| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/kazy.mekml, Festplatte beschädigt, Dateien wegWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.04.2011, 16:35
| #1 |
 |  TR/kazy.mekml, Festplatte beschädigt, Dateien weg Hallo zusammen! Ich habe mich hier angemeldet, weil auch mein Rechner mit dem Trojaner Kazy.mekml infiziert ist. Seitdem fehlen Dateien auf meinem Desktop, sowie auf dem restlichen Teil meiner Festplatte. Dei zweite Partition ist nicht betroffen! Zudem sagt mir Windows 7 (32bit) ständig, dass meine Festplatte beschädigt ist. Auch Avira popt immer wieder auf und sagt mir, dass eben dieser Trojaner sich auf meinem Rechner befindet. Löschen hilft auch nicht. Außerdem hatte ich eben einen Bluescreen aufgrund eines Grafiktreiber, weiß aber nicht obs mit dem Trojaner zusammenhängt! Ich hoffe mir kann jemand weiterhelfen! EDIT: Was mir auch noch aufgefallen ist, ich habe seit einer Woche noch ein zusätzliches Laufwerk Q:, auf welches ich nicht zugreifen kann! Mit freundlichen Grüßen Brote Hier meine Anti-Malware Logfile: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6412 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 21.04.2011 17:33:03 mbam-log-2011-04-21 (17-33-03).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 175743 Laufzeit: 6 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 0 Infizierte Dateien: 2 Infizierte Speicherprozesse: c:\programdata\mrtpnafmrsnt.exe (Trojan.FakeAlert) -> 3792 -> Unloaded process successfully. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MRtPNAFMRSnT (Trojan.FakeAlert) -> Value: MRtPNAFMRSnT -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{5283BA48-B3A8-A4C7-4C8B-5FC46A91D3D3} (Trojan.ZbotR.Gen) -> Value: {5283BA48-B3A8-A4C7-4C8B-5FC46A91D3D3} -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\programdata\mrtpnafmrsnt.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Benjamin\AppData\Local\Temp\0.29800580620327444.exe (Trojan.Dropper) -> Quarantined and deleted successfully. OTL:OTL Logfile: OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 21.04.2011 17:38:23 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = D:\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 24,99 Gb Total Space | 0,86 Gb Free Space | 3,45% Space Free | Partition Type: NTFS Drive D: | 273,09 Gb Total Space | 25,98 Gb Free Space | 9,51% Space Free | Partition Type: NTFS Drive E: | 7,73 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: BENJAMIN-NB | User Name: Benjamin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Downloads\OTL.exe (OldTimer Tools) PRC - D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - D:\Program Files\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios) PRC - D:\Program Files\Verbindungsassistent\WTGService.exe () PRC - C:\Programme\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems) PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Palm, Inc\novacom\x86\novacomd.exe (Palm) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\Windows\System32\lxczcoms.exe ( ) ========== Modules (SafeList) ========== MOD - D:\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (ACDaemon) -- File not found SRV - (HiPatchService) -- D:\Program Files\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios) SRV - (WTGService) -- D:\Program Files\Verbindungsassistent\WTGService.exe () SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.) SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (TuneUp.Defrag) -- D:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (TuneUp.UtilitiesSvc) -- D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (NovacomD) -- C:\Programme\Palm, Inc\novacom\x86\novacomd.exe (Palm) SRV - (AntiVirService) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (OMSI download service) -- D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (lxcz_device) -- C:\Windows\System32\lxczcoms.exe ( ) ========== Driver Services (SafeList) ========== DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation) DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation) DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation) DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation) DRV - (truecrypt) -- C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Foundation) DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (TuneUpUtilitiesDrv) -- D:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation) DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation) DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation) DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation) DRV - (vpcuxd) -- C:\Windows\System32\drivers\vpcuxd.sys (Microsoft Corporation) DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- D:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation) DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation) DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation) DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation) DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation) DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation) DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation) DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider) DRV - (TTCinergyT2) TerraTec Cinergy T² (BDA) -- C:\Windows\System32\drivers\TTCinergyT2BDA.sys (TerraTec Electronic GmbH) DRV - (PID_0920) Logitech QuickCam Express(PID_0920) -- C:\Windows\System32\drivers\LV532AV.SYS () DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.) DRV - (QCDonner) Logitech QuickCam Express(PID_0840) -- C:\Windows\System32\drivers\lvcd.sys (Logitech Inc.) DRV - (giveio) -- C:\Windows\system32\giveio.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F9 9E 23 6E 04 34 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-type: "${8}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.mydtzone.com/startpage|hxxp://go.microsoft.com/fwlink/?LinkId=69157" FF - prefs.js..extensions.enabledItems: {b9615918-d3de-44a4-ab65-76df7ea1f1c1}:0.3.13 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.87 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.9 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1 FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.0.6 FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66 FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.5 FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.04.03 15:52:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.04.03 15:52:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2011.03.13 15:40:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins [2011.01.29 18:28:33 | 000,000,000 | ---D | M] [2010.01.22 17:44:43 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Benjamin\AppData\Roaming\mozilla\Extensions [2010.01.22 17:44:43 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Benjamin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.04.20 20:22:25 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Benjamin\AppData\Roaming\mozilla\Firefox\Profiles\os8yk4py.default\extensions [2011.04.20 20:22:25 | 000,000,000 | -H-D | M] (Flagfox) -- C:\Users\Benjamin\AppData\Roaming\mozilla\Firefox\Profiles\os8yk4py.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2010.07.27 21:08:04 | 000,000,000 | -H-D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Benjamin\AppData\Roaming\mozilla\Firefox\Profiles\os8yk4py.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011.04.14 14:35:15 | 000,000,000 | -H-D | M] (Разпознаване на устройство Logitech) -- C:\Users\Benjamin\AppData\Roaming\mozilla\Firefox\Profiles\os8yk4py.default\extensions\DeviceDetection@logitech.com [2011.02.04 13:35:08 | 000,000,000 | -H-D | M] (FoxyProxy Standard) -- C:\Users\Benjamin\AppData\Roaming\mozilla\Firefox\Profiles\os8yk4py.default\extensions\foxyproxy@eric.h.jung [2010.05.30 18:29:00 | 000,001,819 | -H-- | M] () -- C:\Users\Benjamin\AppData\Roaming\Mozilla\Firefox\Profiles\os8yk4py.default\searchplugins\bing.xml [2011.04.08 18:28:05 | 000,002,059 | -H-- | M] () -- C:\Users\Benjamin\AppData\Roaming\Mozilla\Firefox\Profiles\os8yk4py.default\searchplugins\daemon-search.xml File not found (No name found) -- () (No name found) -- C:\USERS\BENJAMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OS8YK4PY.DEFAULT\EXTENSIONS\{B9615918-D3DE-44A4-AB65-76DF7EA1F1C1}.XPI () (No name found) -- C:\USERS\BENJAMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OS8YK4PY.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\BENJAMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OS8YK4PY.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI () (No name found) -- C:\USERS\BENJAMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OS8YK4PY.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI () (No name found) -- C:\USERS\BENJAMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OS8YK4PY.DEFAULT\EXTENSIONS\TINEYE@IDEEINC.COM.XPI [2010.02.04 01:36:43 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2010.01.22 18:44:51 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [lxczbmgr.exe] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKCU..\Run: [Camfrog] D:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe (Camshare Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Remote Control Editor] C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe (Elgato Systems) O4 - Startup: C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 [2010.10.17 16:28:41 | 000,000,000 | ---D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Read with DeskBot - D:\Program Files\BellCraft.com\DeskBot\DeskBot.htm () O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010.09.11 01:09:29 | 000,000,047 | -H-- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{299b1013-523f-11e0-ba6d-001e101f2b52}\Shell - "" = AutoRun O33 - MountPoints2\{299b1013-523f-11e0-ba6d-001e101f2b52}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{37e507aa-4feb-11e0-ae87-001fcf40ac41}\Shell - "" = AutoRun O33 - MountPoints2\{37e507aa-4feb-11e0-ae87-001fcf40ac41}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{37e507ac-4feb-11e0-ae87-001fcf40ac41}\Shell - "" = AutoRun O33 - MountPoints2\{37e507ac-4feb-11e0-ae87-001fcf40ac41}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{37e507bb-4feb-11e0-ae87-001fcf40ac41}\Shell - "" = AutoRun O33 - MountPoints2\{37e507bb-4feb-11e0-ae87-001fcf40ac41}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{3b919da8-0768-11df-9993-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{3b919da8-0768-11df-9993-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Installer.exe -- [2010.09.11 01:09:30 | 002,508,760 | ---- | M] () O33 - MountPoints2\{52bb2ca8-4d77-11e0-b997-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{52bb2ca8-4d77-11e0-b997-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{52bb2cab-4d77-11e0-b997-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{52bb2cab-4d77-11e0-b997-00030d42d6bb}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{52bb2cb8-4d77-11e0-b997-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{52bb2cb8-4d77-11e0-b997-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{52bb2cbc-4d77-11e0-b997-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{52bb2cbc-4d77-11e0-b997-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{63cfb91a-67fc-11e0-aa82-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{63cfb91a-67fc-11e0-aa82-00030d42d6bb}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{63cfba41-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun O33 - MountPoints2\{63cfba41-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{63cfba96-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun O33 - MountPoints2\{63cfba96-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{63cfba98-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun O33 - MountPoints2\{63cfba98-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{63cfbac4-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun O33 - MountPoints2\{63cfbac4-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{63cfbac6-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun O33 - MountPoints2\{63cfbac6-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{644370d4-4f31-11e0-bedf-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{644370d4-4f31-11e0-bedf-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{806e08c9-5e72-11e0-96f1-001fcf40ac41}\Shell - "" = AutoRun O33 - MountPoints2\{806e08c9-5e72-11e0-96f1-001fcf40ac41}\Shell\AutoRun\command - "" = F:\Autoplay\AutoRun.exe O33 - MountPoints2\{9430fa80-589a-11e0-a192-001fcf40ac41}\Shell - "" = AutoRun O33 - MountPoints2\{9430fa80-589a-11e0-a192-001fcf40ac41}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9430fa88-589a-11e0-a192-001fcf40ac41}\Shell - "" = AutoRun O33 - MountPoints2\{9430fa88-589a-11e0-a192-001fcf40ac41}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9430faac-589a-11e0-a192-001fcf40ac41}\Shell - "" = AutoRun O33 - MountPoints2\{9430faac-589a-11e0-a192-001fcf40ac41}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9430fae8-589a-11e0-a192-001fcf40ac41}\Shell - "" = AutoRun O33 - MountPoints2\{9430fae8-589a-11e0-a192-001fcf40ac41}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{973eebcd-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{973eebcd-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{973eebdb-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{973eebdb-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{973eebf8-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{973eebf8-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{973eec0d-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{973eec0d-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{973eed1a-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{973eed1a-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{973eed28-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{973eed28-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{973eed4d-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{973eed4d-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{973eed50-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{973eed50-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{973eed5a-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{973eed5a-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{aa0254e3-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{aa0254e3-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{aa0254ee-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{aa0254ee-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{aa025509-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{aa025509-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{aa02551c-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{aa02551c-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{aa025527-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{aa025527-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{aa025544-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{aa025544-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d40c44b0-52ca-11e0-badb-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{d40c44b0-52ca-11e0-badb-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f3e50db7-bd67-11df-bdb4-00030d42d6bb}\Shell - "" = AutoRun O33 - MountPoints2\{f3e50db7-bd67-11df-bdb4-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.21 16:51:28 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\AppData\Roaming\Malwarebytes [2011.04.21 16:51:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.21 16:51:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.21 16:51:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes [2011.04.21 16:51:12 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.14 14:31:09 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.14 14:31:09 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.14 14:31:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.14 14:31:06 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.14 14:31:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.14 14:30:59 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.14 14:30:59 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.04.14 14:30:59 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.14 14:30:59 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.14 14:30:59 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.14 14:30:59 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.14 14:30:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.14 14:30:59 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.14 14:30:59 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.14 14:30:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.14 14:30:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.14 14:30:31 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.14 14:30:29 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.14 14:30:29 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.14 14:30:27 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2011.04.11 19:08:28 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe [2011.04.11 19:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 [2011.04.08 18:28:40 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2011.04.08 18:28:05 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Toolbar [2011.04.08 18:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2011.04.08 18:27:46 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\AppData\Roaming\DAEMON Tools Lite [2011.04.08 18:27:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\DAEMON Tools Lite [2011.04.03 18:29:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\VirtualizedApplications [2011.04.03 16:18:04 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\AppData\Local\SoftGrid Client [2011.04.03 16:17:59 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\AppData\Roaming\SoftGrid Client [2011.04.03 16:17:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (Deutsch) [2011.04.03 16:16:23 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER [2011.04.03 16:16:20 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2011.04.03 16:16:20 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Application Virtualization Client [2011.04.03 16:15:26 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\AppData\Roaming\TP [2011.03.29 19:38:20 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\AppData\Roaming\Ventrilo [2011.03.29 19:37:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ventrilo [2011.03.28 10:44:35 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\Documents\My Games [2011.03.28 01:11:59 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\AppData\Roaming\Hi-Rez Studios [2011.03.28 01:11:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\Hi-Rez Studios [2011.03.28 01:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios [2011.03.28 00:46:56 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Camfrog Video Chat 6.0 [2011.03.27 18:51:37 | 000,000,000 | -H-D | C] -- C:\Users\Benjamin\AppData\Local\CrashRpt [2011.02.03 21:14:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll [2011.02.03 21:14:32 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll [2011.02.03 21:14:32 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll [2011.02.03 21:14:31 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll [2011.02.03 21:14:31 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll [2011.02.03 21:14:31 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll [2011.02.03 21:14:31 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll [2011.02.03 21:14:31 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll [2011.02.03 21:14:31 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxczcoms.exe [2011.02.03 21:14:31 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxczih.exe [2011.02.03 21:14:31 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll [2011.02.03 21:14:31 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll [2011.02.03 21:14:30 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll [2011.02.03 21:14:30 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll [2011.02.03 21:14:30 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxczcfg.exe [2010.07.29 17:37:44 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeA454.dll ========== Files - Modified Within 30 Days ========== [2011.04.21 17:33:13 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\rpld.sys [2011.04.21 17:33:13 | 000,000,234 | ---- | M] () -- C:\Windows\System32\pbucn [2011.04.21 17:23:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.21 17:23:10 | 1609,179,136 | -HS- | M] () -- C:\hiberfil.sys [2011.04.21 16:51:19 | 000,000,756 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.21 16:13:00 | 000,014,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.21 16:13:00 | 000,014,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.21 15:30:14 | 000,656,484 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.21 15:30:14 | 000,616,990 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.21 15:30:14 | 000,130,826 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.21 15:30:14 | 000,107,112 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.16 09:38:23 | 000,286,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.08 18:28:40 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2011.04.08 18:28:04 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2011.04.03 15:52:34 | 000,000,769 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.03.29 19:38:01 | 000,000,262 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2011.03.29 19:37:57 | 000,000,630 | ---- | M] () -- C:\Users\Public\Desktop\Ventrilo.lnk [2011.03.28 01:11:10 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\Global Agenda Launcher.lnk [2011.03.28 00:46:56 | 000,001,002 | -H-- | M] () -- C:\Users\Benjamin\Desktop\Camfrog Video Chat 6.0.lnk [2011.03.28 00:45:41 | 012,470,832 | -H-- | M] () -- C:\Users\Benjamin\Desktop\camfrog_5.5.exe ========== Files Created - No Company Name ========== [2011.04.21 