEM File="C:\Programme\Alwil Software\Avast4\German\Base.dll" CheckResult="-1" Descr="avast! German Basic Module" LegalCopyright="Copyright (c) 2009 ALWIL Software" UsedBy="1548,1984" Hidden="0" Size="65536" Attr="rsAh" CreateDate="02.11.2009 20:32:53" ChageDate="15.09.2009 12:45:53" MD5="68CF2E89BFB303567E78F9AC3482E5E9" /> <ITEM File="C:\Programme\Alwil Software\Avast4\German\Lang.dll" CheckResult="-1" Descr="avast! Main German Module" LegalCopyright="Copyright (c) 2009 ALWIL Software" UsedBy="1548" Hidden="0" Size="2555904" Attr="rsAh" CreateDate="02.11.2009 20:32:53" ChageDate="15.09.2009 12:45:52" MD5="C37A82CAB55CA0CC1DF3079EBDFBAFF3" /> <ITEM File="C:\WINXP\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80DEU.DLL" CheckResult="-1" Descr="MFC Language Specific Resources" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="1904" Hidden="0" Size="65536" Attr="rsAh" CreateDate="11.07.2009 20:32:00" ChageDate="11.07.2009 20:32:00" MD5="4BD94B77F2057F62DF566A1825DF688D" /> <ITEM File="C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="1904" Hidden="0" Size="311296" Attr="rsAh" CreateDate="27.02.2009 15:41:26" ChageDate="27.02.2009 15:41:26" MD5="16C3C94F5B692424DE02F7A7FF79494A" /> <ITEM File="C:\WINXP\system32\NVRSDE.DLL" CheckResult="-1" Descr="NVIDIA German language resource library" LegalCopyright="(C) NVIDIA Corporation. All rights reserved." UsedBy="1308" Hidden="0" Size="278528" Attr="rsAh" CreateDate="16.08.2006 08:35:00" ChageDate="27.03.2009 09:03:00" MD5="D56349E0532B11C7B52F2CE7CFD4BC69" /> <ITEM File="c:\winxp\system32\uxtuneup.dll" CheckResult="-1" Descr="TuneUp Theme Extension" LegalCopyright="© TuneUp Software" UsedBy="1316" Hidden="0" Size="28416" Attr="rsAh" CreateDate="06.11.2009 14:39:18" ChageDate="20.03.2009 15:01:04" MD5="2BB1DCD293E1A3771EA2C57B359DE15A" /> <ITEM File="C:\WINXP\system32\vsnp2std.dll" CheckResult="-1" Descr="camext20" LegalCopyright="Copyright 2005" UsedBy="1168" Hidden="0" Size="73728" Attr="rsAh" CreateDate="07.04.2009 17:54:02" ChageDate="31.05.2007 09:28:56" MD5="A1BD8D45A310A5679BB168160FCE7FE9" /> </DLL> - <KERNELOBJ> <ITEM File="C:\WINXP\System32\Drivers\dump_atapi.sys" CheckResult="-1" Base="F25BF000" MemSize="018000" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\System32\Drivers\dump_WMILIB.SYS" CheckResult="-1" Base="F79BD000" MemSize="002000" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\system32\DRIVERS\EAPPkt.sys" CheckResult="-1" Base="BA7C8000" MemSize="00A000" Descr="NDIS User mode I/O Driver" LegalCopyright="Copyright (C) Microsoft Corp. 1981-1999" Size="38144" Attr="RsAh" CreateDate="31.07.2009 11:47:24" ChageDate="15.11.2006 15:23:06" MD5="D82414EC520453EFE2EBA936F6A9115A" /> <ITEM File="C:\WINXP\system32\DRIVERS\EC168BDA.sys" CheckResult="-1" Base="F269F000" MemSize="016000" Descr="e3C DTV Driver" LegalCopyright="e3C, Inc. All rights reserved." Size="87296" Attr="rsAh" CreateDate="11.09.2007 14:20:00" ChageDate="11.09.2007 14:20:00" MD5="53660D1A4068109C9C1FB97CE83BEE35" /> <ITEM File="C:\WINXP\system32\DRIVERS\PA707UCM.SYS" CheckResult="-1" Base="F26B5000" MemSize="026000" Descr="PA707UCM" LegalCopyright="Copyright c 2004" Size="154752" Attr="rsAh" CreateDate="18.10.2005 10:48:38" ChageDate="18.10.2005 10:48:38" MD5="2085D5168FC0C56BB13304D180D244B6" /> <ITEM File="C:\WINXP\system32\Drivers\sfdrv01.sys" CheckResult="-1" Base="F716E000" MemSize="011000" Descr="StarForce Protection Environment Driver" LegalCopyright="(c) Protection Technology, 2000-2005" Size="48640" Attr="rsAh" CreateDate="16.05.2005 14:15:58" ChageDate="16.05.2005 14:15:58" MD5="321231D53D409FBB9F6FFABDECFDE2F6" /> <ITEM File="C:\WINXP\system32\Drivers\sfvfs02.sys" CheckResult="-1" Base="F717F000" MemSize="014000" Descr="StarForce Protection VFS Driver" LegalCopyright="(c) Protection Technology, 2000-2005" Size="66560" Attr="rsAh" CreateDate="16.05.2005 14:26:49" ChageDate="16.05.2005 14:26:49" MD5="7ABB79EA70D156F966C94F10A5DC340E" /> <ITEM File="C:\WINXP\system32\DRIVERS\SNCAMD.SYS" CheckResult="-1" Base="F774F000" MemSize="007000" Descr="USB2.0 PC Camera driver" LegalCopyright="" Size="25472" Attr="rsAh" CreateDate="07.04.2009 17:54:06" ChageDate="25.01.2007 17:48:34" MD5="9F66C4BD06334BB772317C438644EF74" /> <ITEM File="C:\WINXP\system32\DRIVERS\snp2sxp.sys" CheckResult="-1" Base="F26FC000" MemSize="B9E000" Descr="USB2.0 PC Camera driver" LegalCopyright="Copyright 2004" Size="12178688" Attr="rsAh" CreateDate="07.04.2009 17:54:06" ChageDate="11.06.2007 08:58:42" MD5="4B4AACF4C799ED6CAA17BCFA25DAA3D7" /> <ITEM File="spuw.sys" CheckResult="-1" Base="F7366000" MemSize="100000" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\system32\TUKERNEL.EXE" CheckResult="-1" Base="804D7000" MemSize="239280" Descr="NT-Kernel und -System" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="2331264" Attr="rsAh" CreateDate="05.04.2009 17:53:27" ChageDate="05.04.2009 17:53:27" MD5="2BF31F9CFD7DA29E75FBFC2D387F8AE7" /> </KERNELOBJ> - <Service> <ITEM File="C:\WINXP\System32\TUProgSt.exe" Name="TuneUp.ProgramStatisticsSvc" CheckResult="-1" Type="16" State="4" Size="604416" Attr="rsAh" CreateDate="05.04.2009 17:43:36" ChageDate="05.04.2009 17:43:36" MD5="6580ABC55F34B73D66F153EA55034361" /> <ITEM File="C:\Programme\MAGIX\Common\Database\bin\fbserver.exe" Name="FirebirdServerMAGIXInstance" CheckResult="-1" Type="272" State="1" Size="1527900" Attr="rsAh" CreateDate="28.04.2009 03:18:35" ChageDate="17.11.2005 13:18:52" MD5="167D24A045499EBEF438F231976158DF" /> </Service> - <Drivers> <ITEM File="C:\WINXP\system32\DRIVERS\EAPPkt.sys" Name="EAPPkt" CheckResult="-1" Type="1" State="4" Size="38144" Attr="RsAh" CreateDate="31.07.2009 11:47:24" ChageDate="15.11.2006 15:23:06" MD5="D82414EC520453EFE2EBA936F6A9115A" /> <ITEM File="C:\WINXP\system32\DRIVERS\EC168BDA.sys" Name="EC168BDA" CheckResult="-1" Type="1" State="4" Size="87296" Attr="rsAh" CreateDate="11.09.2007 14:20:00" ChageDate="11.09.2007 14:20:00" MD5="53660D1A4068109C9C1FB97CE83BEE35" /> <ITEM File="C:\WINXP\system32\DRIVERS\PA707UCM.SYS" Name="PAC7311" CheckResult="-1" Type="1" State="4" Size="154752" Attr="rsAh" CreateDate="18.10.2005 10:48:38" ChageDate="18.10.2005 10:48:38" MD5="2085D5168FC0C56BB13304D180D244B6" /> <ITEM File="C:\WINXP\System32\drivers\sfdrv01.sys" Name="sfdrv01" CheckResult="-1" Type="1" State="4" Size="48640" Attr="rsAh" CreateDate="16.05.2005 14:15:58" ChageDate="16.05.2005 14:15:58" MD5="321231D53D409FBB9F6FFABDECFDE2F6" /> <ITEM File="C:\WINXP\System32\drivers\sfvfs02.sys" Name="sfvfs02" CheckResult="-1" Type="1" State="4" Size="66560" Attr="rsAh" CreateDate="16.05.2005 14:26:49" ChageDate="16.05.2005 14:26:49" MD5="7ABB79EA70D156F966C94F10A5DC340E" /> <ITEM File="C:\WINXP\system32\DRIVERS\snp2sxp.sys" Name="SNP2STD" CheckResult="-1" Type="1" State="4" Size="12178688" Attr="rsAh" CreateDate="07.04.2009 17:54:06" ChageDate="11.06.2007 08:58:42" MD5="4B4AACF4C799ED6CAA17BCFA25DAA3D7" /> <ITEM File="C:\WINXP\System32\Drivers\sptd.sys" Name="sptd" CheckResult="-1" Type="1" State="4" Size="717296" Attr="rsAh" CreateDate="05.04.2009 17:21:06" ChageDate="05.04.2009 17:21:06" MD5="" /> <ITEM File="Abiosdsk.sys" Name="Abiosdsk" CheckResult="-1" Type="1" State="1" /> <ITEM File="abp480n5.sys" Name="abp480n5" CheckResult="-1" Type="1" State="1" /> <ITEM File="adpu160m.sys" Name="adpu160m" CheckResult="-1" Type="1" State="1" /> <ITEM File="Aha154x.sys" Name="Aha154x" CheckResult="-1" Type="1" State="1" /> <ITEM File="aic78u2.sys" Name="aic78u2" CheckResult="-1" Type="1" State="1" /> <ITEM File="aic78xx.sys" Name="aic78xx" CheckResult="-1" Type="1" State="1" /> <ITEM File="AliIde.sys" Name="AliIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="amsint.sys" Name="amsint" CheckResult="-1" Type="1" State="1" /> <ITEM File="asc.sys" Name="asc" CheckResult="-1" Type="1" State="1" /> <ITEM File="asc3350p.sys" Name="asc3350p" CheckResult="-1" Type="1" State="1" /> <ITEM File="asc3550.sys" Name="asc3550" CheckResult="-1" Type="1" State="1" /> <ITEM File="Atdisk.sys" Name="Atdisk" CheckResult="-1" Type="1" State="1" /> <ITEM File="cd20xrnt.sys" Name="cd20xrnt" CheckResult="-1" Type="1" State="1" /> <ITEM File="Changer.sys" Name="Changer" CheckResult="-1" Type="1" State="1" /> <ITEM File="CmdIde.sys" Name="CmdIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="Cpqarray.sys" Name="Cpqarray" CheckResult="-1" Type="1" State="1" /> <ITEM File="dac960nt.sys" Name="dac960nt" CheckResult="-1" Type="1" State="1" /> <ITEM File="dpti2o.sys" Name="dpti2o" CheckResult="-1" Type="1" State="1" /> <ITEM File="hpn.sys" Name="hpn" CheckResult="-1" Type="1" State="1" /> <ITEM File="i2omgmt.sys" Name="i2omgmt" CheckResult="-1" Type="1" State="1" /> <ITEM File="i2omp.sys" Name="i2omp" CheckResult="-1" Type="1" State="1" /> <ITEM File="ini910u.sys" Name="ini910u" CheckResult="-1" Type="1" State="1" /> <ITEM File="IntelIde.sys" Name="IntelIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="lbrtfdc.sys" Name="lbrtfdc" CheckResult="-1" Type="1" State="1" /> <ITEM File="mraid35x.sys" Name="mraid35x" CheckResult="-1" Type="1" State="1" /> <ITEM File="PCIDump.sys" Name="PCIDump" CheckResult="-1" Type="1" State="1" /> <ITEM