| |
| |||||||
Log-Analyse und Auswertung: sshnas21.dll, Irl.exe , Irk.exe , Ire.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.05.2011, 19:42
| #1 |
 |  sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Hallo! Ich bin durch das web gesurft, wollte ein web-radio anhören, Da stand " Your flash player is out-dated, please download the latest version .. DOWNLOAD" Wie leichtsinnig Ich manchmal bin, hab ich natürlich drauf geklickt und das runter geladen, installiert & mein Avira hat gemeldet "Fund in C://WINDOWS/sshnas21.dll" Hab auf entfernen geklickt, soweit so gut.. Hab dann gegooglet was das ist, und dabei sind jede 1-2 minuten pop-ups aufgetaucht, und in meinem Task manager waren Irl.exe , Irk.exe und Ire.exe Mein internet hat auch ständig irgendwas hoch geladen, also hab ich die prozess strukturen beendet. Es hat aufgehört. Bin dann auf euer forum gestoßen, und hab mir die "Hilfe für Alle" Durchgelesen und auch alles gemacht. Bis jetzt is alles wieder i.O. Logs: hxxp://www.mediafire.com/?38aidv28i65idnk Kanns nich posten, trennt dann die verbindung.. weiß nicht warum Geändert von Balli (06.05.2011 um 20:36 Uhr) |
|
06.05.2011, 21:13
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ |
|
07.05.2011, 07:55
| #3 |
| | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Hey!
__________________Ok, habs durch laufen lassen.. Avira und Malwarebytes.. ist ne menge zusammen gekommen :/ Log: Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6520
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
07.05.2011 08:47:26
mbam-log-2011-05-07 (08-47-26).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 264769
Laufzeit: 2 Stunde(n), 22 Minute(n), 54 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 28
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 5
Infizierte Dateien: 14
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AMService (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451c-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WhiteSmoke (PUP.Whitesmoke) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WhiteSmoke (PUP.Whitesmoke) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
c:\dokumente und einstellungen\all users\anwendungsdaten\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\***\anwendungsdaten\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\startmenü\programme\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\***\anwendungsdaten\whitesmoke (PUP.WhiteSmoke) -> Quarantined and deleted successfully.
Infizierte Dateien:
c:\WINDOWS\Temp\txrb\setup.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b62ecb9d-994a-4501-9a56-9077a2c1f7ba}\RP356\A0702739.exe (HackTool.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\anwendungsdaten\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\startmenü\programme\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\startmenü\programme\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\all users\startmenü\programme\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\***\anwendungsdaten\whitesmoke\stat.log (PUP.WhiteSmoke) -> Quarantined and deleted successfully.
Und, avira hat was in C:\System Volume Information\_restore{B62ECB9D-994A-4501-9A56-9077A2C1F7BA}\RP356\A0702739.exe C:\System Volume Information\_restore{B62ECB9D-994A-4501-9A56-9077A2C1F7BA}\RP356\A0702738.dll' Gefunden. Mal wieder, hab system wiederherstellung aus und wieder an gemacht. Geändert von Balli (07.05.2011 um 08:19 Uhr) |
|
07.05.2011, 15:07
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.20 13:50:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{24cd7754-f89b-11df-973a-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{24cd7754-f89b-11df-973a-00f1d000f1d0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{24cd7754-f89b-11df-973a-00f1d000f1d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{682d6433-169f-11e0-978a-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{682d6433-169f-11e0-978a-00f1d000f1d0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{682d6433-169f-11e0-978a-00f1d000f1d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{83b01cd8-1805-11e0-9792-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{83b01cd8-1805-11e0-9792-00f1d000f1d0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{83b01cd8-1805-11e0-9792-00f1d000f1d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a26e3d3c-a161-11df-9626-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{a26e3d3c-a161-11df-9626-00f1d000f1d0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a26e3d3c-a161-11df-9626-00f1d000f1d0}\Shell\AutoRun\command - "" = E:\USBAutoRun.exe
O33 - MountPoints2\{d30ccda8-351b-11df-9491-00138ff913fe}\Shell - "" = AutoRun
O33 - MountPoints2\{d30ccda8-351b-11df-9491-00138ff913fe}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d30ccda8-351b-11df-9491-00138ff913fe}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{e5b67262-e1c1-11df-96ff-00138ff913fe}\Shell - "" = AutoRun
O33 - MountPoints2\{e5b67262-e1c1-11df-96ff-00138ff913fe}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e5b67262-e1c1-11df-96ff-00138ff913fe}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e5b67265-e1c1-11df-96ff-00138ff913fe}\Shell - "" = AutoRun
O33 - MountPoints2\{e5b67265-e1c1-11df-96ff-00138ff913fe}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e5b67265-e1c1-11df-96ff-00138ff913fe}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{f8d9083e-1423-11e0-9786-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{f8d9083e-1423-11e0-9786-00f1d000f1d0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f8d9083e-1423-11e0-9786-00f1d000f1d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{f8d9083f-1423-11e0-9786-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{f8d9083f-1423-11e0-9786-00f1d000f1d0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f8d9083f-1423-11e0-9786-00f1d000f1d0}\Shell\AutoRun\command - "" = F:\AutoRun.exe
[2011.04.19 22:46:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ClickPotato
[2011.04.19 22:46:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ClickPotatoLiteSA
[2011.04.19 22:46:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2011.04.19 22:46:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kevin\Anwendungsdaten\ClickPotatoLite
[2011.05.06 19:26:00 | 000,000,252 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.05.06 19:10:16 | 000,000,252 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.05.06 19:10:15 | 000,000,252 | -H-- | M] () -- C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
@Alternate Data Stream - 133 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.05.2011, 15:24
| #5 |
| | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Hier der log : Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24cd7754-f89b-11df-973a-00f1d000f1d0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24cd7754-f89b-11df-973a-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24cd7754-f89b-11df-973a-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24cd7754-f89b-11df-973a-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{24cd7754-f89b-11df-973a-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24cd7754-f89b-11df-973a-00f1d000f1d0}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{682d6433-169f-11e0-978a-00f1d000f1d0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{682d6433-169f-11e0-978a-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{682d6433-169f-11e0-978a-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{682d6433-169f-11e0-978a-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{682d6433-169f-11e0-978a-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{682d6433-169f-11e0-978a-00f1d000f1d0}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83b01cd8-1805-11e0-9792-00f1d000f1d0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83b01cd8-1805-11e0-9792-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83b01cd8-1805-11e0-9792-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83b01cd8-1805-11e0-9792-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{83b01cd8-1805-11e0-9792-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83b01cd8-1805-11e0-9792-00f1d000f1d0}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a26e3d3c-a161-11df-9626-00f1d000f1d0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a26e3d3c-a161-11df-9626-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a26e3d3c-a161-11df-9626-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a26e3d3c-a161-11df-9626-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a26e3d3c-a161-11df-9626-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a26e3d3c-a161-11df-9626-00f1d000f1d0}\ not found.
File E:\USBAutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d30ccda8-351b-11df-9491-00138ff913fe}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d30ccda8-351b-11df-9491-00138ff913fe}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d30ccda8-351b-11df-9491-00138ff913fe}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d30ccda8-351b-11df-9491-00138ff913fe}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d30ccda8-351b-11df-9491-00138ff913fe}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d30ccda8-351b-11df-9491-00138ff913fe}\ not found.
File F:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5b67262-e1c1-11df-96ff-00138ff913fe}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5b67262-e1c1-11df-96ff-00138ff913fe}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5b67262-e1c1-11df-96ff-00138ff913fe}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5b67262-e1c1-11df-96ff-00138ff913fe}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5b67262-e1c1-11df-96ff-00138ff913fe}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5b67262-e1c1-11df-96ff-00138ff913fe}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5b67265-e1c1-11df-96ff-00138ff913fe}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5b67265-e1c1-11df-96ff-00138ff913fe}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5b67265-e1c1-11df-96ff-00138ff913fe}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5b67265-e1c1-11df-96ff-00138ff913fe}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5b67265-e1c1-11df-96ff-00138ff913fe}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5b67265-e1c1-11df-96ff-00138ff913fe}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8d9083e-1423-11e0-9786-00f1d000f1d0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8d9083e-1423-11e0-9786-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8d9083e-1423-11e0-9786-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8d9083e-1423-11e0-9786-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8d9083e-1423-11e0-9786-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8d9083e-1423-11e0-9786-00f1d000f1d0}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8d9083f-1423-11e0-9786-00f1d000f1d0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8d9083f-1423-11e0-9786-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8d9083f-1423-11e0-9786-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8d9083f-1423-11e0-9786-00f1d000f1d0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8d9083f-1423-11e0-9786-00f1d000f1d0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f8d9083f-1423-11e0-9786-00f1d000f1d0}\ not found.
File F:\AutoRun.exe not found.
Folder C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ClickPotato\ not found.
Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ClickPotatoLiteSA\ not found.
Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2ACA5CC3-0F83-453D-A079-1076FE1A8B65\ not found.
Folder C:\Dokumente und Einstellungen\Kevin\Anwendungsdaten\ClickPotatoLite\ not found.
File C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job not found.
File C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job not found.
File C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job not found.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF deleted successfully.
========== COMMANDS ==========
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Kevin
->Temp folder emptied: 11520905 bytes
->Temporary Internet Files folder emptied: 2377561 bytes
->Java cache emptied: 537 bytes
->FireFox cache emptied: 63195920 bytes
->Flash cache emptied: 1040 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 22739318 bytes
->Flash cache emptied: 2572 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1001066 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 96,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 05072011_161748
Files\Folders moved on Reboot...
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XG9VRQSH\favicon[1].ico moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XG9VRQSH\google_de[1].txt moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XG9VRQSH\google_de[2].txt moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XG9VRQSH\imp[1].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XG9VRQSH\in[3].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\R552IHZ6\hand[1].png moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\R552IHZ6\iframe3[1].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\R552IHZ6\in[3].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\R552IHZ6\in[4].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\R552IHZ6\link[1].png moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\R552IHZ6\login_inc[1].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\R552IHZ6\login_inc[2].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\R552IHZ6\st[4] moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\R552IHZ6\vh[1].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\9HQ151RO\favicon[1].ico moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\9HQ151RO\in[5].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\9HQ151RO\result[2].php moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\9HQ151RO\stCAOE0XN6 moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\9HQ151RO\vh[1].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\9HQ151RO\vh[2].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\9HQ151RO\vh[3].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\7VVU8B6C\favicon[1].ico moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\7VVU8B6C\iframe3[1].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\7VVU8B6C\index[1].php moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\7VVU8B6C\in[1].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\7VVU8B6C\login_inc[1].htm moved successfully.
C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\7VVU8B6C\st[7] moved successfully.
C:\WINDOWS\temp\MPC3C.tmp moved successfully.