17:33:13 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\rpld.sys [2011.04.21 17:33:13 | 000,000,234 | ---- | C] () -- C:\Windows\System32\pbucn [2011.04.21 16:51:19 | 000,000,756 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.08 18:28:04 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2011.04.03 15:52:33 | 000,000,769 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.03.29 19:37:57 | 000,000,630 | ---- | C] () -- C:\Users\Public\Desktop\Ventrilo.lnk [2011.03.29 19:37:49 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2011.03.28 01:11:10 | 000,000,883 | ---- | C] () -- C:\Users\Public\Desktop\Global Agenda Launcher.lnk [2011.03.28 00:46:56 | 000,001,002 | -H-- | C] () -- C:\Users\Benjamin\Desktop\Camfrog Video Chat 6.0.lnk [2011.03.28 00:45:22 | 012,470,832 | -H-- | C] () -- C:\Users\Benjamin\Desktop\camfrog_5.5.exe [2011.02.03 21:17:27 | 000,000,094 | ---- | C] () -- C:\Windows\Lexstat.ini [2011.02.03 21:14:32 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll [2011.02.03 21:14:32 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll [2010.12.27 19:54:14 | 000,000,032 | -H-- | C] () -- C:\Users\Benjamin\AppData\Local\packet [2010.11.30 22:35:18 | 000,007,605 | -H-- | C] () -- C:\Users\Benjamin\AppData\Local\Resmon.ResmonCfg [2010.08.08 22:39:11 | 000,000,241 | ---- | C] () -- C:\Windows\QSync.INI [2010.08.08 22:37:21 | 000,000,840 | ---- | C] () -- C:\Windows\_delis32.ini [2010.08.08 22:36:19 | 000,081,920 | R--- | C] () -- C:\Windows\bwUnin-6.1.4.36-8876480L.exe [2010.07.01 17:08:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.04.20 13:21:39 | 000,006,656 | -H-- | C] () -- C:\Users\Benjamin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.10 18:30:43 | 000,002,903 | ---- | C] () -- C:\Windows\Cm106.ini.cfg [2010.02.10 18:30:37 | 000,000,748 | ---- | C] () -- C:\Windows\cm106.ini [2010.02.10 18:30:37 | 000,000,601 | ---- | C] () -- C:\Windows\cm106.ini.bak [2009.12.03 09:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009.07.14 10:47:43 | 000,656,484 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,130,826 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,286,024 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,616,990 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,107,112 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007.02.07 19:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini [2007.01.22 10:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll [2006.06.07 15:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll [2006.03.27 13:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll [2006.03.07 13:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll [2006.01.10 19:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll [2006.01.10 19:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll [2005.01.31 10:13:22 | 000,163,328 | ---- | C] () -- C:\Windows\System32\drivers\LV532AV.SYS [2005.01.31 09:37:58 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== Files - Unicode (All) ========== [2010.05.28 18:56:11 | 000,020,480 | -H-- | M] ()(C:\Users\Benjamin\Desktop\Gesu Pr?fung.doc) -- C:\Users\Benjamin\Desktop\Gesu Pr�fung.doc [2010.05.27 18:10:34 | 000,020,480 | -H-- | C] ()(C:\Users\Benjamin\Desktop\Gesu Pr?fung.doc) -- C:\Users\Benjamin\Desktop\Gesu Pr�fung.doc < End of report > --- --- --- OTL2:OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.04.2011 17:38:23 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = D:\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,99 Gb Total Space | 0,86 Gb Free Space | 3,45% Space Free | Partition Type: NTFS
Drive D: | 273,09 Gb Total Space | 25,98 Gb Free Space | 9,51% Space Free | Partition Type: NTFS
Drive E: | 7,73 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: BENJAMIN-NB | User Name: Benjamin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{190297F8-14EC-4ECA-BFAC-72843DBFB382}" = Microsoft SharedView
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}" = Logitech ImageStudio
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{722AF0E9-9BAB-4556-9AA6-B5240D46E4B3}" = Global Agenda Launcher
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - Deutsch
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AFA9D219-A7FD-4240-8793-E5C7C9D715F4}" = IKEA Home Planner
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BA9A297F-0198-4EE8-90CB-F5036C180E1D}" = Novacomd
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}" = ScreenManager Pro for LCD
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DFD7F080-D4BB-4A72-8B19-8FD0CE34F780}" = NetSpeedMonitor 2.4.2.0 x86
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"84713BEB4A2EB4B0E2F1346FDEBFFE94DAB5225D" = Windows Driver Package - Palm (WinUSB) Palm Devices (11/30/2008 1.0.0)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASIO4ALL" = ASIO4ALL
"Atlantica Online" = Atlantica Online
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"Camfrog 6.0" = Camfrog Video Chat 6.0
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DCoder Image Source" = DCoder Image Source (remove only)
"DeskBot_is1" = DeskBot
"DirectVobSub" = DirectVobSub (remove only)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Drumaxx" = Drumaxx
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"FL Studio 9" = FL Studio 9
"Free DVD Video Burner_is1" = Free DVD Video Burner version 2.3
"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 1.6
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"Generic USB 106 Sound" = TerraTec Headset Master 5.1 USB
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen)
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"iTunes Remote Helper_is1" = iTunes Remote Helper 1.73
"Lexmark 1200 Series" = Lexmark 1200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.5.74 (remove only)
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"MobMap_is1" = MobMap 4.01
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1)
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"Pidgin" = Pidgin
"PoiZone" = PoiZone
"Pontifex Demo_is1" = Pontifex Demo 10.19.01
"Postal 2" = Postal 2
"ProgDVB" = ProgDVB
"ProgSatFinder" = Prog Finder
"RealMedia" = RealMedia (remove only)
"ResusSim Prehospital Demo" = ResusSim Prehospital Demo
"Sakura" = Sakura
"Sawer" = Sawer
"SHOUTcast Source" = SHOUTcast Source (remove only)
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = iTunesRemote
"StarCraft II Beta" = StarCraft II Beta
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TIPP10_is1" = TIPP10 Version 2.0.3
"Toxic Biohazard" = Toxic Biohazard
"Tremulous" = Tremulous 1.1.0
"Trillian" = Trillian
"TrueCrypt" = TrueCrypt
"TuneUp Utilities" = TuneUp Utilities
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"Verbindungsassistent" = Verbindungsassistent
"Videora Palm Pre Converter" = Videora Palm Pre Converter 5.04
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"Youtube Music Downloader_is1" = Youtube Music Downloader V3.5
"ZoomPlayer" = Zoom Player (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.04.2011 08:06:54 | Computer Name = Benjamin-NB | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 17.04.2011 11:40:23 | Computer Name = Benjamin-NB | Source = ESENT | ID = 482
Description = wuaueng.dll (980) SUS20ClientDataStore: Versuch, in Datei "C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb"
bei Offset 131072 (0x0000000000020000) für 32768 (0x00008000) Bytes zu schreiben,
ist nach 0 Sekunden mit Systemfehler 112 (0x00000070): "Es steht nicht genug Speicherplatz
auf dem Datenträger zur Verfügung. " fehlgeschlagen. Fehler -1808 (0xfffff8f0)
bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise
beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error - 17.04.2011 14:08:02 | Computer Name = Benjamin-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 17.04.2011 14:08:02 | Computer Name = Benjamin-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15584
Error - 17.04.2011 14:08:02 | Computer Name = Benjamin-NB | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15584
Error - 20.04.2011 18:34:56 | Computer Name = Benjamin-NB | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files\sony
ericsson\sony ericsson pc suite\Drivers\DPInst64.exe". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 20.04.2011 18:35:59 | Computer Name = Benjamin-NB | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search box extension\SrchBxEx.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files\microsoft\search enhancement pack\search box extension\SrchBxEx.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 20.04.2011 18:35:59 | Computer Name = Benjamin-NB | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\SearchHelper.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 20.04.2011 18:35:59 | Computer Name = Benjamin-NB | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\SEPsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
Error - 20.04.2011 18:36:17 | Computer Name = Benjamin-NB | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder
Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
in Zeile 2. Ungültige XML-Syntax.
[ System Events ]
Error - 02.03.2011 18:00:08 | Computer Name = Benjamin-NB | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 07.03.2011 05:38:15 | Computer Name = Benjamin-NB | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 08.03.2011 09:50:52 | Computer Name = Benjamin-NB | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 08.03.2011 18:41:38 | Computer Name = Benjamin-NB | Source = bowser | ID = 8003
Description =
Error - 09.03.2011 05:21:58 | Computer Name = Benjamin-NB | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 09.03.2011 12:37:14 | Computer Name = Benjamin-NB | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?09.?03.?2011 um 16:43:41 unerwartet heruntergefahren.
Error - 11.03.2011 23:51:38 | Computer Name = Benjamin-NB | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 12.03.2011 15:18:49 | Computer Name = Benjamin-NB | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 13.03.2011 09:25:43 | Computer Name = Benjamin-NB | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 15.03.2011 10:36:19 | Computer Name = Benjamin-NB | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
[ TuneUp Events ]
Error - 22.12.2010 04:08:30 | Computer Name = Benjamin-NB | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 22.12.2010 04:08:30 | Computer Name = Benjamin-NB | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
Error - 22.12.2010 04:08:30 | Computer Name = Benjamin-NB | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
< End of report >
Geändert von brote (21.04.2011 um 17:08 Uhr) |
|
21.04.2011, 19:27
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | TR/kazy.mekml, Festplatte beschädigt, Dateien wegZitat:
 Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ |
|
21.04.2011, 20:46
| #3 |
| | TR/kazy.mekml, Festplatte beschädigt, Dateien weg Anscheinend ist der Trojaner weg, aber die Ordner sind noch versteckt und im Startmenü fehlen auch Einträge.