File="PDCOMP.sys" Name="PDCOMP" CheckResult="-1" Type="1" State="1" /> <ITEM File="PDFRAME.sys" Name="PDFRAME" CheckResult="-1" Type="1" State="1" /> <ITEM File="PDRELI.sys" Name="PDRELI" CheckResult="-1" Type="1" State="1" /> <ITEM File="PDRFRAME.sys" Name="PDRFRAME" CheckResult="-1" Type="1" State="1" /> <ITEM File="perc2.sys" Name="perc2" CheckResult="-1" Type="1" State="1" /> <ITEM File="perc2hib.sys" Name="perc2hib" CheckResult="-1" Type="1" State="1" /> <ITEM File="ql1080.sys" Name="ql1080" CheckResult="-1" Type="1" State="1" /> <ITEM File="Ql10wnt.sys" Name="Ql10wnt" CheckResult="-1" Type="1" State="1" /> <ITEM File="ql12160.sys" Name="ql12160" CheckResult="-1" Type="1" State="1" /> <ITEM File="ql1240.sys" Name="ql1240" CheckResult="-1" Type="1" State="1" /> <ITEM File="ql1280.sys" Name="ql1280" CheckResult="-1" Type="1" State="1" /> <ITEM File="Simbad.sys" Name="Simbad" CheckResult="-1" Type="1" State="1" /> <ITEM File="Sparrow.sys" Name="Sparrow" CheckResult="-1" Type="1" State="1" /> <ITEM File="sym_hi.sys" Name="sym_hi" CheckResult="-1" Type="1" State="1" /> <ITEM File="sym_u3.sys" Name="sym_u3" CheckResult="-1" Type="1" State="1" /> <ITEM File="symc810.sys" Name="symc810" CheckResult="-1" Type="1" State="1" /> <ITEM File="symc8xx.sys" Name="symc8xx" CheckResult="-1" Type="1" State="1" /> <ITEM File="C:\WINXP\system32\drivers\SynasUSB.sys" Name="SynasUSB" CheckResult="-1" Type="1" State="1" Size="18432" Attr="rsAh" CreateDate="08.07.2009 17:05:06" ChageDate="23.11.2006 16:20:06" MD5="418BD80A7FEFAA3FCBD3DCFC021CB294" /> <ITEM File="TosIde.sys" Name="TosIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="ultra.sys" Name="ultra" CheckResult="-1" Type="1" State="1" /> <ITEM File="ViaIde.sys" Name="ViaIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="WDICA.sys" Name="WDICA" CheckResult="-1" Type="1" State="1" /> |
15.11.2009, 17:26 | #5 |
| Fehlermeldung </Drivers> - <AUTORUN> <ITEM File="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf" CheckResult="-1" Enabled="1" Type="FILE" Size="113" Attr="rsAh" CreateDate="05.04.2009 19:02:57" ChageDate="05.04.2009 17:55:02" MD5="215C1129A537317206DA98284CC7FDE3" X1="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\" X2="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf" X3="" /> <ITEM File="C:\Programme\Electronic Arts\EADM\Core.exe" CheckResult="-1" Enabled="0" Type="REG" Size="3338240" Attr="rsAh" CreateDate="29.04.2009 18:55:24" ChageDate="29.04.2009 18:55:24" MD5="03DB79BDEFC469351271562D59E53A74" X1="HKEY_CURRENT_USER" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="EA Core" /> <ITEM File="C:\Programme\SQ\USB 2.0 Camera\SnapTrap.exe" CheckResult="-1" Enabled="0" Type="REG" Size="155648" Attr="rsAh" CreateDate="10.04.2009 17:46:26" ChageDate="05.11.2004 08:59:24" MD5="B8F666165A090CD412AFBF92FF4153A8" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="STICAP" /> <ITEM File="C:\Programme\Windows Live\Messenger\msnmsgr.exe" CheckResult="-1" Enabled="1" Type="REG" Size="3885408" Attr="rsAh" CreateDate="06.02.2009 17:51:28" ChageDate="06.02.2009 17:51:28" MD5="8694FCF50D283A9A405912B5DB6420D4" X1="HKEY_CURRENT_USER" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="msnmsgr" /> <ITEM File="C:\Programme\Windows Live\Messenger\msnmsgr.exe" CheckResult="-1" Enabled="0" Type="REG" Size="3885408" Attr="rsAh" CreateDate="06.02.2009 17:51:28" ChageDate="06.02.2009 17:51:28" MD5="8694FCF50D283A9A405912B5DB6420D4" X1="HKEY_CURRENT_USER" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="msnmsgr" /> <ITEM File="C:\Programme\\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" CheckResult="-1" Enabled="0" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="MobileConnect" /> <ITEM File="C:\WINXP\FixCamera.exe" CheckResult="-1" Enabled="0" Type="REG" Size="20480" Attr="rsAh" CreateDate="07.04.2009 17:40:16" ChageDate="12.02.2007 13:50:40" MD5="10DD727E26ACB6D0917609B55D2D625D" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="FixCamera" /> <ITEM File="C:\WINXP\System32\PrintFilterPipelineSvc.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\PrintFilterPipelineSvc" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\TUProgSt.exe" CheckResult="-1" Enabled="1" Type="REG" Size="604416" Attr="rsAh" CreateDate="05.04.2009 17:43:36" ChageDate="05.04.2009 17:43:36" MD5="6580ABC55F34B73D66F153EA55034361" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\TuneUp\TuneUp Program Statistics" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\hidserv.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\HidServ\Parameters" X3="ServiceDll" /> <ITEM File="C:\WINXP\System32\igmpv2.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IGMPv2" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\ipbootp.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IPBOOTP" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\iprip2.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IPRIP2" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\ospf.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPF" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\ospfmib.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPFMib" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\polagent.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\PolicyAgent" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\tssdis.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\TermServSessDir" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\uxtuneup.dll" CheckResult="-1" Enabled="1" Type="REG" Size="28416" Attr="rsAh" CreateDate="06.11.2009 14:39:18" ChageDate="20.03.2009 15:01:04" MD5="2BB1DCD293E1A3771EA2C57B359DE15A" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\UxTuneUp\Parameters" X3="ServiceDll" /> <ITEM File="C:\WINXP\system32\AegisE5.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\AegisP" X3="EventMessageFile" /> <ITEM File="C:\WINXP\system32\MsSip1.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 1" X3="$DLL" /> <ITEM File="C:\WINXP\system32\MsSip2.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 2" X3="$DLL" /> <ITEM File="C:\WINXP\system32\MsSip3.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 3" X3="$DLL" /> <ITEM File="C:\WINXP\system32\psxss.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="System\CurrentControlSet\Control\Session Manager\SubSystems" X3="Posix" /> <ITEM File="C:\WINXP\system32\stisvc.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System" X3="EventMessageFile" /> <ITEM File="C:\WINXP\system32\yv12vfw.dll" CheckResult="-1" Enabled="1" Type="REG" Size="70656" Attr="rsAh" CreateDate="15.11.2009 01:15:20" ChageDate="25.01.2004" MD5="7029A7634C8DFA8EE619E79B1B9A378F" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\Drivers32" X3="vidc.yv12" /> <ITEM File="C:\WINXP\tsnp2std.exe" CheckResult="-1" Enabled="1" Type="REG" Size="270336" Attr="rsAh" CreateDate="07.04.2009 17:54:07" ChageDate="10.05.2007 16:05:22" MD5="93E13B119D9BA636FBAF1DEE43ABDBE8" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="tsnp2std" /> <ITEM File="C:\WINXP\vsnp2std.exe" CheckResult="-1" Enabled="1" Type="REG" Size="344064" Attr="rsAh" CreateDate="07.04.2009 17:54:07" ChageDate="10.05.2007 15:58:42" MD5="C2C50A74B27150A0571C1EC0CBDACDC1" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="snp2std" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v2.0.50727\de\aspnet_rc.dll" CheckResult="-1" Enabled="1" Type="REG" Size="94208" Attr="rsAh" CreateDate="26.07.2008 00:55:12" ChageDate="26.07.2008 00:55:12" MD5="4F4D85471C68DD8B566CA561B573BD65" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\ASP.NET 2.0.50727.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft.Transactions.Bridge 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\ServiceModel Audit 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.IdentityModel 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.IO.Log 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.Runtime.Serialization 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.ServiceModel 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\SMSvcHost 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui;c:\WINXP\system32\icardres.dll.mui" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\CardSpace 3.0.0.0" X3="EventMessageFile" /> <ITEM File="kbd101.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\i8042prt\Parameters" X3="LayerDriver JPN" /> <ITEM File="kbd101a.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\i8042prt\Parameters" X3="LayerDriver KOR" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2=".DEFAULT\Control Panel\IOProcs" X3="MVB" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-19\Control Panel\IOProcs" X3="MVB" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-20\Control Panel\IOProcs" X3="MVB" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-18\Control Panel\IOProcs" X3="MVB" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_CURRENT_USER" X2="Control Panel\IOProcs" X3="MVB" /> <ITEM File="vgafix.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="fixedfon.fon" /> <ITEM File="vgaoem.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="oemfonts.fon" /> <ITEM File="vgasys.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="fonts.fon" /> |
