Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Antiviren-, Firewall- und andere Schutzprogramme (https://www.trojaner-board.de/antiviren-firewall-andere-schutzprogramme/)
-   -   Avira AntiVir Update funktioniert nicht, seltsame Fehlermeldung (https://www.trojaner-board.de/96451-avira-antivir-update-funktioniert-seltsame-fehlermeldung.html)

Thomas13 11.03.2011 18:20
Avira AntiVir Update funktioniert nicht, seltsame Fehlermeldung
 
Hallo.

Ich hab gerade gemerkt, dass das Sicherheitscenter meckert, dass Avira nicht aktiv ist. Als ich Avira geöffnet habe, war der Guard an, und ich wollte Updaten.
Aber da hat Avira diese Fehler ausgespuckt:

hxxp://img14.myimg.de/aviraupdateerror05b52.png

und

hxxp://img14.myimg.de/aviraupdateerror13414c.png

Mfg,
Thomas

cosinus 11.03.2011 19:07
Hallo und :hallo:

Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

Thomas13 12.03.2011 18:40
Komischerweise geht es jetzt wieder nach dem Hochfahren... Aber zur Sicherheit poste ich die Logfiles.

Malwarebytes Logfile:

Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6032

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12.03.2011 16:17:59
mbam-log-2011-03-12 (16-17-59).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 448291
Laufzeit: 55 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
und OTL:
Code:
OTL logfile created on: 3/12/2011 6:34:42 PM - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Thomas\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 38.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.34 Gb Total Space | 316.76 Gb Free Space | 70.03% Space Free | Partition Type: NTFS
Drive D: | 13.32 Gb Total Space | 1.64 Gb Free Space | 12.30% Space Free | Partition Type: NTFS
 
Computer Name: THOMASPC | User Name: Thomas_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Thomas\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Program Files (x86)\eMule\emule.exe (hxxp://www.emule-project.net)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Thomas\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV:64bit: - (ForceWare Intelligent Application Manager (IAM)) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Akamai) -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_dbc0250.dll ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1211&p="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/27 10:06:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/16 16:11:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/12/14 20:14:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\SeaMonkey 2.0.12\extensions\\Components: C:\Program Files (x86)\SeaMonkey\components [2011/03/04 20:55:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.12\extensions\\Plugins: C:\Program Files (x86)\SeaMonkey\plugins [2011/03/04 20:55:44 | 000,000,000 | ---D | M]
 
[2011/03/04 20:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas_2\AppData\Roaming\mozilla\Extensions
[2010/10/09 09:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas_2\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/03/04 20:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas_2\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011/03/11 22:40:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas_2\AppData\Roaming\mozilla\Firefox\Profiles\3vgrjy2h.default\extensions
[2011/03/04 20:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas_2\AppData\Roaming\mozilla\SeaMonkey\Profiles\ut9g4y0y.default\extensions
[2011/02/24 16:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010/10/06 20:43:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/07 06:17:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/12/03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/12/03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/12/03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/12/03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/12/03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010/05/13 17:53:40 | 000,001,204 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: ::1            localhost
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Thomas_2\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Thomas_2\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/14 18:05:56 | 000,000,000 | ---- | M] () - C:\Autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/03/12 14:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GEONExT
[2011/03/12 14:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GEONExT
[2011/03/11 19:00:35 | 000,238,968 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/03/11 18:59:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/03/11 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/03/11 18:08:49 | 000,000,000 | ---D | C] -- C:\Users\Thomas_2\AppData\Roaming\Avira
[2011/03/11 16:23:53 | 000,000,000 | ---D | C] -- C:\Users\Thomas_2\AppData\Local\Real_Environment_Xtreme
[2011/03/11 16:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Environment Xtreme
[2011/03/11 16:16:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real Environment Xtreme
[2011/03/09 15:44:55 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011/03/09 15:44:55 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011/03/09 15:44:55 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/03/09 15:44:55 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011/03/09 15:44:55 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/03/09 15:44:54 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/03/09 15:44:54 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/03/09 15:44:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/03/09 15:43:57 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/03/09 15:43:57 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011/03/09 15:43:56 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/03/09 15:43:56 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011/03/09 15:40:35 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011/03/09 15:40:35 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011/03/09 15:40:35 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011/03/09 15:40:35 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011/03/07 19:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
[2011/03/04 20:55:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaMonkey
[2011/03/04 20:55:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SeaMonkey
[2011/02/27 15:17:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker 2.6
[2011/02/25 20:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/02/24 16:36:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/02/23 15:04:07 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/02/23 15:04:07 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/02/23 15:04:07 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/02/23 15:04:07 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/02/18 21:20:00 | 000,000,000 | ---D | C] -- C:\Users\Thomas_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyTampa
[2011/02/18 21:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
[2011/02/16 20:41:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2011/02/16 16:15:29 | 000,000,000 | ---D | C] -- C:\Users\Thomas_2\AppData\Roaming\Foxit Software
[2011/02/16 16:14:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2011/02/16 16:14:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2011/02/15 18:58:38 | 000,000,000 | ---D | C] -- C:\Users\Thomas_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
[2011/02/15 18:39:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
[2011/02/15 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Thomas_2\Desktop\Wilco Publishing - The Modern Airliner Collection - Airbus Series Volume 1 - Deluxe Edition
[2011/02/14 18:10:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CaptainSim 757-200 PRO
[2011/02/14 17:15:29 | 000,000,000 | ---D | C] -- C:\Users\Thomas_2\AppData\Local\CrashDumps
[2011/02/13 02:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Captain Sim
[2011/02/13 02:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\CaptainSim
[2011/02/11 21:47:30 | 000,000,000 | ---D | C] -- C:\Users\Thomas_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DBS Studio
[2011/02/11 21:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DBS Studio
[2011/02/10 19:25:47 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/02/10 19:25:46 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/02/10 19:25:45 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/02/10 19:25:45 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/02/10 19:25:45 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/02/10 19:25:45 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/02/10 19:25:45 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/02/10 19:25:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/02/10 19:25:45 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/02/10 19:25:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/02/10 19:25:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/02/10 19:25:45 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011/03/12 17:52:05 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/12 14:33:42 | 000,001,876 | ---- | M] () -- C:\Users\Thomas_2\Desktop\GEONExT.lnk
[2011/03/12 12:07:07 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/12 12:07:07 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/12 12:04:47 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/03/12 12:04:47 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/03/12 12:04:47 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/03/12 12:04:47 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/03/12 12:04:47 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/03/12 11:59:03 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/12 11:58:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/12 11:58:06 | 2214,043,648 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/11 19:00:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/03/11 18:39:09 | 000,002,516 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011/03/11 16:21:52 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Real Environment Xtreme.lnk
[2011/03/11 15:29:36 | 004,889,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/03/08 19:28:36 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/03/04 20:55:47 | 000,001,907 | ---- | M] () -- C:\Users\Public\Desktop\SeaMonkey.lnk
[2011/03/04 19:22:39 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011/02/25 20:40:22 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/02/23 16:04:07 | 000,238,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/02/19 21:47:03 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2011/02/19 07:37:10 | 001,540,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/02/19 07:36:49 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/02/19 06:32:48 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011/02/19 06:32:35 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011/02/16 16:14:38 | 000,001,236 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2011/02/15 22:10:11 | 000,000,157 | ---- | M] () -- C:\Users\Thomas_2\.gtkrc-2.0
[2011/02/11 21:47:30 | 000,001,583 | ---- | M] () -- C:\Users\Thomas_2\Desktop\DBS WalkAndFollow User Guide.lnk
[2011/02/11 21:47:30 | 000,001,578 | ---- | M] () -- C:\Users\Thomas_2\Desktop\DBS Activation Guide.lnk
 
========== Files Created - No Company Name ==========
 
[2011/03/12 14:33:42 | 000,001,876 | ---- | C] () -- C:\Users\Thomas_2\Desktop\GEONExT.lnk
[2011/03/11 16:21:52 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Real Environment Xtreme.lnk
[2011/03/04 20:55:47 | 000,001,907 | ---- | C] () -- C:\Users\Public\Desktop\SeaMonkey.lnk
[2011/02/27 15:17:43 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
[2011/02/25 20:40:22 | 000,002,290 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/02/16 16:14:38 | 000,001,236 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2011/02/15 22:10:11 | 000,000,157 | ---- | C] () -- C:\Users\Thomas_2\.gtkrc-2.0
[2011/02/12 20:14:55 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011/02/12 20:14:55 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011/02/11 21:47:30 | 000,001,583 | ---- | C] () -- C:\Users\Thomas_2\Desktop\DBS WalkAndFollow User Guide.lnk
[2011/02/11 21:47:30 | 000,001,578 | ---- | C] () -- C:\Users\Thomas_2\Desktop\DBS Activation Guide.lnk
[2011/02/06 13:19:13 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\A8247170B7.sys
[2011/02/06 13:13:39 | 000,002,516 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011/02/06 10:37:13 | 000,000,168 | RHS- | C] () -- C:\ProgramData\A8247170B7.sys
[2011/02/06 10:37:12 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/01/02 14:35:21 | 000,003,584 | ---- | C] () -- C:\Users\Thomas_2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/09 10:42:56 | 000,001,614 | ---- | C] () -- C:\Windows\convert-settings.ini
[2010/11/01 14:34:02 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/10/07 03:46:29 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/09/16 21:02:50 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/01/16 01:15:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2007/06/05 13:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\SysWow64\PSIService.exe

< End of report >
Extras OTL:

Code:
OTL Extras logfile created on: 3/12/2011 6:34:42 PM - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Thomas\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 38.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 64.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.34 Gb Total Space | 316.76 Gb Free Space | 70.03% Space Free | Partition Type: NTFS
Drive D: | 13.32 Gb Total Space | 1.64 Gb Free Space | 12.30% Space Free | Partition Type: NTFS
 
