Dauert sehr lange bis sich mein Internetbrowser öffnet

cosinus · 16.02.2011, 09:34

Warum, was gefällt dir an der Anleitung nicht?

masi76 · 20.02.2011, 08:07

Hallo,

wollte den Rechner von der CD starten, hat leider nicht geklappt.
Auf der gebrannten CD gibt es drei Ordner "bootmgr", "source" und
"boot". In dem Ordner "boot" wollte ich den Rechner von der MS-Dos-
Application "etfsboot" neu starten.
Da bekam ich in einem schwarzen Fenster die Meldung "CDBOOT:
Cannot boot from CD-Code:1"

Was habe ich falsch gemacht???

cosinus · 20.02.2011, 17:46

Hast du die CD richtig gebrannt? Mit der Imagebrennfunktion?
Artikel richtig gelesen wie man von der CD bootet?
Bootet der Rechner von anderen bootfähigen Discs?

Wenn das Booten erstmal nicht klappt, können wir auch erstmal schauen, ob der MBR eine bekannte Infektion aufweist, dazu mal dieses Tool von kaspersky ausführen => http://www.trojaner-board.de/82358-t...entfernen.html

masi76 · 22.02.2011, 07:53

Hi Arne,
hab gestern abend nochmal drübergeschaut,
bis jetzt keinen offensichtlichen Ausführungsfehler
gefunden.
Ich schau es mir aber heut abend nochmals an.

Bis dann.

masi76 · 23.02.2011, 19:40

Code:

ATTFilter

2011/02/23 19:29:27.0639 2272	TDSS rootkit removing tool 2.4.18.0 Feb 21 2011 11:08:08
2011/02/23 19:29:28.0060 2272	================================================================================
2011/02/23 19:29:28.0060 2272	SystemInfo:
2011/02/23 19:29:28.0060 2272	
2011/02/23 19:29:28.0060 2272	OS Version: 6.0.6002 ServicePack: 2.0
2011/02/23 19:29:28.0060 2272	Product type: Workstation
2011/02/23 19:29:28.0060 2272	ComputerName: PIM-PC
2011/02/23 19:29:28.0060 2272	UserName: Markus
2011/02/23 19:29:28.0060 2272	Windows directory: C:\Windows
2011/02/23 19:29:28.0060 2272	System windows directory: C:\Windows
2011/02/23 19:29:28.0060 2272	Processor architecture: Intel x86
2011/02/23 19:29:28.0060 2272	Number of processors: 1
2011/02/23 19:29:28.0060 2272	Page size: 0x1000
2011/02/23 19:29:28.0060 2272	Boot type: Normal boot
2011/02/23 19:29:28.0060 2272	================================================================================
2011/02/23 19:29:28.0824 2272	Initialize success
2011/02/23 19:29:36.0297 3768	================================================================================
2011/02/23 19:29:36.0297 3768	Scan started
2011/02/23 19:29:36.0297 3768	Mode: Manual; 
2011/02/23 19:29:36.0297 3768	================================================================================
2011/02/23 19:29:37.0654 3768	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/02/23 19:29:38.0013 3768	adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/02/23 19:29:38.0200 3768	adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/02/23 19:29:38.0325 3768	adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/02/23 19:29:38.0418 3768	adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/02/23 19:29:38.0590 3768	AFD             (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/02/23 19:29:38.0839 3768	agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/02/23 19:29:39.0042 3768	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/02/23 19:29:39.0276 3768	aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/02/23 19:29:39.0510 3768	amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/02/23 19:29:39.0682 3768	amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/02/23 19:29:39.0822 3768	AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/02/23 19:29:39.0978 3768	AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/02/23 19:29:40.0555 3768	arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/02/23 19:29:40.0743 3768	arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/02/23 19:29:41.0039 3768	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/02/23 19:29:41.0211 3768	atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/02/23 19:29:41.0507 3768	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/02/23 19:29:41.0788 3768	avgntflt        (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/02/23 19:29:42.0022 3768	avipbb          (da39805e2bad99d37fce9477dd94e7f2) C:\Windows\system32\DRIVERS\avipbb.sys
2011/02/23 19:29:42.0287 3768	BCM43XV         (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/02/23 19:29:42.0443 3768	BCM43XX         (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/02/23 19:29:42.0615 3768	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/02/23 19:29:42.0927 3768	bowser          (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/02/23 19:29:43.0161 3768	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/02/23 19:29:43.0285 3768	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/02/23 19:29:43.0473 3768	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/02/23 19:29:43.0566 3768	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/02/23 19:29:43.0691 3768	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/02/23 19:29:43.0785 3768	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/02/23 19:29:44.0019 3768	BthEnum         (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/02/23 19:29:44.0175 3768	BTHMODEM        (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/02/23 19:29:44.0409 3768	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/02/23 19:29:44.0674 3768	BTHPORT         (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/02/23 19:29:44.0923 3768	BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/02/23 19:29:45.0282 3768	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/02/23 19:29:45.0485 3768	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/02/23 19:29:45.0657 3768	circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/02/23 19:29:45.0828 3768	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/02/23 19:29:46.0125 3768	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/02/23 19:29:46.0296 3768	cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/02/23 19:29:46.0437 3768	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/02/23 19:29:46.0593 3768	crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/02/23 19:29:46.0702 3768	Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/02/23 19:29:46.0951 3768	DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/02/23 19:29:47.0232 3768	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/02/23 19:29:47.0497 3768	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/02/23 19:29:47.0685 3768	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/02/23 19:29:47.0887 3768	E100B           (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
2011/02/23 19:29:48.0043 3768	E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/02/23 19:29:48.0168 3768	eabfiltr        (a6476585b4fefee46a9f42e4d2bfdfa4) C:\Windows\system32\DRIVERS\eabfiltr.sys
2011/02/23 19:29:48.0418 3768	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/02/23 19:29:48.0683 3768	elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/02/23 19:29:49.0011 3768	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/02/23 19:29:49.0135 3768	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/02/23 19:29:49.0276 3768	fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/02/23 19:29:49.0479 3768	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/02/23 19:29:49.0619 3768	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/02/23 19:29:49.0744 3768	flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/02/23 19:29:49.0884 3768	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/02/23 19:29:50.0227 3768	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/02/23 19:29:50.0368 3768	gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/02/23 19:29:50.0571 3768	GEARAspiWDM     (5dc17164f66380cbfefd895c18467773) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/02/23 19:29:50.0867 3768	HBtnKey         (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys
2011/02/23 19:29:51.0054 3768	HdAudAddService (de4020f928a2f8a6327f5687f36d361b) C:\Windows\system32\drivers\CHDART.sys
2011/02/23 19:29:51.0241 3768	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/02/23 19:29:51.0429 3768	HidBth          (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys
2011/02/23 19:29:51.0569 3768	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/02/23 19:29:51.0787 3768	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/02/23 19:29:52.0021 3768	HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/02/23 19:29:52.0302 3768	HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/02/23 19:29:52.0489 3768	HSF_DPV         (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/02/23 19:29:52.0708 3768	HSXHWAZL        (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/02/23 19:29:52.0911 3768	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/02/23 19:29:53.0145 3768	i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/02/23 19:29:53.0332 3768	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/02/23 19:29:53.0628 3768	ialm            (0215e1204d5410e50a5ea9d442fe7da3) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/02/23 19:29:53.0878 3768	iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/02/23 19:29:54.0205 3768	igfx            (0215e1204d5410e50a5ea9d442fe7da3) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/02/23 19:29:54.0346 3768	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/02/23 19:29:54.0533 3768	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/02/23 19:29:54.0673 3768	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/02/23 19:29:54.0861 3768	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/02/23 19:29:55.0157 3768	IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/02/23 19:29:55.0297 3768	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/02/23 19:29:55.0469 3768	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/02/23 19:29:55.0578 3768	isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/02/23 19:29:55.0703 3768	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/02/23 19:29:55.0828 3768	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/02/23 19:29:55.0921 3768	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/02/23 19:29:56.0046 3768	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/02/23 19:29:56.0187 3768	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/02/23 19:29:56.0452 3768	KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/02/23 19:29:56.0764 3768	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/02/23 19:29:56.0967 3768	LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/02/23 19:29:57.0076 3768	LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/02/23 19:29:57.0201 3768	LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/02/23 19:29:57.0357 3768	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/02/23 19:29:57.0497 3768	mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/02/23 19:29:57.0637 3768	megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/02/23 19:29:57.0793 3768	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/02/23 19:29:57.0949 3768	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/02/23 19:29:58.0074 3768	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/02/23 19:29:58.0215 3768	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/02/23 19:29:58.0339 3768	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/02/23 19:29:58.0495 3768	mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/02/23 19:29:58.0620 3768	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/02/23 19:29:58.0792 3768	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/02/23 19:29:58.0901 3768	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/02/23 19:29:59.0026 3768	mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/02/23 19:29:59.0151 3768	mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/02/23 19:29:59.0307 3768	mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/02/23 19:29:59.0525 3768	msahci          (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
2011/02/23 19:29:59.0697 3768	msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/02/23 19:29:59.0931 3768	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/02/23 19:30:00.0087 3768	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/02/23 19:30:00.0352 3768	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/02/23 19:30:00.0492 3768	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/02/23 19:30:00.0679 3768	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/02/23 19:30:00.0882 3768	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/02/23 19:30:01.0069 3768	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/02/23 19:30:01.0225 3768	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/02/23 19:30:01.0413 3768	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/02/23 19:30:01.0631 3768	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/02/23 19:30:01.0834 3768	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/02/23 19:30:02.0052 3768	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/02/23 19:30:02.0224 3768	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/02/23 19:30:02.0349 3768	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/02/23 19:30:02.0551 3768	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/02/23 19:30:02.0817 3768	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/02/23 19:30:02.0988 3768	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/02/23 19:30:03.0191 3768	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/02/23 19:30:03.0378 3768	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/02/23 19:30:03.0550 3768	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/02/23 19:30:03.0784 3768	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/02/23 19:30:04.0049 3768	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/02/23 19:30:04.0189 3768	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/02/23 19:30:04.0299 3768	nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/02/23 19:30:04.0408 3768	nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/02/23 19:30:04.0517 3768	nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/02/23 19:30:04.0829 3768	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/02/23 19:30:05.0188 3768	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/02/23 19:30:05.0328 3768	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/02/23 19:30:05.0453 3768	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/02/23 19:30:05.0609 3768	pccsmcfd        (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/02/23 19:30:05.0765 3768	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/02/23 19:30:05.0874 3768	pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/02/23 19:30:06.0015 3768	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/02/23 19:30:06.0155 3768	pcouffin        (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2011/02/23 19:30:06.0436 3768	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/02/23 19:30:06.0951 3768	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/02/23 19:30:07.0075 3768	Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/02/23 19:30:07.0325 3768	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/02/23 19:30:07.0465 3768	PxHelp20        (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