15.11.2009, 17:27 | #6 |
| Fehlermeldung </AUTORUN> - <BHO> <ITEM File="" CheckResult="-1" Enabled="1" BHOType="1" RegKey="HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" CLSID="{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" Descr="" LegalCopyright="" /> </BHO> - <ExplorerExt> <ITEM File="deskpan.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="CPL-Erweiterung fьr Anzeigeverschiebung" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{42071714-76d4-11d1-8b24-00a0c9068ff3}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Shellerweiterungen fьr die Dateikomprimierung" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{764BF0E1-F219-11ce-972D-00AA00A14F56}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Kontextmenь fьr die Verschlьsselung" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Taskleiste und Startmenь" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{0DF44EAA-FF21-4412-828E-260A8728E7F1}" Descr="" LegalCopyright="" /> <ITEM File="rundll32.exe C:\WINXP\system32\shimgvw.dll,ImageView_COMServer {00E7B358-F65B-4dcf-83DF-CD026B94BFD4}" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Autoplay for SlideShow" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Benutzerkonten" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{7A9D77BD-5403-11d2-8785-2E0420524153}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Shell Extension for Malware scanning" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="CMenuExtender" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{ABC70703-32AF-11d4-90C4-D483A70F4825}" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\System32\uxtuneup.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="TuneUp Theme Extension" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{44440D00-FF19-4AFC-B765-9A0970567D97}" Descr="TuneUp Theme Extension" LegalCopyright="© TuneUp Software" Size="28416" Attr="rsAh" CreateDate="06.11.2009 14:39:18" ChageDate="20.03.2009 15:01:04" MD5="2BB1DCD293E1A3771EA2C57B359DE15A" /> </ExplorerExt> <PrintEXT /> - <TaskScheduler> <ITEM File="C:\Programme\TuneUp Utilities 2009\OneClickStarter.exe" CheckResult="-1" Enabled="46494336" Descr="TuneUp 1-Klick-Starter" LegalCopyright="Copyright © 2003-2008 TuneUp Software GmbH" Size="130816" Attr="rsAh" CreateDate="20.03.2009 15:17:38" ChageDate="20.03.2009 15:17:38" MD5="546F5C80AEEA8EC6160B3752B354D747" /> </TaskScheduler> - <SPI> <ITEM File="C:\WINXP\System32\mswsock.dll" CheckResult="-1" SPIType="1" SPINaim="TCP/IP" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\System32\winrnr.dll" CheckResult="-1" SPIType="1" SPINaim="NTDS" Descr="LDAP RnR Provider DLL" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="16896" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="4934FF44C8B6AE7B4CA0118B3D2CF666" /> <ITEM File="C:\WINXP\System32\mswsock.dll" CheckResult="-1" SPIType="1" SPINaim="NLA-Namespace" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\wshbth.dll" CheckResult="-1" SPIType="1" SPINaim="Bluetooth-Namespace" Descr="Windows Sockets Helper DLL" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="108032" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="41CCC4CD535579D27AEAB485B36CEB9E" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [TCP/IP]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [UDP/IP]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [RAW/IP]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\rsvpsp.dll" CheckResult="-1" SPIType="3" SPINaim="RSVP UDP Service Provider" Descr="Microsoft Windows Rsvp 1.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="92672" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="D6BE7BE7BD2EBF5879ABAE3569432A50" /> <ITEM File="C:\WINXP\system32\rsvpsp.dll" CheckResult="-1" SPIType="3" SPINaim="RSVP TCP Service Provider" Descr="Microsoft Windows Rsvp 1.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="92672" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="D6BE7BE7BD2EBF5879ABAE3569432A50" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD RfComm [Bluetooth]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{E2FCF49F-1439-4C8B-B5FE-EE9DA9FC5CA4}] SEQPACKET 6" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{E2FCF49F-1439-4C8B-B5FE-EE9DA9FC5CA4}] DATAGRAM 6" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E1B1051-5BED-46BD-A25C-2A7599B5A1E5}] SEQPACKET 5" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E1B1051-5BED-46BD-A25C-2A7599B5A1E5}] DATAGRAM 5" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{202D5F48-DBD7-48AC-BA5D-5C80016A8A4C}] SEQPACKET 4" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{202D5F48-DBD7-48AC-BA5D-5C80016A8A4C}] DATAGRAM 4" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{73A9D748-4301-4A7B-9EB2-CBF47268339E}] SEQPACKET 3" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{73A9D748-4301-4A7B-9EB2-CBF47268339E}] DATAGRAM 3" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{5908F0BE-A83B-4818-B135-CD4B96372FD7}] SEQPACKET 0" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{5908F0BE-A83B-4818-B135-CD4B96372FD7}] DATAGRAM 0" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{87D9CBC3-5D28-4CA7-8CA0-47B6766EBFB7}] SEQPACKET 1" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{87D9CBC3-5D28-4CA7-8CA0-47B6766EBFB7}] DATAGRAM 1" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{52DA7E9A-0C06-4239-AFE8-89C6CDB3DFD2}] SEQPACKET 2" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{52DA7E9A-0C06-4239-AFE8-89C6CDB3DFD2}] DATAGRAM 2" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7DA2EEC-4745-4BA4-8D88-B82C7DF40C6B}] SEQPACKET 7" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7DA2EEC-4745-4BA4-8D88-B82C7DF40C6B}] DATAGRAM 7" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{FA79EA53-80FA-4D0E-BB68-529A05189A69}] SEQPACKET 8" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{FA79EA53-80FA-4D0E-BB68-529A05189A69}] DATAGRAM 8" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> </SPI> - <DPF> <ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="CabBuilder" CodeBase="http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\Downloaded Program Files\MessengerStatsPAClient.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{C3F79A2B-B9B4-4A66-B012-3EE46475B072}" CodeBase="http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab" Descr="Zone.com Stats Client for MSN Messenger" LegalCopyright="Copyright © 1995-2004 Microsoft Corporation" Size="304544" Attr="rsAh" CreateDate="22.02.2007 22:41:12" ChageDate="22.02.2007 22:41:12" MD5="8945CCA5FC4F25168E8B6F401EFAF51F" /> </DPF> <CPL /> - <ActiveSetup> <ITEM File="C:\Programme\Bifrost\server.exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{9D71D88C-C598-4935-C5D1-43AA4DB90836}" Descr="" LegalCopyright="" /> </ActiveSetup> - <HOSTS> <ITEM Line="127.0.0.1 localhost" /> </HOSTS> - <SuspFiles> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" VirType="4" Descr="Kernel-mode hook" /> <ITEM File="spuw.sys" VirType="4" Descr="Kernel-mode hook" /> </SuspFiles> - <RK_KM> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtClose" FIndx="25" HookPtr="F26E36B8" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtCreateKey" FIndx="41" HookPtr="F26E3574" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtDeleteValueKey" FIndx="65" HookPtr="F26E3A52" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtDuplicateObject" FIndx="68" HookPtr="F26E314C" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="spuw.sys" FNaim="NtEnumerateKey" FIndx="71" HookPtr="F7385CA2" HookType="1" /> <ITEM File="spuw.sys" FNaim="NtEnumerateValueKey" FIndx="73" HookPtr="F7386030" HookType="1" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtOpenKey" FIndx="119" HookPtr="F26E364E" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtOpenProcess" FIndx="122" HookPtr="F26E308C" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtOpenThread" FIndx="128" HookPtr="F26E30F0" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="spuw.sys" FNaim="NtQueryKey" FIndx="160" HookPtr="F7386108" HookType="1" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtQueryValueKey" FIndx="177" HookPtr="F26E376E" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtRestoreKey" FIndx="204" HookPtr="F26E372E" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtSetValueKey" FIndx="247" HookPtr="F26E38AE" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> </RK_KM> - <RK_IRP> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="0" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="2" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="4" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="5" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="6" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="7" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="8" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="10" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="11" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="12" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="13" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="14" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="17" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="20" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="21" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="27" HookPtr="862691F8" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="0" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="2" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="4" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="5" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="6" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="7" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="8" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="10" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="11" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="12" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="13" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="14" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="17" HookPtr="85CB5500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="27" HookPtr="85CB5500" /> </RK_IRP> - <WIZARD-TSW> <ITEM