Computer Name: THOMASPC | User Name: Thomas_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46AE421C-BF1B-4B62-BE0E-62FE09C6D5B5}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88FD4472-F950-4083-A6FA-A829AC785B04}" = Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}" = HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{319E272A-B5DB-4939-99D0-1F1F0C55699E}" = HP Support Assistant
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CFCC6FD-AEA2-4208-99A6-45CBF9DFFD82}" = Real Environment Xtreme
"{4EE9A620-46A0-4BCF-82AC-950D2BBED982}" = Belkin Wireless USB Adapter Setup
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Hilfe
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{833D97B9-AC16-45C1-AD44-0A32198956F8}" = Gimp Themes v1.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}" = Microsoft Flight Simulator X Service Pack 2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"737 Pilot in Command (FSX)" = 737 Pilot in Command (FSX)
"737-300 Pilot in Command" = 737-300 Pilot in Command
"777 'The Modern Airliner Collection'" = 777 'The Modern Airliner Collection'
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CamStudio" = CamStudio
"DBS Walk And Follow" = DBS Walk And Follow
"EasyBits Magic Desktop" = Magic Desktop
"eMule" = eMule
"FileZilla Client" = FileZilla Client 3.3.5.1
"Foxit Reader" = Foxit Reader
"Free YouTube Download_is1" = Free YouTube Download 2.10
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"GEONExT_is1" = GEONExT 1.73.1
"HijackThis" = HijackThis 2.0.2
"HyperCam 3" = HyperCam 3
"Icy Tower v1.4_is1" = Icy Tower v1.4
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"SeaMonkey (2.0.12)" = SeaMonkey (2.0.12)
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"SuperEdi_is1" = WoLoSoft SuperEdi 3.7.1
"TeamViewer 6" = TeamViewer 6
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"WinGimp-2.0_is1" = GIMP 2.6.11
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"A380v2 (FSX)" = A380v2 (FSX)
"Airbus Series Vol.2 (FS X)" = Airbus Series Vol.2 (FS X)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 2/14/2011 12:16:12 PM | Computer Name = ThomasPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 747400_LoadManager.exe, Version:
10.0.61355.17, Zeitstempel: 0x472b0d7f  Name des fehlerhaften Moduls: unknown, Version:
 0.0.0.0, Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x4d9fe7b6
ID
 des fehlerhaften Prozesses: 0xb88  Startzeit der fehlerhaften Anwendung: 0x01cbcc627d876e40
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Games\Microsoft Flight
 Simulator X\PMDG\747400_LoadManager.exe  Pfad des fehlerhaften Moduls: unknown  Berichtskennung:
 bcf65230-3855-11e0-bc14-f2804f26356b
 
Error - 2/14/2011 12:16:29 PM | Computer Name = ThomasPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 747400_LoadManager.exe, Version:
10.0.61355.17, Zeitstempel: 0x472b0d7f  Name des fehlerhaften Moduls: KERNELBASE.dll,
 Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdbdf  Ausnahmecode: 0xc06d007f  Fehleroffset:
 0x0000b727  ID des fehlerhaften Prozesses: 0x118  Startzeit der fehlerhaften Anwendung:
 0x01cbcc62887ce960  Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft
 Games\Microsoft Flight Simulator X\PMDG\747400_LoadManager.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: c6fadda0-3855-11e0-bc14-f2804f26356b
 
Error - 2/14/2011 12:16:37 PM | Computer Name = ThomasPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 747400_LoadManager.exe, Version:
10.0.61355.17, Zeitstempel: 0x472b0d7f  Name des fehlerhaften Moduls: KERNELBASE.dll,
 Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdbdf  Ausnahmecode: 0xc06d007f  Fehleroffset:
 0x0000b727  ID des fehlerhaften Prozesses: 0x6f4  Startzeit der fehlerhaften Anwendung:
 0x01cbcc628d61f6a0  Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft
 Games\Microsoft Flight Simulator X\PMDG\747400_LoadManager.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: cbdabac0-3855-11e0-bc14-f2804f26356b
 
Error - 2/14/2011 12:20:57 PM | Computer Name = ThomasPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61472.0, Zeitstempel:
 0x475e17d3  Name des fehlerhaften Moduls: PMDG_747400_Overhead.DLL, Version: 10.0.61355.17,
 Zeitstempel: 0x472b39c8  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002d971  ID des fehlerhaften
 Prozesses: 0xb3c  Startzeit der fehlerhaften Anwendung: 0x01cbcc62daa2e140  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Games\Microsoft Flight
 Simulator X\fsx.exe  Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Microsoft
 Games\Microsoft Flight Simulator X\GAUGES\PMDG_747400_Overhead.DLL  Berichtskennung:
 66f155f0-3856-11e0-bc14-f2804f26356b
 
Error - 2/15/2011 11:33:38 AM | Computer Name = ThomasPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61472.0, Zeitstempel:
 0x475e17d3  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695, Zeitstempel:
 0x4cc7ab86  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00033b30  ID des fehlerhaften Prozesses:
 0x76c  Startzeit der fehlerhaften Anwendung: 0x01cbcd220a1e38b0  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: f5615570-3918-11e0-a6de-7071bc609175
 
Error - 2/15/2011 5:10:43 PM | Computer Name = ThomasPC | Source = Application Hang | ID = 1002
Description = Programm gimp-2.6.exe, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 9c4    Startzeit:
01cbcd54bcd13020    Endzeit: 0    Anwendungspfad: C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe

Berichts-ID:
 035576a1-3948-11e0-b8b5-d4a2382a7576 
 
Error - 2/19/2011 4:45:53 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Thomas\Downloads\SoftonicDownloader_fuer_camstudio.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
 
Error - 2/19/2011 7:02:16 PM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Thomas\Downloads\SoftonicDownloader_fuer_camstudio.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
 
Error - 2/20/2011 9:13:48 AM | Computer Name = ThomasPC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Thomas\Downloads\SoftonicDownloader_fuer_camstudio.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
 
Error - 2/22/2011 3:41:32 PM | Computer Name = ThomasPC | Source = Application Hang | ID = 1002
Description = Programm fsx.exe, Version 10.0.61472.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: f78    Startzeit:
01cbd2c81ac57f10    Endzeit: 37    Anwendungspfad: C:\Program Files (x86)\Microsoft Games\Microsoft
 Flight Simulator X\fsx.exe    Berichts-ID: bb27e011-3ebb-11e0-ad35-7071bc609175 
 
[ Media Center Events ]
Error - 1/28/2011 9:58:58 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:58:53 - Fehler beim Herstellen der Internetverbindung.  14:58:53
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 1/29/2011 9:25:23 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:25:23 - Fehler beim Herstellen der Internetverbindung.  14:25:23
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 1/29/2011 9:25:59 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:25:52 - Fehler beim Herstellen der Internetverbindung.  14:25:52
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 1/30/2011 9:24:49 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:24:48 - Fehler beim Herstellen der Internetverbindung.  14:24:48
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 1/30/2011 9:25:23 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:25:18 - Fehler beim Herstellen der Internetverbindung.  14:25:18
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 1/31/2011 9:20:13 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:20:13 - Fehler beim Herstellen der Internetverbindung.  14:20:13
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 1/31/2011 9:20:46 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:20:42 - Fehler beim Herstellen der Internetverbindung.  14:20:42
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 2/1/2011 9:48:29 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:48:29 - Fehler beim Herstellen der Internetverbindung.  14:48:29
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 2/1/2011 9:49:02 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 14:48:58 - Fehler beim Herstellen der Internetverbindung.  14:48:58
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 2/15/2011 10:32:35 AM | Computer Name = ThomasPC | Source = MCUpdate | ID = 0
Description = 15:32:35 - MCESpotlight konnte nicht abgerufen werden (Fehler: Timeout
 für Vorgang überschritten) 
 
[ System Events ]
Error - 1/21/2011 8:44:06 AM | Computer Name = ThomasPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 1/21/2011 8:44:06 AM | Computer Name = ThomasPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 1/21/2011 8:44:06 AM | Computer Name = ThomasPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 1/21/2011 8:44:06 AM | Computer Name = ThomasPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 1/21/2011 8:44:06 AM | Computer Name = ThomasPC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 1/21/2011 8:45:02 AM | Computer Name = ThomasPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "FileZilla Server FTP server" wurde aufgrund folgenden
Fehlers nicht gestartet:  %%2
 
Error - 2/4/2011 11:18:52 AM | Computer Name = ThomasPC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Akamai NetSession Interface" ist als interaktiver Dienst
 gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
 nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 2/6/2011 2:14:57 PM | Computer Name = ThomasPC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Akamai NetSession Interface" ist als interaktiver Dienst
 gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
 nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 2/15/2011 1:35:20 PM | Computer Name = ThomasPC | Source = DCOM | ID = 10010
Description =
 
Error - 2/23/2011 9:58:54 AM | Computer Name = ThomasPC | Source = bowser | ID = 8003
Description =
 
 
< End of report >

cosinus 13.03.2011 13:54
Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes.

Thomas13 13.03.2011 18:26
Sind keine weiteren Logs da.

cosinus 13.03.2011 19:18
Zitat:
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
Warum werden auf deinem Rechner diese Seiten gesperrt?

Thomas13 15.03.2011 16:00
Ich kenne diese Seiten nicht.. Könnte es von Malwarebytes blockiert worden sein?

cosinus 15.03.2011 16:20
Hattest du mal die Adobe Creative Suite o.ä. installiert gehabt?

Thomas13 15.03.2011 16:23
Ich hatte mal Photoshop als Testversion.

cosinus 15.03.2011 16:47
Aus welcher Quelle hattest du diese Testversion?

Thomas13 15.03.2011 16:56
Hab das von chip.de runtergeladen.

cosinus 15.03.2011 20:44
Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
O4 - HKLM..\Run: []  File not found
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Thomas13 15.03.2011 21:40
@cosinus Erstmal danke für deine Hilfe.
OTL hat den Computer neu gestartet, ohne ein Logfile zu öffnen. Es kam eine Infobox, wo stand ich solle den PC neu starten. Als ich auf OK geklickt hab, wurde der PC einfach neu gestartet. Ohne Logfile..

cosinus 16.03.2011 09:18
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Thomas13 16.03.2011 18:02
Combofix log.txt:

Code:
ComboFix 11-03-15.03 - Thomas_2 16.03.2011  17:35:35.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.49.1031.18.2815.1522 [GMT 1:00]
ausgeführt von:: c:\users\Thomas\Desktop\cofi.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-02-16 bis 2011-03-16  ))))))))))))))))))))))))))))))
.
.
2011-03-16 16:50 . 2011-03-16 16:50        --------        d-----w-        c:\users\Thomas_2\AppData\Local\temp
2011-03-16 16:50 . 2011-03-16 16:50        --------        d-----w-        c:\users\Gast\AppData\Local\temp
2011-03-16 16:50 . 2011-03-16 16:50        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-03-15 20:31 . 2011-03-15 20:31        --------        d-----w-        C:\_OTL
2011-03-15 19:51 . 2011-03-15 19:51        --------        d-----w-        c:\program files (x86)\Zone Labs
2011-03-15 19:34 . 2011-03-15 19:34        --------        d-----w-        c:\users\Thomas_2\AppData\Local\Adobe
2011-03-15 19:25 . 2011-03-15 19:25        --------        d-----w-        c:\users\Thomas\AppData\Local\Mozilla
2011-03-15 19:25 . 2011-03-15 19:25        --------        d-----w-        c:\users\Thomas\AppData\Local\Adobe
2011-03-15 19:24 . 2011-03-15 19:24        --------        d-----w-        c:\programdata\CheckPoint
2011-03-15 19:17 . 2011-03-15 19:17        --------        d-----w-        c:\users\Thomas_2\AppData\Local\Mozilla
2011-03-15 14:51 . 2011-02-11 07:30        7947600        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{6DD30E80-2C9C-4F78-BF68-CBF6DFBD50FF}\mpengine.dll
2011-03-13 17:36 . 2010-05-15 15:30        458840        ----a-w-        c:\windows\SysWow64\drivers\vsdatant.sys
2011-03-13 17:12 . 2011-02-18 16:28        46592        ----a-w-        c:\windows\SysWow64\vsutil_loc0407.dll
2011-03-13 17:12 . 2010-04-09 11:06        374664        ----a-w-        c:\windows\system32\drivers\netio.sys
2011-03-13 17:11 . 2011-02-18 16:28        69120        ----a-w-        c:\windows\SysWow64\zlcomm.dll
2011-03-13 17:11 . 2011-02-18 16:28        104448        ----a-w-        c:\windows\SysWow64\zlcommdb.dll
2011-03-13 17:11 . 2011-02-18 16:28        1238528        ----a-w-        c:\windows\SysWow64\zpeng25.dll
2011-03-13 17:11 . 2011-03-15 14:34        --------        d-----w-        c:\windows\SysWow64\ZoneLabs
2011-03-13 17:11 . 2011-02-18 16:28        112128        ------w-        c:\windows\SysWow64\zzzzzzzzzzzzzzzzzzzz.dll
2011-03-13 17:11 . 2010-05-15 15:30        458840        ----a-w-        c:\windows\system32\drivers\~GLH0023.TMP
2011-03-13 17:11 . 2010-05-15 15:30        458840        ----a-w-        c:\windows\system32\drivers\vsdatant.sys
2011-03-13 17:10 . 2011-02-18 16:28        715264        ------w-        c:\windows\SysWow64\zzz.dll
2011-03-12 13:33 . 2011-03-12 13:33        --------        d-----w-        c:\program files (x86)\GEONExT
2011-03-11 18:00 . 2011-02-23 15:04        238968        ----a-w-        c:\windows\system32\aswBoot.exe
2011-03-11 17:08 . 2011-03-11 17:08        --------        d-----w-        c:\users\Thomas_2\AppData\Roaming\Avira
2011-03-11 15:23 . 2011-03-11 15:49        --------        d-----w-        c:\users\Thomas_2\AppData\Local\Real_Environment_Xtreme
2011-03-11 15:16 . 2011-03-11 15:49        --------        d-----w-        c:\program files (x86)\Real Environment Xtreme
2011-03-09 14:44 . 2010-12-23 06:07        1118720        ----a-w-        c:\windows\system32\sbe.dll
2011-03-09 14:44 . 2010-12-23 06:07        961024        ----a-w-        c:\windows\system32\CPFilters.dll
2011-03-09 14:44 . 2010-12-23 06:07        723968        ----a-w-        c:\windows\system32\EncDec.dll
2011-03-09 14:44 . 2010-12-23 05:28        642048        ----a-w-        c:\windows\SysWow64\CPFilters.dll
2011-03-09 14:44 . 2010-12-23 05:28        534528        ----a-w-        c:\windows\SysWow64\EncDec.dll
2011-03-09 14:44 . 2010-12-23 06:02        259072        ----a-w-        c:\windows\system32\mpg2splt.ax
2011-03-09 14:44 . 2010-12-23 05:28        850432        ----a-w-        c:\windows\SysWow64\sbe.dll
2011-03-09 14:44 . 2010-12-23 05:24        199680        ----a-w-        c:\windows\SysWow64\mpg2splt.ax
2011-03-09 14:43 . 2011-02-19 06:37        1135104        ----a-w-        c:\windows\system32\FntCache.dll
2011-03-09 14:43 . 2011-02-19 06:37        1540608        ----a-w-        c:\windows\system32\DWrite.dll
2011-03-09 14:43 . 2011-02-19 05:32        1074176        ----a-w-        c:\windows\SysWow64\DWrite.dll
2011-03-09 14:43 . 2011-02-19 06:36        902656        ----a-w-        c:\windows\system32\d2d1.dll
2011-03-09 14:43 . 2011-02-19 05:32        739840        ----a-w-        c:\windows\SysWow64\d2d1.dll
2011-03-09 14:40 . 2010-12-18 06:12        3138048        ----a-w-        c:\windows\system32\mstscax.dll
2011-03-09 14:40 . 2010-12-18 06:08        1097216        ----a-w-        c:\windows\system32\mstsc.exe
2011-03-09 14:40 . 2010-12-18 05:30        2690560        ----a-w-        c:\windows\SysWow64\mstscax.dll
2011-03-09 14:40 . 2010-12-18 05:26        1034240        ----a-w-        c:\windows\SysWow64\mstsc.exe
2011-03-05 17:53 . 2011-03-05 21:31        150865        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\UnLvld767.exe
2011-03-04 19:55 . 2011-03-04 19:55        --------        d-----w-        c:\program files (x86)\SeaMonkey
2011-02-27 14:17 . 2011-02-27 14:18        --------        d-----w-        c:\program files (x86)\Movie Maker 2.6
2011-02-25 19:39 . 2011-02-25 19:40        --------        d-----w-        c:\users\Thomas\AppData\Local\Google
2011-02-24 17:23 . 2008-11-10 01:00        425984        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Mega Airport Paris CDG SC\LFPGTraffic.exe
2011-02-24 16:57 . 2009-08-18 14:26        566272        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\VFR Germany 4\ObjectConfigTool.exe
2011-02-24 15:36 . 2011-02-24 15:36        --------        d-----w-        c:\program files (x86)\Common Files\Skype
2011-02-23 19:31 . 2010-09-14 06:45        367104        ----a-w-        c:\windows\system32\wcncsvc.dll
2011-02-23 19:31 . 2010-09-14 06:07        276992        ----a-w-        c:\windows\SysWow64\wcncsvc.dll
2011-02-23 14:04 . 2011-01-07 08:07        662528        ----a-w-        c:\windows\system32\XpsPrint.dll
2011-02-23 14:04 . 2011-01-07 08:07        475648        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2011-02-23 14:04 . 2011-01-07 07:31        442880        ----a-w-        c:\windows\SysWow64\XpsPrint.dll
2011-02-23 14:04 . 2011-01-07 07:31        288256        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-20 17:23 . 2011-02-20 17:23        79869        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Uninstal.exe
2011-02-16 21:53 . 2009-12-09 01:05        60400        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\VMCX_SP2.dll
2011-02-16 21:53 . 2009-12-09 01:05        60400        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\VMCX_AP.dll
2011-02-16 21:53 . 2009-12-09 01:05        56304        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaIScnX_AP.dll
2011-02-16 21:53 . 2009-12-09 01:05        19952        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaNET_AP.dll
2011-02-16 21:53 . 2009-12-09 01:05        13824        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\hkeys.dll
2011-02-16 15:15 . 2011-02-16 15:15        --------        d-----w-        c:\users\Thomas\AppData\Roaming\Foxit Software
2011-02-16 15:15 . 2011-02-16 15:15        --------        d-----w-        c:\users\Thomas_2\AppData\Roaming\Foxit Software
2011-02-16 15:14 . 2011-02-16 15:14        --------        d-----w-        c:\program files (x86)\Foxit Software
2011-02-15 18:57 . 2011-03-05 18:19        --------        d-----w-        c:\users\Thomas\AppData\Local\World_of_AI
2011-02-15 17:58 . 2004-09-30 19:40        209611        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Modules\FSUIPC.dll
2011-02-15 17:58 . 2004-07-15 04:07        186368        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Modules\PMDGOptions.DLL
2011-02-15 17:39 . 2008-10-11 13:48        14104        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\WaveLib.dll
2011-02-15 17:39 . 2008-10-11 13:48        21272        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG_SimConnect_Ldr.dll
2011-02-15 17:39 . 2005-05-16 23:12        163840        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\TCAS2v7.dll
2011-02-14 17:40 . 2011-02-18 20:29        132293        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Uninstal_Airbus2X_wilco.exe
2011-02-14 17:15 . 2011-02-14 17:09        695578        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins000.exe
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-15 15:34 . 2011-01-20 21:00        1220416        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-02-06 11:31 . 2011-02-06 09:37        5018        --sha-w-        c:\programdata\KGyGaAvL.sys
2011-02-06 11:30 . 2011-02-06 09:37        168        --sh--r-        c:\programdata\A8247170B7.sys
2011-02-02 16:11 . 2010-10-18 18:55        270720        ------w-        c:\windows\system32\MpSigStub.exe
2011-02-02 13:43 . 2011-02-02 13:43        2300696        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-02-02 13:43 . 2011-01-20 21:00        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-02-02 13:43 . 2011-02-02 13:43        1220416        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-01-26 06:53 . 2011-02-10 14:37        982912        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:53 . 2011-02-10 14:37        265088        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:31 . 2011-02-10 14:37        144384        ----a-w-        c:\windows\system32\cdd.dll
2011-01-20 22:01 . 2011-01-20 22:01        2300696        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-01-20 22:01 . 2011-01-20 22:01        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-01-07 08:06 . 2011-02-10 14:37        46080        ----a-w-        c:\windows\system32\atmlib.dll
2011-01-07 07:27 . 2011-02-10 14:37        34304        ----a-w-        c:\windows\SysWow64\atmlib.dll
2011-01-07 05:49 . 2011-02-10 14:37        366080        ----a-w-        c:\windows\system32\atmfd.dll
2011-01-07 05:33 . 2011-02-10 14:37        294400        ----a-w-        c:\windows\SysWow64\atmfd.dll
2011-01-05 06:20 . 2011-02-10 14:37        612352        ----a-w-        c:\windows\system32\vbscript.dll
2011-01-05 05:37 . 2011-02-10 14:37        428032        ----a-w-        c:\windows\SysWow64\vbscript.dll
2011-01-05 04:00 . 2011-02-10 14:37        3127808        ----a-w-        c:\windows\system32\win32k.sys
2010-12-21 06:16 . 2011-02-10 14:37        62976        ----a-w-        c:\windows\system32\wscapi.dll
2010-12-21 06:16 . 2011-02-10 14:37        97280        ----a-w-        c:\windows\system32\wscsvc.dll
2010-12-21 06:16 . 2011-02-10 14:37        214016        ----a-w-        c:\windows\system32\winsrv.dll
2010-12-21 06:16 . 2011-02-10 14:37        442880        ----a-w-        c:\windows\system32\winhttp.dll
2010-12-21 06:16 . 2011-02-10 14:37        1197056        ----a-w-        c:\windows\system32\wininet.dll
2010-12-21 06:16 . 2011-02-10 14:37        258048        ----a-w-        c:\windows\system32\WebClnt.dll
2010-12-21 06:15 . 2011-02-10 14:37        264192        ----a-w-        c:\windows\system32\upnp.dll
2010-12-21 06:15 . 2011-02-10 14:37        15360        ----a-w-        c:\windows\system32\slwga.dll
2010-12-21 06:13 . 2011-02-10 14:37        2003968        ----a-w-        c:\windows\system32\msxml6.dll
2010-12-21 06:13 . 2011-02-10 14:37        1880576        ----a-w-        c:\windows\system32\msxml3.dll
2010-12-21 06:10 . 2011-02-10 14:37        100864        ----a-w-        c:\windows\system32\davclnt.dll
2010-12-21 05:38 . 2011-02-10 14:37        51200        ----a-w-        c:\windows\SysWow64\wscapi.dll
2010-12-21 05:38 . 2011-02-10 14:37        981504        ----a-w-        c:\windows\SysWow64\wininet.dll
2010-12-21 05:38 . 2011-02-10 14:37        350720        ----a-w-        c:\windows\SysWow64\winhttp.dll
2010-12-21 05:38 . 2011-02-10 14:37        204800        ----a-w-        c:\windows\SysWow64\WebClnt.dll
2010-12-21 05:38 . 2011-02-10 14:37        204288        ----a-w-        c:\windows\SysWow64\upnp.dll
2010-12-21 05:38 . 2011-02-10 14:37        14336        ----a-w-        c:\windows\SysWow64\slwga.dll
2010-12-21 05:36 . 2011-02-10 14:37        1389568        ----a-w-        c:\windows\SysWow64\msxml6.dll
2010-12-21 05:36 . 2011-02-10 14:37        1236992        ----a-w-        c:\windows\SysWow64\msxml3.dll
2010-12-21 05:34 . 2011-02-10 14:37        80384        ----a-w-        c:\windows\SysWow64\davclnt.dll
2010-12-20 17:09 . 2010-10-10 22:50        38224        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2010-10-10 22:50        24152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2010-12-18 06:11 . 2011-02-10 18:25        57856        ----a-w-        c:\windows\system32\licmgr10.dll
2010-12-18 06:11 . 2011-02-10 14:37        714752        ----a-w-        c:\windows\system32\kerberos.dll
2010-12-18 05:29 . 2011-02-10 18:25        44544        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2010-12-18 05:29 . 2011-02-10 14:37        541184        ----a-w-        c:\windows\SysWow64\kerberos.dll
2010-12-18 04:55 . 2011-02-10 18:25        482816        ----a-w-        c:\windows\system32\html.iec
2010-12-18 04:20 . 2011-02-10 18:25        386048        ----a-w-        c:\windows\SysWow64\html.iec
2010-12-18 04:13 . 2011-02-10 18:25        1638912        ----a-w-        c:\windows\system32\mshtml.tlb
2010-12-18 03:47 . 2011-02-10 18:25        1638912        ----a-w-        c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-22 136176]
R3 GWHid;VL807 Hidmini driver;c:\windows\system32\DRIVERS\GWHid.sys [x]
R3 VL807;VL807 Filter;c:\windows\system32\DRIVERS\VL807.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-01 2296696]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-22 20:46]
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-22 20:46]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Thomas_2\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
FF - ProfilePath - c:\users\Thomas_2\AppData\Roaming\Mozilla\Firefox\Profiles\nr15cvif.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.de
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{319E272A-B5DB-4939-99D0-1F1F0C55699E} - c:\program files (x86)\InstallShield Installation Information\{319E272A-B5DB-4939-99D0-1F1F0C55699E}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_dbc0250.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_dbc0250.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-03-16  17:58:39
ComboFix-quarantined-files.txt  2011-03-16 16:58
.
Vor Suchlauf: 11 Verzeichnis(se), 351.209.852.928 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 351.688.441.856 Bytes frei
.
- - End Of File - - D1FF4CCA5741F6BFB1C1AA6B91572EC0