Registry entries deleted on Reboot...
|
|
07.05.2011, 15:30
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ --> sshnas21.dll, Irl.exe , Irk.exe , Ire.exe |
|
07.05.2011, 15:51
| #7 |
| | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe So, habs durchlaufen lassen.. hat auch was gefunden. TDSS Log : Code:
ATTFilter 2011/05/07 16:41:54.0546 4056 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/07 16:41:56.0562 4056 ================================================================================
2011/05/07 16:41:56.0562 4056 SystemInfo:
2011/05/07 16:41:56.0562 4056
2011/05/07 16:41:56.0562 4056 OS Version: 5.1.2600 ServicePack: 3.0
2011/05/07 16:41:56.0562 4056 Product type: Workstation
2011/05/07 16:41:56.0562 4056 ComputerName: PC
2011/05/07 16:41:56.0562 4056 UserName: ***
2011/05/07 16:41:56.0562 4056 Windows directory: C:\WINDOWS
2011/05/07 16:41:56.0562 4056 System windows directory: C:\WINDOWS
2011/05/07 16:41:56.0562 4056 Processor architecture: Intel x86
2011/05/07 16:41:56.0562 4056 Number of processors: 1
2011/05/07 16:41:56.0562 4056 Page size: 0x1000
2011/05/07 16:41:56.0562 4056 Boot type: Normal boot
2011/05/07 16:41:56.0562 4056 ================================================================================
2011/05/07 16:41:57.0093 4056 Initialize success
2011/05/07 16:42:01.0421 2040 ================================================================================
2011/05/07 16:42:01.0421 2040 Scan started
2011/05/07 16:42:01.0421 2040 Mode: Manual;
2011/05/07 16:42:01.0421 2040 ================================================================================
2011/05/07 16:42:01.0812 2040 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/05/07 16:42:01.0890 2040 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/05/07 16:42:02.0015 2040 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/05/07 16:42:02.0140 2040 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/05/07 16:42:02.0406 2040 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/05/07 16:42:02.0562 2040 AmdK8 (22ad3ec1f0486c863d70cdd50b97761b) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/05/07 16:42:02.0796 2040 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/05/07 16:42:02.0859 2040 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/05/07 16:42:02.0953 2040 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/05/07 16:42:03.0031 2040 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/05/07 16:42:03.0187 2040 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
2011/05/07 16:42:03.0218 2040 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/05/07 16:42:03.0265 2040 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/05/07 16:42:03.0359 2040 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/05/07 16:42:03.0468 2040 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/05/07 16:42:03.0531 2040 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/05/07 16:42:03.0593 2040 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/05/07 16:42:03.0656 2040 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/05/07 16:42:03.0890 2040 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/05/07 16:42:03.0968 2040 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
2011/05/07 16:42:04.0046 2040 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
2011/05/07 16:42:04.0093 2040 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/05/07 16:42:04.0171 2040 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/05/07 16:42:04.0234 2040 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/05/07 16:42:04.0328 2040 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
2011/05/07 16:42:04.0562 2040 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/05/07 16:42:04.0625 2040 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/05/07 16:42:04.0671 2040 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
2011/05/07 16:42:04.0718 2040 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/05/07 16:42:04.0812 2040 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/05/07 16:42:04.0906 2040 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
2011/05/07 16:42:05.0093 2040 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/05/07 16:42:05.0125 2040 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/05/07 16:42:05.0203 2040 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/05/07 16:42:05.0281 2040 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/05/07 16:42:05.0343 2040 GT72NDISIPXP (20a940d96e69be65f9b6e4695baac6dc) C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys
2011/05/07 16:42:05.0390 2040 GT72UBUS (1678d49ea3e76ccabde89d7b26d5061c) C:\WINDOWS\system32\DRIVERS\gt72ubus.sys
2011/05/07 16:42:05.0437 2040 GTPTSER (346ddaefa04e49ad804ee12d4baa0ed3) C:\WINDOWS\system32\DRIVERS\gtptser.sys
2011/05/07 16:42:05.0500 2040 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2011/05/07 16:42:05.0578 2040 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/05/07 16:42:05.0703 2040 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/05/07 16:42:05.0796 2040 hwdatacard (93e5d34d95ff9011beed886e3627f442) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/05/07 16:42:05.0953 2040 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/05/07 16:42:06.0046 2040 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/05/07 16:42:06.0359 2040 IntcAzAudAddService (55920481a44fa7bdde5fc1b9e02c7c2a) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/05/07 16:42:06.0687 2040 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/05/07 16:42:06.0734 2040 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/05/07 16:42:06.0765 2040 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/05/07 16:42:06.0812 2040 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/05/07 16:42:06.0875 2040 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/05/07 16:42:06.0953 2040 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/05/07 16:42:07.0046 2040 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/05/07 16:42:07.0078 2040 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/05/07 16:42:07.0156 2040 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/05/07 16:42:07.0250 2040 km_filter (097ba59ba201c9270a704cc04670b553) C:\WINDOWS\system32\drivers\km_filter.sys
2011/05/07 16:42:07.0296 2040 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/05/07 16:42:07.0468 2040 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/05/07 16:42:07.0546 2040 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
2011/05/07 16:42:07.0625 2040 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/05/07 16:42:07.0734 2040 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/05/07 16:42:07.0781 2040 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/05/07 16:42:07.0828 2040 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/05/07 16:42:07.0921 2040 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/05/07 16:42:07.0984 2040 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/05/07 16:42:08.0078 2040 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/05/07 16:42:08.0109 2040 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/05/07 16:42:08.0140 2040 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/05/07 16:42:08.0218 2040 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/05/07 16:42:08.0234 2040 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/05/07 16:42:08.0296 2040 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/05/07 16:42:08.0406 2040 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/05/07 16:42:08.0437 2040 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/05/07 16:42:08.0484 2040 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/05/07 16:42:08.0531 2040 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/05/07 16:42:08.0546 2040 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/05/07 16:42:08.0609 2040 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/05/07 16:42:08.0781 2040 nnrnstdi (c6cd620d974e58bb5e93acb67d08db01) C:\WINDOWS\system32\drivers\nnrnstdi.sys
2011/05/07 16:42:08.0843 2040 npf (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
2011/05/07 16:42:08.0890 2040 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/05/07 16:42:08.0953 2040 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
2011/05/07 16:42:09.0031 2040 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/05/07 16:42:09.0140 2040 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/05/07 16:42:09.0515 2040 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/05/07 16:42:09.0890 2040 nvata (9eccd189a9554c30a0d18a429778c7ba) C:\WINDOWS\system32\DRIVERS\nvata.sys
2011/05/07 16:42:09.0937 2040 NVENETFD (4d6f0d3fb17c1ba64942f415c73adcdb) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2011/05/07 16:42:09.0968 2040 nvnetbus (921e63aa1e1a20302223d016acafb52b) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2011/05/07 16:42:10.0046 2040 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/05/07 16:42:10.0093 2040 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/05/07 16:42:10.0171 2040 oreans32 (b99575d16f887883b821d372ff292c20) C:\WINDOWS\system32\drivers\oreans32.sys
2011/05/07 16:42:10.0250 2040 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/05/07 16:42:10.0281 2040 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/05/07 16:42:10.0375 2040 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/05/07 16:42:10.0437 2040 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/05/07 16:42:10.0484 2040 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/05/07 16:42:10.0562 2040 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/05/07 16:42:10.0828 2040 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/05/07 16:42:10.0890 2040 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/05/07 16:42:10.0937 2040 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/05/07 16:42:10.0984 2040 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/05/07 16:42:11.0031 2040 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/05/07 16:42:11.0187 2040 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/05/07 16:42:11.0234 2040 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/05/07 16:42:11.0265 2040 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/05/07 16:42:11.0296 2040 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/05/07 16:42:11.0375 2040 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/05/07 16:42:11.0421 2040 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/05/07 16:42:11.0515 2040 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/05/07 16:42:11.0578 2040 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/05/07 16:42:11.0703 2040 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/05/07 16:42:11.0765 2040 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/05/07 16:42:11.0843 2040 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/05/07 16:42:11.0937 2040 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/05/07 16:42:12.0078 2040 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/05/07 16:42:12.0171 2040 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/05/07 16:42:12.0234 2040 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/05/07 16:42:12.0296 2040 sscdbus (92b69020fc480219683d429dca068d71) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
2011/05/07 16:42:12.0359 2040 sscdmdfl (77a2869d40cc84af711c321f9b0c7a78) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
2011/05/07 16:42:12.0437 2040 sscdmdm (b4255635195a8413fcde7af5b7c4e382) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
2011/05/07 16:42:12.0531 2040 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/05/07 16:42:12.0625 2040 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/05/07 16:42:12.0703 2040 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/05/07 16:42:12.0843 2040 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/05/07 16:42:12.0906 2040 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
2011/05/07 16:42:12.0984 2040 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/05/07 16:42:13.0046 2040 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/05/07 16:42:13.0109 2040 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/05/07 16:42:13.0156 2040 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/05/07 16:42:13.0281 2040 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/05/07 16:42:13.0390 2040 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/05/07 16:42:13.0500 2040 usbbus (9419faac6552a51542dbba02971c841c) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
2011/05/07 16:42:13.0562 2040 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/05/07 16:42:13.0609 2040 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
2011/05/07 16:42:13.0703 2040 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/05/07 16:42:13.0796 2040 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/05/07 16:42:13.0828 2040 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
2011/05/07 16:42:13.0875 2040 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/05/07 16:42:13.0937 2040 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/05/07 16:42:14.0000 2040 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/05/07 16:42:14.0062 2040 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/05/07 16:42:14.0156 2040 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/05/07 16:42:14.0234 2040 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/05/07 16:42:14.0296 2040 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/05/07 16:42:14.0390 2040 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/05/07 16:42:14.0515 2040 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/05/07 16:42:14.0671 2040 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/05/07 16:42:14.0765 2040 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/05/07 16:42:14.0828 2040 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/05/07 16:42:14.0953 2040 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/05/07 16:42:14.0953 2040 ================================================================================
2011/05/07 16:42:14.0953 2040 Scan finished
2011/05/07 16:42:14.0953 2040 ================================================================================
2011/05/07 16:42:14.0984 1192 Detected object count: 1
2011/05/07 16:42:34.0375 1192 \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/05/07 16:42:34.0375 1192 \HardDisk0 - ok
2011/05/07 16:42:34.0375 1192 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2011/05/07 16:42:46.0031 3028 Deinitialize success