ID="32" Level="3" Fixed="0" /> <ITEM ID="40" Level="3" Fixed="0" /> <ITEM ID="58" Level="3" Fixed="0" /> <ITEM ID="59" Level="3" Fixed="0" /> <ITEM ID="61" Level="2" Fixed="0" /> </WIZARD-TSW> </AVZ> |
15.11.2009, 17:28 | #7 |
| Fehlermeldung und die 2te von AVZ..... <?xml version="1.0" encoding="windows-1251" ?> - <!-- AVZ XML Report --> - <AVZ Version="4.32" LogDate="15.11.2009 16:30:30" WinDir="C:\WINXP\" ProfileDir="C:\Dokumente und Einstellungen\Administrator" IsWow64="False" CompHash="E742F440730CDF128C89B80AD1D0074D"> - <PROCESS> <ITEM PID="1388" File="c:\progra~1\alwils~1\avast4\ashdisp.exe" CheckResult="0" Descr="avast! service GUI component" LegalCopyright="Copyright (c) 2009 ALWIL Software" Hidden="0" CmdLine="@quot;C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe@quot;" Size="81000" Attr="rsAh" CreateDate="02.11.2009 20:32:53" ChageDate="15.09.2009 12:56:48" MD5="28E9092D50AE450662EEA4719E5AA304" /> <ITEM PID="2012" File="c:\programme\alwil software\avast4\ashserv.exe" CheckResult="0" Descr="avast! antivirus service" LegalCopyright="Copyright (c) 2009 ALWIL Software" Hidden="0" CmdLine="@quot;C:\Programme\Alwil Software\Avast4\ashServ.exe@quot;" Size="138680" Attr="rsAh" CreateDate="02.11.2009 20:32:53" ChageDate="15.09.2009 12:56:43" MD5="35751F0539366A08C966B2FC2D6A3A05" /> <ITEM PID="468" File="c:\programme\ccleaner\ccleaner.exe" CheckResult="0" Descr="CCleaner" LegalCopyright="Copyright 2005-2009 Piriform Ltd" Hidden="0" CmdLine="@quot;C:\Programme\CCleaner\ccleaner.exe@quot;" Size="1700664" Attr="rsAh" CreateDate="22.10.2009 19:32:50" ChageDate="22.10.2009 19:32:50" MD5="FDFB209C5A04B7784BB0BB4AF7F0B31C" /> <ITEM PID="2672" File="c:\programme\dvbt\detecttray.exe" CheckResult="-1" Descr="Detect Device Tray Application" LegalCopyright="Copyright (C) 2005" Hidden="0" CmdLine="@quot;C:\Programme\DVBT\DetectTray.exe@quot;" Size="143360" Attr="rsAh" CreateDate="05.04.2009 19:06:00" ChageDate="18.01.2007 12:18:44" MD5="7717192BC7A90CF1D5897C2A70B15C13" /> <ITEM PID="1920" File="c:\winxp\explorer.exe" CheckResult="0" Descr="Windows Explorer" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Hidden="0" CmdLine="C:\WINXP\Explorer.EXE" Size="1036800" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="418045A93CD87A352098AB7DABE1B53E" /> <ITEM PID="2584" File="c:\programme\icq6.5\icq.exe" CheckResult="0" Descr="ICQ" LegalCopyright="Copyright (c) 1998-2008 ICQ, LLC." Hidden="0" CmdLine="@quot;C:\Programme\ICQ6.5\ICQ.exe@quot;" Size="172792" Attr="rsAh" CreateDate="01.03.2009 11:58:54" ChageDate="01.03.2009 11:59:42" MD5="E4C751DE871A863271889B4177D52F66" /> <ITEM PID="3864" File="c:\programme\windows live\messenger\msnmsgr.exe" CheckResult="-1" Descr="Windows Live Messenger" LegalCopyright="© Microsoft Corporation. All rights reserved." Hidden="0" CmdLine="@quot;C:\Programme\Windows Live\Messenger\msnmsgr.exe@quot;" Size="3885408" Attr="rsAh" CreateDate="06.02.2009 17:51:28" ChageDate="06.02.2009 17:51:28" MD5="8694FCF50D283A9A405912B5DB6420D4" /> <ITEM PID="1300" File="c:\winxp\system32\rundll32.exe" CheckResult="0" Descr="Eine DLL-Datei als Anwendung ausfьhren" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Hidden="0" CmdLine="@quot;C:\WINXP\system32\RUNDLL32.EXE@quot; C:\WINXP\system32\NvMcTray.dll,NvTaskbarInit" Size="33792" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="F6B34CD47CAF6D68106B9F8055F35C50" /> <ITEM PID="1316" File="c:\winxp\system32\svchost.exe" CheckResult="0" Descr="Generic Host Process for Win32 Services" LegalCopyright="© Microsoft Corporation. All rights reserved." Hidden="0" CmdLine="C:\WINXP\System32\svchost.exe -k netsvcs" Size="14336" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="4FBC75B74479C7A6F829E0CA19DF3366" /> <ITEM PID="1860" File="c:\winxp\system32\tuprogst.exe" CheckResult="-1" Descr="TuneUp Program Statistics Service" LegalCopyright="© TuneUp Software" Hidden="0" CmdLine="C:\WINXP\System32\TUProgSt.exe" Size="604416" Attr="rsAh" CreateDate="05.04.2009 17:43:36" ChageDate="05.04.2009 17:43:36" MD5="6580ABC55F34B73D66F153EA55034361" /> <ITEM PID="1172" File="c:\winxp\vsnp2std.exe" CheckResult="-1" Descr="CameraMonitor Application" LegalCopyright="Copyright 2002-2005" Hidden="0" CmdLine="@quot;C:\WINXP\vsnp2std.exe@quot;" Size="344064" Attr="rsAh" CreateDate="07.04.2009 17:54:07" ChageDate="10.05.2007 15:58:42" MD5="C2C50A74B27150A0571C1EC0CBDACDC1" /> </PROCESS> - <DLL> <ITEM File="C:\Programme\Alwil Software\Avast4\German\Base.dll" CheckResult="-1" Descr="avast! German Basic Module" LegalCopyright="Copyright (c) 2009 ALWIL Software" UsedBy="1388,2012" Hidden="0" Size="65536" Attr="rsAh" CreateDate="02.11.2009 20:32:53" ChageDate="15.09.2009 12:45:53" MD5="68CF2E89BFB303567E78F9AC3482E5E9" /> <ITEM File="C:\Programme\Alwil Software\Avast4\German\Lang.dll" CheckResult="-1" Descr="avast! Main German Module" LegalCopyright="Copyright (c) 2009 ALWIL Software" UsedBy="1388" Hidden="0" Size="2555904" Attr="rsAh" CreateDate="02.11.2009 20:32:53" ChageDate="15.09.2009 12:45:52" MD5="C37A82CAB55CA0CC1DF3079EBDFBAFF3" /> <ITEM File="C:\Programme\CCleaner\lang\lang-1031.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="468" Hidden="0" Size="25088" Attr="rsAh" CreateDate="23.10.2009 00:37:06" ChageDate="23.10.2009 00:37:06" MD5="B260E3B20A90D83E03507E8BEE68D386" /> <ITEM File="C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="1920,3864" Hidden="0" Size="311296" Attr="rsAh" CreateDate="27.02.2009 15:41:26" ChageDate="27.02.2009 15:41:26" MD5="16C3C94F5B692424DE02F7A7FF79494A" /> <ITEM File="C:\WINXP\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80DEU.DLL" CheckResult="-1" Descr="MFC Language Specific Resources" LegalCopyright="© Microsoft Corporation. All rights reserved." UsedBy="1920,3864" Hidden="0" Size="65536" Attr="rsAh" CreateDate="11.07.2009 20:32:00" ChageDate="11.07.2009 20:32:00" MD5="4BD94B77F2057F62DF566A1825DF688D" /> <ITEM File="C:\WINXP\system32\NVRSDE.DLL" CheckResult="-1" Descr="NVIDIA German language resource library" LegalCopyright="(C) NVIDIA Corporation. All rights reserved." UsedBy="1920,1300" Hidden="0" Size="278528" Attr="rsAh" CreateDate="16.08.2006 08:35:00" ChageDate="27.03.2009 09:03:00" MD5="D56349E0532B11C7B52F2CE7CFD4BC69" /> <ITEM File="C:\Programme\Gemeinsame Dateien\Nero\Lib\MediaLibraryNSE.dll" CheckResult="-1" Descr="Nero File Dialog" LegalCopyright="Copyright (c) 1995-2007 Nero AG and its licensors" UsedBy="1920" Hidden="0" Size="1836328" Attr="rsAh" CreateDate="12.12.2008 07:30:18" ChageDate="12.12.2008 07:30:18" MD5="50F88E8740175CDE0B82BFE89654A008" /> <ITEM File="C:\Programme\DVBT\Filter\mlcom.ax" CheckResult="-1" Descr="Moonlight Audio Decoder" LegalCopyright="Copyright © 2001-2005 Moonlight Cordless Ltd. All rights reserved." UsedBy="2584" Hidden="0" Size="733184" Attr="rsAh" CreateDate="05.04.2009 19:06:09" ChageDate="11.03.2005 14:35:56" MD5="DC8E8996495F2FB15AC77616B227918C" /> <ITEM File="C:\Programme\DVBT\Filter\mpeg2dmx.ax" CheckResult="-1" Descr="Moonlight-Elecard MPEG 2 Demultiplexer" LegalCopyright="Copyright © 2001-2004 Moonlight Cordless Ltd. Copyright © 2000-2001 Elecard Ltd. All rights reserved." UsedBy="2584,3864" Hidden="0" Size="847872" Attr="rsAh" CreateDate="05.04.2009 19:06:10" ChageDate="30.12.2004 13:22:28" MD5="EEAF4EC75E8DA4D8A3C27735AE67F20A" /> <ITEM File="C:\WINXP\system32\RealMediaDX.ax" CheckResult="-1" Descr="RealMedia Splitter" LegalCopyright="Copyright (C) 2003-2005" UsedBy="2584,3864" Hidden="0" Size="161792" Attr="RSaH" CreateDate="15.11.2009 01:15:09" ChageDate="25.11.2005 20:46:34" MD5="48B32991B01FFA2535050D4457F4B6D3" /> <ITEM File="C:\WINXP\system32\MatroskaDX.ax" CheckResult="-1" Descr="Matroska Splitter" LegalCopyright="Copyright (C) 2003-2006 Gabest" UsedBy="2584" Hidden="0" Size="169472" Attr="RSaH" CreateDate="15.11.2009 01:15:09" ChageDate="10.03.2006 21:48:48" MD5="A5408051B49A1BFD3C3ED889A318CC42" /> <ITEM File="C:\WINXP\system32\flvDX.dll" CheckResult="-1" Descr="FLV