__________________Ich hoffe der ist auch wirklich weg und versteckt sich nicht nur  Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6412 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 21.04.2011 21:44:51 mbam-log-2011-04-21 (21-44-51).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|) Durchsuchte Objekte: 305735 Laufzeit: 58 Minute(n), 38 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
21.04.2011, 21:52
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/kazy.mekml, Festplatte beschädigt, Dateien weg Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.startup.homepage: "http://www.mydtzone.com/startpage|http://go.microsoft.com/fwlink/?LinkId=69157"
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.09.11 01:09:29 | 000,000,047 | -H-- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{299b1013-523f-11e0-ba6d-001e101f2b52}\Shell - "" = AutoRun
O33 - MountPoints2\{299b1013-523f-11e0-ba6d-001e101f2b52}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{37e507aa-4feb-11e0-ae87-001fcf40ac41}\Shell - "" = AutoRun
O33 - MountPoints2\{37e507aa-4feb-11e0-ae87-001fcf40ac41}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{37e507ac-4feb-11e0-ae87-001fcf40ac41}\Shell - "" = AutoRun
O33 - MountPoints2\{37e507ac-4feb-11e0-ae87-001fcf40ac41}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{37e507bb-4feb-11e0-ae87-001fcf40ac41}\Shell - "" = AutoRun
O33 - MountPoints2\{37e507bb-4feb-11e0-ae87-001fcf40ac41}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3b919da8-0768-11df-9993-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3b919da8-0768-11df-9993-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Installer.exe -- [2010.09.11 01:09:30 | 002,508,760 | ---- | M] ()
O33 - MountPoints2\{52bb2ca8-4d77-11e0-b997-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{52bb2ca8-4d77-11e0-b997-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{52bb2cab-4d77-11e0-b997-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{52bb2cab-4d77-11e0-b997-00030d42d6bb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{52bb2cb8-4d77-11e0-b997-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{52bb2cb8-4d77-11e0-b997-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{52bb2cbc-4d77-11e0-b997-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{52bb2cbc-4d77-11e0-b997-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{63cfb91a-67fc-11e0-aa82-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{63cfb91a-67fc-11e0-aa82-00030d42d6bb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{63cfba41-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun
O33 - MountPoints2\{63cfba41-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{63cfba96-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun
O33 - MountPoints2\{63cfba96-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{63cfba98-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun
O33 - MountPoints2\{63cfba98-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{63cfbac4-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun
O33 - MountPoints2\{63cfbac4-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{63cfbac6-67fc-11e0-aa82-001e101f9843}\Shell - "" = AutoRun
O33 - MountPoints2\{63cfbac6-67fc-11e0-aa82-001e101f9843}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{644370d4-4f31-11e0-bedf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{644370d4-4f31-11e0-bedf-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{806e08c9-5e72-11e0-96f1-001fcf40ac41}\Shell - "" = AutoRun
O33 - MountPoints2\{806e08c9-5e72-11e0-96f1-001fcf40ac41}\Shell\AutoRun\command - "" = F:\Autoplay\AutoRun.exe
O33 - MountPoints2\{9430fa80-589a-11e0-a192-001fcf40ac41}\Shell - "" = AutoRun
O33 - MountPoints2\{9430fa80-589a-11e0-a192-001fcf40ac41}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9430fa88-589a-11e0-a192-001fcf40ac41}\Shell - "" = AutoRun
O33 - MountPoints2\{9430fa88-589a-11e0-a192-001fcf40ac41}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9430faac-589a-11e0-a192-001fcf40ac41}\Shell - "" = AutoRun
O33 - MountPoints2\{9430faac-589a-11e0-a192-001fcf40ac41}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9430fae8-589a-11e0-a192-001fcf40ac41}\Shell - "" = AutoRun
O33 - MountPoints2\{9430fae8-589a-11e0-a192-001fcf40ac41}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{973eebcd-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{973eebcd-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{973eebdb-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{973eebdb-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{973eebf8-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{973eebf8-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{973eec0d-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{973eec0d-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{973eed1a-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{973eed1a-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{973eed28-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{973eed28-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{973eed4d-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{973eed4d-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{973eed50-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{973eed50-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{973eed5a-52cc-11e0-9273-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{973eed5a-52cc-11e0-9273-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{aa0254e3-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{aa0254e3-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{aa0254ee-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{aa0254ee-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{aa025509-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{aa025509-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{aa02551c-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{aa02551c-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{aa025527-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{aa025527-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{aa025544-52c1-11e0-b9c0-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{aa025544-52c1-11e0-b9c0-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d40c44b0-52ca-11e0-badb-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{d40c44b0-52ca-11e0-badb-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f3e50db7-bd67-11df-bdb4-00030d42d6bb}\Shell - "" = AutoRun
O33 - MountPoints2\{f3e50db7-bd67-11df-bdb4-00030d42d6bb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
[2011.04.21 17:33:13 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\rpld.sys
[2011.04.21 17:33:13 | 000,000,234 | ---- | M] () -- C:\Windows\System32\pbucn
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.04.2011, 22:02
| #5 |
| | TR/kazy.mekml, Festplatte beschädigt, Dateien weg All processes killed ========== OTL ========== HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Prefs.js: "Bing" removed from browser.search.defaultenginename Prefs.js: "hxxp://www.bing.com/search?FORM=IEFM1&q=" removed from browser.search.defaulturl Prefs.js: "chrf-ytbm" removed from browser.search.param.yahoo-fr Prefs.js: "chrf-ytbm" removed from browser.search.param.yahoo-fr-cjkt Prefs.js: "hxxp://www.mydtzone.com/startpage|hxxp://go.microsoft.com/fwlink/?LinkId=69157" removed from browser.startup.homepage HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. File move failed. E:\autorun.inf scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{299b1013-523f-11e0-ba6d-001e101f2b52}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{299b1013-523f-11e0-ba6d-001e101f2b52}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{299b1013-523f-11e0-ba6d-001e101f2b52}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{299b1013-523f-11e0-ba6d-001e101f2b52}\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37e507aa-4feb-11e0-ae87-001fcf40ac41}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37e507aa-4feb-11e0-ae87-001fcf40ac41}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37e507aa-4feb-11e0-ae87-001fcf40ac41}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37e507aa-4feb-11e0-ae87-001fcf40ac41}\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37e507ac-4feb-11e0-ae87-001fcf40ac41}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37e507ac-4feb-11e0-ae87-001fcf40ac41}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37e507ac-4feb-11e0-ae87-001fcf40ac41}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37e507ac-4feb-11e0-ae87-001fcf40ac41}\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37e507bb-4feb-11e0-ae87-001fcf40ac41}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37e507bb-4feb-11e0-ae87-001fcf40ac41}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37e507bb-4feb-11e0-ae87-001fcf40ac41}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37e507bb-4feb-11e0-ae87-001fcf40ac41}\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b919da8-0768-11df-9993-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b919da8-0768-11df-9993-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b919da8-0768-11df-9993-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3b919da8-0768-11df-9993-806e6f6e6963}\ not found. File move failed. E:\Installer.exe scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bb2ca8-4d77-11e0-b997-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bb2ca8-4d77-11e0-b997-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bb2ca8-4d77-11e0-b997-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bb2ca8-4d77-11e0-b997-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bb2cab-4d77-11e0-b997-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bb2cab-4d77-11e0-b997-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bb2cab-4d77-11e0-b997-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bb2cab-4d77-11e0-b997-00030d42d6bb}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bb2cb8-4d77-11e0-b997-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bb2cb8-4d77-11e0-b997-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bb2cb8-4d77-11e0-b997-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bb2cb8-4d77-11e0-b997-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bb2cbc-4d77-11e0-b997-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bb2cbc-4d77-11e0-b997-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52bb2cbc-4d77-11e0-b997-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52bb2cbc-4d77-11e0-b997-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfb91a-67fc-11e0-aa82-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfb91a-67fc-11e0-aa82-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfb91a-67fc-11e0-aa82-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfb91a-67fc-11e0-aa82-00030d42d6bb}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfba41-67fc-11e0-aa82-001e101f9843}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfba41-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfba41-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfba41-67fc-11e0-aa82-001e101f9843}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfba96-67fc-11e0-aa82-001e101f9843}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfba96-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfba96-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfba96-67fc-11e0-aa82-001e101f9843}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfba98-67fc-11e0-aa82-001e101f9843}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfba98-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfba98-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfba98-67fc-11e0-aa82-001e101f9843}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfbac4-67fc-11e0-aa82-001e101f9843}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfbac4-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfbac4-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfbac4-67fc-11e0-aa82-001e101f9843}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfbac6-67fc-11e0-aa82-001e101f9843}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfbac6-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63cfbac6-67fc-11e0-aa82-001e101f9843}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63cfbac6-67fc-11e0-aa82-001e101f9843}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{644370d4-4f31-11e0-bedf-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{644370d4-4f31-11e0-bedf-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{644370d4-4f31-11e0-bedf-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{644370d4-4f31-11e0-bedf-806e6f6e6963}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{806e08c9-5e72-11e0-96f1-001fcf40ac41}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{806e08c9-5e72-11e0-96f1-001fcf40ac41}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{806e08c9-5e72-11e0-96f1-001fcf40ac41}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{806e08c9-5e72-11e0-96f1-001fcf40ac41}\ not found. File F:\Autoplay\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9430fa80-589a-11e0-a192-001fcf40ac41}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9430fa80-589a-11e0-a192-001fcf40ac41}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9430fa80-589a-11e0-a192-001fcf40ac41}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9430fa80-589a-11e0-a192-001fcf40ac41}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9430fa88-589a-11e0-a192-001fcf40ac41}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9430fa88-589a-11e0-a192-001fcf40ac41}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9430fa88-589a-11e0-a192-001fcf40ac41}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9430fa88-589a-11e0-a192-001fcf40ac41}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9430faac-589a-11e0-a192-001fcf40ac41}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9430faac-589a-11e0-a192-001fcf40ac41}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9430faac-589a-11e0-a192-001fcf40ac41}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9430faac-589a-11e0-a192-001fcf40ac41}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9430fae8-589a-11e0-a192-001fcf40ac41}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9430fae8-589a-11e0-a192-001fcf40ac41}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9430fae8-589a-11e0-a192-001fcf40ac41}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9430fae8-589a-11e0-a192-001fcf40ac41}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eebcd-52cc-11e0-9273-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eebcd-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eebcd-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eebcd-52cc-11e0-9273-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eebdb-52cc-11e0-9273-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eebdb-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eebdb-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eebdb-52cc-11e0-9273-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eebf8-52cc-11e0-9273-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eebf8-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eebf8-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eebf8-52cc-11e0-9273-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eec0d-52cc-11e0-9273-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eec0d-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eec0d-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eec0d-52cc-11e0-9273-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed1a-52cc-11e0-9273-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed1a-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed1a-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed1a-52cc-11e0-9273-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed28-52cc-11e0-9273-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed28-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed28-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed28-52cc-11e0-9273-00030d42d6bb}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed4d-52cc-11e0-9273-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed4d-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed4d-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed4d-52cc-11e0-9273-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed50-52cc-11e0-9273-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed50-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed50-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed50-52cc-11e0-9273-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed5a-52cc-11e0-9273-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed5a-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{973eed5a-52cc-11e0-9273-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{973eed5a-52cc-11e0-9273-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa0254e3-52c1-11e0-b9c0-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa0254e3-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa0254e3-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa0254e3-52c1-11e0-b9c0-00030d42d6bb}\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa0254ee-52c1-11e0-b9c0-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa0254ee-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa0254ee-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa0254ee-52c1-11e0-b9c0-00030d42d6bb}\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa025509-52c1-11e0-b9c0-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa025509-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa025509-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa025509-52c1-11e0-b9c0-00030d42d6bb}\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa02551c-52c1-11e0-b9c0-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa02551c-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa02551c-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa02551c-52c1-11e0-b9c0-00030d42d6bb}\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa025527-52c1-11e0-b9c0-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa025527-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa025527-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa025527-52c1-11e0-b9c0-00030d42d6bb}\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa025544-52c1-11e0-b9c0-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa025544-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa025544-52c1-11e0-b9c0-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa025544-52c1-11e0-b9c0-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d40c44b0-52ca-11e0-badb-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40c44b0-52ca-11e0-badb-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d40c44b0-52ca-11e0-badb-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40c44b0-52ca-11e0-badb-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3e50db7-bd67-11df-bdb4-00030d42d6bb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3e50db7-bd67-11df-bdb4-00030d42d6bb}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3e50db7-bd67-11df-bdb4-00030d42d6bb}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3e50db7-bd67-11df-bdb4-00030d42d6bb}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found. File F:\setup_vmc_lite.exe /checkApplicationPresence not found. File C:\Windows\System32\drivers\rpld.sys not found. File C:\Windows\System32\pbucn not found. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Benjamin ->Temp folder emptied: 600638 bytes ->Temporary Internet Files folder emptied: 3655949 bytes ->Java cache emptied: 4649170 bytes ->FireFox cache emptied: 54819093 bytes ->Flash cache emptied: 63891 bytes User: Benjamin2 ->Temp folder emptied: 9202178 bytes ->Temporary Internet Files folder emptied: 6751679 bytes ->FireFox cache emptied: 45661898 bytes ->Flash cache emptied: 2530 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56504 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Gast ->Temp folder emptied: 4253753 bytes ->Temporary Internet Files folder emptied: 95085 bytes ->FireFox cache emptied: 69722595 bytes ->Flash cache emptied: 815 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 2088662 bytes RecycleBin emptied: 6818103 bytes Total Files Cleaned = 199,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 04212011_225631 Files\Folders moved on Reboot... File move failed. E:\autorun.inf scheduled to be moved on reboot. File move failed. E:\Installer.exe scheduled to be moved on reboot. Registry entries deleted on Reboot... |
|
21.04.2011, 22:32
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/kazy.mekml, Festplatte beschädigt, Dateien weg Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ --> TR/kazy.mekml, Festplatte beschädigt, Dateien weg |
|
21.04.2011, 22:37
| #7 |
| | TR/kazy.mekml, Festplatte beschädigt, Dateien weg Das Log des Programms ist nach ausführen komplett leer! |
|
21.04.2011, 22:58
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/kazy.mekml, Festplatte beschädigt, Dateien weg Du hast es auch nach Anleitung und mit Adminrechten ausgeführt?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.04.2011, 23:04
| #9 |
| | TR/kazy.mekml, Festplatte beschädigt, Dateien weg Alles wies da stand! Auf den Desktop gepackt, mit Adminrechten gestartet, gescannt und nach dem Scan geht ja dann ein Fenster auf und da steht der hat nichts gefunden! Das einzige was ich habe ist der Report beim Programmstart: 2011/04/22 00:00:49.0939 4124 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/04/22 00:00:50.0190 4124 ================================================================================ 2011/04/22 00:00:50.0190 4124 SystemInfo: 2011/04/22 00:00:50.0190 4124 2011/04/22 00:00:50.0190 4124 OS Version: 6.1.7600 ServicePack: 0.0 2011/04/22 00:00:50.0190 4124 Product type: Workstation 2011/04/22 00:00:50.0190 4124 ComputerName: BENJAMIN-NB 2011/04/22 00:00:50.0191 4124 UserName: Benjamin 2011/04/22 00:00:50.0191 4124 Windows directory: C:\Windows 2011/04/22 00:00:50.0191 4124 System windows directory: C:\Windows 2011/04/22 00:00:50.0191 4124 Processor architecture: Intel x86 2011/04/22 00:00:50.0191 4124 Number of processors: 2 2011/04/22 00:00:50.0191 4124 Page size: 0x1000 2011/04/22 00:00:50.0191 4124 Boot type: Normal boot 2011/04/22 00:00:50.0191 4124 ================================================================================ 2011/04/22 00:00:50.0665 4124 Initialize success 2011/04/22 00:00:53.0286 4584 ================================================================================ 2011/04/22 00:00:53.0286 4584 Scan started 2011/04/22 00:00:53.0286 4584 Mode: Manual; 2011/04/22 00:00:53.0286 4584 ================================================================================ 2011/04/22 00:00:53.0951 4584 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/04/22 00:00:54.0003 4584 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 2011/04/22 00:00:54.0044 4584 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/04/22 00:00:54.0104 4584 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/04/22 00:00:54.0130 4584 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 2011/04/22 00:00:54.0151 4584 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 2011/04/22 00:00:54.0217 4584 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys 2011/04/22 00:00:54.0248 4584 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 2011/04/22 00:00:54.0295 4584 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 2011/04/22 00:00:54.0346 4584 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 2011/04/22 00:00:54.0379 4584 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 2011/04/22 00:00:54.0410 4584 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 2011/04/22 00:00:54.0452 4584 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 2011/04/22 00:00:54.0484 4584 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 2011/04/22 00:00:54.0520 4584 