2011/02/23 19:30:07.0653 3768	ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/02/23 19:30:07.0855 3768	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/02/23 19:30:08.0074 3768	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/02/23 19:30:08.0199 3768	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/02/23 19:30:08.0370 3768	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/02/23 19:30:08.0542 3768	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/02/23 19:30:08.0635 3768	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/02/23 19:30:08.0776 3768	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/02/23 19:30:08.0932 3768	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/02/23 19:30:09.0072 3768	rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/02/23 19:30:09.0244 3768	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/02/23 19:30:09.0384 3768	RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/02/23 19:30:09.0603 3768	RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/02/23 19:30:09.0821 3768	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/02/23 19:30:09.0961 3768	RTL8023xp       (dda0d5842335e78e375e96c308858a61) C:\Windows\system32\DRIVERS\Rtnicxp.sys
2011/02/23 19:30:10.0117 3768	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/02/23 19:30:10.0351 3768	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/02/23 19:30:10.0507 3768	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/02/23 19:30:10.0585 3768	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/02/23 19:30:10.0710 3768	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/02/23 19:30:11.0038 3768	sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/02/23 19:30:11.0178 3768	sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/02/23 19:30:11.0303 3768	sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/02/23 19:30:11.0475 3768	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/02/23 19:30:11.0631 3768	sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/02/23 19:30:11.0755 3768	SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/02/23 19:30:11.0865 3768	SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/02/23 19:30:12.0067 3768	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/02/23 19:30:12.0286 3768	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/02/23 19:30:12.0473 3768	srv             (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/02/23 19:30:12.0598 3768	srv2            (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/02/23 19:30:12.0723 3768	srvnet          (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/02/23 19:30:12.0894 3768	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/02/23 19:30:13.0035 3768	StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2011/02/23 19:30:13.0253 3768	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/02/23 19:30:13.0440 3768	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/02/23 19:30:13.0596 3768	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/02/23 19:30:13.0705 3768	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/02/23 19:30:13.0955 3768	SynTP           (81cf7aa63bb3cca31e1d1944c0a45fc7) C:\Windows\system32\DRIVERS\SynTP.sys
2011/02/23 19:30:14.0267 3768	Tcpip           (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/02/23 19:30:14.0439 3768	Tcpip6          (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/02/23 19:30:14.0579 3768	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/02/23 19:30:14.0719 3768	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/02/23 19:30:14.0844 3768	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/02/23 19:30:14.0985 3768	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/02/23 19:30:15.0156 3768	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/02/23 19:30:15.0468 3768	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/02/23 19:30:15.0609 3768	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/02/23 19:30:15.0796 3768	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/02/23 19:30:15.0983 3768	uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/02/23 19:30:16.0108 3768	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/02/23 19:30:16.0404 3768	uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/02/23 19:30:16.0513 3768	uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/02/23 19:30:16.0669 3768	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/02/23 19:30:16.0794 3768	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/02/23 19:30:16.0981 3768	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/02/23 19:30:17.0387 3768	usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/02/23 19:30:17.0559 3768	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/02/23 19:30:17.0699 3768	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/02/23 19:30:17.0902 3768	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/02/23 19:30:18.0089 3768	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/02/23 19:30:18.0214 3768	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/02/23 19:30:18.0370 3768	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/02/23 19:30:18.0526 3768	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/02/23 19:30:18.0682 3768	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/02/23 19:30:18.0822 3768	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/02/23 19:30:19.0041 3768	vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/02/23 19:30:19.0165 3768	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/02/23 19:30:19.0306 3768	viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/02/23 19:30:19.0399 3768	ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/02/23 19:30:19.0524 3768	viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/02/23 19:30:19.0633 3768	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/02/23 19:30:19.0774 3768	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/02/23 19:30:19.0930 3768	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/02/23 19:30:20.0070 3768	vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/02/23 19:30:20.0289 3768	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/02/23 19:30:20.0445 3768	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/02/23 19:30:20.0523 3768	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/02/23 19:30:20.0710 3768	Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/02/23 19:30:20.0881 3768	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/02/23 19:30:21.0256 3768	winachsf        (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/02/23 19:30:21.0708 3768	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/02/23 19:30:22.0051 3768	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/02/23 19:30:22.0270 3768	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/02/23 19:30:22.0566 3768	XAudio          (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
2011/02/23 19:30:22.0925 3768	================================================================================
2011/02/23 19:30:22.0925 3768	Scan finished
2011/02/23 19:30:22.0925 3768	================================================================================