|
|
07.05.2011, 16:05
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe TDL4 wurde erkannt und entfernt. Bitte Windows neu starten und zur Kontrolle ein neues Log mit dem Kaspersky-TDSS-Killer machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2011, 16:16
| #9 |
| | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Hab mein rechner neu gestartet und nochmal gescant. Findet nichts, Malewarebytes findet auch nichts. Log: Code:
ATTFilter 2011/05/07 17:10:27.0656 2436 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/07 17:10:28.0406 2436 ================================================================================
2011/05/07 17:10:28.0406 2436 SystemInfo:
2011/05/07 17:10:28.0406 2436
2011/05/07 17:10:28.0406 2436 OS Version: 5.1.2600 ServicePack: 3.0
2011/05/07 17:10:28.0406 2436 Product type: Workstation
2011/05/07 17:10:28.0406 2436 ComputerName: PC
2011/05/07 17:10:28.0406 2436 UserName: ***
2011/05/07 17:10:28.0406 2436 Windows directory: C:\WINDOWS
2011/05/07 17:10:28.0406 2436 System windows directory: C:\WINDOWS
2011/05/07 17:10:28.0406 2436 Processor architecture: Intel x86
2011/05/07 17:10:28.0406 2436 Number of processors: 1
2011/05/07 17:10:28.0406 2436 Page size: 0x1000
2011/05/07 17:10:28.0406 2436 Boot type: Normal boot
2011/05/07 17:10:28.0406 2436 ================================================================================
2011/05/07 17:10:28.0703 2436 Initialize success
2011/05/07 17:10:30.0421 0512 ================================================================================
2011/05/07 17:10:30.0421 0512 Scan started
2011/05/07 17:10:30.0421 0512 Mode: Manual;
2011/05/07 17:10:30.0421 0512 ================================================================================
2011/05/07 17:10:30.0750 0512 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/05/07 17:10:30.0843 0512 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/05/07 17:10:30.0968 0512 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/05/07 17:10:31.0078 0512 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/05/07 17:10:31.0296 0512 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/05/07 17:10:31.0437 0512 AmdK8 (22ad3ec1f0486c863d70cdd50b97761b) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/05/07 17:10:31.0687 0512 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/05/07 17:10:31.0765 0512 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/05/07 17:10:31.0843 0512 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/05/07 17:10:31.0921 0512 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/05/07 17:10:32.0078 0512 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
2011/05/07 17:10:32.0109 0512 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/05/07 17:10:32.0156 0512 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/05/07 17:10:32.0250 0512 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/05/07 17:10:32.0312 0512 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/05/07 17:10:32.0375 0512 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/05/07 17:10:32.0437 0512 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/05/07 17:10:32.0515 0512 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/05/07 17:10:32.0796 0512 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/05/07 17:10:32.0875 0512 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
2011/05/07 17:10:32.0953 0512 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
2011/05/07 17:10:33.0015 0512 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/05/07 17:10:33.0109 0512 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/05/07 17:10:33.0218 0512 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/05/07 17:10:33.0312 0512 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
2011/05/07 17:10:33.0562 0512 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/05/07 17:10:33.0640 0512 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/05/07 17:10:33.0687 0512 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
2011/05/07 17:10:33.0718 0512 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/05/07 17:10:33.0796 0512 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/05/07 17:10:33.0875 0512 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
2011/05/07 17:10:34.0046 0512 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/05/07 17:10:34.0093 0512 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/05/07 17:10:34.0171 0512 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/05/07 17:10:34.0250 0512 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/05/07 17:10:34.0328 0512 GT72NDISIPXP (20a940d96e69be65f9b6e4695baac6dc) C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys
2011/05/07 17:10:34.0390 0512 GT72UBUS (1678d49ea3e76ccabde89d7b26d5061c) C:\WINDOWS\system32\DRIVERS\gt72ubus.sys
2011/05/07 17:10:34.0421 0512 GTPTSER (346ddaefa04e49ad804ee12d4baa0ed3) C:\WINDOWS\system32\DRIVERS\gtptser.sys
2011/05/07 17:10:34.0484 0512 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2011/05/07 17:10:34.0562 0512 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/05/07 17:10:34.0703 0512 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/05/07 17:10:34.0765 0512 hwdatacard (93e5d34d95ff9011beed886e3627f442) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/05/07 17:10:34.0921 0512 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/05/07 17:10:34.0984 0512 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/05/07 17:10:35.0312 0512 IntcAzAudAddService (55920481a44fa7bdde5fc1b9e02c7c2a) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/05/07 17:10:35.0546 0512 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/05/07 17:10:35.0593 0512 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/05/07 17:10:35.0640 0512 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/05/07 17:10:35.0687 0512 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/05/07 17:10:35.0750 0512 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/05/07 17:10:35.0796 0512 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/05/07 17:10:35.0875 0512 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/05/07 17:10:35.0906 0512 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/05/07 17:10:36.0000 0512 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/05/07 17:10:36.0062 0512 km_filter (097ba59ba201c9270a704cc04670b553) C:\WINDOWS\system32\drivers\km_filter.sys
2011/05/07 17:10:36.0140 0512 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/05/07 17:10:36.0281 0512 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/05/07 17:10:36.0343 0512 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
2011/05/07 17:10:36.0406 0512 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/05/07 17:10:36.0531 0512 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/05/07 17:10:36.0578 0512 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/05/07 17:10:36.0656 0512 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/05/07 17:10:36.0734 0512 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/05/07 17:10:36.0796 0512 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/05/07 17:10:36.0875 0512 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/05/07 17:10:36.0906 0512 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/05/07 17:10:36.0937 0512 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/05/07 17:10:37.0015 0512 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/05/07 17:10:37.0046 0512 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/05/07 17:10:37.0109 0512 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/05/07 17:10:37.0171 0512 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/05/07 17:10:37.0203 0512 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/05/07 17:10:37.0250 0512 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/05/07 17:10:37.0312 0512 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/05/07 17:10:37.0359 0512 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/05/07 17:10:37.0406 0512 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/05/07 17:10:37.0578 0512 nnrnstdi (c6cd620d974e58bb5e93acb67d08db01) C:\WINDOWS\system32\drivers\nnrnstdi.sys
2011/05/07 17:10:37.0640 0512 npf (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
2011/05/07 17:10:37.0687 0512 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/05/07 17:10:37.0750 0512 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
2011/05/07 17:10:37.0828 0512 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/05/07 17:10:37.0937 0512 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/05/07 17:10:38.0281 0512 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/05/07 17:10:38.0656 0512 nvata (9eccd189a9554c30a0d18a429778c7ba) C:\WINDOWS\system32\DRIVERS\nvata.sys
2011/05/07 17:10:38.0703 0512 NVENETFD (4d6f0d3fb17c1ba64942f415c73adcdb) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2011/05/07 17:10:38.0734 0512 nvnetbus (921e63aa1e1a20302223d016acafb52b) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2011/05/07 17:10:38.0796 0512 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/05/07 17:10:38.0843 0512 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/05/07 17:10:38.0937 0512 oreans32 (b99575d16f887883b821d372ff292c20) C:\WINDOWS\system32\drivers\oreans32.sys
2011/05/07 17:10:39.0015 0512 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/05/07 17:10:39.0046 0512 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/05/07 17:10:39.0125 0512 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/05/07 17:10:39.0187 0512 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/05/07 17:10:39.0234 0512 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/05/07 17:10:39.0312 0512 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/05/07 17:10:39.0578 0512 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/05/07 17:10:39.0656 0512 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/05/07 17:10:39.0703 0512 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/05/07 17:10:39.0734 0512 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/05/07 17:10:39.0796 0512 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/05/07 17:10:39.0984 0512 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/05/07 17:10:40.0015 0512 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/05/07 17:10:40.0062 0512 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/05/07 17:10:40.0093 0512 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/05/07 17:10:40.0140 0512 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/05/07 17:10:40.0187 0512 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/05/07 17:10:40.0265 0512 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/05/07 17:10:40.0343 0512 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/05/07 17:10:40.0453 0512 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/05/07 17:10:40.0515 0512 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/05/07 17:10:40.0562 0512 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/05/07 17:10:40.0656 0512 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/05/07 17:10:40.0812 0512 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/05/07 17:10:40.0890 0512 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/05/07 17:10:40.0953 0512 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/05/07 17:10:41.0046 0512 sscdbus (92b69020fc480219683d429dca068d71) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
2011/05/07 17:10:41.0078 0512 sscdmdfl (77a2869d40cc84af711c321f9b0c7a78) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
2011/05/07 17:10:41.0140 0512 sscdmdm (b4255635195a8413fcde7af5b7c4e382) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
2011/05/07 17:10:41.0234 0512 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/05/07 17:10:41.0312 0512 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/05/07 17:10:41.0390 0512 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/05/07 17:10:41.0546 0512 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/05/07 17:10:41.0609 0512 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
2011/05/07 17:10:41.0703 0512 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/05/07 17:10:41.0781 0512 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/05/07 17:10:41.0828 0512 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/05/07 17:10:41.0875 0512 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/05/07 17:10:42.0000 0512 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/05/07 17:10:42.0078 0512 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/05/07 17:10:42.0171 0512 usbbus (9419faac6552a51542dbba02971c841c) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
2011/05/07 17:10:42.0234 0512 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/05/07 17:10:42.0296 0512 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
2011/05/07 17:10:42.0375 0512 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/05/07 17:10:42.0390 0512 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/05/07 17:10:42.0468 0512 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
2011/05/07 17:10:42.0515 0512 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/05/07 17:10:42.0578 0512 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/05/07 17:10:42.0625 0512 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/05/07 17:10:42.0687 0512 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/05/07 17:10:42.0750 0512 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/05/07 17:10:42.0812 0512 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/05/07 17:10:42.0890 0512 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/05/07 17:10:42.0984 0512 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/05/07 17:10:43.0093 0512 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/05/07 17:10:43.0250 0512 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/05/07 17:10:43.0328 0512 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/05/07 17:10:43.0406 0512 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/05/07 17:10:43.0562 0512 ================================================================================
2011/05/07 17:10:43.0562 0512 Scan finished
2011/05/07 17:10:43.0562 0512 ================================================================================
! |
|
07.05.2011, 16:19
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2011, 17:37
| #11 |
| | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe CCleaner hat geklappt - nur combofix nicht. Bei "Stufe 50" Ist mein pc abgestürtz. Es kam ein Blauer bildschirm und dann ist mein rechner neu gestartet. combofix.txt hab ich auch nicht :/ |
|
07.05.2011, 17:51
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Starte Windows neu, lösch die alte cofi.exe, lade CF neu als cofi.exe runter und probier es bitte nochmal.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2011, 18:36
| #13 |
| | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Habs probiert, geht leider trotzdem nicht. Link geklickt, "Speichern unter" > cofi.exe bei "Stufe 50" stürtz mein rechner dann ab. Wenn er dann wieder hochgefahren ist, steht da dann "Windows wird nach einem schwerwiegendem fehler ausgeführt" C:\DOKUME~1\***\LOKALE~1\Temp\WERb0a5.dir00\Mini050711-02.dmp C:\DOKUME~1\***\LOKALE~1\Temp\WERb0a5.dir00\sysdata.xml Ich weiß nicht ob das was damit zu tun hat. |
|
07.05.2011, 19:20
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Dann erstmal Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2011, 20:01
| #15 |
| | sshnas21.dll, Irl.exe , Irk.exe , Ire.exe Hey! Mein computer ist bei dem MBRCheck abgestürtzt, hab aber trotzdem den log. MBR : Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000005c
Kernel Drivers (total 120):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D1000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF7357000 ACPI.sys
0xF7989000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7346000 pci.sys
0xF7487000 isapnp.sys
0xF72CA000 wdf01000.sys
0xF7497000 \WINDOWS\System32\Drivers\WDFLDR.SYS
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF74A7000 MountMgr.sys
0xF72AB000 ftdisk.sys
0xF770F000 PartMgr.sys
0xF74B7000 VolSnap.sys
0xF7293000 atapi.sys
0xF7279000 nvata.sys
0xF74C7000 disk.sys
0xF74D7000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7259000 fltMgr.sys
0xF7247000 sr.sys
0xF74E7000 PxHelp20.sys
0xF7230000 KSecDD.sys
0xF721D000 WudfPf.sys
0xF7190000 Ntfs.sys
0xF7163000 NDIS.sys
0xF7149000 Mup.sys
0xF7637000 \SystemRoot\system32\DRIVERS\AmdK8.sys
0xF6556000 \SystemRoot\system32\DRIVERS\parport.sys
0xF7119000 \SystemRoot\system32\DRIVERS\gameenum.sys
0xF7115000 \SystemRoot\system32\drivers\km_filter.sys
0xF7647000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF772F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7737000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7657000 \SystemRoot\system32\DRIVERS\serial.sys
0xF7111000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF773F000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xF6532000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7747000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF650A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7667000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7677000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7687000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF64E7000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7697000 \SystemRoot\system32\DRIVERS\nvnetbus.sys
0xF63CB000 \SystemRoot\system32\DRIVERS\NVNRM.SYS
0xF5A9D000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xF5A68000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7B8A000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF76A7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF6C96000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF5A51000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF65FA000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF65EA000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF774F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF5A40000 \SystemRoot\system32\DRIVERS\psched.sys
0xF65DA000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7757000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF775F000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF65CA000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF79CD000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF59E2000 \SystemRoot\system32\DRIVERS\update.sys
0xF6C8E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF59A7000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0xF65AA000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF659A000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79D1000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF658A000 \SystemRoot\system32\DRIVERS\NVENETFD.sys
0xF10A6000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xF1082000 \SystemRoot\system32\drivers\portcls.sys
0xF656A000 \SystemRoot\system32\drivers\drmk.sys
0xF79D7000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7AD2000 \SystemRoot\System32\Drivers\Null.SYS
0xF79D9000 \SystemRoot\System32\Drivers\Beep.SYS
0xF778F000 \SystemRoot\System32\drivers\vga.sys
0xF79DB000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79DD000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7797000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF779F000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF795F000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF0FFF000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF0FA6000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF0F7E000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF77A7000 \SystemRoot\System32\Drivers\nnrnstdi.SYS
0xF0F5C000 \SystemRoot\System32\drivers\afd.sys
0xF76B7000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF77AF000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xF0F31000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF76D7000 \??\C:\WINDOWS\system32\drivers\oreans32.sys
0xF0EC1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF76E7000 \SystemRoot\System32\Drivers\Fips.SYS
0xF0E9B000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF76F7000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF0DAD000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF79E9000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xF7557000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF0D93000 \SystemRoot\System32\Drivers\dump_nvata.sys
0xF79EB000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF1062000 \SystemRoot\System32\drivers\Dxapi.sys
0xF77C7000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xF7BCD000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBD623000 \SystemRoot\System32\ATMFD.DLL
0xB7DA5000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xF0DE3000 \SystemRoot\system32\DRIVERS\gt72ubus.sys
0xB7D62000 \SystemRoot\system32\DRIVERS\Gt51Ip.sys
0xF7A15000 \SystemRoot\system32\DRIVERS\gtptser.sys
0xB7D42000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB7A15000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7A4B000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB7A9A000 \SystemRoot\system32\drivers\npf.sys
0xB787D000 \SystemRoot\system32\DRIVERS\srv.sys
0xB77A0000 \SystemRoot\system32\drivers\wdmaud.sys
0xB79A5000 \SystemRoot\system32\drivers\sysaudio.sys
0xB77FD000 \??\C:\WINDOWS\system32\FsUsbExDisk.SYS
0xB73C9000 \SystemRoot\System32\Drivers\HTTP.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 39):
0 System Idle Process
4 SYSTEM
576 C:\WINDOWS\system32\smss.exe
640 csrss.exe
664 C:\WINDOWS\system32\winlogon.exe
708 C:\WINDOWS\system32\services.exe
720 C:\WINDOWS\system32\lsass.exe
876 C:\WINDOWS\system32\nvsvc32.exe
1116 C:\WINDOWS\system32\svchost.exe
1164 svchost.exe
1204 C:\WINDOWS\system32\svchost.exe
1272 C:\WINDOWS\system32\svchost.exe
1408 svchost.exe
1508 svchost.exe
1528 C:\WINDOWS\explorer.exe
1672 C:\WINDOWS\system32\spoolsv.exe
1720 C:\Programme\Avira\AntiVir Desktop\sched.exe
1764 svchost.exe
1824 C:\Programme\Avira\AntiVir Desktop\avguard.exe
1884 C:\WINDOWS\system32\FsUsbExService.Exe
1904 C:\Programme\Option\GlobeTrotter Connect\GtDetectSc.exe
1928 C:\Programme\Avira\AntiVir Desktop\avshadow.exe
1972 C:\Programme\Java\jre6\bin\jqs.exe
2012 C:\WINDOWS\system32\PnkBstrA.exe
208 C:\WINDOWS\system32\svchost.exe
1308 alg.exe
2068 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
2092 C:\WINDOWS\system32\rundll32.exe
2112 C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
2164 C:\WINDOWS\RTHDCPL.EXE
2180 C:\WINDOWS\system32\ctfmon.exe
2268 C:\Programme\Messenger\msmsgs.exe
2280 C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe
2448 C:\Programme\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe
3436 C:\Programme\Mozilla Firefox\firefox.exe
1056 C:\Programme\Valve\Steam\Steam.exe
3648 C:\Programme\WinRAR\WinRAR.exe
1404 C:\DOKUME~1\Kevin\LOKALE~1\Temp\Rar$EX03.468\osam.exe
2920 C:\Dokumente und Einstellungen\Kevin\Eigene Dateien\Downloads\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
PhysicalDrive0 Model Number: SAMSUNGHD161GJ, Rev: 1AC01118
Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 20:47:50 on 07.05.2011 OS: Windows XP Home Edition Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 4.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Boot Execute] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )----- "BootExecute" - "Microsoft Corporation" - C:\WINDOWS\system32\autochk.exe [Common] -----( %SystemRoot%\Tasks )----- "Game_Booster_Startup.job" - ? - C:\Programme\IObit\Game Booster\gbtray.exe (File not found) "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Scheduled Update for Ask Toolbar.job" - ? - C:\Programme\Ask.com\UpdateTask.exe (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows Scripting Host\Locations )----- "CScript" - "Microsoft Corporation" - C:\WINDOWS\System32\cscript.exe "WScript" - "Microsoft Corporation" - C:\WINDOWS\System32\wscript.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "access.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\access.cpl "ALSNDMGR.CPL" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\ALSNDMGR.CPL "appwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl "bthprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\bthprops.cpl "desk.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\desk.cpl "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\WINDOWS\system32\DivXControlPanelApplet.cpl "firewall.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\firewall.cpl "hdwwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\hdwwiz.cpl "inetcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcpl.cpl "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "intl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\intl.cpl "irprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\irprops.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "joy.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\joy.cpl "main.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\main.cpl "mmsys.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl "ncpa.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\ncpa.cpl "netsetup.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\netsetup.cpl "nusrmgr.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nusrmgr.cpl "odbccp32.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\odbccp32.cpl "powercfg.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\powercfg.cpl "RTSndMgr.CPL" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\RTSndMgr.CPL "sysdm.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl "telephon.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\telephon.cpl "timedate.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\timedate.cpl "wscui.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wscui.cpl "wuaucpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal" - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "Internet Connection Firewall" - "Microsoft Corporation" - C:\WINDOWS\system32\Firewall.cpl "NetSetupWizard" - "Microsoft Corporation" - C:\WINDOWS\system32\NetSetup.cpl "Speech" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Speech\sapi.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AFD" (AFD) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\afd.sys "Ambfilt" (Ambfilt) - "Creative" - C:\WINDOWS\System32\drivers\Ambfilt.sys "AMD-Prozessortreiber" (AmdK8) - "Advanced Micro Devices" - C:\WINDOWS\System32\DRIVERS\AmdK8.sys "Anchorfree HSS Adapter" (taphss) - "AnchorFree Inc" - C:\WINDOWS\System32\DRIVERS\taphss.sys "Asynchroner RAS -Medientreiber" (AsyncMac) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\asyncmac.sys "Audiostubtreiber" (audstub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\audstub.sys "avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "Beep" (Beep) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Beep.sys "catchme" (catchme) - ? - C:\DOKUME~1\Kevin\LOKALE~1\Temp\catchme.sys (File not found) "CD-ROM-Laufwerktreiber" (Cdrom) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\cdrom.sys "Cdaudio" (Cdaudio) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdaudio.sys "Cdfs" (Cdfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdfs.sys "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "DAEMON Tools Virtual Bus Driver" (dtsoftbus01) - "DT Soft Ltd" - C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys "dump_wmimmc" (dump_wmimmc) - ? - C:\ijji\ENGLISH\u_sf\GameGuard\dump_wmimmc.sys (File not found) "EagleNT" (EagleNT) - ? - C:\WINDOWS\system32\drivers\EagleNT.sys (File not found) "Fdc" (Fdc) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fdc.sys "Filtertreiber für CD-Brennen" (Imapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\imapi.sys "Filtertreiber für digitale CD-Audiowiedergabe" (redbook) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\redbook.sys "Filtertreiber für IP-Verkehr" (IpFilterDriver) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys "Filtertreiber für IPX-Verkehr" (NwlnkFlt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys "Filtertreiber für Systemwiederherstellung" (sr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sr.sys "Fips" (Fips) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fips.sys "Flpydisk" (Flpydisk) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Flpydisk.sys "FltMgr" (FltMgr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fltMgr.sys "FsUsbExDisk" (FsUsbExDisk) - ? - C:\WINDOWS\system32\FsUsbExDisk.SYS (File found, but it contains no detailed information) "Fs_Rec" (Fs_Rec) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fs_Rec.sys "Gameport-Enumerator" (gameenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\gameenum.sys "GT 72 IP NDIS" (GT72NDISIPXP) - "Option N.V." - C:\WINDOWS\System32\DRIVERS\Gt51Ip.sys "GT 72 U BUS" (GT72UBUS) - "Option N.V." - C:\WINDOWS\System32\DRIVERS\gt72ubus.sys "GT PT SER" (GTPTSER) - "Option N.V." - C:\WINDOWS\System32\DRIVERS\gtptser.sys "Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\WINDOWS\System32\DRIVERS\hamachi.sys "HTTP" (HTTP) - "Microsoft Corporation" - C:\WINDOWS\System32\Drivers\HTTP.sys "Huawei DataCard USB Modem and USB Serial" (hwdatacard) - "Huawei Technologies Co., Ltd." - C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "i8042-Tastatur- und PS/2-Mausanschluss-Treiber" (i8042prt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\i8042prt.sys "IP/IP-Tunneltreiber" (IpInIp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipinip.sys "IPSEC-Treiber" (IPSec) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipsec.sys "IPv6-Windows-Firewalltreiber" (Ip6Fw) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys "IR-Enumeratordienst" (IRENUM) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\irenum.sys "Kernel Mode Driver Frameworks service" (Wdf01000) - "Microsoft Corporation" - C:\WINDOWS\System32\Drivers\wdf01000.sys "km_filter" (km_filter) - "The Nielsen Company" - C:\WINDOWS\System32\drivers\km_filter.sys "KSecDD" (KSecDD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\KSecDD.sys "Laufwerktreiber" (Disk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\disk.