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys 2011/04/22 00:00:54.0551 4584 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/04/22 00:00:54.0576 4584 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys 2011/04/22 00:00:54.0634 4584 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 2011/04/22 00:00:54.0712 4584 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 2011/04/22 00:00:54.0745 4584 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 2011/04/22 00:00:54.0797 4584 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/04/22 00:00:54.0818 4584 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 2011/04/22 00:00:54.0901 4584 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) D:\Programme\Avira\AntiVir Desktop\avgio.sys 2011/04/22 00:00:54.0941 4584 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/04/22 00:00:54.0983 4584 avipbb (6d52060b59e7d79cd2a044b6add1f1ef) C:\Windows\system32\DRIVERS\avipbb.sys 2011/04/22 00:00:55.0070 4584 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 2011/04/22 00:00:55.0117 4584 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/04/22 00:00:55.0167 4584 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/04/22 00:00:55.0223 4584 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/04/22 00:00:55.0268 4584 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys 2011/04/22 00:00:55.0295 4584 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/04/22 00:00:55.0324 4584 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/04/22 00:00:55.0351 4584 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/04/22 00:00:55.0384 4584 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/04/22 00:00:55.0418 4584 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/04/22 00:00:55.0441 4584 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/04/22 00:00:55.0491 4584 BthAvrcp (db99076533ffb38cbec8ac88e4535850) C:\Windows\system32\DRIVERS\BthAvrcp.sys 2011/04/22 00:00:55.0550 4584 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/04/22 00:00:55.0582 4584 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/04/22 00:00:55.0609 4584 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys 2011/04/22 00:00:55.0774 4584 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys 2011/04/22 00:00:55.0826 4584 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys 2011/04/22 00:00:55.0871 4584 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/04/22 00:00:55.0950 4584 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 2011/04/22 00:00:55.0990 4584 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 2011/04/22 00:00:56.0032 4584 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/04/22 00:00:56.0071 4584 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/04/22 00:00:56.0107 4584 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 2011/04/22 00:00:56.0145 4584 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/04/22 00:00:56.0178 4584 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 2011/04/22 00:00:56.0219 4584 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/04/22 00:00:56.0268 4584 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/04/22 00:00:56.0339 4584 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 2011/04/22 00:00:56.0398 4584 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys 2011/04/22 00:00:56.0425 4584 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/04/22 00:00:56.0470 4584 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 2011/04/22 00:00:56.0541 4584 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/04/22 00:00:56.0586 4584 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 2011/04/22 00:00:56.0654 4584 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 2011/04/22 00:00:56.0769 4584 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 2011/04/22 00:00:56.0851 4584 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 2011/04/22 00:00:56.0885 4584 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 2011/04/22 00:00:56.0985 4584 ewusbnet (7c18a6c99f4119d361a5ca028e788648) C:\Windows\system32\DRIVERS\ewusbnet.sys 2011/04/22 00:00:57.0022 4584 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/04/22 00:00:57.0054 4584 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/04/22 00:00:57.0103 4584 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 2011/04/22 00:00:57.0145 4584 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/04/22 00:00:57.0171 4584 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/04/22 00:00:57.0197 4584 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/04/22 00:00:57.0241 4584 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/04/22 00:00:57.0280 4584 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/04/22 00:00:57.0321 4584 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys 2011/04/22 00:00:57.0358 4584 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/04/22 00:00:57.0424 4584 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 2011/04/22 00:00:57.0475 4584 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/04/22 00:00:57.0513 4584 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/04/22 00:00:57.0569 4584 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys 2011/04/22 00:00:57.0604 4584 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys 2011/04/22 00:00:57.0638 4584 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/04/22 00:00:57.0728 4584 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys 2011/04/22 00:00:57.0779 4584 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/04/22 00:00:57.0814 4584 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/04/22 00:00:57.0846 4584 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 2011/04/22 00:00:57.0885 4584 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 2011/04/22 00:00:57.0937 4584 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 2011/04/22 00:00:57.0994 4584 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/04/22 00:00:58.0043 4584 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 2011/04/22 00:00:58.0139 4584 hwdatacard (988c0a49f09d75d3341cb419141793c1) C:\Windows\system32\DRIVERS\ewusbmdm.sys 2011/04/22 00:00:58.0162 4584 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 2011/04/22 00:00:58.0245 4584 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/04/22 00:00:58.0294 4584 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/04/22 00:00:58.0327 4584 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 2011/04/22 00:00:58.0467 4584 IntcAzAudAddService (a9d92a2d9f583892c91202502d979be1) C:\Windows\system32\drivers\RTKVHDA.sys 2011/04/22 00:00:58.0548 4584 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 2011/04/22 00:00:58.0593 4584 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/04/22 00:00:58.0628 4584 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/04/22 00:00:58.0677 4584 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/04/22 00:00:58.0709 4584 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/04/22 00:00:58.0758 4584 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/04/22 00:00:58.0793 4584 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 2011/04/22 00:00:58.0823 4584 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/04/22 00:00:58.0866 4584 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/04/22 00:00:58.0899 4584 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/04/22 00:00:58.0936 4584 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys 2011/04/22 00:00:58.0981 4584 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys 2011/04/22 00:00:59.0053 4584 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/04/22 00:00:59.0108 4584 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/04/22 00:00:59.0139 4584 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/04/22 00:00:59.0164 4584 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/04/22 00:00:59.0196 4584 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/04/22 00:00:59.0224 4584 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/04/22 00:00:59.0287 4584 LVUSBSta (a730fc8671a60666d6e877c544dd7cd4) C:\Windows\system32\drivers\lvusbsta.sys 2011/04/22 00:00:59.0394 4584 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 2011/04/22 00:00:59.0435 4584 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/04/22 00:00:59.0469 4584 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/04/22 00:00:59.0529 4584 MODEMCSA (25483f9d590d5f00bd951e1181453ec2) C:\Windows\system32\drivers\MODEMCSA.sys 2011/04/22 00:00:59.0566 4584 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/04/22 00:00:59.0605 4584 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2011/04/22 00:00:59.0655 4584 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/04/22 00:00:59.0679 4584 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 2011/04/22 00:00:59.0716 4584 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 2011/04/22 00:00:59.0748 4584 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/04/22 00:00:59.0782 4584 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 2011/04/22 00:00:59.0839 4584 mrxsmb (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/04/22 00:00:59.0869 4584 mrxsmb10 (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/04/22 00:00:59.0896 4584 mrxsmb20 (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/04/22 00:00:59.0931 4584 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 2011/04/22 00:00:59.0960 4584 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 2011/04/22 00:01:00.0012 4584 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/04/22 00:01:00.0041 4584 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/04/22 00:01:00.0060 4584 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/04/22 00:01:00.0115 4584 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/04/22 00:01:00.0147 4584 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/04/22 00:01:00.0171 4584 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/04/22 00:01:00.0197 4584 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/04/22 00:01:00.0235 4584 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/04/22 00:01:00.0267 4584 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/04/22 00:01:00.0299 4584 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/04/22 00:01:00.0324 4584 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/04/22 00:01:00.0374 4584 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/04/22 00:01:00.0429 4584 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 2011/04/22 00:01:00.0466 4584 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/04/22 00:01:00.0502 4584 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/04/22 00:01:00.0534 4584 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/04/22 00:01:00.0567 4584 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/04/22 00:01:00.0593 4584 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 2011/04/22 00:01:00.0626 4584 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/04/22 00:01:00.0658 4584 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 2011/04/22 00:01:01.0048 4584 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys 2011/04/22 00:01:01.0178 4584 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/04/22 00:01:01.0260 4584 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/04/22 00:01:01.0287 4584 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/04/22 00:01:01.0338 4584 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys 2011/04/22 00:01:01.0368 4584 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/04/22 00:01:01.0564 4584 nvlddmkm (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/04/22 00:01:01.0728 4584 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/04/22 00:01:01.0762 4584 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys 2011/04/22 00:01:01.0795 4584 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/04/22 00:01:01.0828 4584 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/04/22 