cosinus · 23.02.2011, 22:13

Das Booten klappt immer noch nicht?
Kannst du von anderen bootfähigen Discs booten?

masi76 · 24.02.2011, 08:02

Hi,
habe es jetzt zweimal mit einer CD-R probiert,
versuche es heut abend mal mit einer DVD,
mal sehen was dann passiert.
Habe mir die Anleitung genau durchgelesen, weiss
aber nicht was ich noch machen soll.
Vielleicht macht es einen Unterschied, ob man die
Win-32 oder Win-64-Version herunterläd bzw.
brennt. Habe aber auch keinen Anhaltspunkt, wenn
ich etwas falsch gemacht habe, was denn gewesen
sein könnte. Probier nun schon seit 1 1/2 Wochen
an dem Teil und komme keinen Schritt weiter.

cosinus · 24.02.2011, 10:37

Du brauchst auf jeden Fall die 32-Bit-Version.
Entweder du bedienst das Bootmenü zum Booten von der CD nicht richtig oder dein Laufwerk hat ne Macke. Von DVD funktioniert das eher noch weniger, denn das sind CD- und keine DVD-Images.
Probier mal ein ISO von Ubuntu oder Knoppix zu brennen, per Imagebrennfunktion. Bootet der Rechner davon?

masi76 · 25.02.2011, 08:00

Ich versuchs, werde es noch einmal mit einem Kollegen
zusammen probieren.
Meld mich wahrscheinlich dann erst mit Rückantwort am
Sonntag.
bis dann

masi76 · 28.02.2011, 07:02

Hi Arne,
habe es gestern geschafft meinen Rechner
von der CD-Rom (bitdefender) gestartet.
Habe allerdings immer noch das Problem,
dass er kurz vor dem Ende des Hochfahrens
den Registry Booster starten will und das
Avira lässt sich auch nicht aktivieren.
Brauchst Du nochmal ein logfile?

cosinus · 28.02.2011, 12:28

Ja mach frische Logs mit MBAM und OTL

masi76 · 01.03.2011, 07:49

Code:

ATTFilter

OTL logfile created on: 01/03/2011 06:30:40 - Run 3
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Markus\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
1,013.00 Mb Total Physical Memory | 239.00 Mb Available Physical Memory | 24.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69.41 Gb Total Space | 30.18 Gb Free Space | 43.48% Space Free | Partition Type: NTFS
Drive D: | 5.12 Gb Total Space | 1.16 Gb Free Space | 22.74% Space Free | Partition Type: NTFS
 
Computer Name: PIM-PC | User Name: Markus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Markus\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Markus\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.Google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=71&bd=PRESARIO&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\w, = hxxp://www.Google.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com?o=15788&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.8.20100713041928
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=0c6571bc000000000000001a7315e76b&tlver=1.4.19.14&instlRef=& affID=17163&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.facemoods.com/?a=iron"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/31 06:08:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/18 20:40:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/18 20:40:40 | 000,000,000 | ---D | M]
 
[2008/11/11 18:54:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\Mozilla\Extensions
[2011/03/01 06:03:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\6ywjg3vy.default\extensions
[2010/11/13 07:14:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\6ywjg3vy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/22 18:39:23 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\6ywjg3vy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/02/10 19:02:43 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\6ywjg3vy.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011/02/10 18:57:59 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\6ywjg3vy.default\extensions\ffxtlbr@babylon.com
[2011/02/18 06:49:02 | 000,002,395 | ---- | M] () -- C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\6ywjg3vy.default\searchplugins\askcom.xml
[2011/02/10 19:02:38 | 000,003,915 | ---- | M] () -- C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\6ywjg3vy.default\searchplugins\sweetim.xml
[2011/01/22 18:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/11/06 21:46:25 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/11/23 14:34:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/22 18:38:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/03/31 06:08:19 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/12/18 20:40:26 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011/02/10 18:58:00 | 000,002,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2010/12/18 20:40:26 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2011/02/10 19:22:50 | 000,002,047 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml
[2010/12/18 20:40:26 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/12/18 20:40:26 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/12/18 20:40:26 | 000,000,801 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011/02/08 19:44:55 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\CompaqFlow.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\CompaqFlow.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/02/27 16:22:50 | 000,000,000 | ---D | C] -- C:\bd_logs
[2011/02/25 07:48:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2011/02/24 03:04:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/02/21 11:09:14 | 001,372,248 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Markus\Desktop\TDSSKiller.exe
[2011/02/12 07:58:00 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\ImgBurn
[2011/02/12 07:21:49 | 000,000,000 | ---D | C] -- C:\Users\Markus\Desktop\ImgBurn
[2011/02/12 07:18:57 | 005,514,668 | ---- | C] (LIGHTNING UK!) -- C:\Users\Markus\Desktop\SetupImgBurn_2.5.5.0.exe
[2011/02/11 06:51:21 | 000,000,000 | ---D | C] -- C:\Users\Markus\Desktop\osam
[2011/02/10 19:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2011/02/10 18:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\FoxTabPDFConverter
[2011/02/08 19:54:44 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/02/08 19:51:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/02/08 16:46:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/02/08 06:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/02/08 06:38:35 | 000,000,000 | ---D | C] -- C:\Users\Markus\Desktop\CCleaner
[2011/02/07 19:11:57 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/02/07 19:11:57 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/02/07 19:11:57 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/02/07 19:09:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/02/05 05:56:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/02/02 17:15:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/02/02 17:15:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/02 17:15:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/02/02 17:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/31 21:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011/01/31 21:03:47 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Uniblue
[2011/01/31 21:02:37 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/01/31 21:02:10 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\PackageAware
[2011/01/30 17:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/01/30 17:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\REPORTS
[2011/01/30 17:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\LOGFILES
[2011/01/30 17:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\INFECTED
[2010/05/19 19:45:13 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Markus\AppData\Roaming\pcouffin.sys
 