cosinus 16.03.2011 19:24
Zitat:
FW: ZoneAlarm Firewall *Disabled*
hast du ZoneAlarm noch nicht deinstalliert?

Thomas13 16.03.2011 19:28
Ich versuch das schon, aber die Dateien, insbesondere der Ordner "ZoneLabs" in C:\Windows\System32 lassen sich nicht löschen. Auch nicht mit Admin Account, oder File Assasin von Malwarebytes. Im abgesicherten Modus werden die Ordner nicht angezeigt. Das heißt ich kann der Anleitung hier auf dem Forum nicht nachgehen.

cosinus 16.03.2011 19:33
Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:
Seccenter::
FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}

Folder::
c:\programdata\CheckPoint
c:\windows\SysWow64\ZoneLabs


File::
c:\windows\SysWow64\drivers\vsdatant.sys
c:\windows\SysWow64\vsutil_loc0407.dll
c:\windows\SysWow64\zlcomm.dll
c:\windows\SysWow64\zlcommdb.dll
c:\windows\SysWow64\zpeng25.dll
c:\windows\SysWow64\zzzzzzzzzzzzzzzzzzzz.dll
c:\windows\system32\drivers\~GLH0023.TMP
c:\windows\system32\drivers\vsdatant.sys
c:\windows\SysWow64\zzz.dll
c:\programdata\A8247170B7.sys
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

http://users.pandora.be/bluepatchy/m...s/CFScript.gif

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Thomas13 16.03.2011 20:20
Combofix hat nach einem Update gefragt, das hab ich dann gemacht. Dann hat Combofix gearbeitet, neu gestartet, und dann sowas wie eine "Test-Malware" runtergeladen, und hat dann das Log hier ausgespuckt:

Code:
ComboFix 11-03-16.01 - Thomas_2 16.03.2011  19:47:35.2.2 - x64
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.49.1031.18.2815.1410 [GMT 1:00]
ausgeführt von:: c:\users\Thomas\Desktop\cofi.exe
Benutzte Befehlsschalter :: c:\users\Thomas\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\A8247170B7.sys"
"c:\windows\system32\drivers\~GLH0023.TMP"
"c:\windows\system32\drivers\vsdatant.sys"
"c:\windows\SysWow64\drivers\vsdatant.sys"
"c:\windows\SysWow64\vsutil_loc0407.dll"
"c:\windows\SysWow64\zlcomm.dll"
"c:\windows\SysWow64\zlcommdb.dll"
"c:\windows\SysWow64\zpeng25.dll"
"c:\windows\SysWow64\zzz.dll"
"c:\windows\SysWow64\zzzzzzzzzzzzzzzzzzzz.dll"
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\A8247170B7.sys
c:\programdata\CheckPoint
c:\windows\system32\drivers\~GLH0023.TMP
c:\windows\SysWow64\drivers\vsdatant.sys
c:\windows\SysWow64\vsutil_loc0407.dll
c:\windows\SysWow64\zlcomm.dll
c:\windows\SysWow64\zlcommdb.dll
c:\windows\SysWow64\ZoneLabs\camupd.dll
c:\windows\SysWow64\ZoneLabs\camupd_loc0407.dll
c:\windows\SysWow64\ZoneLabs\cerbprovider.pvx
c:\windows\SysWow64\ZoneLabs\dbghelp.dll
c:\windows\SysWow64\ZoneLabs\fbl.dll
c:\windows\SysWow64\ZoneLabs\featuremap.dll
c:\windows\SysWow64\ZoneLabs\ffapi.dll
c:\windows\SysWow64\ZoneLabs\icslta.dll
c:\windows\SysWow64\ZoneLabs\lib\Alert.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\ConfigWizard.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\DashBoard.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\LicenseUI.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\MainLoop.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\NavBar.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1010.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1413.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1440.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1445.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1454.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1460.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1466.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1486.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1487.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\oem_1488.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\Overview.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\pyd\_ctypes.pyd
c:\windows\SysWow64\ZoneLabs\lib\pyd\_socket.pyd
c:\windows\SysWow64\ZoneLabs\lib\pyd\pyexpat.pyd
c:\windows\SysWow64\ZoneLabs\lib\pyd\zpui.pyd
c:\windows\SysWow64\ZoneLabs\lib\TrayTest.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\UpdateUI.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\ZAlert.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\zfde.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\zmenu.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\zpy.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\zsys.zip.dll
c:\windows\SysWow64\ZoneLabs\lib\zui.zip.dll
c:\windows\SysWow64\ZoneLabs\osfwrules.xml
c:\windows\SysWow64\ZoneLabs\qrbase.dll
c:\windows\SysWow64\ZoneLabs\scheduler.dll
c:\windows\SysWow64\ZoneLabs\scheduler_loc0407.dll
c:\windows\SysWow64\ZoneLabs\ssleay32.dll
c:\windows\SysWow64\ZoneLabs\Updates\LocalCatalog.xml
c:\windows\SysWow64\ZoneLabs\updating.dll
c:\windows\SysWow64\ZoneLabs\updClient_loc0407.dll
c:\windows\SysWow64\ZoneLabs\vsdb.dll
c:\windows\SysWow64\ZoneLabs\vsdb_loc0407.dll
c:\windows\SysWow64\ZoneLabs\vsmon.exe
c:\windows\SysWow64\ZoneLabs\vsmon_loc0407.dll
c:\windows\SysWow64\ZoneLabs\vsruledb.dll
c:\windows\SysWow64\ZoneLabs\vsruledb_loc0407.dll
c:\windows\SysWow64\ZoneLabs\vsvault.dll
c:\windows\SysWow64\ZoneLabs\vsvault_loc0407.dll
c:\windows\SysWow64\ZoneLabs\zatray.exe
c:\windows\SysWow64\ZoneLabs\zlquarantine.dll
c:\windows\SysWow64\ZoneLabs\zlquarantine_loc0407.dll
c:\windows\SysWow64\ZoneLabs\zlsre_loc0407.dll
c:\windows\SysWow64\ZoneLabs\zlupdate.dll
c:\windows\SysWow64\ZoneLabs\ZoneAlarm.xml
c:\windows\SysWow64\zpeng25.dll
c:\windows\SysWow64\zzz.dll
c:\windows\SysWow64\zzzzzzzzzzzzzzzzzzzz.dll
c:\windows\system32\drivers\vsdatant.sys . . . . Nicht in der Lage zu löschen
c:\windows\SysWow64\ZoneLabs . . . . Nicht in der Lage zu löschen
c:\windows\SysWow64\ZoneLabs\safePrograms.xml . . . . Nicht in der Lage zu löschen
c:\windows\SysWow64\ZoneLabs\ZLCommDB.xml . . . . Nicht in der Lage zu löschen
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-02-16 bis 2011-03-16  ))))))))))))))))))))))))))))))
.
.
2011-03-16 18:55 . 2011-03-16 18:55        --------        d-----w-        c:\users\Thomas_2\AppData\Local\temp
2011-03-16 18:55 . 2011-03-16 18:55        --------        d-----w-        c:\users\Gast\AppData\Local\temp
2011-03-15 20:31 . 2011-03-15 20:31        --------        d-----w-        C:\_OTL
2011-03-15 19:51 . 2011-03-15 19:51        --------        d-----w-        c:\program files (x86)\Zone Labs
2011-03-15 19:34 . 2011-03-15 19:34        --------        d-----w-        c:\users\Thomas_2\AppData\Local\Adobe
2011-03-15 19:25 . 2011-03-15 19:25        --------        d-----w-        c:\users\Thomas\AppData\Local\Mozilla
2011-03-15 19:25 . 2011-03-15 19:25        --------        d-----w-        c:\users\Thomas\AppData\Local\Adobe
2011-03-15 19:17 . 2011-03-15 19:17        --------        d-----w-        c:\users\Thomas_2\AppData\Local\Mozilla
2011-03-15 14:51 . 2011-02-11 07:30        7947600        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{6DD30E80-2C9C-4F78-BF68-CBF6DFBD50FF}\mpengine.dll
2011-03-13 17:12 . 2010-04-09 11:06        374664        ----a-w-        c:\windows\system32\drivers\netio.sys
2011-03-13 17:11 . 2011-03-16 18:55        --------        d-----w-        c:\windows\SysWow64\ZoneLabs
2011-03-13 17:11 . 2010-05-15 15:30        458840        ----a-w-        c:\windows\system32\drivers\vsdatant.sys
2011-03-12 13:33 . 2011-03-12 13:33        --------        d-----w-        c:\program files (x86)\GEONExT
2011-03-11 18:00 . 2011-02-23 15:04        238968        ----a-w-        c:\windows\system32\aswBoot.exe
2011-03-11 17:08 . 2011-03-11 17:08        --------        d-----w-        c:\users\Thomas_2\AppData\Roaming\Avira
2011-03-11 15:23 . 2011-03-11 15:49        --------        d-----w-        c:\users\Thomas_2\AppData\Local\Real_Environment_Xtreme
2011-03-11 15:16 . 2011-03-11 15:49        --------        d-----w-        c:\program files (x86)\Real Environment Xtreme
2011-03-09 14:44 . 2010-12-23 06:07        1118720        ----a-w-        c:\windows\system32\sbe.dll
2011-03-09 14:44 . 2010-12-23 06:07        961024        ----a-w-        c:\windows\system32\CPFilters.dll
2011-03-09 14:44 . 2010-12-23 06:07        723968        ----a-w-        c:\windows\system32\EncDec.dll
2011-03-09 14:44 . 2010-12-23 05:28        642048        ----a-w-        c:\windows\SysWow64\CPFilters.dll
2011-03-09 14:44 . 2010-12-23 05:28        534528        ----a-w-        c:\windows\SysWow64\EncDec.dll
2011-03-09 14:44 . 2010-12-23 06:02        259072        ----a-w-        c:\windows\system32\mpg2splt.ax
2011-03-09 14:44 . 2010-12-23 05:28        850432        ----a-w-        c:\windows\SysWow64\sbe.dll
2011-03-09 14:44 . 2010-12-23 05:24        199680        ----a-w-        c:\windows\SysWow64\mpg2splt.ax
2011-03-09 14:43 . 2011-02-19 06:37        1135104        ----a-w-        c:\windows\system32\FntCache.dll
2011-03-09 14:43 . 2011-02-19 06:37        1540608        ----a-w-        c:\windows\system32\DWrite.dll
2011-03-09 14:43 . 2011-02-19 05:32        1074176        ----a-w-        c:\windows\SysWow64\DWrite.dll
2011-03-09 14:43 . 2011-02-19 06:36        902656        ----a-w-        c:\windows\system32\d2d1.dll
2011-03-09 14:43 . 2011-02-19 05:32        739840        ----a-w-        c:\windows\SysWow64\d2d1.dll
2011-03-09 14:40 . 2010-12-18 06:12        3138048        ----a-w-        c:\windows\system32\mstscax.dll
2011-03-09 14:40 . 2010-12-18 06:08        1097216        ----a-w-        c:\windows\system32\mstsc.exe
2011-03-09 14:40 . 2010-12-18 05:30        2690560        ----a-w-        c:\windows\SysWow64\mstscax.dll
2011-03-09 14:40 . 2010-12-18 05:26        1034240        ----a-w-        c:\windows\SysWow64\mstsc.exe
2011-03-05 17:53 . 2011-03-05 21:31        150865        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\UnLvld767.exe
2011-03-04 19:55 . 2011-03-04 19:55        --------        d-----w-        c:\program files (x86)\SeaMonkey
2011-02-27 14:17 . 2011-02-27 14:18        --------        d-----w-        c:\program files (x86)\Movie Maker 2.6
2011-02-25 19:39 . 2011-02-25 19:40        --------        d-----w-        c:\users\Thomas\AppData\Local\Google
2011-02-24 17:23 . 2008-11-10 01:00        425984        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Mega Airport Paris CDG SC\LFPGTraffic.exe
2011-02-24 16:57 . 2009-08-18 14:26        566272        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\VFR Germany 4\ObjectConfigTool.exe
2011-02-24 15:36 . 2011-02-24 15:36        --------        d-----w-        c:\program files (x86)\Common Files\Skype
2011-02-23 19:31 . 2010-09-14 06:45        367104        ----a-w-        c:\windows\system32\wcncsvc.dll
2011-02-23 19:31 . 2010-09-14 06:07        276992        ----a-w-        c:\windows\SysWow64\wcncsvc.dll
2011-02-23 14:04 . 2011-01-07 08:07        662528        ----a-w-        c:\windows\system32\XpsPrint.dll
2011-02-23 14:04 . 2011-01-07 08:07        475648        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2011-02-23 14:04 . 2011-01-07 07:31        442880        ----a-w-        c:\windows\SysWow64\XpsPrint.dll
2011-02-23 14:04 . 2011-01-07 07:31        288256        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-20 17:23 . 2011-02-20 17:23        79869        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Uninstal.exe
2011-02-16 21:53 . 2009-12-09 01:05        60400        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\VMCX_SP2.dll
2011-02-16 21:53 . 2009-12-09 01:05        60400        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\VMCX_AP.dll
2011-02-16 21:53 . 2009-12-09 01:05        56304        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaIScnX_AP.dll
2011-02-16 21:53 . 2009-12-09 01:05        19952        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaNET_AP.dll