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "LGE Mobile Composite USB Device" (usbbus) - "LG Electronics Inc." - C:\WINDOWS\System32\DRIVERS\lgusbbus.sys "LGE Mobile USB Modem" (USBModem) - "LG Electronics Inc." - C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys "LGE Mobile USB Serial Port" (UsbDiag) - "LG Electronics Inc." - C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys "lmimirr" (lmimirr) - ? - C:\WINDOWS\System32\DRIVERS\lmimirr.sys (File not found) "Mausklassentreiber" (Mouclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouclass.sys "Microcode Updatetreiber" (Update) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\update.sys "Microsoft ACPI-Treiber" (ACPI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ACPI.sys "Microsoft Kernel GS Wavetablesynthesizer" (swmidi) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\swmidi.sys "Microsoft Kernel-Audiosplitter" (splitter) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\splitter.sys "Microsoft Kernel-DLS-Synthesizer" (DMusic) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\DMusic.sys "Microsoft Kernel-DRM-Audioentschlüsselung" (drmkaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\drmkaud.sys "Microsoft Kernel-Echounterdrückung" (aec) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\aec.sys "Microsoft Kernel-Systemaudiogerät" (sysaudio) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\sysaudio.sys "Microsoft Kernel-Waveaudiomixer" (kmixer) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\kmixer.sys "Microsoft Proxy für Streaming Clock" (MSPCLOCK) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPCLOCK.sys "Microsoft Proxy für Streaming Quality Manager" (MSPQM) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPQM.sys "Microsoft Standard-USB-Haupttreiber" (usbccgp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbccgp.sys "Microsoft Streaming Service Proxy" (MSKSSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSKSSRV.sys "Microsoft UAA-Bustreiber für High Definition Audio" (HDAudBus) - "Windows (R) Server 2003 DDK provider" - C:\WINDOWS\System32\DRIVERS\HDAudBus.sys "Microsoft USB-Druckerklasse" (usbprint) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbprint.sys "Microsoft-Systemverwaltungs-BIOS-Treiber" (mssmbios) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mssmbios.sys "Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller" (usbehci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbehci.sys "Miniporttreiber für Microsoft USB Open Host-Controller" (usbohci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbohci.sys "mnmdd" (mnmdd) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\mnmdd.sys "Modem" (Modem) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Modem.sys "Monfilt" (Monfilt) - "Creative Technology Ltd." - C:\WINDOWS\System32\drivers\Monfilt.sys "MountMgr" (MountMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\MountMgr.sys "MRXSMB" (MRxSmb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys "Msfs" (Msfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Msfs.sys "Mup" (Mup) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Mup.sys "NDIS-Benutzermodus-E/A-Protokoll" (Ndisuio) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndisuio.sys "NDIS-Systemtreiber" (NDIS) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDIS.sys "NDProxy" (NDProxy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDProxy.sys "NetBios über TCP/IP" (NetBT) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbt.sys "NetBIOS-Schnittstelle" (NetBIOS) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbios.sys "NetGroup Packet Filter Driver" (npf) - "CACE Technologies, Inc." - C:\WINDOWS\System32\drivers\npf.sys "Nielsen Patch Service" (nielprt) - ? - C:\WINDOWS\System32\DRIVERS\nielprt.sys (File not found) "Nielsen USB GFX" (NielGfx) - ? - C:\WINDOWS\System32\drivers\nielgfx.sys (File not found) "nnrnstdi" (nnrnstdi) - "The Nielsen Company" - C:\WINDOWS\system32\drivers\nnrnstdi.sys "Npfs" (Npfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Npfs.sys "NPPTNT2" (NPPTNT2) - "INCA Internet Co., Ltd." - C:\WINDOWS\system32\npptNT2.sys "Ntfs" (Ntfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Ntfs.sys "Null" (Null) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Null.sys "nv" (nv) - "NVIDIA Corporation" - C:\WINDOWS\System32\DRIVERS\nv4_mini.sys "nvata" (nvata) - "NVIDIA Corporation" - C:\WINDOWS\System32\DRIVERS\nvata.sys "NVIDIA Network Bus Enumerator" (nvnetbus) - "NVIDIA Corporation" - C:\WINDOWS\System32\DRIVERS\nvnetbus.sys "NVIDIA nForce Networking Controller Driver" (NVENETFD) - "NVIDIA Corporation" - C:\WINDOWS\System32\DRIVERS\NVENETFD.sys "oreans32" (oreans32) - ? - C:\WINDOWS\system32\drivers\oreans32.sys (File found, but it contains no detailed information) "Parallelanschluss (direkt)" (Raspti) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspti.sys "PartMgr" (PartMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\PartMgr.sys "ParVdm" (ParVdm) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\ParVdm.sys "PCI-Bus-Treiber" (PCI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pci.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PCIIde" (PCIIde) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pciide.sys "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "PnP-ISA/EISA-Bus-Treiber" (isapnp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\isapnp.sys "Protokoll für ATM ARP-Client" (Atmarpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atmarpc.sys "Prozessortreiber" (Processor) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\processr.sys "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys "QoS-Paketplaner" (PSched) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\psched.sys "RAS-IP-ARP-Treiber" (Wanarp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wanarp.sys "RAS-NDIS-TAPI-Treiber" (NdisTapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndistapi.sys "RAS-NDIS-WAN-Treiber" (NdisWan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndiswan.sys "Rdbss" (Rdbss) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdbss.sys "RDPCDD" (RDPCDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys "RDPWD" (RDPWD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\RDPWD.sys "Redirector für WebDav-Client" (MRxDAV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxdav.sys "Remotezugriff-PPPOE-Treiber" (RasPppoe) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspppoe.sys "SAMSUNG Mobile Modem Drivers" (sscdmdm) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\sscdmdm.sys "SAMSUNG Mobile Modem Filter" (sscdmdfl) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\sscdmdfl.sys "SAMSUNG USB Composite Device driver (WDM)" (sscdbus) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\sscdbus.sys "Secdrv" (Secdrv) - "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." - C:\WINDOWS\System32\DRIVERS\secdrv.sys "Serenum-Filtertreiber" (serenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\serenum.sys "Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - "Realtek Semiconductor Corp." - C:\WINDOWS\System32\drivers\RtkHDAud.sys "Sfloppy" (Sfloppy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Sfloppy.sys "Software-Bus-Treiber" (swenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\swenum.sys "Srv" (Srv) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\srv.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "Standard-IDE/ESDI-Festplattencontroller" (atapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atapi.sys "Standardpaketklassifizierung" (Gpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\msgpc.sys "Tastaturklassentreiber" (Kbdclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdclass.sys "TCP/IP-Protokolltreiber" (Tcpip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\tcpip.sys "TDPIPE" (TDPIPE) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDPIPE.sys "TDTCP" (TDTCP) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDTCP.sys "Terminal-Gerätetreiber" (TermDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\termdd.sys "Treiber für automatische RAS-Verbindung" (RasAcd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasacd.sys "Treiber für direkte Parallelverbindung" (Ptilink) - "Parallel Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\ptilink.sys "Treiber für IPX-Verkehrsweiterleitung" (NwlnkFwd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys "Treiber für Microsoft WINMM-WDM-Audiokompatibilität" (wdmaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\wdmaud.sys "Treiber für parallelen Anschluss" (Parport) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\parport.sys "Treiber für seriellen Anschluss" (Serial) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\serial.sys "Treiber für Volume-Manager" (Ftdisk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ftdisk.sys "USB-Massenspeichertreiber" (USBSTOR) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS "USB-Scannertreiber" (usbscan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbscan.sys "USB2-aktivierter Hub" (usbhub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbhub.sys "VgaSave" (VgaSave) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\vga.sys "VolSnap" (VolSnap) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\VolSnap.sys "WAN-Miniport (L2TP)" (Rasl2tp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys "WAN-Miniport (PPTP)" (PptpMiniport) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspptp.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) "Windows Driver Foundation - User-mode Driver Framework Platform Driver" (WudfPf) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\WudfPf.sys "Windows Driver Foundation - User-mode Driver Framework Reflector" (WudfRd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wudfrd.sys "WpdUsb" (WpdUsb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wpdusb.sys "Übersetzer für IP-Netzwerkadressen" (IpNat) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipnat.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {7790769C-0471-11d2-AF11-00C04FA35D02} "Adressbuch 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install >{60B49E34-C7CC-11D0-8953-00A0C90347FF} "Browser Customizations" - "Microsoft Corporation" - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS "Browseranpassungen" - "Microsoft Corporation" - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP >{26923b43-4d38-484f-9b9e-de460746276c} "Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig {89820200-ECBD-11cf-8B85-00AA005B4383} "Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings {44BBA840-CC51-11CF-AAFA-00AA00B6015C} "Microsoft Outlook Express 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} "Microsoft Windows Media Player" - "Microsoft Corporation" - C:\WINDOWS\inf\unregmp2.exe /ShowWMP {6BF52A52-394A-11d3-B153-00C04F79FAA6} "Microsoft Windows Media Player" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub {44BBA842-CC51-11CF-AAFA-00AA00B6015B} "NetMeeting 3.01" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} "Outlook Express" - "Microsoft Corporation" - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install {2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} "Versions-Update für Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ieudinit.exe {89820200-ECBD-11cf-8B85-00AA005B4340} "Windows Desktop-Update" - "Microsoft Corporation" - regsvr32.exe /s /n /i:U shell32.dll {5945c046-1e7d-11d1-bc44-00c04fd912be} "Windows Messenger 4.7" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {0D2E74C4-3C34-11d2-A27E-00C04FC30871} "{0D2E74C4-3C34-11d2-A27E-00C04FC30871}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {24F14F01-7B1C-11d1-838f-0000F80461CF} "{24F14F01-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {24F14F02-7B1C-11d1-838f-0000F80461CF} "{24F14F02-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {66742402-F9B9-11D1-A202-0000F81FEDEE} "{66742402-F9B9-11D1-A202-0000F81FEDEE}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "AP Class Install Handler filter" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {733AC4CB-F1A4-11d0-B951-00A0C90312E1} "WebView MIME Filter" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {3dd53d40-7b8b-11D0-b013-00aa0059ce02} "CDL: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {12D51199-0DB5-46FE-A120-47A3D7D937CC} "DVD: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e3-baf9-11ce-8c82-00aa004ba90b} "ftp: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e4-baf9-11ce-8c82-00aa004ba90b} "gopher: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e2-baf9-11ce-8c82-00aa004ba90b} "http: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e5-baf9-11ce-8c82-00aa004ba90b} "https: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL {05300401-BCBC-11d0-85E3-00C04FD85AB4} "MHTML Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcomm.dll {3050F406-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML About Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Mailto Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {76E67A63-06E9-11D2-A840-006008059382} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll {9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll {79eac9e6-baf9-11ce-8c82-00aa004ba90b} "mk: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "TV: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "WiaProtocol Class" - "Microsoft Corporation" - C:\WINDOWS\system32\wiascr.