========== Files - Modified Within 30 Days ==========
 
[2011/03/01 06:35:00 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0798338A-4626-44DD-9D57-0FE79EFEF1D8}.job
[2011/03/01 06:05:47 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/01 05:45:37 | 000,612,100 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/01 05:45:36 | 000,109,516 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/01 05:44:38 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011/03/01 05:44:35 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/01 05:41:31 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/03/01 05:38:52 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/01 05:38:52 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/01 05:38:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/01 05:38:19 | 1061,302,272 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/28 06:26:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/02/28 05:51:13 | 000,441,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/02/25 07:48:45 | 000,001,500 | ---- | M] () -- C:\Users\Markus\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2011/02/25 07:48:45 | 000,001,496 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2011/02/23 19:28:05 | 001,372,248 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Markus\Desktop\TDSSKiller.exe
[2011/02/12 07:18:05 | 005,514,668 | ---- | M] (LIGHTNING UK!) -- C:\Users\Markus\Desktop\SetupImgBurn_2.5.5.0.exe
[2011/02/12 07:14:57 | 150,818,816 | ---- | M] () -- C:\Users\Markus\Desktop\vista_recover_x86.iso
[2011/02/11 06:59:45 | 000,080,384 | ---- | M] () -- C:\Users\Markus\Desktop\MBRCheck.exe
[2011/02/08 19:44:55 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/02/08 16:46:19 | 004,265,351 | R--- | M] () -- C:\Users\Markus\Desktop\ComboFix.exe
[2011/02/08 06:38:37 | 000,000,636 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/02/02 17:15:54 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/31 21:06:12 | 000,001,865 | ---- | M] () -- C:\Users\Markus\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
 
========== Files Created - No Company Name ==========
 
[2011/02/24 03:01:21 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/02/24 03:01:21 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/02/24 03:01:21 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/02/12 07:21:51 | 000,001,500 | ---- | C] () -- C:\Users\Markus\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2011/02/12 07:21:51 | 000,001,496 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2011/02/12 07:21:50 | 000,001,526 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2011/02/12 07:16:07 | 150,818,816 | ---- | C] () -- C:\Users\Markus\Desktop\vista_recover_x86.iso
[2011/02/11 07:00:55 | 000,080,384 | ---- | C] () -- C:\Users\Markus\Desktop\MBRCheck.exe
[2011/02/10 18:58:26 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011/02/08 16:41:08 | 004,265,351 | R--- | C] () -- C:\Users\Markus\Desktop\ComboFix.exe
[2011/02/08 06:38:37 | 000,000,636 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/02/07 19:11:57 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/02/07 19:11:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/02/07 19:11:57 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/02/07 19:11:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/02/07 19:11:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/02/02 17:15:54 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/31 21:05:35 | 000,001,865 | ---- | C] () -- C:\Users\Markus\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2011/01/31 21:03:51 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2010/05/19 19:45:14 | 000,000,033 | ---- | C] () -- C:\Users\Markus\AppData\Roaming\pcouffin.log
[2010/05/19 19:45:13 | 000,007,887 | ---- | C] () -- C:\Users\Markus\AppData\Roaming\pcouffin.cat
[2010/05/19 19:45:13 | 000,001,144 | ---- | C] () -- C:\Users\Markus\AppData\Roaming\pcouffin.inf
[2009/10/21 14:14:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/12 14:22:52 | 000,059,904 | ---- | C] () -- C:\Users\Markus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/27 03:52:01 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/10/24 17:41:00 | 000,000,000 | ---- | C] () -- C:\Users\Markus\AppData\Local\QSwitch.txt
[2008/10/24 17:41:00 | 000,000,000 | ---- | C] () -- C:\Users\Markus\AppData\Local\DSwitch.txt
[2008/10/24 17:41:00 | 000,000,000 | ---- | C] () -- C:\Users\Markus\AppData\Local\AtStart.txt
[2008/09/08 19:24:54 | 000,017,920 | ---- | C] () -- C:\Windows\System32\Implode.dll
[2008/03/27 01:00:27 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2007/11/08 14:24:54 | 000,000,167 | ---- | C] () -- C:\Windows\wininit.ini
[2007/11/06 21:27:30 | 000,090,112 | ---- | C] () -- C:\Windows\System32\custmon2k.dll
[2007/09/20 18:50:48 | 000,009,793 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/07/14 10:51:35 | 000,001,634 | ---- | C] () -- C:\Windows\bsm.ini
[2007/06/20 12:19:09 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2007/06/06 11:23:27 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2006/11/06 12:02:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006/11/06 10:05:40 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/06 10:03:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/06 10:00:56 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/19 08:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/19 08:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/03/10 01:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2002/01/24 10:29:26 | 000,077,824 | ---- | C] () -- C:\Windows\System32\lxaxlcnp.dll
 