2011-02-16 21:53 . 2009-12-09 01:05        13824        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\hkeys.dll
2011-02-16 15:15 . 2011-02-16 15:15        --------        d-----w-        c:\users\Thomas\AppData\Roaming\Foxit Software
2011-02-16 15:15 . 2011-02-16 15:15        --------        d-----w-        c:\users\Thomas_2\AppData\Roaming\Foxit Software
2011-02-16 15:14 . 2011-02-16 15:14        --------        d-----w-        c:\program files (x86)\Foxit Software
2011-02-15 18:57 . 2011-03-05 18:19        --------        d-----w-        c:\users\Thomas\AppData\Local\World_of_AI
2011-02-15 17:58 . 2004-09-30 19:40        209611        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Modules\FSUIPC.dll
2011-02-15 17:58 . 2004-07-15 04:07        186368        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Modules\PMDGOptions.DLL
2011-02-15 17:39 . 2008-10-11 13:48        14104        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\WaveLib.dll
2011-02-15 17:39 . 2008-10-11 13:48        21272        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG_SimConnect_Ldr.dll
2011-02-15 17:39 . 2005-05-16 23:12        163840        ----a-w-        c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\TCAS2v7.dll
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-15 15:34 . 2011-01-20 21:00        1220416        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-02-06 11:31 . 2011-02-06 09:37        5018        --sha-w-        c:\programdata\KGyGaAvL.sys
2011-02-02 16:11 . 2010-10-18 18:55        270720        ------w-        c:\windows\system32\MpSigStub.exe
2011-02-02 13:43 . 2011-02-02 13:43        2300696        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-02-02 13:43 . 2011-01-20 21:00        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-02-02 13:43 . 2011-02-02 13:43        1220416        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-01-26 06:53 . 2011-02-10 14:37        982912        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2011-01-26 06:53 . 2011-02-10 14:37        265088        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys
2011-01-26 06:31 . 2011-02-10 14:37        144384        ----a-w-        c:\windows\system32\cdd.dll
2011-01-20 22:01 . 2011-01-20 22:01        2300696        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-01-20 22:01 . 2011-01-20 22:01        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-01-07 08:06 . 2011-02-10 14:37        46080        ----a-w-        c:\windows\system32\atmlib.dll
2011-01-07 07:27 . 2011-02-10 14:37        34304        ----a-w-        c:\windows\SysWow64\atmlib.dll
2011-01-07 05:49 . 2011-02-10 14:37        366080        ----a-w-        c:\windows\system32\atmfd.dll
2011-01-07 05:33 . 2011-02-10 14:37        294400        ----a-w-        c:\windows\SysWow64\atmfd.dll
2011-01-05 06:20 . 2011-02-10 14:37        612352        ----a-w-        c:\windows\system32\vbscript.dll
2011-01-05 05:37 . 2011-02-10 14:37        428032        ----a-w-        c:\windows\SysWow64\vbscript.dll
2011-01-05 04:00 . 2011-02-10 14:37        3127808        ----a-w-        c:\windows\system32\win32k.sys
2010-12-21 06:16 . 2011-02-10 14:37        62976        ----a-w-        c:\windows\system32\wscapi.dll
2010-12-21 06:16 . 2011-02-10 14:37        97280        ----a-w-        c:\windows\system32\wscsvc.dll
2010-12-21 06:16 . 2011-02-10 14:37        214016        ----a-w-        c:\windows\system32\winsrv.dll
2010-12-21 06:16 . 2011-02-10 14:37        442880        ----a-w-        c:\windows\system32\winhttp.dll
2010-12-21 06:16 . 2011-02-10 14:37        1197056        ----a-w-        c:\windows\system32\wininet.dll
2010-12-21 06:16 . 2011-02-10 14:37        258048        ----a-w-        c:\windows\system32\WebClnt.dll
2010-12-21 06:15 . 2011-02-10 14:37        264192        ----a-w-        c:\windows\system32\upnp.dll
2010-12-21 06:15 . 2011-02-10 14:37        15360        ----a-w-        c:\windows\system32\slwga.dll
2010-12-21 06:13 . 2011-02-10 14:37        2003968        ----a-w-        c:\windows\system32\msxml6.dll
2010-12-21 06:13 . 2011-02-10 14:37        1880576        ----a-w-        c:\windows\system32\msxml3.dll
2010-12-21 06:10 . 2011-02-10 14:37        100864        ----a-w-        c:\windows\system32\davclnt.dll
2010-12-21 05:38 . 2011-02-10 14:37        51200        ----a-w-        c:\windows\SysWow64\wscapi.dll
2010-12-21 05:38 . 2011-02-10 14:37        981504        ----a-w-        c:\windows\SysWow64\wininet.dll
2010-12-21 05:38 . 2011-02-10 14:37        350720        ----a-w-        c:\windows\SysWow64\winhttp.dll
2010-12-21 05:38 . 2011-02-10 14:37        204800        ----a-w-        c:\windows\SysWow64\WebClnt.dll
2010-12-21 05:38 . 2011-02-10 14:37        204288        ----a-w-        c:\windows\SysWow64\upnp.dll
2010-12-21 05:38 . 2011-02-10 14:37        14336        ----a-w-        c:\windows\SysWow64\slwga.dll
2010-12-21 05:36 . 2011-02-10 14:37        1389568        ----a-w-        c:\windows\SysWow64\msxml6.dll
2010-12-21 05:36 . 2011-02-10 14:37        1236992        ----a-w-        c:\windows\SysWow64\msxml3.dll
2010-12-21 05:34 . 2011-02-10 14:37        80384        ----a-w-        c:\windows\SysWow64\davclnt.dll
2010-12-20 17:09 . 2010-10-10 22:50        38224        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2010-10-10 22:50        24152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2010-12-18 06:11 . 2011-02-10 18:25        57856        ----a-w-        c:\windows\system32\licmgr10.dll
2010-12-18 06:11 . 2011-02-10 14:37        714752        ----a-w-        c:\windows\system32\kerberos.dll
2010-12-18 05:29 . 2011-02-10 18:25        44544        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2010-12-18 05:29 . 2011-02-10 14:37        541184        ----a-w-        c:\windows\SysWow64\kerberos.dll
2010-12-18 04:55 . 2011-02-10 18:25        482816        ----a-w-        c:\windows\system32\html.iec
2010-12-18 04:20 . 2011-02-10 18:25        386048        ----a-w-        c:\windows\SysWow64\html.iec
2010-12-18 04:13 . 2011-02-10 18:25        1638912        ----a-w-        c:\windows\system32\mshtml.tlb
2010-12-18 03:47 . 2011-02-10 18:25        1638912        ----a-w-        c:\windows\SysWow64\mshtml.tlb
.
.
(((((((((((((((((((((((((((((  SnapShot@2011-03-16_16.51.26  )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-03-16 16:12        16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-03-16 18:17        16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-03-16 16:12        32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-03-16 18:17        32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-03-16 16:12        16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-03-16 18:17        16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-03-16 19:07        48958              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-16 19:00 . 2011-03-16 19:07        12348              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3793448899-3928903926-1007559840-1005_UserData.bin
+ 2010-10-06 18:08 . 2011-03-16 18:59        16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-10-06 18:08 . 2011-03-16 16:12        16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-10-06 18:08 . 2011-03-16 16:12        32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-10-06 18:08 . 2011-03-16 18:59        32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-10-06 18:08 . 2011-03-16 16:12        16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-10-06 18:08 . 2011-03-16 18:59        16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-10-06 18:08 . 2011-03-16 19:04        16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-10-06 18:08 . 2011-03-16 16:13        16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-10-06 18:08 . 2011-03-16 16:13        16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-10-06 18:08 . 2011-03-16 19:04        16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-10-06 20:46 . 2011-03-16 18:56        3812              c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2010-10-06 20:46 . 2011-03-15 20:31        3812              c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2011-03-16 16:10 . 2011-03-16 16:10        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-03-16 18:56 . 2011-03-16 18:56        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-03-16 18:56 . 2011-03-16 18:56        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-03-16 16:10 . 2011-03-16 16:10        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-03-15 21:32        387700              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-03-16 18:56        387700              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 02:34 . 2011-03-16 16:25        10223616              c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-03-16 17:17        10223616              c:\windows\system32\SMI\Store\Machine\schema.dat
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-22 136176]
R3 GWHid;VL807 Hidmini driver;c:\windows\system32\DRIVERS\GWHid.sys [x]
R3 VL807;VL807 Filter;c:\windows\system32\DRIVERS\VL807.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-01 2296696]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-22 20:46]
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-22 20:46]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Thomas_2\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
FF - ProfilePath - c:\users\Thomas_2\AppData\Roaming\Mozilla\Firefox\Profiles\nr15cvif.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.de
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_dbc0250.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="C:/Program Files (x86)/Common Files/Akamai/netsession_win_dbc0250.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\windows\SysWOW64\PSIService.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-03-16  20:11:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-03-16 19:11
ComboFix2.txt  2011-03-16 16:58
.
Vor Suchlauf: 16 Verzeichnis(se), 352.236.650.496 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 351.816.364.032 Bytes frei
.
- - End Of File - - 06B3090DF0546FC5B5F32959AA7AB46D
Zu den Prozessen: Avira war beim Start wieder an, hab das aber wieder ausgemacht.