Splitter" LegalCopyright="Copyright (C) 2005-2006 Gabest" UsedBy="2584" Hidden="0" Size="163328" Attr="RSaH" CreateDate="15.11.2009 01:15:09" ChageDate="03.05.2006 10:06:54" MD5="8453687A045C926F0291301EBAF50370" /> <ITEM File="C:\Programme\Gemeinsame Dateien\Nero\DSFilter\NeFLVSplitter.ax" CheckResult="-1" Descr="Nero FLV Splitter Filter" LegalCopyright="Copyright 2007 Nero AG and its licensors" UsedBy="2584" Hidden="0" Size="148776" Attr="rsAh" CreateDate="11.12.2008 15:53:04" ChageDate="11.12.2008 15:53:04" MD5="A65F31709BE93F144A5AA570F1D72DD1" /> <ITEM File="C:\WINXP\system32\DiracSplitter.ax" CheckResult="-1" Descr="Dirac Splitter" LegalCopyright="Copyright (C) 2003-2004 Gabest" UsedBy="2584" Hidden="0" Size="179200" Attr="RSaH" CreateDate="15.11.2009 01:15:09" ChageDate="17.01.2005 23:26:36" MD5="62C08C8FE06EBA769E1E7BC98AE47234" /> <ITEM File="C:\Programme\ICQ6.5\sipxtapi.dll" CheckResult="-1" Descr="SIP User-Agent API" LegalCopyright="Copyright (C) 2005-2007 Pingtel Corp." UsedBy="2584" Hidden="0" Size="2916352" Attr="rsAh" CreateDate="01.03.2009 11:58:55" ChageDate="01.03.2009 11:28:22" MD5="3A992C1ED4928C3A3E1E04CC4F063E7C" /> <ITEM File="C:\Programme\ICQ6.5\pb_videoconf.dll" CheckResult="-1" Descr="Video Mixing Renderer Library" LegalCopyright="Copyright (c) 2005-2007 AOL LLC." UsedBy="2584" Hidden="0" Size="307200" Attr="rsAh" CreateDate="01.03.2009 11:58:55" ChageDate="01.03.2009 11:28:22" MD5="58FFA9CE0CC377946E5DC4DBCC607E03" /> <ITEM File="C:\WINXP\system32\vsnp2std.dll" CheckResult="-1" Descr="camext20" LegalCopyright="Copyright 2005" UsedBy="2584" Hidden="0" Size="73728" Attr="rsAh" CreateDate="07.04.2009 17:54:02" ChageDate="31.05.2007 09:28:56" MD5="A1BD8D45A310A5679BB168160FCE7FE9" /> <ITEM File="C:\Programme\Windows Live\Messenger\MSIMG32.dll" CheckResult="-1" Descr="Loader for Messenger Plus! Live" LegalCopyright="Copyright (C) 2001-2009 Yuna Software" UsedBy="3864" Hidden="0" Size="59800" Attr="rsAh" CreateDate="01.07.2009 20:37:38" ChageDate="21.10.2009 22:34:24" MD5="CAAA913193EA83F60C42CE25A3181F35" /> <ITEM File="C:\Programme\Messenger Plus! Live\MsgPlusLive.dll" CheckResult="-1" Descr="Messenger Plus! Live Add-On" LegalCopyright="Copyright (C) 2001-2009 Yuna Software" UsedBy="3864" Hidden="0" Size="3624344" Attr="rsAh" CreateDate="05.04.2009 22:22:15" ChageDate="21.10.2009 22:34:22" MD5="0ED65D84CEA118EAECF8E8FB7803C40D" /> <ITEM File="C:\Programme\Messenger Plus! Live\Detoured.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="3864" Hidden="0" Size="4096" Attr="rsAh" CreateDate="05.04.2009 22:22:14" ChageDate="24.08.2006 14:17:52" MD5="6256684495C499B22DCDBA266E4F2494" /> <ITEM File="C:\Programme\Windows Live\Messenger\msgslang.14.0.8064.0206.dll" CheckResult="-1" Descr="Windows Live Messenger Language Specific Resources" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." UsedBy="3864" Hidden="0" Size="379744" Attr="rsAh" CreateDate="06.02.2009 17:51:10" ChageDate="06.02.2009 17:51:10" MD5="21B48AB1B84FA1E92A3A6E07B2DA9701" /> <ITEM File="C:\Programme\Messenger Plus! Live\MsgPlusLiveRes.dll" CheckResult="-1" Descr="Messenger Plus! Live Resources" LegalCopyright="Copyright (C) 2001-2009 Yuna Software" UsedBy="3864" Hidden="0" Size="1867160" Attr="rsAh" CreateDate="05.04.2009 22:22:15" ChageDate="21.10.2009 22:34:23" MD5="8580372AEF2F41C45F3C0293A4EEDD31" /> <ITEM File="C:\Programme\Messenger Plus! Live\libsndfile.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="3864" Hidden="0" Size="370688" Attr="rsAh" CreateDate="05.04.2009 22:22:14" ChageDate="22.11.2007 02:24:25" MD5="00742B11F1492D15A0A8FF25E36AB9BE" /> <ITEM File="C:\Programme\Messenger Plus! Live\lame_enc.dll" CheckResult="-1" Descr="" LegalCopyright="" UsedBy="3864" Hidden="0" Size="390656" Attr="rsAh" CreateDate="05.04.2009 22:22:14" ChageDate="21.11.2007 23:50:07" MD5="75430D2F8B2E204814247D62D9445CE4" /> <ITEM File="c:\winxp\system32\uxtuneup.dll" CheckResult="-1" Descr="TuneUp Theme Extension" LegalCopyright="© TuneUp Software" UsedBy="1316" Hidden="0" Size="28416" Attr="rsAh" CreateDate="06.11.2009 14:39:18" ChageDate="20.03.2009 15:01:04" MD5="2BB1DCD293E1A3771EA2C57B359DE15A" /> </DLL> - <KERNELOBJ> <ITEM File="C:\WINXP\System32\Drivers\dump_atapi.sys" CheckResult="-1" Base="F25A4000" MemSize="018000" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\System32\Drivers\dump_WMILIB.SYS" CheckResult="-1" Base="F79C5000" MemSize="002000" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\system32\DRIVERS\EAPPkt.sys" CheckResult="-1" Base="BA780000" MemSize="00A000" Descr="NDIS User mode I/O Driver" LegalCopyright="Copyright (C) Microsoft Corp. 1981-1999" Size="38144" Attr="RsAh" CreateDate="31.07.2009 11:47:24" ChageDate="15.11.2006 15:23:06" MD5="D82414EC520453EFE2EBA936F6A9115A" /> <ITEM File="C:\WINXP\system32\DRIVERS\EC168BDA.sys" CheckResult="-1" Base="99230000" MemSize="016000" Descr="e3C DTV Driver" LegalCopyright="e3C, Inc. All rights reserved." Size="87296" Attr="rsAh" CreateDate="11.09.2007 14:20:00" ChageDate="11.09.2007 14:20:00" MD5="53660D1A4068109C9C1FB97CE83BEE35" /> <ITEM File="C:\WINXP\system32\DRIVERS\PA707UCM.SYS" CheckResult="-1" Base="B1265000" MemSize="026000" Descr="PA707UCM" LegalCopyright="Copyright c 2004" Size="154752" Attr="rsAh" CreateDate="18.10.2005 10:48:38" ChageDate="18.10.2005 10:48:38" MD5="2085D5168FC0C56BB13304D180D244B6" /> <ITEM File="C:\WINXP\system32\Drivers\sfdrv01.sys" CheckResult="-1" Base="F716E000" MemSize="011000" Descr="StarForce Protection Environment Driver" LegalCopyright="(c) Protection Technology, 2000-2005" Size="48640" Attr="rsAh" CreateDate="16.05.2005 14:15:58" ChageDate="16.05.2005 14:15:58" MD5="321231D53D409FBB9F6FFABDECFDE2F6" /> <ITEM File="C:\WINXP\system32\Drivers\sfvfs02.sys" CheckResult="-1" Base="F717F000" MemSize="014000" Descr="StarForce Protection VFS Driver" LegalCopyright="(c) Protection Technology, 2000-2005" Size="66560" Attr="rsAh" CreateDate="16.05.2005 14:26:49" ChageDate="16.05.2005 14:26:49" MD5="7ABB79EA70D156F966C94F10A5DC340E" /> <ITEM File="C:\WINXP\system32\DRIVERS\SNCAMD.SYS" CheckResult="-1" Base="F77B7000" MemSize="007000" Descr="USB2.0 PC Camera driver" LegalCopyright="" Size="25472" Attr="rsAh" CreateDate="07.04.2009 17:54:06" ChageDate="25.01.2007 17:48:34" MD5="9F66C4BD06334BB772317C438644EF74" /> <ITEM File="C:\WINXP\system32\DRIVERS\snp2sxp.sys" CheckResult="-1" Base="B06C7000" MemSize="B9E000" Descr="USB2.0 PC Camera driver" LegalCopyright="Copyright 2004" Size="12178688" Attr="rsAh" CreateDate="07.04.2009 17:54:06" ChageDate="11.06.2007 08:58:42" MD5="4B4AACF4C799ED6CAA17BCFA25DAA3D7" /> <ITEM File="spqy.sys" CheckResult="-1" Base="F7366000" MemSize="100000" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\system32\TUKERNEL.EXE" CheckResult="-1" Base="804D7000" MemSize="239280" Descr="NT-Kernel und -System" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="2331264" Attr="rsAh" CreateDate="05.04.2009 17:53:27" ChageDate="05.04.2009 17:53:27" MD5="2BF31F9CFD7DA29E75FBFC2D387F8AE7" /> </KERNELOBJ> - <Service> <ITEM File="C:\WINXP\System32\TUProgSt.exe" Name="TuneUp.ProgramStatisticsSvc" CheckResult="-1" Type="16" State="4" Size="604416" Attr="rsAh" CreateDate="05.04.2009 17:43:36" ChageDate="05.04.2009 17:43:36" MD5="6580ABC55F34B73D66F153EA55034361" /> <ITEM File="C:\Programme\MAGIX\Common\Database\bin\fbserver.exe" Name="FirebirdServerMAGIXInstance" CheckResult="-1" Type="272" State="1" Size="1527900" Attr="rsAh" CreateDate="28.04.2009 03:18:35" ChageDate="17.11.2005 13:18:52" MD5="167D24A045499EBEF438F231976158DF" /> </Service> - <Drivers> <ITEM File="C:\WINXP\system32\DRIVERS\EAPPkt.sys" Name="EAPPkt" CheckResult="-1" Type="1" State="4" Size="38144" Attr="RsAh" CreateDate="31.07.2009 11:47:24" ChageDate="15.11.2006 15:23:06" MD5="D82414EC520453EFE2EBA936F6A9115A" /> <ITEM File="C:\WINXP\system32\DRIVERS\EC168BDA.sys" Name="EC168BDA" CheckResult="-1" Type="1" State="4" Size="87296" Attr="rsAh" CreateDate="11.09.2007 14:20:00" ChageDate="11.09.2007 14:20:00" MD5="53660D1A4068109C9C1FB97CE83BEE35" /> <ITEM File="C:\WINXP\system32\DRIVERS\PA707UCM.SYS" Name="PAC7311" CheckResult="-1" Type="1" State="4" Size="154752" Attr="rsAh" CreateDate="18.10.2005 10:48:38" ChageDate="18.10.2005 10:48:38" MD5="2085D5168FC0C56BB13304D180D244B6" /> <ITEM File="C:\WINXP\System32\drivers\sfdrv01.sys" Name="sfdrv01" CheckResult="-1" Type="1" State="4" Size="48640" Attr="rsAh" CreateDate="16.05.2005 14:15:58" ChageDate="16.05.2005 14:15:58" MD5="321231D53D409FBB9F6FFABDECFDE2F6" /> <ITEM File="C:\WINXP\System32\drivers\sfvfs02.sys" Name="sfvfs02" CheckResult="-1" Type="1" State="4" Size="66560" Attr="rsAh" CreateDate="16.05.2005 14:26:49" ChageDate="16.05.2005 14:26:49" MD5="7ABB79EA70D156F966C94F10A5DC340E" /> <ITEM File="C:\WINXP\system32\DRIVERS\snp2sxp.sys" Name="SNP2STD" CheckResult="-1" Type="1" State="4" Size="12178688" Attr="rsAh" CreateDate="07.04.2009 17:54:06" ChageDate="11.06.2007 08:58:42" MD5="4B4AACF4C799ED6CAA17BCFA25DAA3D7" /> <ITEM File="C:\WINXP\System32\Drivers\sptd.sys" Name="sptd" CheckResult="-1" Type="1" State="4" Size="717296" Attr="rsAh" CreateDate="05.04.2009 17:21:06" ChageDate="05.04.2009 