========== LOP Check ==========
 
[2009/11/13 18:11:03 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\AvaTrader
[2011/02/05 06:11:36 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\D3dvis
[2009/08/26 06:58:03 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\HaCon
[2011/02/20 07:47:21 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\ImgBurn
[2008/11/01 11:35:02 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\PC Suite
[2010/11/25 07:28:21 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\QuickScan
[2009/05/20 08:48:41 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\Thunderbird
[2011/01/31 21:03:47 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\Uniblue
[2010/05/19 19:45:14 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\Vso
[2011/03/01 05:44:38 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2011/02/28 06:26:46 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/03/01 06:35:00 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0798338A-4626-44DD-9D57-0FE79EFEF1D8}.job
[2010/11/12 07:10:13 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{52C964EE-F448-412B-8FE7-0550962111FD}.job
 
========== Purity Check ==========
 
 

< End of report >

masi76 · 01.03.2011, 08:21

MBAM-Log kommt heut nachmittag.
Habe es schon laufen lassen, nach
dem Neustart hat er mir das log irgendwo
hingespeichert, dass ich es jetzt nicht
auf die Schnelle gefunden habe.
Meld mich heut nachmittag.

masi76 · 01.03.2011, 16:09

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5913

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

01/03/2011 08:04:04
mbam-log-2011-03-01 (08-04-04).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 148746
Laufzeit: 6 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Markus\AppData\Local\Temp\icreinstall\pdfconvertersetup(2).exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\Markus\downloads\pdfconvertersetup(2).exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\Markus\downloads\pdfconvertersetup(3).exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\Markus\downloads\pdfconvertersetup(4).exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\Markus\downloads\pdfconvertersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.

cosinus · 01.03.2011, 16:32

Das sind eher harmlose Funde. MBAM bemängelt den PDF-Converter weil es darin Adware (Werbung) sieht. Brauchst du dieses Tool?

16.02.2011, 09:34	#31
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Dauert sehr lange bis sich mein Internetbrowser öffnet Warum, was gefällt dir an der Anleitung nicht? __________________ Logfiles bitte immer in CODE-Tags posten

23.02.2011, 22:13	#36
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Dauert sehr lange bis sich mein Internetbrowser öffnet Das Booten klappt immer noch nicht? Kannst du von anderen bootfähigen Discs booten? __________________ --> Dauert sehr lange bis sich mein Internetbrowser öffnet

28.02.2011, 12:28	#41
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Dauert sehr lange bis sich mein Internetbrowser öffnet Ja mach frische Logs mit MBAM und OTL __________________ Logfiles bitte immer in CODE-Tags posten

01.03.2011, 16:32	#45
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Dauert sehr lange bis sich mein Internetbrowser öffnet Das sind eher harmlose Funde. MBAM bemängelt den PDF-Converter weil es darin Adware (Werbung) sieht. Brauchst du dieses Tool? __________________ Logfiles bitte immer in CODE-Tags posten

Dauert sehr lange bis sich mein Internetbrowser öffnet

Log-Analyse und Auswertung: Dauert sehr lange bis sich mein Internetbrowser öffnet