00:01:01.0907 4584 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/04/22 00:01:01.0939 4584 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys 2011/04/22 00:01:01.0970 4584 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/04/22 00:01:01.0995 4584 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 2011/04/22 00:01:02.0025 4584 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 2011/04/22 00:01:02.0054 4584 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/04/22 00:01:02.0075 4584 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/04/22 00:01:02.0121 4584 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/04/22 00:01:02.0213 4584 PID_0920 (a937c4e37c0c1003ce5fca1e5e103fdc) C:\Windows\system32\DRIVERS\LV532AV.SYS 2011/04/22 00:01:02.0289 4584 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/04/22 00:01:02.0319 4584 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 2011/04/22 00:01:02.0380 4584 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/04/22 00:01:02.0446 4584 QCDonner (b1ad87b4c97b6b59fcd075001e76865f) C:\Windows\system32\DRIVERS\LVCD.sys 2011/04/22 00:01:02.0513 4584 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 2011/04/22 00:01:02.0561 4584 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/04/22 00:01:02.0588 4584 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/04/22 00:01:02.0620 4584 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/04/22 00:01:02.0688 4584 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/04/22 00:01:02.0727 4584 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/04/22 00:01:02.0759 4584 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/04/22 00:01:02.0786 4584 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/04/22 00:01:02.0816 4584 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 2011/04/22 00:01:02.0841 4584 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/04/22 00:01:02.0861 4584 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/04/22 00:01:02.0913 4584 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 2011/04/22 00:01:02.0958 4584 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/04/22 00:01:02.0995 4584 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/04/22 00:01:03.0035 4584 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys 2011/04/22 00:01:03.0070 4584 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 2011/04/22 00:01:03.0139 4584 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/04/22 00:01:03.0209 4584 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/04/22 00:01:03.0273 4584 RTL8167 (80b66a4181f782884a815e69d0afa743) C:\Windows\system32\DRIVERS\Rt86win7.sys 2011/04/22 00:01:03.0328 4584 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys 2011/04/22 00:01:03.0359 4584 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\Windows\system32\DRIVERS\s0016mdfl.sys 2011/04/22 00:01:03.0392 4584 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\Windows\system32\DRIVERS\s0016mdm.sys 2011/04/22 00:01:03.0430 4584 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\Windows\system32\DRIVERS\s0016mgmt.sys 2011/04/22 00:01:03.0461 4584 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\Windows\system32\DRIVERS\s0016nd5.sys 2011/04/22 00:01:03.0498 4584 s0016obex (36792935847143e4a3cda0dc87248487) C:\Windows\system32\DRIVERS\s0016obex.sys 2011/04/22 00:01:03.0542 4584 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\Windows\system32\DRIVERS\s0016unic.sys 2011/04/22 00:01:03.0579 4584 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 2011/04/22 00:01:03.0633 4584 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/04/22 00:01:03.0669 4584 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 2011/04/22 00:01:03.0719 4584 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/04/22 00:01:03.0779 4584 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys 2011/04/22 00:01:03.0825 4584 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/04/22 00:01:03.0853 4584 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/04/22 00:01:03.0893 4584 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 2011/04/22 00:01:03.0937 4584 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/04/22 00:01:03.0972 4584 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/04/22 00:01:04.0008 4584 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/04/22 00:01:04.0042 4584 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/04/22 00:01:04.0137 4584 Sftfs (cc895997c0995a07b6b2779a3b21918b) C:\Windows\system32\DRIVERS\Sftfslh.sys 2011/04/22 00:01:04.0192 4584 Sftplay (cf5e9798637795db59697f5e40fca993) C:\Windows\system32\DRIVERS\Sftplaylh.sys 2011/04/22 00:01:04.0245 4584 Sftredir (4c8076ff8938b365eeec9123969e0350) C:\Windows\system32\DRIVERS\Sftredirlh.sys 2011/04/22 00:01:04.0268 4584 Sftvol (6095a5f221eca9dada2c9ee80ec0d92d) C:\Windows\system32\DRIVERS\Sftvollh.sys 2011/04/22 00:01:04.0331 4584 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys 2011/04/22 00:01:04.0377 4584 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/04/22 00:01:04.0413 4584 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/04/22 00:01:04.0462 4584 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/04/22 00:01:04.0547 4584 smserial (859e3adc59d1c89a66aa6492c14d379e) C:\Windows\system32\DRIVERS\smserial.sys 2011/04/22 00:01:04.0604 4584 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/04/22 00:01:04.0678 4584 srv (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys 2011/04/22 00:01:04.0716 4584 srv2 (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys 2011/04/22 00:01:04.0748 4584 srvnet (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys 2011/04/22 00:01:04.0799 4584 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/04/22 00:01:04.0838 4584 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 2011/04/22 00:01:04.0880 4584 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 2011/04/22 00:01:04.0915 4584 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 2011/04/22 00:01:04.0944 4584 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 2011/04/22 00:01:05.0036 4584 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys 2011/04/22 00:01:05.0100 4584 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys 2011/04/22 00:01:05.0137 4584 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 2011/04/22 00:01:05.0170 4584 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 2011/04/22 00:01:05.0201 4584 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys 2011/04/22 00:01:05.0228 4584 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 2011/04/22 00:01:05.0252 4584 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 2011/04/22 00:01:05.0363 4584 truecrypt (aceb4f4f83b895e15c8c1a2f55009783) C:\Windows\system32\drivers\truecrypt.sys 2011/04/22 00:01:05.0401 4584 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/04/22 00:01:05.0465 4584 TTCinergyT2 (a4a06dda70c8e7439c08b501408ad9d7) C:\Windows\system32\drivers\TTCinergyT2BDA.sys 2011/04/22 00:01:05.0528 4584 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 2011/04/22 00:01:05.0556 4584 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 2011/04/22 00:01:05.0586 4584 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 2011/04/22 00:01:05.0642 4584 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/04/22 00:01:05.0684 4584 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 2011/04/22 00:01:05.0722 4584 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 2011/04/22 00:01:05.0793 4584 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys 2011/04/22 00:01:05.0856 4584 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys 2011/04/22 00:01:05.0890 4584 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/04/22 00:01:05.0925 4584 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 2011/04/22 00:01:05.0948 4584 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys 2011/04/22 00:01:06.0005 4584 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys 2011/04/22 00:01:06.0035 4584 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 2011/04/22 00:01:06.0075 4584 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 2011/04/22 00:01:06.0146 4584 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 2011/04/22 00:01:06.0176 4584 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/04/22 00:01:06.0201 4584 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/04/22 00:01:06.0256 4584 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/04/22 00:01:06.0297 4584 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/04/22 00:01:06.0328 4584 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/04/22 00:01:06.0366 4584 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/04/22 00:01:06.0405 4584 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 2011/04/22 00:01:06.0441 4584 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 2011/04/22 00:01:06.0476 4584 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 2011/04/22 00:01:06.0522 4584 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 2011/04/22 00:01:06.0556 4584 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 2011/04/22 00:01:06.0575 4584 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/04/22 00:01:06.0605 4584 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/04/22 00:01:06.0630 4584 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 2011/04/22 00:01:06.0691 4584 vpcbus (33e74df34753fcaab06f6f2bdc8cabf5) C:\Windows\system32\DRIVERS\vpchbus.sys 2011/04/22 00:01:06.0759 4584 vpcnfltr (5f04362ceb5fb5901037e9d9eadd3760) C:\Windows\system32\DRIVERS\vpcnfltr.sys 2011/04/22 00:01:06.0789 4584 vpcusb (625088d6ee9ede977fd03cf18d1cd5c5) C:\Windows\system32\DRIVERS\vpcusb.sys 2011/04/22 00:01:06.0838 4584 vpcuxd (f49c0d1f8dae860ee47e5f34ac0f6008) C:\Windows\system32\DRIVERS\vpcuxd.sys 2011/04/22 00:01:06.0903 4584 vpcvmm (5ed378d91e32134f3c0b3810860ffd71) C:\Windows\system32\drivers\vpcvmm.sys 2011/04/22 00:01:06.0952 4584 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/04/22 00:01:06.0984 4584 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 2011/04/22 00:01:07.0045 4584 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 2011/04/22 00:01:07.0089 4584 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/22 00:01:07.0102 4584 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/22 00:01:07.0169 4584 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 2011/04/22 00:01:07.0199 4584 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/04/22 00:01:07.0279 4584 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/04/22 00:01:07.0310 4584 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/04/22 00:01:07.0408 4584 WinUSB (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUSB.sys 2011/04/22 00:01:07.0449 4584 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/04/22 00:01:07.0511 4584 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/04/22 00:01:07.0590 4584 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 2011/04/22 00:01:07.0634 4584 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/04/22 00:01:07.0766 4584 ================================================================================ 2011/04/22 00:01:07.0766 4584 Scan finished 2011/04/22 00:01:07.0766 4584 ================================================================================ |
|
22.04.2011, 11:47
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/kazy.mekml, Festplatte beschädigt, Dateien weg Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.04.2011, 12:28
| #11 |
| | TR/kazy.mekml, Festplatte beschädigt, Dateien weg Combofix Logfile: Code:
ATTFilter ComboFix 11-04-21.04 - Benjamin 22.04.2011 13:17:00.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.2046.1331 [GMT 2:00]
ausgeführt von:: c:\users\Benjamin\Desktop\cofi.exe.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\hpeA454.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-03-22 bis 2011-04-22 ))))))))))))))))))))))))))))))
.