17:21:06" MD5="" /> <ITEM File="Abiosdsk.sys" Name="Abiosdsk" CheckResult="-1" Type="1" State="1" /> <ITEM File="abp480n5.sys" Name="abp480n5" CheckResult="-1" Type="1" State="1" /> <ITEM File="adpu160m.sys" Name="adpu160m" CheckResult="-1" Type="1" State="1" /> <ITEM File="Aha154x.sys" Name="Aha154x" CheckResult="-1" Type="1" State="1" /> <ITEM File="aic78u2.sys" Name="aic78u2" CheckResult="-1" Type="1" State="1" /> <ITEM File="aic78xx.sys" Name="aic78xx" CheckResult="-1" Type="1" State="1" /> <ITEM File="AliIde.sys" Name="AliIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="amsint.sys" Name="amsint" CheckResult="-1" Type="1" State="1" /> <ITEM File="asc.sys" Name="asc" CheckResult="-1" Type="1" State="1" /> <ITEM File="asc3350p.sys" Name="asc3350p" CheckResult="-1" Type="1" State="1" /> <ITEM File="asc3550.sys" Name="asc3550" CheckResult="-1" Type="1" State="1" /> <ITEM File="Atdisk.sys" Name="Atdisk" CheckResult="-1" Type="1" State="1" /> <ITEM File="cd20xrnt.sys" Name="cd20xrnt" CheckResult="-1" Type="1" State="1" /> <ITEM File="Changer.sys" Name="Changer" CheckResult="-1" Type="1" State="1" /> <ITEM File="CmdIde.sys" Name="CmdIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="Cpqarray.sys" Name="Cpqarray" CheckResult="-1" Type="1" State="1" /> <ITEM File="dac960nt.sys" Name="dac960nt" CheckResult="-1" Type="1" State="1" /> <ITEM File="dpti2o.sys" Name="dpti2o" CheckResult="-1" Type="1" State="1" /> <ITEM File="hpn.sys" Name="hpn" CheckResult="-1" Type="1" State="1" /> <ITEM File="i2omgmt.sys" Name="i2omgmt" CheckResult="-1" Type="1" State="1" /> <ITEM File="i2omp.sys" Name="i2omp" CheckResult="-1" Type="1" State="1" /> <ITEM File="ini910u.sys" Name="ini910u" CheckResult="-1" Type="1" State="1" /> <ITEM File="IntelIde.sys" Name="IntelIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="lbrtfdc.sys" Name="lbrtfdc" CheckResult="-1" Type="1" State="1" /> <ITEM File="mraid35x.sys" Name="mraid35x" CheckResult="-1" Type="1" State="1" /> <ITEM File="PCIDump.sys" Name="PCIDump" CheckResult="-1" Type="1" State="1" /> <ITEM File="PDCOMP.sys" Name="PDCOMP" CheckResult="-1" Type="1" State="1" /> <ITEM File="PDFRAME.sys" Name="PDFRAME" CheckResult="-1" Type="1" State="1" /> <ITEM File="PDRELI.sys" Name="PDRELI" CheckResult="-1" Type="1" State="1" /> <ITEM File="PDRFRAME.sys" Name="PDRFRAME" CheckResult="-1" Type="1" State="1" /> <ITEM File="perc2.sys" Name="perc2" CheckResult="-1" Type="1" State="1" /> <ITEM File="perc2hib.sys" Name="perc2hib" CheckResult="-1" Type="1" State="1" /> <ITEM File="ql1080.sys" Name="ql1080" CheckResult="-1" Type="1" State="1" /> <ITEM File="Ql10wnt.sys" Name="Ql10wnt" CheckResult="-1" Type="1" State="1" /> <ITEM File="ql12160.sys" Name="ql12160" CheckResult="-1" Type="1" State="1" /> <ITEM File="ql1240.sys" Name="ql1240" CheckResult="-1" Type="1" State="1" /> <ITEM File="ql1280.sys" Name="ql1280" CheckResult="-1" Type="1" State="1" /> <ITEM File="Simbad.sys" Name="Simbad" CheckResult="-1" Type="1" State="1" /> <ITEM File="Sparrow.sys" Name="Sparrow" CheckResult="-1" Type="1" State="1" /> <ITEM File="sym_hi.sys" Name="sym_hi" CheckResult="-1" Type="1" State="1" /> <ITEM File="sym_u3.sys" Name="sym_u3" CheckResult="-1" Type="1" State="1" /> <ITEM File="symc810.sys" Name="symc810" CheckResult="-1" Type="1" State="1" /> <ITEM File="symc8xx.sys" Name="symc8xx" CheckResult="-1" Type="1" State="1" /> <ITEM File="C:\WINXP\system32\drivers\SynasUSB.sys" Name="SynasUSB" CheckResult="-1" Type="1" State="1" Size="18432" Attr="rsAh" CreateDate="08.07.2009 17:05:06" ChageDate="23.11.2006 16:20:06" MD5="418BD80A7FEFAA3FCBD3DCFC021CB294" /> <ITEM File="TosIde.sys" Name="TosIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="ultra.sys" Name="ultra" CheckResult="-1" Type="1" State="1" /> <ITEM File="ViaIde.sys" Name="ViaIde" CheckResult="-1" Type="1" State="1" /> <ITEM File="WDICA.sys" Name="WDICA" CheckResult="-1" Type="1" State="1" /> |
15.11.2009, 17:29 | #8 |
| Fehlermeldung </Drivers> - <AUTORUN> <ITEM File="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf" CheckResult="-1" Enabled="1" Type="FILE" Size="113" Attr="rsAh" CreateDate="05.04.2009 19:02:57" ChageDate="05.04.2009 17:55:02" MD5="215C1129A537317206DA98284CC7FDE3" X1="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\" X2="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf" X3="" /> <ITEM File="C:\Programme\Electronic Arts\EADM\Core.exe" CheckResult="-1" Enabled="0" Type="REG" Size="3338240" Attr="rsAh" CreateDate="29.04.2009 18:55:24" ChageDate="29.04.2009 18:55:24" MD5="03DB79BDEFC469351271562D59E53A74" X1="HKEY_CURRENT_USER" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="EA Core" /> <ITEM File="C:\Programme\SQ\USB 2.0 Camera\SnapTrap.exe" CheckResult="-1" Enabled="0" Type="REG" Size="155648" Attr="rsAh" CreateDate="10.04.2009 17:46:26" ChageDate="05.11.2004 08:59:24" MD5="B8F666165A090CD412AFBF92FF4153A8" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="STICAP" /> <ITEM File="C:\Programme\Windows Live\Messenger\msnmsgr.exe" CheckResult="-1" Enabled="1" Type="REG" Size="3885408" Attr="rsAh" CreateDate="06.02.2009 17:51:28" ChageDate="06.02.2009 17:51:28" MD5="8694FCF50D283A9A405912B5DB6420D4" X1="HKEY_CURRENT_USER" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="msnmsgr" /> <ITEM File="C:\Programme\Windows Live\Messenger\msnmsgr.exe" CheckResult="-1" Enabled="0" Type="REG" Size="3885408" Attr="rsAh" CreateDate="06.02.2009 17:51:28" ChageDate="06.02.2009 17:51:28" MD5="8694FCF50D283A9A405912B5DB6420D4" X1="HKEY_CURRENT_USER" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="msnmsgr" /> <ITEM File="C:\Programme\\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" CheckResult="-1" Enabled="0" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="MobileConnect" /> <ITEM File="C:\WINXP\FixCamera.exe" CheckResult="-1" Enabled="0" Type="REG" Size="20480" Attr="rsAh" CreateDate="07.04.2009 17:40:16" ChageDate="12.02.2007 13:50:40" MD5="10DD727E26ACB6D0917609B55D2D625D" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run-" X3="FixCamera" /> <ITEM File="C:\WINXP\System32\PrintFilterPipelineSvc.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\PrintFilterPipelineSvc" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\TUProgSt.exe" CheckResult="-1" Enabled="1" Type="REG" Size="604416" Attr="rsAh" CreateDate="05.04.2009 17:43:36" ChageDate="05.04.2009 17:43:36" MD5="6580ABC55F34B73D66F153EA55034361" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\TuneUp\TuneUp Program Statistics" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\hidserv.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\HidServ\Parameters" X3="ServiceDll" /> <ITEM File="C:\WINXP\System32\igmpv2.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IGMPv2" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\ipbootp.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IPBOOTP" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\iprip2.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\IPRIP2" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\ospf.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPF" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\ospfmib.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\OSPFMib" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\polagent.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\PolicyAgent" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\tssdis.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\TermServSessDir" X3="EventMessageFile" /> <ITEM File="C:\WINXP\System32\uxtuneup.dll" CheckResult="-1" Enabled="1" Type="REG" Size="28416" Attr="rsAh" CreateDate="06.11.2009 14:39:18" ChageDate="20.03.2009 15:01:04" MD5="2BB1DCD293E1A3771EA2C57B359DE15A" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\UxTuneUp\Parameters" X3="ServiceDll" /> <ITEM File="C:\WINXP\system32\AegisE5.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\AegisP" X3="EventMessageFile" /> <ITEM File="C:\WINXP\system32\MsSip1.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 1" X3="$DLL" /> <ITEM File="C:\WINXP\system32\MsSip2.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 2" X3="$DLL" /> <ITEM File="C:\WINXP\system32\MsSip3.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\WinTrust\SubjectPackages\MS Subjects 3" X3="$DLL" /> <ITEM File="C:\WINXP\system32\psxss.exe" CheckResult="-1" Enabled="-1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="System\CurrentControlSet\Control\Session Manager\SubSystems" X3="Posix" /> <ITEM File="C:\WINXP\system32\stisvc.exe" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System" X3="EventMessageFile" /> <ITEM File="C:\WINXP\system32\yv12vfw.dll" CheckResult="-1" Enabled="1" Type="REG" Size="70656" Attr="rsAh" CreateDate="15.11.2009 01:15:20" ChageDate="25.01.2004" MD5="7029A7634C8DFA8EE619E79B1B9A378F" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\Drivers32" X3="vidc.yv12" /> <ITEM File="C:\WINXP\tsnp2std.exe" CheckResult="-1" Enabled="1" Type="REG" Size="270336" Attr="rsAh" CreateDate="07.04.2009 17:54:07" ChageDate="10.05.2007 16:05:22" MD5="93E13B119D9BA636FBAF1DEE43ABDBE8" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="tsnp2std" /> <ITEM File="C:\WINXP\vsnp2std.exe" CheckResult="-1" Enabled="1" Type="REG" Size="344064" Attr="rsAh" CreateDate="07.04.2009 17:54:07" ChageDate="10.05.2007 15:58:42" MD5="C2C50A74B27150A0571C1EC0CBDACDC1" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows\CurrentVersion\Run" X3="snp2std" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v2.0.50727\de\aspnet_rc.dll" CheckResult="-1" Enabled="1" Type="REG" Size="94208" Attr="rsAh" CreateDate="26.07.2008 00:55:12" ChageDate="26.07.2008 00:55:12" MD5="4F4D85471C68DD8B566CA561B573BD65" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\ASP.NET 2.0.50727.