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler )----- {438755C2-A8BA-11D1-B96B-00A0C90312E1} "Browseui preloader" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {8C7461EF-2B13-11d2-BE35-3078302C2030} "Component Categories cache daemon" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "URL Exec Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {01E04581-4EEE-11d0-BFE9-00AA005B4383} "&Adresse" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {F2CF5485-4E02-4f68-819C-B92DE9277049} "&Links" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {32714800-2E5F-11d0-8B85-00AA0044F941} "&Nach Personen..." - "Microsoft Corporation" - C:\Programme\Outlook Express\wabfind.dll {7e653215-fa25-46bd-a339-34a2790f3cb7} "Accessible" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {88C6C381-2E85-11D0-94DE-444553540000} "ActiveX Cache Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\occache.dll {A08C11D2-A228-11d0-825B-00AA005B4383} "Address EditBox" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {85BBD920-42A0-1069-A2E4-08002B30309D} "Aktenkoffer" - "Microsoft Corporation" - C:\WINDOWS\system32\syncui.dll {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} "Audio Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {91EA3F8B-C99B-11d0-9815-00C04FD91972} "Augmented Shell Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {6413BA2C-B461-11d1-A18A-080036B11A03} "Augmented Shell Folder 2" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} "Ausführen..." - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {5F327514-6C5E-4d60-8F16-D07FA08A78ED} "Auto Update Property Sheet Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} "Automatische Diashowwiedergabe der Shell" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {87D62D94-71B3-4b9a-9489-5FE6850DC73E} "Avi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {F61FFEC1-754F-11d0-80CA-00AA005B4383} "BandProxy" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {7A9D77BD-5403-11d2-8785-2E0420524153} "Benutzerkonten" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {add36aa8-751a-4579-a266-d66f5202ccbb} "Bestellung von Abzügen über das Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {67EA19A0-CCEF-11d0-8024-00C04FD75D13} "CDF Extension Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll {7D559C10-9FE9-11d0-93F7-00AA0059CE02} "Code Download Agent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {BD472F60-27FA-11cf-B8B4-444553540000} "Compressed (zipped) Folder Right Drag Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} "Compressed (zipped) Folder SendTo Target" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} "CompressedFolder" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} "ConnectionAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {42071713-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Bildschirme" - "Microsoft Corporation" - C:\WINDOWS\system32\deskmon.dll {42071712-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Grafikkarten" - "Microsoft Corporation" - C:\WINDOWS\system32\deskadp.dll {7444C717-39BF-11D1-8CD9-00C04FC29D45} "CryptPKO Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll {7444C719-39BF-11D1-8CD9-00C04FC29D45} "CryptSig Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} "Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {CFCCC7A0-A282-11D1-9082-006008059382} "Darwin App Publisher" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} "DfsShell Class" - "Microsoft Corporation" - C:\WINDOWS\system32\dfsshlex.dll {62AE1F9A-126A-11D0-A14B-0800361B1103} "Directory Context Menu Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} "Directory Object Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {0D45D530-764B-11d0-A1CA-00AA00C16E65} "Directory Property UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll {8A23E65E-31C2-11d0-891C-00A024AB2DBB} "Directory Query UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {F020E586-5264-11d1-A532-0000F8757D7E} "Directory Start/Search Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {f92e8c40-3d33-11d2-b1aa-080036a75b03} "Display TroubleShoot CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\deskperf.dll {22BF0C20-6DA7-11D0-B373-00A0C9034938} "Download Status" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {60fd46de-f830-4894-a628-6fa81bc0190d} "Drop-Zielobjekt für den Fotodruck-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\photowiz.dll {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} "E-Mail" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {00022613-0000-0000-C000-000000000046} "Eigenschaften für Multimediadatei" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl {596AB062-B4D2-4215-9F74-E9109B0A8153} "Eigenschaftenseite für vorherige Versionen" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll {1F2E5C40-9550-11CE-99D2-00AA006E086C} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll {4E40F770-369C-11d0-8922-00A024AB2DBB} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\dssec.dll {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll {59099400-57FF-11CE-BD94-0020AF85B590} "Erweiterung für Datenträgerkopien" - "Microsoft Corporation" - C:\WINDOWS\system32\diskcopy.dll {EFA24E64-B078-11d0-89E4-00C04FC9E26E} "Explorer-Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {692F0339-CBAA-47e6-B5B5-3B84DB604E87} "Extensions Manager Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\extmgr.dll {7A80E4A8-8005-11D2-BCF8-00C04F72C717} "ExtractIcon Class" - "Microsoft Corporation" - C:\WINDOWS\System32\mmcshext.dll {EFA24E61-B078-11d0-89E4-00C04FC9E26E} "Favorites Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll {3F30C968-480A-4C6C-862D-EFC0897BB84B} "GDI+ Dateiminiaturansicht-Extrahierungsprogramm" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {D6277990-4C6A-11CF-8D87-00AA0060F5BF} "Geplante Tasks" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "Global Folder Settings" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} "Hilfe und Support" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {FF393560-C2A7-11CF-BFF4-444553540000} "History" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {EFA24E62-B078-11d0-89E4-00C04FC9E26E} "History Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {25336920-03f9-11cf-8fd0-00aa00686f13} "HTML Document" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {EAB841A0-9550-11cf-8C16-00805F1408F3} "HTML-Extrahierungsprogramm" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {88895560-9AA2-1069-930E-00AA0030EBC8} "HyperTerminal Icon Ext" - "Hilgraeve, Inc." - C:\WINDOWS\system32\hticons.dll {DBCE2480-C732-101B-BE72-BA78E9AD5B27} "ICC-Profil" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {675F097E-4C4D-11D0-B6C1-0800091AA605} "ICM-Druckerverwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {5DB2625A-54DF-11D0-B6C4-0800091AA605} "ICM-Monitorverwaltung" - "Microsoft Corporation" - C:\WINDOWS\System32\icmui.dll {176d6597-26d3-11d1-b350-080036a75b03} "ICM-Scannerverwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {3028902F-6374-48b2-8DC6-9725E775B926} "IE AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {73CFD649-CD48-4fd8-A272-2070EA56526B} "IE BandProxy" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} "IE Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {1C1EDB47-CE22-4bbb-B608-77B48F83C823} "IE Fade Task" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {11016101-E366-4D22-BC06-4ADA335C892B} "IE History and Feeds Shell Data Source for Windows Search" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6CF48EF8-44CD-45d2-8832-A16EA016311B} "IE IShellFolderBand" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {4B78D326-D922-44f9-AF2A-07805C2A3560} "IE Menu Band" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {205D7A97-F16D-4691-86EF-F3075DCCA57D} "IE Menu Desk Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {44C76ECD-F7FA-411c-9929-1B77BA77F524} "IE Menu Site" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {07C45BB1-4A8C-4642-A1F5-237E7215FF66} "IE Microsoft BrowserBand" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6038EF75-ABFC-4e59-AB6F-12D397F6568D} "IE Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {B31C5FAE-961F-415b-BAF0-E697A5178B94} "IE Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} "IE Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} "IE MRU AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {43886CD5-6529-41c4-A707-7B3C92C05E68} "IE Navigation Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} "IE Registry Tree Options Utility" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} "IE RSS Feeds Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {30D02401-6A81-11d0-8274-00C04FD5AE38} "IE Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {E6EE9AAC-F76B-4947-8260-A9F136138E11} "IE Shell Band Site Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} "IE Shell Rebar BandSite" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} "IE Tracking Shell Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} "IE4 Suite-Begrüßungsbildschirm" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {169A0691-8DF9-11d1-A1C4-00C04FD75D13} "In-pane search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {0B124F8F-91F0-11D1-B8B5-006008059382} "Installed Apps Enumerator" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} "Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {871C5380-42A0-1069-A2EA-08002B30309D} "Internet Name Space" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {FBF23B40-E3F0-101B-8488-00AA003E56F8} "Internet Shortcut" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {131A6951-7F78-11D0-A979-00C04FD705A2} "ISFBand OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} "Kabinettdatei" - "Microsoft Corporation" - C:\WINDOWS\system32\cabview.dll {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} "Kompatibilitätsseite" - "Microsoft Corporation" - C:\WINDOWS\system32\SlayerXP.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {3050f3d9-98b5-11cf-bb82-00aa00bdce0b} "MHTML Document" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {143A62C8-C33B-11D1-84FE-00C04FA34A14} "Microsoft Agent Character Property Sheet Handler" - "Microsoft Corporation" - C:\WINDOWS\msagent\agentpsh.dll {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} "Microsoft Browser Architecture" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {7BA4C742-9E81-11CF-99D3-00AA004AE837} "Microsoft BrowserBand" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {7988B573-EC89-11cf-9C00-00AA00A14F56} "Microsoft Disk Quota UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquoui.dll {6A205B57-2567-4A2C-B881-F787FAB579A3} "Microsoft DocProp Inplace Calendar Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} "Microsoft DocProp Inplace Droplist Combo Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {A9CF0EAE-901A-4739-A481-E35B73E47F6D} "Microsoft DocProp Inplace Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {8EE97210-FD1F-4B19-91DA-67914005F020} "Microsoft DocProp Inplace ML Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} "Microsoft DocProp Inplace Time Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {883373C3-BF89-11D1-BE35-080036B11A03} "Microsoft DocProp Shell Ext" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {63da6ec0-2e98-11cf-8d82-444553540000} "Microsoft FTP Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\msieftp.dll {00BB2764-6A77-11D0-A535-00C04FD7D062} "Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {5E6AB780-7743-11CF-A12B-00AA004AE837} "Microsoft Internet Toolbar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {00BB2765-6A77-11D0-A535-00C04FD7D062} "Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll {2206CDB2-19C1-11D1-89E0-00C04FD7A829} "Microsoft OLE DB Service Component Data Links" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\System\Ole DB\oledb32.dll {03C036F1-A186-11D0-824A-00AA005B4383} "Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {3C374A40-BAE4-11CF-BF7D-00AA006946EE} "Microsoft Url History Service" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {8856f961-340a-11d0-a96b-00c04fd705a2} "Microsoft Web Browser" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {A6FD9E45-6E44-43f9-8644-08598F5A74D9} "Midi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {6756A641-DE71-11d0-831B-00AA005B4383} "MRU AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {ECF03A33-103D-11d2-854D-006008059367} "MyDocs Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {ECF03A32-103D-11d2-854D-006008059367} "MyDocs Drop Target" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {4a7ded0a-ad25-11d0-98a8-0800361b1103} "MyDocs menu and properties" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {7007ACC7-3202-11D1-AAD2-00805FC1270E} "Netzwerkverbindungen" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll {992CFFA0-F557-101A-88EC-00DD010CCC48} "Netzwerkverbindungen" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {10CFC467-4392-11d2-8DB4-00C04FA31A66} "Offline Files Folder Options" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {750fdf0e-2a26-11d1-a3ea-080036587f03} "Offline Files Menu" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {3EA48300-8CF6-101B-84FB-666CCB9BCD32} "OLE-Eigenschaftenseite für Dokumente" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} "Ordner 'Offlinedateien'" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {58f1f272-9240-4f51-b6d4-fd63d1618591} "Passport-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {41E300E0-78B6-11ce-849B-444553540000} "PlusPack CPL-Erweiterung" - "Microsoft Corporation" - C:\WINDOWS\system32\themeui.dll {35786D3C-B075-49b9-88DD-029876E11C01} "Portable Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} "Portable Devices Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {640167b4-59b0-47a6-b335-a6b3c0695aea} "Portable Media Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\Audiodev.dll {D8BD2030-6FC9-11D0-864F-00AA006809D9} "PostAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {AF4F6510-F982-11d0-8595-00AA004CD6D8} "Registry Tree Options Utility" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {F0152790-D56E-4445-850E-4F3117DB740C} "Remote Sessions CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\remotepg.dll {82AA9188-44E0-40B9-B956-43A10C315B4F} "RootShellFolder Class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfFTPShellExtension.dll {3F953603-1008-4f6e-A73A-04AAC7A992F1} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {83bbcbf3-b28a-4919-a5aa-73027445d672} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {905667aa-acd6-11d2-8080-00805f6596d2} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {E211B736-43FD-11D1-9EFB-0000F8757FCD} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} "Scheduling UI icon handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} "Scheduling UI property sheet handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {BD84B380-8CA2-1069-AB1D-08000948F534} "Schriftarten" - "Microsoft Corporation" - C:\WINDOWS\system32\fontext.dll {D20EA4E1-3957-11d2-A40B-0C5020524152} "Schriftarten" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {9461b922-3c5a-11d2-bf8b-00c04fb93661} "Search Assistant OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} "Set Program Access and Defaults" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {352EC2B7-8B9A-11D1-B8AE-006008059382} "Shell Application Manager" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {0A89A860-D7B1-11CE-8350-444553540000} "Shell Automation Inproc Service" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {ECD4FC4E-521C-11D0-B792-00A0C90312E1} "Shell Band Site Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {ECD4FC4C-521C-11D0-B792-00A0C90312E1} "Shell DeskBar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} "Shell DeskBarApp" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} "Shell DocObject Viewer" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {60254CA5-953B-11CF-8C96-00AA00B8708C} "Shell Extension For Windows Script Host" - "Microsoft Corporation" - C:\WINDOWS\system32\wshext.