.
2011-04-22 11:22 . 2011-04-22 11:23 -------- d-----w- c:\users\Benjamin\AppData\Local\temp
2011-04-22 11:22 . 2011-04-22 11:22 -------- d-----w- c:\users\Gast\AppData\Local\temp
2011-04-22 11:22 . 2011-04-22 11:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-22 11:22 . 2011-04-22 11:22 -------- d-----w- c:\users\Benjamin2\AppData\Local\temp
2011-04-21 16:47 . 2011-04-21 16:47 -------- d-----w- c:\program files\CCleaner
2011-04-21 15:08 . 2011-04-21 15:08 -------- d-----w- c:\users\Benjamin2\AppData\Roaming\Malwarebytes
2011-04-21 14:51 . 2011-04-21 14:51 -------- d--h--w- c:\users\Benjamin\AppData\Roaming\Malwarebytes
2011-04-21 14:51 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-21 14:51 . 2011-04-21 14:51 -------- d--h--w- c:\programdata\Malwarebytes
2011-04-21 14:51 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-11 17:08 . 1999-12-17 06:13 86016 ----a-w- c:\windows\unvise32.exe
2011-04-08 16:28 . 2011-04-08 16:28 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-08 16:28 . 2011-04-08 16:28 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-04-08 16:27 . 2011-04-08 16:31 -------- d--h--w- c:\users\Benjamin\AppData\Roaming\DAEMON Tools Lite
2011-04-08 16:27 . 2011-04-08 16:27 -------- d--h--w- c:\programdata\DAEMON Tools Lite
2011-04-03 16:29 . 2011-04-14 12:20 -------- d--h--w- c:\programdata\VirtualizedApplications
2011-04-03 14:18 . 2011-04-03 14:18 -------- d--h--w- c:\users\Benjamin\AppData\Local\SoftGrid Client
2011-04-03 14:17 . 2011-04-21 12:57 -------- d--h--w- c:\users\Benjamin\AppData\Roaming\SoftGrid Client
2011-04-03 14:16 . 2011-04-04 04:00 -------- d-----w- c:\program files\Microsoft Application Virtualization Client
2011-04-03 14:15 . 2011-04-03 14:19 -------- d--h--w- c:\users\Benjamin\AppData\Roaming\TP
2011-03-29 17:38 . 2011-03-29 18:34 -------- d--h--w- c:\users\Benjamin\AppData\Roaming\Ventrilo
2011-03-27 23:11 . 2011-03-27 23:11 -------- d--h--w- c:\users\Benjamin\AppData\Roaming\Hi-Rez Studios
2011-03-27 23:11 . 2011-04-21 16:15 -------- d--h--w- c:\programdata\Hi-Rez Studios
2011-03-27 16:51 . 2011-03-27 16:51 -------- d--h--w- c:\users\Benjamin\AppData\Local\CrashRpt
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-18 14:55 . 2011-03-18 14:55 8464 ----a-w- c:\windows\system32\SpOrder.dll
2011-02-19 05:33 . 2011-03-09 11:49 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 05:32 . 2011-03-09 11:49 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 05:32 . 2011-03-09 11:49 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-11 06:54 . 2011-03-08 14:02 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9AB3F3FA-78B9-403F-8353-EDCC065B3D7D}\mpengine.dll
2011-02-03 05:45 . 2011-02-10 16:30 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-02 16:11 . 2010-01-22 15:42 222080 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 92704]
"Malwarebytes' Anti-Malware (reboot)"="d:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
.
c:\users\Benjamin2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
.
c:\users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
.
c:\users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-12-15 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^Benjamin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccip.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-12-14 16:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2009-03-02 11:08 209153 ----a-w- d:\programme\Avira\AntiVir Desktop\avgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camfrog]
2010-12-16 12:22 54664 ----a-w- d:\program files\Camfrog\Camfrog Video Chat\CamfrogNET.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-01 06:39 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-01-25 14:08 421160 ----a-w- d:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechGalleryRepair]
2002-12-10 16:32 155648 ----a-w- d:\program files\Logitech\ImageStudio\ISStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechImageStudioTray]
2002-12-10 16:31 61440 ----a-w- d:\program files\Logitech\ImageStudio\LogiTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
2002-12-10 15:54 127022 ----a-w- c:\program files\Common Files\Logitech\QCDriver3\LVComS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-01-30 07:12 13605408 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-01-30 07:12 92704 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QCDriverInstaller]
2002-12-10 16:34 638976 ----a-w- c:\progra~1\COMMON~1\Logitech\QCDRIV~2\Lqdsw.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote Control Editor]
2010-06-09 09:47 1689088 ----a-w- c:\program files\Common Files\TerraTec\Remote\TTTvRc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-01-19 18:10 8452640 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScreenManager Pro for LCD]
2009-03-02 04:07 12080424 ----a-w- d:\program files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-07-14 01:14 1173504 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-03 14:44 15028104 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2009-10-26 13:46 1458176 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-11-20 08:17 434176 ----a-w- d:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LDM"=c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe"
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 OMSI download service;Sony Ericsson OMSI download service;d:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-03-31 198656]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-07-29 13224]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\DRIVERS\LV532AV.SYS [2005-01-31 163328]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 TTCinergyT2;TerraTec Cinergy T² (BDA);c:\windows\system32\drivers\TTCinergyT2BDA.sys [2005-10-06 22528]
R3 vpcuxd;USB-Virtualisierungsstubdienst;c:\windows\system32\DRIVERS\vpcuxd.sys [2009-09-23 12800]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-27 1343400]
R4 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-08 218688]
S2 AntiVirSchedulerService;Avira AntiVir Planer;d:\programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacom\x86\novacomd.exe [2010-01-12 33792]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-23 483688]
S2 WTGService;WTGService;d:\program files\Verbindungsassistent\wtgservice.exe [2010-09-11 329168]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-07-29 27632]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-23 550760]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-23 195944]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-23 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-23 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-23 209768]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - KLMD25
*Deregistered* - klmd25
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uInternet Settings,ProxyOverride = localhost;*.local
IE: Read with DeskBot - d:\program files\BellCraft.com\DeskBot\DeskBot.htm
FF - ProfilePath - c:\users\Benjamin\AppData\Roaming\Mozilla\Firefox\Profiles\os8yk4py.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-lxczbmgr - c:\program files\Lexmark 1200 Series\lxczbmgr.exe
MSConfigStartUp-Messenger (Yahoo!) - c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-04-22 13:27:29
ComboFix-quarantined-files.txt 2011-04-22 11:27
.
Vor Suchlauf: 1.971.699.712 Bytes frei
Nach Suchlauf: 1.875.353.600 Bytes frei
.
- - End Of File - - 685935A3513C5C27133132C52E515F31
|
|
22.04.2011, 12:38
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/kazy.mekml, Festplatte beschädigt, Dateien weg Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu TR/kazy.mekml, Festplatte beschädigt, Dateien weg |
| anti-malware, appdata, avgntflt.sys, avira, beschädigt, bluescreen, dateien, dateien weg, desktop, explorer, festplatte, festplatte beschädigt, hallo zusammen, hängt, infiziert, install.exe, kazy.mekml, langs, location, logfile, löschen, microsoft, mozilla thunderbird, nicht gefunden, nvlddmkm.sys, oldtimer, otl.exe, plug-in, rechner, regedit.exe, remote control, richtlinie, saver, schattenkopien, sched.exe, searchplugins, shell, shell32.dll, software, start menu, taskhost.exe, temp, trojan.fakealert, trojan.zbotr.gen, trojaner, version, video converter, webcheck, windows, windows 7 |
Linear-Darstellung