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft.Transactions.Bridge 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\ServiceModel Audit 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.IdentityModel 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.IO.Log 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.Runtime.Serialization 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\System.ServiceModel 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui" CheckResult="-1" Enabled="1" Type="REG" Size="29696" Attr="rsAh" CreateDate="31.07.2008 01:19:54" ChageDate="31.07.2008 01:19:54" MD5="1D8712889531F46A93E9F2FC2DFC6048" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\System\SMSvcHost 3.0.0.0" X3="EventMessageFile" /> <ITEM File="c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll.mui;c:\WINXP\system32\icardres.dll.mui" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\Eventlog\Application\CardSpace 3.0.0.0" X3="EventMessageFile" /> <ITEM File="kbd101.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\i8042prt\Parameters" X3="LayerDriver JPN" /> <ITEM File="kbd101a.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="SYSTEM\CurrentControlSet\Services\i8042prt\Parameters" X3="LayerDriver KOR" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2=".DEFAULT\Control Panel\IOProcs" X3="MVB" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-19\Control Panel\IOProcs" X3="MVB" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-20\Control Panel\IOProcs" X3="MVB" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_USERS" X2="S-1-5-18\Control Panel\IOProcs" X3="MVB" /> <ITEM File="mvfs32.dll" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_CURRENT_USER" X2="Control Panel\IOProcs" X3="MVB" /> <ITEM File="vgafix.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="fixedfon.fon" /> <ITEM File="vgaoem.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="oemfonts.fon" /> <ITEM File="vgasys.fon" CheckResult="-1" Enabled="1" Type="REG" X1="HKEY_LOCAL_MACHINE" X2="Software\Microsoft\Windows NT\CurrentVersion\WOW\boot" X3="fonts |
15.11.2009, 17:30 | #9 |
| Fehlermeldung </AUTORUN> - <BHO> <ITEM File="" CheckResult="-1" Enabled="1" BHOType="1" RegKey="HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" CLSID="{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" Descr="" LegalCopyright="" /> </BHO> - <ExplorerExt> <ITEM File="deskpan.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="CPL-Erweiterung fьr Anzeigeverschiebung" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{42071714-76d4-11d1-8b24-00a0c9068ff3}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Shellerweiterungen fьr die Dateikomprimierung" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{764BF0E1-F219-11ce-972D-00AA00A14F56}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Kontextmenь fьr die Verschlьsselung" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Taskleiste und Startmenь" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{0DF44EAA-FF21-4412-828E-260A8728E7F1}" Descr="" LegalCopyright="" /> <ITEM File="rundll32.exe C:\WINXP\system32\shimgvw.dll,ImageView_COMServer {00E7B358-F65B-4dcf-83DF-CD026B94BFD4}" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Autoplay for SlideShow" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Benutzerkonten" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{7A9D77BD-5403-11d2-8785-2E0420524153}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="Shell Extension for Malware scanning" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{45AC2688-0253-4ED8-97DE-B5370FA7D48A}" Descr="" LegalCopyright="" /> <ITEM File="" CheckResult="-1" Enabled="1" ExtType="1" ExtName="CMenuExtender" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{ABC70703-32AF-11d4-90C4-D483A70F4825}" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\System32\uxtuneup.dll" CheckResult="-1" Enabled="1" ExtType="1" ExtName="TuneUp Theme Extension" RegKey="SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" CLSID="{44440D00-FF19-4AFC-B765-9A0970567D97}" Descr="TuneUp Theme Extension" LegalCopyright="© TuneUp Software" Size="28416" Attr="rsAh" CreateDate="06.11.2009 14:39:18" ChageDate="20.03.2009 15:01:04" MD5="2BB1DCD293E1A3771EA2C57B359DE15A" /> </ExplorerExt> <PrintEXT /> - <TaskScheduler> <ITEM File="C:\Programme\TuneUp Utilities 2009\OneClickStarter.exe" CheckResult="-1" Enabled="46495936" Descr="TuneUp 1-Klick-Starter" LegalCopyright="Copyright © 2003-2008 TuneUp Software GmbH" Size="130816" Attr="rsAh" CreateDate="20.03.2009 15:17:38" ChageDate="20.03.2009 15:17:38" MD5="546F5C80AEEA8EC6160B3752B354D747" /> </TaskScheduler> - <SPI> <ITEM File="C:\WINXP\System32\mswsock.dll" CheckResult="-1" SPIType="1" SPINaim="TCP/IP" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\System32\winrnr.dll" CheckResult="-1" SPIType="1" SPINaim="NTDS" Descr="LDAP RnR Provider DLL" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="16896" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="4934FF44C8B6AE7B4CA0118B3D2CF666" /> <ITEM File="C:\WINXP\System32\mswsock.dll" CheckResult="-1" SPIType="1" SPINaim="NLA-Namespace" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\wshbth.dll" CheckResult="-1" SPIType="1" SPINaim="Bluetooth-Namespace" Descr="Windows Sockets Helper DLL" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="108032" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="41CCC4CD535579D27AEAB485B36CEB9E" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [TCP/IP]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [UDP/IP]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD Tcpip [RAW/IP]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\rsvpsp.dll" CheckResult="-1" SPIType="3" SPINaim="RSVP UDP Service Provider" Descr="Microsoft Windows Rsvp 1.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="92672" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="D6BE7BE7BD2EBF5879ABAE3569432A50" /> <ITEM File="C:\WINXP\system32\rsvpsp.dll" CheckResult="-1" SPIType="3" SPINaim="RSVP TCP Service Provider" Descr="Microsoft Windows Rsvp 1.0 Service Provider" LegalCopyright="© Microsoft Corporation. All rights reserved." Size="92672" Attr="rsAh" CreateDate="14.04.2008 10:00:00" ChageDate="14.04.2008 10:00:00" MD5="D6BE7BE7BD2EBF5879ABAE3569432A50" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD RfComm [Bluetooth]" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{E2FCF49F-1439-4C8B-B5FE-EE9DA9FC5CA4}] SEQPACKET 6" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{E2FCF49F-1439-4C8B-B5FE-EE9DA9FC5CA4}] DATAGRAM 6" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E1B1051-5BED-46BD-A25C-2A7599B5A1E5}] SEQPACKET 5" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E1B1051-5BED-46BD-A25C-2A7599B5A1E5}] DATAGRAM 5" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{202D5F48-DBD7-48AC-BA5D-5C80016A8A4C}] SEQPACKET 4" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{202D5F48-DBD7-48AC-BA5D-5C80016A8A4C}] DATAGRAM 4" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{73A9D748-4301-4A7B-9EB2-CBF47268339E}] SEQPACKET 3" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{73A9D748-4301-4A7B-9EB2-CBF47268339E}] DATAGRAM 3" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{5908F0BE-A83B-4818-B135-CD4B96372FD7}] SEQPACKET 0" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{5908F0BE-A83B-4818-B135-CD4B96372FD7}] DATAGRAM 0" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{87D9CBC3-5D28-4CA7-8CA0-47B6766EBFB7}] SEQPACKET 1" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{87D9CBC3-5D28-4CA7-8CA0-47B6766EBFB7}] DATAGRAM 1" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{52DA7E9A-0C06-4239-AFE8-89C6CDB3DFD2}] SEQPACKET 2" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{52DA7E9A-0C06-4239-AFE8-89C6CDB3DFD2}] DATAGRAM 2" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7DA2EEC-4745-4BA4-8D88-B82C7DF40C6B}] SEQPACKET 7" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{C7DA2EEC-4745-4BA4-8D88-B82C7DF40C6B}] DATAGRAM 7" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{FA79EA53-80FA-4D0E-BB68-529A05189A69}] SEQPACKET 8" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> <ITEM File="C:\WINXP\system32\mswsock.dll" CheckResult="-1" SPIType="3" SPINaim="MSAFD NetBIOS [\Device\NetBT_Tcpip_{FA79EA53-80FA-4D0E-BB68-529A05189A69}] DATAGRAM 8" Descr="Microsoft Windows Sockets 2.0-Dienstanbieter" LegalCopyright="© Microsoft Corporation. Alle Rechte