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} "Shell Image Data Factory" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} "Shell Image Property Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {e84fda7c-1d6a-45f6-b725-cb260c236066} "Shell Image Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {00BB2763-6A77-11D0-A535-00C04FD7D062} "Shell Microsoft AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} "Shell properties for a DS object" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {ECD4FC4D-521C-11D0-B792-00A0C90312E1} "Shell Rebar BandSite" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {21569614-B795-46b1-85F4-E737A8DC09AD} "Shell Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {56117100-C0CD-101B-81E2-00AA004AE837} "Shell-Datenauszughandler" - "Microsoft Corporation" - C:\WINDOWS\system32\shscrap.dll {2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} "ShellDragDropHandler Class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfShellTools.dll {77597368-7b15-11d0-a0c2-080036af3f03} "Shellerweiterung für Webdrucker" - "Microsoft Corporation" - C:\WINDOWS\system32\printui.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {40dd6e20-7c17-11ce-a804-00aa003ca9f6} "Shellerweiterungen für Freigaben" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} "Shellerweiterungen für Freigaben" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll {59be4990-f85c-11ce-aff7-00aa003ca9f6} "Shellerweiterungen für Microsoft Windows-Netzwerkobjekte" - "Microsoft Corporation" - C:\WINDOWS\system32\ntlanui2.dll {7568C3F3-DF7E-436A-95C2-772819DF58B4} "ShellFolderExternal Class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfFavoritesShellExtension.dll {119310E6-5FB7-4eeb-BEDB-9E229E76B9B4} "ShellFolderMultiUploadDestination Class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfFTPShellExtension.dll {3B164627-7060-47BB-A1BE-DF5540B02821} "ShellFolderMultiUploadSource Class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfFTPShellExtension.dll {6E0A0931-B89D-45B7-8BF0-F221A6D67257} "ShellFolderRoot Class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfFavoritesShellExtension.dll {EB5EE1F3-041A-4c03-9D51-2BEC6715FB00} "ShellFolderSearchRoot Class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfFTPShellExtension.dll {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {6b33163c-76a5-4b6c-bf21-45de9cd503a1} "Shellobjekt des Webpublishing-Assistenten" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} "SmartFTP ContextMenu Shell Extension" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfShellTools.dll {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} "SmartFTP Drop ShellIconOverlayHandler" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfShellTools.dll {FD504287-1372-40d2-ACA6-216A8FCC243D} "SmartFTP FavoritesShellFolder Class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfFavoritesShellExtension.dll {0848278D-D88B-445b-BEDC-7DFBDB061F5F} "SmartFTP FavoritesShellFolderDesktop class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfFavoritesShellExtension.dll {40FDFA48-5F4E-4627-A78E-6A49A3D4492F} "SmartFTP ShellDropHandler Class" - "SmartSoft Ltd." - C:\Programme\SmartFTP Client\sfShellTools.dll {F5175861-2688-11d0-9C5E-00AA00A45957} "Subscription Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} "Subscription Mgr" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} "Suchen" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {0DF44EAA-FF21-4412-828E-260A8728E7F1} "Taskleiste und Startmenü" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll {7BD29E00-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {7BD29E01-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} "The Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {acf35015-526e-4230-9596-becbe19f0ac9} "Track Popup Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} "TrayAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {7376D660-C583-11d0-A3A5-00C04FD706EC} "TridentImageExtractor" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {DD313E04-FEFF-11d1-8ECD-0000F87A470C} "User Assist" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {D20EA4E1-3957-11d2-A40B-0C5020524153} "Verwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} "Video Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {c5a40261-cd64-4ccf-84cb-c394da41d590} "Video Thumbnail Extractor" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {9DB7A13C-F208-4981-8353-73CC61AE2783} "Vorherige Versionen" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll {E4B29F9D-D390-480b-92FD-7DDB47101D71} "Wav Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {07798131-AF23-11d1-9111-00A0C98BA67D} "Web Search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} "WebCheck SyncMgr Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} "WebCheckChannelAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {08165EA0-E946-11CF-9C87-00AA005127ED} "WebCheckWebCrawler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {CC6EEFFB-43F6-46c5-9619-51D571967F7D} "Webpublishing-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {45670FA8-ED97-4F44-BC93-305082590BFB} "Windows XPS Document Metadata Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {44121072-A222-48f2-A58A-6D9AD51EBBE9} "Windows XPS Document Thumbnail Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} "Windows-Sicherheit" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} "WMP Add To Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {8DD448E6-C188-4aed-AF92-44956194EB1F} "WMP Burn Audio CD Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} "WMP Play As Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {9DBD2C50-62AD-11d0-B806-00C04FD706EC} "Zusammenfassungs-Miniaturansichthandler (DOCFILES)" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {7849596a-48ea-486e-8937-a2a3009f31a9} "PostBootReminder object" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {fbeb8a05-beee-4442-804e-409d6c4515e9} "ShellFolder for CD Burning" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {35CEC8A3-2BE6-11D2-8773-92E220524153} "SysTray" - "Microsoft Corporation" - C:\WINDOWS\system32\stobject.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {AAA288BA-9A4C-45B0-95D7-94D524869DB5} "WPDShServiceObj Class" - "Microsoft Corporation" - C:\WINDOWS\system32\WPDShServiceObj.dll [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {EFA24E64-B078-11D0-89E4-00C04FC9E26E} "Explorer-Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "&Adresse" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll <binary data> "&Links" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) <binary data> "midicase Toolbar" - ? - C:\Programme\midicase\prxtbmid0.dll (File not found) <binary data> "Nero Toolbar" - ? - C:\Programme\Ask.com\GenericAskToolbar.dll (File not found) <binary data> "Softonic-Eng7 Toolbar" - ? - C:\Programme\Softonic-Eng7\tbSoft.dll (File not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6d8d66f3-14fc-4736-a096-fac0ea66289c} "midicase Toolbar" - ? - C:\Programme\midicase\prxtbmid0.dll (File not found) {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} "Softonic-Eng7 Toolbar" - ? - C:\Programme\Softonic-Eng7\tbSoft.dll (File not found) {00000000-6E41-4FD3-8538-502F5495E5FC} "UrlSearchHook Class" - ? - C:\Programme\Ask.com\GenericAskToolbar.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {784797A8-342D-4072-9486-03C8D0F2F0A1} "Battlefield Heroes Updater" - "EA Digital Illusions CE AB" - C:\WINDOWS\Downloaded Program Files\BFHUpdater.dll / https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.31.0.cab {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} "CDownloadCtrl Object" - "IGN Entertainment" - C:\WINDOWS\Downloaded Program Files\DLMControl.dll / hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab {20A60F0D-9AFA-4515-A0FD-83BD84642501} "Checkers Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\msgrchkr.dll / hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {9BD3C5C6-BCBA-47BF-9CC0-0D5D3E117DE1} "MediaLoader Class" - "3G Studios, Inc." - C:\WINDOWS\Downloaded Program Files\WebMediaPlayer.dll / hxxp://www.bravearms.com/razor/plugins/WebMediaPlayer.cab {C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab {C212D449-8B3C-41F2-BD9A-047BD770550F} "Perparer Class" - "AB" - C:\WINDOWS\DOWNLO~1\OPLAUN~1.DLL / hxxp://operation7.fiaa.eu/OPLauncher.cab {166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Adobe\Director\SwDir.dll / hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab {E6F480FC-BD44-4CBA-B74A-89AF7842937D} "SysInfo Class" - "Husdawg, LLC" - C:\Programme\SystemRequirementsLab\srldetect_cyri_4.3.1.0.dll / hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab {1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class" - "Husdawg, LLC" - C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab {17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {4D5C8C25-D075-11d0-B416-00C04FB90376} "&Tipps und Tricks" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "Exec" - "Microsoft Corporation" - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe "ICQ7.1" - "ICQ, LLC." - C:\Programme\ICQ7.1\ICQ.exe "Messenger" - "Microsoft Corporation" - C:\Programme\Messenger\msmsgs.exe -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {98889811-442D-49dd-99D7-DC866BE87DBC} "Babylon Toolbar" - ? - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarTlbr.dll (File not found) {30F9B915-B755-4826-820B-08FBA6BD249D} "Conduit Engine " - ? - C:\Programme\ConduitEngine\prxConduitEngine.dll (File not found) {6d8d66f3-14fc-4736-a096-fac0ea66289c} "midicase Toolbar" - ? - C:\Programme\midicase\prxtbmid0.dll (File not found) <binary data> "Nero Toolbar" - ? - C:\Programme\Ask.com\GenericAskToolbar.dll (File not found) {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} "Softonic-Eng7 Toolbar" - ? - C:\Programme\Softonic-Eng7\tbSoft.dll (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {2EECD738-5844-4a99-B4B6-146BF802613B} "CescrtHlpr Object" - ? - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.5\bh\BabylonToolbar.dll (File not found) {30F9B915-B755-4826-820B-08FBA6BD249D} "Conduit Engine " - ? - C:\Programme\ConduitEngine\prxConduitEngine.dll (File not found) {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - ? - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (File not found) {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} "Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können." - ? - C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (File not found) {6d8d66f3-14fc-4736-a096-fac0ea66289c} "midicase Toolbar" - ? - C:\Programme\midicase\prxtbmid0.dll (File not found) {D4027C7F-154A-4066-A1AD-4243D8127440} "Nero Toolbar" - ? - C:\Programme\Ask.com\GenericAskToolbar.dll (File not found) {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} "Softonic-Eng7 Toolbar" - ? - C:\Programme\Softonic-Eng7\tbSoft.dll (File not found) {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [Known DLLs] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )----- "advapi32" - "Microsoft Corporation" - C:\WINDOWS\system32\advapi32.dll "comdlg32" - "Microsoft Corporation" - C:\WINDOWS\system32\comdlg32.dll "gdi32" - "Microsoft Corporation" - C:\WINDOWS\system32\gdi32.dll "imagehlp" - "Microsoft Corporation" - C:\WINDOWS\system32\imagehlp.dll "kernel32" - "Microsoft Corporation" - C:\WINDOWS\system32\kernel32.dll "lz32" - "Microsoft Corporation" - C:\WINDOWS\system32\lz32.dll "ole32" - "Microsoft Corporation" - C:\WINDOWS\system32\ole32.dll "oleaut32" - "Microsoft Corporation" - C:\WINDOWS\system32\oleaut32.dll "olecli32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecli32.dll "olecnv32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecnv32.dll "olesvr32" - "Microsoft Corporation" - C:\WINDOWS\system32\olesvr32.dll "olethk32" - "Microsoft Corporation" - C:\WINDOWS\system32\olethk32.dll "rpcrt4" - "Microsoft Corporation" - C:\WINDOWS\system32\rpcrt4.dll "shell32" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll "url" - "Microsoft Corporation" - C:\WINDOWS\system32\url.dll "urlmon" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll "user32" - "Microsoft Corporation" - C:\WINDOWS\system32\user32.dll "version" - "Microsoft Corporation" - C:\WINDOWS\system32\version.dll "wininet" - "Microsoft Corporation" - C:\WINDOWS\system32\wininet.dll "wldap32" - "Microsoft Corporation" - C:\WINDOWS\system32\wldap32.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Authentication packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll "Notification packages" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\kerberos.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\wdigest.dll -----( HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders )----- "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msapsspc.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\digest.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msnsspc.