vorbehalten." Size="247296" Attr="rsAh" CreateDate="13.01.2009 19:34:30" ChageDate="13.01.2009 19:34:30" MD5="4AA50627B01C0E9C6B4C6BD3AF648F12" /> </SPI> - <DPF> <ITEM File="" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="CabBuilder" CodeBase="http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab" Descr="" LegalCopyright="" /> <ITEM File="C:\WINXP\Downloaded Program Files\MessengerStatsPAClient.dll" CheckResult="-1" Enabled="1" RegKey="SOFTWARE\Microsoft\Code Store Database\Distribution Units" CLSID="{C3F79A2B-B9B4-4A66-B012-3EE46475B072}" CodeBase="http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab" Descr="Zone.com Stats Client for MSN Messenger" LegalCopyright="Copyright © 1995-2004 Microsoft Corporation" Size="304544" Attr="rsAh" CreateDate="22.02.2007 22:41:12" ChageDate="22.02.2007 22:41:12" MD5="8945CCA5FC4F25168E8B6F401EFAF51F" /> </DPF> <CPL /> - <ActiveSetup> <ITEM File="C:\Programme\Bifrost\server.exe" CheckResult="-1" Enabled="1" RegKey="Software\Microsoft\Active Setup\Installed Components" CLSID="{9D71D88C-C598-4935-C5D1-43AA4DB90836}" Descr="" LegalCopyright="" /> </ActiveSetup> - <HOSTS> <ITEM Line="127.0.0.1 localhost" /> </HOSTS> - <SuspFiles> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" VirType="4" Descr="Kernel-mode hook" /> <ITEM File="spqy.sys" VirType="4" Descr="Kernel-mode hook" /> </SuspFiles> - <RK_KM> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtClose" FIndx="25" HookPtr="F31A06B8" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtCreateKey" FIndx="41" HookPtr="F31A0574" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtDeleteValueKey" FIndx="65" HookPtr="F31A0A52" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtDuplicateObject" FIndx="68" HookPtr="F31A014C" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="spqy.sys" FNaim="NtEnumerateKey" FIndx="71" HookPtr="F7385CA2" HookType="1" /> <ITEM File="spqy.sys" FNaim="NtEnumerateValueKey" FIndx="73" HookPtr="F7386030" HookType="1" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtOpenKey" FIndx="119" HookPtr="F31A064E" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtOpenProcess" FIndx="122" HookPtr="F31A008C" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtOpenThread" FIndx="128" HookPtr="F31A00F0" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="spqy.sys" FNaim="NtQueryKey" FIndx="160" HookPtr="F7386108" HookType="1" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtQueryValueKey" FIndx="177" HookPtr="F31A076E" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtRestoreKey" FIndx="204" HookPtr="F31A072E" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> <ITEM File="C:\WINXP\System32\Drivers\aswSP.SYS" FNaim="NtSetValueKey" FIndx="247" HookPtr="F31A08AE" HookType="1" CheckResult="0" Size="114768" Attr="rsAh" CreateDate="02.11.2009 20:33:10" ChageDate="15.09.2009 12:55:30" MD5="2E5A2AD5004B55DF39B7606130A88142" /> </RK_KM> - <RK_IRP> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="0" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="2" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="4" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="5" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="6" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="7" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="8" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="10" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="11" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="12" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="13" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="14" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="17" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="20" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="21" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\ntfs" IRP="27" HookPtr="85E691F8" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="0" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="2" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="4" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="5" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="6" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="7" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="8" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="10" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="11" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="12" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="13" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="14" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="17" HookPtr="84355500" /> <ITEM File="" DeviceName="\FileSystem\FastFat" IRP="27" HookPtr="84355500" /> </RK_IRP> - <WIZARD-TSW> <ITEM ID="32" Level="3" Fixed="0" /> <ITEM ID="40" Level="3" Fixed="0" /> <ITEM ID="58" Level="3" Fixed="0" /> <ITEM ID="59" Level="3" Fixed="0" /> <ITEM ID="61" Level="2" Fixed="0" /> </WIZARD-TSW> </AVZ> |
15.11.2009, 17:32 | #10 |
| Fehlermeldung ich hoffe das is ok so.... hab da kein peil von... n fetten RESPEKT an die Leute die sich damit auskennen und da n überblick haben!!!! DANKE schonmal im vorraus!!!!! |
15.11.2009, 18:15 | #11 |
/// AVZ-Toolkit Guru | Fehlermeldung Oh nein. So steigt da ja kein Mensch durch... ^^ Guck bitte nochmal in die Anleitung. Dort steht beschrieben wie du ein Archiv mit beiden logs erstellst und auch wie du dieses an deinen nächsten Post anhängen kannst.
__________________ - Sämtliche Hilfestellungen im Forum werden ohne Gewährleistung oder Haftung gegeben - |
15.11.2009, 18:17 | #12 |
/// AVZ-Toolkit Guru | Fehlermeldung Und lasse die Malwarebytes Funde bitte beheben! Auch das steht in der entsprechenden Anleitung so drinn. Ach ja: Du bist heftig infiziert. Ändere unverzüglich von einem sauberen PC aus alle deine Passwörter und Zugangsaccounts und informiere deine online Bank! Den Rechner solltest du erstmal nicht mehr benutzen!
__________________ - Sämtliche Hilfestellungen im Forum werden ohne Gewährleistung oder Haftung gegeben - |
15.11.2009, 20:23 | #13 |
| Fehlermeldung reicht das nicht wenn ich das system komplett neu aufzieh... zum thema onlinebank...hab da seit monaten nix mehr gemacht... |
15.11.2009, 20:24 | #14 |
/// AVZ-Toolkit Guru | Fehlermeldung Na klar, dass ist immer die beste Variante. Bereinigung nach einer Kompromitierung Hinweis: Die Analyse eines Virenscanners ist völlig unzureichend, um Aussagen über das System zu machen! Leider tauchen momentan immer mehr Schädlinge auf die sich in den Master Boot Record, kurz MBR einschreiben. Dieser wird bei einer herkömmlichen Neuinstallation nicht komplett überschrieben und stellt somit ein erhebliches Sicherheitsrisiko dar. Vor der Neuinstallation sollte daher sichergegangen werden, dass der MBR in Ordnung ist. Master Boot Record reparieren: XP: Um die Wiederherstellungskonsole zu starten, einfach die Windows XP CD in das Laufwerk legen und davon booten.. Wenn du dazu aufgefordert wirst, wähle die erforderliche Optionen für den Start von der Installations-CD aus. Wenn der textbasierte Teil des Setups startet, wähle die Option zum Reparieren oder Wiederherstellen, indem du die Taste [R] drückt. Gegebenfalls nun das Administratorkennwort eingeben. Nun gelangst du zur Eingabeaufforderung der Wiederherstellungskonsole. Dort bitte den Befehl fixmbr eingeben und mit Enter bestätigen. Um die Wiederherstellungskonsole zu beenden und den Computer neu zu starten, gibst du 'exit' ein. Einen Personal Computer neuaufsetzen: Lies dir bitte bevor du dich an die Arbeit machst folgende Anleitung ganz genau durch: Außerdem sollte die Sicherung über eine LiveCD geschehen da sich Viren gerne an Dateien anhängen oder externe Datenträger infizieren. Das wird durch die Nutzung einer LiveCD verhindert. Auf Grund der bekannten Oberfläche empfehle ich VistaPE. Die PC-Welt stellt folgendes Paket zur Erstellung bereit: http://www.hitech-blog.com/wp-conten...pcwVistaPE.zip Downloade dir das Paket, entpacke es in einen eigenen Ordner und starte das Setup durch einen Doppelklick auf die pcwVistaPE.exe. Es öffnet sich ein Setup welches dich in mehreren Schritten durch den Installations- und Brennvorgang führt. Danach steht dir eine LiveCD zur Verfügung welche du in dein Laufwerk einlegst und den Rechner neustartest. Der PC sollte dann von der LiveCD booten, dass heisst er startet das Mini Betriebssystem von der CD. Sollte er das nicht tun so musst du im BIOS den First Boot Device auf CD/DVD-Rom ändern. Wie das geht findest du bei google... Nachdem du neuaufgesetzt hast musst du unbedingt alle Passwörter und Zugangsaccounts ändern!!!
__________________ - Sämtliche Hilfestellungen im Forum werden ohne Gewährleistung oder Haftung gegeben - Geändert von undoreal (15.11.2009 um 21:20 Uhr) |
15.11.2009, 20:33 | #15 |
| Fehlermeldung also besser n neuen PC....^^ |
Themen zu Fehlermeldung |
adobe, antivirus, avast, avast!, avg, bho, dll, explorer, fehlermeldung, firefox, hijack, hijackthis, hkus\s-1-5-18, icq, internet, internet explorer, logfile, magix, microsoft, mozilla, nvidia, plug-in, programme, rundll, search settings, server, software, system, windows, windows xp, wscript.exe |