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini "GlobeTrotter Connect.lnk" - "Option" - C:\Programme\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe (Shortcut exists | File exists) -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Kevin\Startmenü\Programme\Autostart\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "AutoStartNPSAgent" - "Samsung Electronics Co., Ltd." - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe "CTFMON.EXE" - "Microsoft Corporation" - C:\WINDOWS\system32\ctfmon.exe "MSMSGS" - "Microsoft Corporation" - "C:\Programme\Messenger\msmsgs.exe" /background "msnmsgr" - "Microsoft Corporation" - "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )----- "Shell" - "Microsoft Corporation" - C:\WINDOWS\Explorer.exe "Userinit" - "Microsoft Corporation" - C:\WINDOWS\system32\userinit.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - "Microsoft Corporation" - C:\WINDOWS\system32\rdpclip.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "DrvIcon" - ? - C:\Programme\Vista Drive Icon\DrvIcon.exe (File not found) "NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup "NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "nwiz" - ? - nwiz.exe /install (File not found) "RTHDCPL" - "Realtek Semiconductor Corp." - RTHDCPL.EXE "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [Network Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )----- "Microsoft Windows-Netzwerk" - "Microsoft Corporation" - C:\WINDOWS\System32\ntlanman.dll "Microsoft-Terminaldienste" - "Microsoft Corporation" - C:\WINDOWS\System32\drprov.dll "Web Client Network" - "Microsoft Corporation" - C:\WINDOWS\System32\davclnt.dll [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "BJ Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\cnbjmon.dll "EPSON Stylus DX7400 Series 32MonitorBE" - "SEIKO EPSON CORPORATION" - C:\WINDOWS\system32\E_FLBCDE.DLL "Local Port" - "Microsoft Corporation" - C:\WINDOWS\system32\localspl.dll "PJL Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\pjlmon.dll "Standard TCP/IP Port" - "Microsoft Corporation" - C:\WINDOWS\system32\tcpmon.dll "USB Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\usbmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Ablagemappe" (ClipSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\clipsrv.exe "Anmeldedienst" (Netlogon) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found) "Arbeitsstationsdienst" (lanmanworkstation) - "Microsoft Corporation" - C:\WINDOWS\System32\wkssvc.dll "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe "Automatic Updates" (wuauserv) - "Microsoft Corporation" - C:\WINDOWS\system32\wuauserv.dll "Automatische Konfiguration (verkabelt)" (Dot3svc) - "Microsoft Corporation" - C:\WINDOWS\System32\dot3svc.dll "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe "COM+-Ereignissystem" (EventSystem) - "Microsoft Corporation" - C:\WINDOWS\system32\es.dll "COM+-Systemanwendung" (COMSysApp) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe "Computerbrowser" (Browser) - "Microsoft Corporation" - C:\WINDOWS\System32\browser.dll "CryptSvc" (CryptSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\cryptsvc.dll "DCOM-Server-Prozessstart" (DcomLaunch) - "Microsoft Corporation" - C:\WINDOWS\system32\rpcss.dll "Designs" (Themes) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "DHCP-Client" (Dhcp) - "Microsoft Corporation" - C:\WINDOWS\System32\dhcpcsvc.dll "Dienst für Seriennummern der tragbaren Medien" (WmdmPmSN) - "Microsoft Corporation" - C:\WINDOWS\system32\MsPMSNSv.dll "Distributed Transaction Coordinator" (MSDTC) - "Microsoft Corporation" - C:\WINDOWS\system32\msdtc.exe "DNS-Client" (Dnscache) - "Microsoft Corporation" - C:\WINDOWS\System32\dnsrslvr.dll "Druckwarteschlange" (Spooler) - "Microsoft Corporation" - C:\WINDOWS\system32\spoolsv.exe "Ereignisprotokoll" (Eventlog) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe "Extensible Authentication-Protokolldienst" (EapHost) - "Microsoft Corporation" - C:\WINDOWS\System32\eapsvc.dll "Fehlerberichterstattungsdienst" (ERSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\ersvc.dll "FsUsbExService" (FsUsbExService) - "Teruten" - C:\WINDOWS\system32\FsUsbExService.Exe "Gatewaydienst auf Anwendungsebene" (ALG) - "Microsoft Corporation" - C:\WINDOWS\System32\alg.exe "Geschützter Speicher" (ProtectedStorage) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GtDetectSc" (GtDetectSc) - "OptionNV" - C:\Programme\Option\GlobeTrotter Connect\GtDetectSc.exe "Hilfe und Support" (helpsvc) - "Microsoft Corporation" - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll "HTTP-SSL" (HTTPFilter) - "Microsoft Corporation" - C:\WINDOWS\System32\w3ssl.dll "IMAPI-CD-Brenn-COM-Dienste" (ImapiService) - "Microsoft Corporation" - C:\WINDOWS\system32\imapi.exe "Indexdienst" (CiSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\cisvc.exe "Integritätsschlüssel- und Zertifikatverwaltungsdienst" (hkmsvc) - "Microsoft Corporation" - C:\WINDOWS\System32\kmsvc.dll "Intelligenter Hintergrundübertragungsdienst" (BITS) - "Microsoft Corporation" - C:\WINDOWS\system32\qmgr.dll "IPSEC-Dienste" (PolicyAgent) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "Kompatibilität für schnelle Benutzerumschaltung" (FastUserSwitchingCompatibility) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "Konfigurationsfreie drahtlose Verbindung" (WZCSVC) - "Microsoft Corporation" - C:\WINDOWS\System32\wzcsvc.dll "Leistungsdatenprotokolle und Warnungen" (SysmonLog) - "Microsoft Corporation" - C:\WINDOWS\system32\smlogsvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "MS Software Shadow Copy Provider" (SwPrv) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe "NAP-Agent (Network Access Protection)" (napagent) - "Microsoft Corporation" - C:\WINDOWS\System32\qagentrt.dll "NetMeeting-Remotedesktop-Freigabe" (mnmsrvc) - "Microsoft Corporation" - C:\WINDOWS\system32\mnmsrvc.exe "Netzwerkverbindungen" (Netman) - "Microsoft Corporation" - C:\WINDOWS\System32\netman.dll "Netzwerkversorgungsdienst" (xmlprov) - "Microsoft Corporation" - C:\WINDOWS\System32\xmlprov.dll "NLA (Network Location Awareness)" (Nla) - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll "nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\WINDOWS\system32\GameMon.des "NT-LM-Sicherheitsdienst" (NtLmSsp) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "Plug & Play" (PlugPlay) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe "PnkBstrA" (PnkBstrA) - ? - C:\WINDOWS\system32\PnkBstrA.exe (File found, but it contains no detailed information) "QoS-RSVP" (RSVP) - "Microsoft Corporation" - C:\WINDOWS\system32\rsvp.exe "RAS-Verbindungsverwaltung" (RasMan) - "Microsoft Corporation" - C:\WINDOWS\System32\rasmans.dll "Remoteprozeduraufruf (RPC)" (RpcSs) - "Microsoft Corporation" - C:\WINDOWS\system32\rpcss.dll "RPC-Locator" (RpcLocator) - "Microsoft Corporation" - C:\WINDOWS\system32\locator.exe "Secondary Logon" (seclogon) - "Microsoft Corporation" - C:\WINDOWS\System32\seclogon.dll "Server" (LanmanServer) - "Microsoft Corporation" - C:\WINDOWS\System32\srvsvc.dll "Shellhardwareerkennung" (ShellHWDetection) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "Sicherheitscenter" (wscsvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wscsvc.dll "Sicherheitskontenverwaltung" (SamSs) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Sitzungs-Manager für Remotedesktophilfe" (RDSessMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\sessmgr.exe "Smartcard" (SCardSvr) - "Microsoft Corporation" - C:\WINDOWS\System32\SCardSvr.exe "SSDP-Suchdienst" (SSDPSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\ssdpsrv.dll "Systemereignisbenachrichtigung" (SENS) - "Microsoft Corporation" - C:\WINDOWS\system32\sens.dll "Systemwiederherstellungsdienst" (srservice) - "Microsoft Corporation" - C:\WINDOWS\system32\srsvc.dll "Taskplaner" (Schedule) - "Microsoft Corporation" - C:\WINDOWS\system32\schedsvc.dll "TCP/IP-NetBIOS-Hilfsprogramm" (LmHosts) - "Microsoft Corporation" - C:\WINDOWS\System32\lmhsvc.dll "Telefonie" (TapiSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\tapisrv.dll "Terminaldienste" (TermService) - "Microsoft Corporation" - C:\WINDOWS\System32\termsrv.dll "Universeller Plug & Play-Gerätehost" (upnphost) - "Microsoft Corporation" - C:\WINDOWS\System32\upnphost.dll "Unterbrechungsfreie Stromversorgung" (UPS) - "Microsoft Corporation" - C:\WINDOWS\System32\ups.exe "Verwaltung für automatische RAS-Verbindung" (RasAuto) - "Microsoft Corporation" - C:\WINDOWS\System32\rasauto.dll "Verwaltung logischer Datenträger" (dmserver) - "Microsoft Corp." - C:\WINDOWS\System32\dmserver.dll "Verwaltungsdienst für die Verwaltung logischer Datenträger" (dmadmin) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\dmadmin.exe "Volumeschattenkopie" (VSS) - "Microsoft Corporation" - C:\WINDOWS\System32\vssvc.exe "Webclient" (WebClient) - "Microsoft Corporation" - C:\WINDOWS\System32\webclnt.dll "Wechselmedien" (NtmsSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\ntmssvc.dll "Windows Audio" (AudioSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\audiosrv.dll "Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Driver Foundation - User-mode Driver Framework" (WudfSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\WUDFSvc.dll "Windows Installer" (MSIServer) - "Microsoft Corporation" - C:\WINDOWS\system32\msiexec.exe "Windows Media Player-Netzwerkfreigabedienst" (WMPNetworkSvc) - "Microsoft Corporation" - C:\Programme\Windows Media Player\WMPNetwk.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe "Windows Presentation Foundation Font Cache 4.0.0.0" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Windows-Bilderfassung (WIA)" (stisvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wiaservc.dll "Windows-Firewall/Gemeinsame Nutzung der Internetverbindung" (SharedAccess) - "Microsoft Corporation" - C:\WINDOWS\System32\ipnathlp.dll "Windows-Verwaltungsinstrumentation" (winmgmt) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\WMIsvc.dll "Windows-Zeitgeber" (W32Time) - "Microsoft Corporation" - C:\WINDOWS\system32\w32time.dll "WMI-Leistungsadapter" (WmiApSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\wmiapsrv.exe "Überwachung verteilter Verknüpfungen (Client)" (TrkWks) - "Microsoft Corporation" - C:\WINDOWS\system32\trkwks.dll [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - "Microsoft Corporation" - C:\WINDOWS\system32\logon.scr -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )----- "UIHost" - "Microsoft Corporation" - C:\WINDOWS\system32\logonui.exe "VmApplet" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )----- {B587E2B1-4D59-4e7e-AED9-22B9DF11D053} "802.3 Group Policy" - "Microsoft Corporation" - C:\WINDOWS\system32\dot3gpclnt.dll {B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A} "EFS recovery" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} "Internet Explorer Branding" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} "Internet Explorer Machine Accelerators" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {7B849a69-220F-451E-B3FE-2CB811AF94AE} "Internet Explorer User Accelerators" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} "Internet Explorer Zonemapping" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {C631DF4C-088F-4156-B058-4375F0853CD8} "Microsoft Offline Files" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {3610eda5-77ef-11d2-8dc5-00c04fa31a66} "Microsoft-Datenträgerkontingent" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquota.dll {827D319E-6EAC-11D2-A4EA-00C04F79F83A} "Security" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll {c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "crypt32chain" - "Microsoft Corporation" - C:\WINDOWS\system32\crypt32.dll "cryptnet" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptnet.dll "cscdll" - "Microsoft Corporation" - C:\WINDOWS\system32\cscdll.dll "dimsntfy" - "Microsoft Corporation" - C:\WINDOWS\System32\dimsntfy.dll "ScCertProp" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "Schedule" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "sclgntfy" - "Microsoft Corporation" - C:\WINDOWS\system32\sclgntfy.dll "SensLogn" - "Microsoft Corporation" - C:\WINDOWS\system32\WlNotify.dll "termsrv" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "wlballoon" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "NLA-Namespace" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll "NTDS" - "Microsoft Corporation" - C:\WINDOWS\System32\winrnr.dll "TCP/IP" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "MSAFD NetBIOS [\Device\NetBT_Tcpip_{35A95C95-D396-4973-BD15-29907C8677F0}] DATAGRAM 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{35A95C95-D396-4973-BD15-29907C8677F0}] SEQPACKET 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{444E9927-F209-4BE1-B467-203A4EB38C0D}] DATAGRAM 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{444E9927-F209-4BE1-B467-203A4EB38C0D}] SEQPACKET 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{5776F2F1-0AE5-4FD0-A086-A6644113C280}] DATAGRAM 6" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{5776F2F1-0AE5-4FD0-A086-A6644113C280}] SEQPACKET 6" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{588F92A0-D374-405F-BA4D-7A58BACAFC30}] DATAGRAM 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{588F92A0-D374-405F-BA4D-7A58BACAFC30}] SEQPACKET 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{A4D4E757-626B-4911-AECC-7BC29723BC1F}] DATAGRAM 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{A4D4E757-626B-4911-AECC-7BC29723BC1F}] SEQPACKET 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{C9A17BBC-D509-4740-B04B-9CDB32D555CC}] DATAGRAM 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{C9A17BBC-D509-4740-B04B-9CDB32D555CC}] SEQPACKET 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{F10F3246-AF51-40D4-AB07-C82961D01E4E}] DATAGRAM 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{F10F3246-AF51-40D4-AB07-C82961D01E4E}] SEQPACKET 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [RAW/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [TCP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [UDP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "RSVP TCP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll "RSVP UDP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
| Themen zu sshnas21.dll, Irl.exe , Irk.exe , Ire.exe |
| .dll, avira, download, entfernen, error, flash player, forum, fund, hören, installiert, internet, lädt, manager, player, please, pop-ups, prozess, runter, seite, server, task manager, version, warum, web, weiße |
Linear-Darstellung