cosinus 16.03.2011 21:11
Bitte führe mal dieses Tool von Kaspersky aus => http://www.trojaner-board.de/82358-t...entfernen.html

Thomas13 16.03.2011 21:17
Das Logfile vom Kaspersky:

Code:
2011/03/16 21:15:18.0565 0328        TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/16 21:15:18.0970 0328        ================================================================================
2011/03/16 21:15:18.0970 0328        SystemInfo:
2011/03/16 21:15:18.0970 0328       
2011/03/16 21:15:18.0970 0328        OS Version: 6.1.7600 ServicePack: 0.0
2011/03/16 21:15:18.0970 0328        Product type: Workstation
2011/03/16 21:15:18.0970 0328        ComputerName: THOMASPC
2011/03/16 21:15:18.0970 0328        UserName: Thomas_2
2011/03/16 21:15:18.0970 0328        Windows directory: C:\Windows
2011/03/16 21:15:18.0970 0328        System windows directory: C:\Windows
2011/03/16 21:15:18.0970 0328        Running under WOW64
2011/03/16 21:15:18.0970 0328        Processor architecture: Intel x64
2011/03/16 21:15:18.0970 0328        Number of processors: 2
2011/03/16 21:15:18.0970 0328        Page size: 0x1000
2011/03/16 21:15:18.0970 0328        Boot type: Normal boot
2011/03/16 21:15:18.0970 0328        ================================================================================
2011/03/16 21:15:19.0204 0328        Initialize success
2011/03/16 21:15:22.0948 3028        ================================================================================
2011/03/16 21:15:22.0948 3028        Scan started
2011/03/16 21:15:22.0948 3028        Mode: Manual;
2011/03/16 21:15:22.0948 3028        ================================================================================
2011/03/16 21:15:23.0557 3028        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/03/16 21:15:23.0603 3028        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/03/16 21:15:23.0619 3028        AcpiPmi        (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/03/16 21:15:23.0650 3028        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/03/16 21:15:23.0681 3028        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/03/16 21:15:23.0713 3028        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/03/16 21:15:23.0775 3028        AFD            (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/03/16 21:15:23.0806 3028        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/03/16 21:15:23.0869 3028        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/03/16 21:15:23.0884 3028        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/03/16 21:15:23.0900 3028        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/03/16 21:15:23.0947 3028        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/03/16 21:15:23.0978 3028        amdsata        (ab3166c09438a161fbde13099a72e0af) C:\Windows\system32\DRIVERS\amdsata.sys
2011/03/16 21:15:23.0993 3028        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/03/16 21:15:24.0025 3028        amdxata        (5118dcd2065d8c8d752ad5ec0b2d6aa6) C:\Windows\system32\DRIVERS\amdxata.sys
2011/03/16 21:15:24.0118 3028        AppID          (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/03/16 21:15:24.0196 3028        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/03/16 21:15:24.0243 3028        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/03/16 21:15:24.0274 3028        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/16 21:15:24.0305 3028        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/03/16 21:15:24.0383 3028        avgntflt        (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/03/16 21:15:24.0399 3028        avipbb          (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
2011/03/16 21:15:24.0446 3028        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/03/16 21:15:24.0493 3028        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/03/16 21:15:24.0524 3028        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/03/16 21:15:24.0571 3028        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/03/16 21:15:24.0586 3028        bowser          (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/16 21:15:24.0617 3028        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/03/16 21:15:24.0633 3028        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/03/16 21:15:24.0664 3028        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/03/16 21:15:24.0711 3028        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/03/16 21:15:24.0727 3028        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/03/16 21:15:24.0742 3028        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/03/16 21:15:24.0773 3028        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/03/16 21:15:24.0867 3028        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/16 21:15:24.0898 3028        cdrom          (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/16 21:15:24.0929 3028        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/03/16 21:15:24.0976 3028        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/03/16 21:15:25.0054 3028        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/16 21:15:25.0101 3028        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/03/16 21:15:25.0132 3028        CNG            (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/03/16 21:15:25.0163 3028        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/16 21:15:25.0195 3028        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/03/16 21:15:25.0226 3028        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/03/16 21:15:25.0257 3028        DfsC            (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/03/16 21:15:25.0288 3028        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/03/16 21:15:25.0304 3028        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/03/16 21:15:25.0351 3028        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/03/16 21:15:25.0413 3028        DXGKrnl        (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/16 21:15:25.0491 3028        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/03/16 21:15:25.0631 3028        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/03/16 21:15:25.0663 3028        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/03/16 21:15:25.0694 3028        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/03/16 21:15:25.0725 3028        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/03/16 21:15:25.0756 3028        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/16 21:15:25.0803 3028        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/03/16 21:15:25.0819 3028        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/03/16 21:15:25.0850 3028        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/16 21:15:25.0881 3028        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/03/16 21:15:25.0928 3028        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/03/16 21:15:25.0975 3028        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/16 21:15:26.0021 3028        fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/03/16 21:15:26.0068 3028        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/03/16 21:15:26.0177 3028        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/03/16 21:15:26.0209 3028        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/03/16 21:15:26.0224 3028        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/16 21:15:26.0255 3028        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/03/16 21:15:26.0287 3028        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/03/16 21:15:26.0318 3028        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/03/16 21:15:26.0349 3028        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/16 21:15:26.0396 3028        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/03/16 21:15:26.0443 3028        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/03/16 21:15:26.0474 3028        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/03/16 21:15:26.0505 3028        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/16 21:15:26.0536 3028        iaStorV        (513dc087cfed7d2bb82f005385d3531f) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/03/16 21:15:26.0599 3028        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/03/16 21:15:26.0692 3028        IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys
2011/03/16 21:15:26.0833 3028        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/03/16 21:15:26.0864 3028        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/16 21:15:26.0911 3028        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/16 21:15:26.0926 3028        IPMIDRV        (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/03/16 21:15:26.0957 3028        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/03/16 21:15:27.0004 3028        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/03/16 21:15:27.0020 3028        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/03/16 21:15:27.0051 3028        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/16 21:15:27.0082 3028        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/16 21:15:27.0113 3028        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/16 21:15:27.0145 3028        KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/16 21:15:27.0176 3028        KSecPkg        (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/03/16 21:15:27.0207 3028        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/03/16 21:15:27.0269 3028        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/16 21:15:27.0301 3028        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/03/16 21:15:27.0332 3028        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/03/16 21:15:27.0363 3028        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/03/16 21:15:27.0394 3028        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/03/16 21:15:27.0441 3028        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/03/16 21:15:27.0503 3028        MBAMProtector  (3d3c4b63f11f63f50253e734f0ace9f2) C:\Windows\system32\drivers\mbam.sys
2011/03/16 21:15:27.0550 3028        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/03/16 21:15:27.0581 3028        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/03/16 21:15:27.0613 3028        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/03/16 21:15:27.0644 3028        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/16 21:15:27.0675 3028        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/16 21:15:27.0706 3028        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/16 21:15:27.0722 3028        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/03/16 21:15:27.0753 3028        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/03/16 21:15:27.0784 3028        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/16 21:15:27.0815 3028        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/16 21:15:27.0862 3028        mrxsmb          (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/16 21:15:27.0878 3028        mrxsmb10        (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/16 21:15:27.0909 3028        mrxsmb20        (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/16 21:15:28.0049 3028        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/03/16 21:15:28.0065 3028        msdsm          (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/03/16 21:15:28.0112 3028        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/03/16 21:15:28.0159 3028        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/03/16 21:15:28.0174 3028        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/03/16 21:15:28.0205 3028        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/16 21:15:28.0237 3028        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/16 21:15:28.0252 3028        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/03/16 21:15:28.0283 3028        MsRPC          (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/03/16 21:15:28.0315 3028        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/16 21:15:28.0346 3028        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/03/16 21:15:28.0377 3028        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/03/16 21:15:28.0408 3028        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/03/16 21:15:28.0455 3028        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/16 21:15:28.0502 3028        NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/03/16 21:15:28.0517 3028        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/03/16 21:15:28.0549 3028        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/16 21:15:28.0580 3028        Ndisuio        (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/16 21:15:28.0611 3028        NdisWan        (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/16 21:15:28.0627 3028        NDProxy        (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/03/16 21:15:28.0642 3028        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/16 21:15:28.0673 3028        NetBT          (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/16 21:15:28.0751 3028        netr28ux        (01a8a17c17e548db1b6c2e597c0c66e6) C:\Windows\system32\DRIVERS\netr28ux.sys
2011/03/16 21:15:28.0814 3028        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/03/16 21:15:28.0829 3028        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/03/16 21:15:28.0861 3028        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/16 21:15:28.0923 3028        Ntfs            (1ad8fef2d6ac7116b68b887a9782fd33) C:\Windows\system32\drivers\Ntfs.sys
2011/03/16 21:15:29.0001 3028        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/03/16 21:15:29.0235 3028        nvlddmkm        (c967514483fa30a0a352e70bb6414d1d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/03/16 21:15:29.0516 3028        NVNET          (bd25e03ead63ac3365f25175b4dbd56a) C:\Windows\system32\DRIVERS\nvmf6264.sys
2011/03/16 21:15:29.0563 3028        nvraid          (deab10231cbdb0881fc25428ebe11506) C:\Windows\system32\DRIVERS\nvraid.sys
2011/03/16 21:15:29.0594 3028        nvstor          (0af7b8136794e23e87be138992880e64) C:\Windows\system32\DRIVERS\nvstor.sys
2011/03/16 21:15:29.0625 3028        nvstor64        (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
2011/03/16 21:15:29.0656 3028        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/03/16 21:15:29.0687 3028        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/16 21:15:29.0734 3028        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/03/16 21:15:29.0750 3028        partmgr        (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/03/16 21:15:29.0765 3028        pci            (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/03/16 21:15:29.0797 3028        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/03/16 21:15:29.0812 3028        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/16 21:15:29.0859 3028        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/03/16 21:15:29.0875 3028        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/03/16 21:15:29.0968 3028        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/16 21:15:30.0015 3028        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/03/16 21:15:30.0077 3028        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/16 21:15:30.0124 3028        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/03/16 21:15:30.0187 3028        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/03/16 21:15:30.0218 3028        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/16 21:15:30.0249 3028        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/16 21:15:30.0280 3028        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/03/16 21:15:30.0296 3028        Rasl2tp        (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/16 21:15:30.0327 3028        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/16 21:15:30.0358 3028        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/16 21:15:30.0389 3028        rdbss          (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/16 21:15:30.0421 3028        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/03/16 21:15:30.0436 3028        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/16 21:15:30.0467 3028        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/16 21:15:30.0499 3028        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/03/16 21:15:30.0514 3028        RDPWD          (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/03/16 21:15:30.0545 3028        rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/03/16 21:15:30.0608 3028        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/16 21:15:30.0701 3028        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/03/16 21:15:30.0733 3028        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/03/16 21:15:30.0779 3028        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/03/16 21:15:30.0842 3028        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/03/16 21:15:30.0857 3028        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/03/16 21:15:30.0904 3028        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/03/16 21:15:30.0935 3028        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/03/16 21:15:30.0967 3028        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/03/16 21:15:30.0982 3028        sffp_sd        (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/03/16 21:15:31.0013 3028        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/03/16 21:15:31.0029 3028        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/03/16 21:15:31.0060 3028        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/03/16 21:15:31.0091 3028        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/03/16 21:15:31.0138 3028        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/03/16 21:15:31.0185 3028        srv            (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/03/16 21:15:31.0216 3028        srv2            (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/16 21:15:31.0232 3028        srvnet          (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/16 21:15:31.0294 3028        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/03/16 21:15:31.0325 3028        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/16 21:15:31.0403 3028        Tcpip          (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/03/16 21:15:31.0497 3028        TCPIP6          (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/16 21:15:31.0528 3028        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/16 21:15:31.0559 3028        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/03/16 21:15:31.0575 3028        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/03/16 21:15:31.0606 3028        tdx            (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/16 21:15:31.0653 3028        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/16 21:15:31.0700 3028        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/16 21:15:31.0731 3028        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/16 21:15:31.0747 3028        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/03/16 21:15:31.0778 3028        udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/16 21:15:31.0825 3028        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/03/16 21:15:31.0856 3028        umbus          (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/16 21:15:31.0871 3028        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/03/16 21:15:31.0918 3028        usbaudio        (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2011/03/16 21:15:31.0949 3028        usbccgp        (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/16 21:15:31.0981 3028        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/03/16 21:15:31.0996 3028        usbehci        (df9f9afc9aaabd8ed47975d44e38169a) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/16 21:15:32.0027 3028        usbhub          (372a91bc3c6603080a793880b0873785) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/16 21:15:32.0074 3028        usbohci        (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/03/16 21:15:32.0090 3028        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/16 21:15:32.0121 3028        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/03/16 21:15:32.0152 3028        USBSTOR        (a60e7e0fa88ff067d049d525547cd5e9) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/16 21:15:32.0183 3028        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/16 21:15:32.0215 3028        usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/16 21:15:32.0246 3028        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/03/16 21:15:32.0277 3028        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/16 21:15:32.0293 3028        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/03/16 21:15:32.0339 3028        vhdmp          (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/03/16 21:15:32.0371 3028        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/03/16 21:15:32.0417 3028        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/03/16 21:15:32.0449 3028        volmgrx        (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/03/16 21:15:32.0464 3028        volsnap        (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/03/16 21:15:32.0573 3028        Vsdatant        (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys
2011/03/16 21:15:32.0683 3028        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/03/16 21:15:32.0729 3028        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/03/16 21:15:32.0761 3028        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/03/16 21:15:32.0807 3028        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/16 21:15:32.0823 3028        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/16 21:15:32.0854 3028        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/03/16 21:15:32.0885 3028        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/16 21:15:32.0948 3028        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/03/16 21:15:32.0963 3028        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/03/16 21:15:33.0026 3028        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/03/16 21:15:33.0073 3028        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/16 21:15:33.0119 3028        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/03/16 21:15:33.0135 3028        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/16 21:15:33.0244 3028        ================================================================================
2011/03/16 21:15:33.0244 3028        Scan finished
2011/03/16 21:15:33.0244 3028        ================================================================================

cosinus 16.03.2011 21:22
Bitte nun Logs mit GMER und mbrcheck erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg

Anleitung zu mbrcheck:
Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

Thomas13 16.03.2011 22:08
Gmer hat nicht funktioniert, und MBRcheck hat kein Logfile ausgegeben. Ich hab mal ein Screenshot davon gemacht:

http://www.Bildermonster24.de/images...RCheck_123.png

cosinus 17.03.2011 09:02
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Thomas13 17.03.2011 16:02
Das Logfile von Kaspersky:

Code:
2011/03/17 16:01:25.0385 1592        TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/17 16:01:25.0681 1592        ================================================================================
2011/03/17 16:01:25.0681 1592        SystemInfo:
2011/03/17 16:01:25.0681 1592       
2011/03/17 16:01:25.0682 1592        OS Version: 6.1.7600 ServicePack: 0.0
2011/03/17 16:01:25.0682 1592        Product type: Workstation
2011/03/17 16:01:25.0682 1592        ComputerName: THOMASPC
2011/03/17 16:01:25.0682 1592        UserName: Thomas_2
2011/03/17 16:01:25.0682 1592        Windows directory: C:\Windows
2011/03/17 16:01:25.0682 1592        System windows directory: C:\Windows
2011/03/17 16:01:25.0682 1592        Running under WOW64
2011/03/17 16:01:25.0682 1592        Processor architecture: Intel x64
2011/03/17 16:01:25.0682 1592        Number of processors: 2
2011/03/17 16:01:25.0682 1592        Page size: 0x1000
2011/03/17 16:01:25.0682 1592        Boot type: Normal boot
2011/03/17 16:01:25.0682 1592        ================================================================================
2011/03/17 16:01:25.0884 1592        Initialize success
2011/03/17 16:01:28.0780 0404        ================================================================================
2011/03/17 16:01:28.0780 0404        Scan started
2011/03/17 16:01:28.0780 0404        Mode: Manual;
2011/03/17 16:01:28.0780 0404        ================================================================================
2011/03/17 16:01:30.0221 0404        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/03/17 16:01:30.0273 0404        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/03/17 16:01:30.0309 0404        AcpiPmi        (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/03/17 16:01:30.0339 0404        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/03/17 16:01:30.0372 0404        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/03/17 16:01:30.0403 0404        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/03/17 16:01:30.0453 0404        AFD            (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/03/17 16:01:30.0479 0404        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/03/17 16:01:30.0545 0404        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/03/17 16:01:30.0563 0404        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/03/17 16:01:30.0590 0404        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/03/17 16:01:30.0624 0404        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/03/17 16:01:30.0654 0404        amdsata        (ab3166c09438a161fbde13099a72e0af) C:\Windows\system32\DRIVERS\amdsata.sys
2011/03/17 16:01:30.0690 0404        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/03/17 16:01:30.0714 0404        amdxata        (5118dcd2065d8c8d752ad5ec0b2d6aa6) C:\Windows\system32\DRIVERS\amdxata.sys
2011/03/17 16:01:30.0800 0404        AppID          (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/03/17 16:01:30.0857 0404        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/03/17 16:01:30.0894 0404        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/03/17 16:01:30.0925 0404        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/17 16:01:30.0952 0404        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/03/17 16:01:31.0021 0404        avgntflt        (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/03/17 16:01:31.0044 0404        avipbb          (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
2011/03/17 16:01:31.0087 0404        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/03/17 16:01:31.0128 0404        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/03/17 16:01:31.0164 0404        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/03/17 16:01:31.0208 0404        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/03/17 16:01:31.0233 0404        bowser          (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/17 16:01:31.0255 0404        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/03/17 16:01:31.0280 0404        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/03/17 16:01:31.0308 0404        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/03/17 16:01:31.0337 0404        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/03/17 16:01:31.0363 0404        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/03/17 16:01:31.0385 0404        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/03/17 16:01:31.0411 0404        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/03/17 16:01:31.0492 0404        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/17 16:01:31.0521 0404        cdrom          (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/17 16:01:31.0565 0404        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/03/17 16:01:31.0605 0404        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/03/17 16:01:31.0681 0404        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/17 16:01:31.0698 0404        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/03/17 16:01:31.0729 0404        CNG            (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/03/17 16:01:31.0755 0404        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/17 16:01:31.0784 0404        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/03/17 16:01:31.0812 0404        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/03/17 16:01:31.0854 0404        DfsC            (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/03/17 16:01:31.0895 0404        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/03/17 16:01:31.0927 0404        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/03/17 16:01:31.0962 0404        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/03/17 16:01:32.0016 0404        DXGKrnl        (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/17 16:01:32.0114 0404        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/03/17 16:01:32.0225 0404        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/03/17 16:01:32.0257 0404        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/03/17 16:01:32.0299 0404        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/03/17 16:01:32.0330 0404        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/03/17 16:01:32.0360 0404        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/17 16:01:32.0389 0404        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/03/17 16:01:32.0426 0404        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/03/17 16:01:32.0453 0404        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/17 16:01:32.0490 0404        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/03/17 16:01:32.0567 0404        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/03/17 16:01:32.0591 0404        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/17 16:01:32.0645 0404        fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/03/17 16:01:32.0672 0404        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/03/17 16:01:32.0820 0404        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/03/17 16:01:32.0860 0404        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/03/17 16:01:32.0888 0404        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/17 16:01:32.0910 0404        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/03/17 16:01:32.0933 0404        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/03/17 16:01:32.0956 0404        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/03/17 16:01:32.0997 0404        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/17 16:01:33.0045 0404        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/03/17 16:01:33.0077 0404        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/03/17 16:01:33.0102 0404        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/03/17 16:01:33.0149 0404        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/17 16:01:33.0199 0404        iaStorV        (513dc087cfed7d2bb82f005385d3531f) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/03/17 16:01:33.0262 0404        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/03/17 16:01:33.0341 0404        IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys
2011/03/17 16:01:33.0421 0404        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/03/17 16:01:33.0448 0404        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/17 16:01:33.0478 0404        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/17 16:01:33.0508 0404        IPMIDRV        (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/03/17 16:01:33.0536 0404        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/03/17 16:01:33.0573 0404        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/03/17 16:01:33.0595 0404        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/03/17 16:01:33.0627 0404        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/17 16:01:33.0665 0404        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/17 16:01:33.0700 0404        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/17 16:01:33.0729 0404        KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/17 16:01:33.0753 0404        KSecPkg        (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/03/17 16:01:33.0768 0404        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/03/17 16:01:33.0813 0404        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/17 16:01:33.0856 0404        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/03/17 16:01:33.0881 0404        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/03/17 16:01:33.0901 0404        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/03/17 16:01:33.0937 0404        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/03/17 16:01:33.0978 0404        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/03/17 16:01:34.0039 0404        MBAMProtector  (3d3c4b63f11f63f50253e734f0ace9f2) C:\Windows\system32\drivers\mbam.sys
2011/03/17 16:01:34.0087 0404        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/03/17 16:01:34.0113 0404        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/03/17 16:01:34.0148 0404        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/03/17 16:01:34.0183 0404        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/17 16:01:34.0205 0404        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/17 16:01:34.0229 0404        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/17 16:01:34.0250 0404        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/03/17 16:01:34.0271 0404        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/03/17 16:01:34.0309 0404        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/17 16:01:34.0340 0404        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/17 16:01:34.0380 0404        mrxsmb          (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/17 16:01:34.0405 0404        mrxsmb10        (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/17 16:01:34.0424 0404        mrxsmb20        (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/17 16:01:34.0445 0404        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/03/17 16:01:34.0470 0404        msdsm          (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/03/17 16:01:34.0508 0404        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/03/17 16:01:34.0534 0404        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/03/17 16:01:34.0553 0404        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/03/17 16:01:34.0596 0404        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/17 16:01:34.0620 0404        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/17 16:01:34.0643 0404        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/03/17 16:01:34.0673 0404        MsRPC          (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/03/17 16:01:34.0695 0404        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/17 16:01:34.0723 0404        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/03/17 16:01:34.0747 0404        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/03/17 16:01:34.0785 0404        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/03/17 16:01:34.0826 0404        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/17 16:01:34.0855 0404        NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/03/17 16:01:34.0883 0404        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/03/17 16:01:34.0917 0404        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/17 16:01:34.0946 0404        Ndisuio        (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/17 16:01:34.0973 0404        NdisWan        (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/17 16:01:35.0002 0404        NDProxy        (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/03/17 16:01:35.0030 0404        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/17 16:01:35.0068 0404        NetBT          (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/17 16:01:35.0124 0404        netr28ux        (01a8a17c17e548db1b6c2e597c0c66e6) C:\Windows\system32\DRIVERS\netr28ux.sys
2011/03/17 16:01:35.0157 0404        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/03/17 16:01:35.0187 0404        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/03/17 16:01:35.0277 0404        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/17 16:01:35.0373 0404        Ntfs            (1ad8fef2d6ac7116b68b887a9782fd33) C:\Windows\system32\drivers\Ntfs.sys
2011/03/17 16:01:35.0420 0404        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/03/17 16:01:35.0723 0404        nvlddmkm        (c967514483fa30a0a352e70bb6414d1d) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/03/17 16:01:35.0978 0404        NVNET          (bd25e03ead63ac3365f25175b4dbd56a) C:\Windows\system32\DRIVERS\nvmf6264.sys
2011/03/17 16:01:36.0018 0404        nvraid          (deab10231cbdb0881fc25428ebe11506) C:\Windows\system32\DRIVERS\nvraid.sys
2011/03/17 16:01:36.0061 0404        nvstor          (0af7b8136794e23e87be138992880e64) C:\Windows\system32\DRIVERS\nvstor.sys
2011/03/17 16:01:36.0088 0404        nvstor64        (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
2011/03/17 16:01:36.0126 0404        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/03/17 16:01:36.0154 0404        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/17 16:01:36.0185 0404        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/03/17 16:01:36.0202 0404        partmgr        (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/03/17 16:01:36.0222 0404        pci            (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/03/17 16:01:36.0241 0404        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/03/17 16:01:36.0262 0404        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/17 16:01:36.0286 0404        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/03/17 16:01:36.0338 0404        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/03/17 16:01:36.0433 0404        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/17 16:01:36.0459 0404        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/03/17 16:01:36.0514 0404        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/17 16:01:36.0560 0404        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/03/17 16:01:36.0629 0404        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/03/17 16:01:36.0656 0404        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/17 16:01:36.0681 0404        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/17 16:01:36.0706 0404        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/03/17 16:01:36.0742 0404        Rasl2tp        (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/17 16:01:36.0771 0404        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/17 16:01:36.0805 0404        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/17 16:01:36.0831 0404        rdbss          (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/17 16:01:36.0851 0404        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/03/17 16:01:36.0874 0404        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/17 16:01:36.0899 0404        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/17 16:01:36.0945 0404        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/03/17 16:01:36.0967 0404        RDPWD          (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/03/17 16:01:37.0001 0404        rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/03/17 16:01:37.0064 0404        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/17 16:01:37.0169 0404        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/03/17 16:01:37.0205 0404        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/03/17 16:01:37.0253 0404        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/03/17 16:01:37.0296 0404        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/03/17 16:01:37.0325 0404        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/03/17 16:01:37.0351 0404        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/03/17 16:01:37.0393 0404        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/03/17 16:01:37.0417 0404        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/03/17 16:01:37.0436 0404        sffp_sd        (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/03/17 16:01:37.0465 0404        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/03/17 16:01:37.0493 0404        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/03/17 16:01:37.0518 0404        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/03/17 16:01:37.0554 0404        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/03/17 16:01:37.0601 0404        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/03/17 16:01:37.0646 0404        srv            (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/03/17 16:01:37.0665 0404        srv2            (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/17 16:01:37.0681 0404        srvnet          (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/17 16:01:37.0715 0404        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/03/17 16:01:37.0743 0404        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/17 16:01:37.0821 0404        Tcpip          (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/03/17 16:01:37.0897 0404        TCPIP6          (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/17 16:01:37.0931 0404        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/17 16:01:37.0954 0404        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/03/17 16:01:37.0973 0404        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/03/17 16:01:38.0002 0404        tdx            (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/17 16:01:38.0045 0404        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/17 16:01:38.0098 0404        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/17 16:01:38.0119 0404        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/17 16:01:38.0137 0404        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/03/17 16:01:38.0169 0404        udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/17 16:01:38.0213 0404        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/03/17 16:01:38.0240 0404        umbus          (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/17 16:01:38.0261 0404        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/03/17 16:01:38.0305 0404        usbaudio        (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2011/03/17 16:01:38.0340 0404        usbccgp        (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/17 16:01:38.0374 0404        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/03/17 16:01:38.0403 0404        usbehci        (df9f9afc9aaabd8ed47975d44e38169a) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/17 16:01:38.0433 0404        usbhub          (372a91bc3c6603080a793880b0873785) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/17 16:01:38.0468 0404        usbohci        (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/03/17 16:01:38.0496 0404        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/17 16:01:38.0528 0404        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/03/17 16:01:38.0560 0404        USBSTOR        (a60e7e0fa88ff067d049d525547cd5e9) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/17 16:01:38.0584 0404        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/17 16:01:38.0617 0404        usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/17 16:01:38.0645 0404        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/03/17 16:01:38.0678 0404        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/17 16:01:38.0702 0404        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/03/17 16:01:38.0751 0404        vhdmp          (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/03/17 16:01:38.0782 0404        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/03/17 16:01:38.0818 0404        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/03/17 16:01:38.0865 0404        volmgrx        (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/03/17 16:01:38.0903 0404        volsnap        (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/03/17 16:01:39.0010 0404        Vsdatant        (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys
2011/03/17 16:01:39.0101 0404        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/03/17 16:01:39.0133 0404        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/03/17 16:01:39.0171 0404        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/03/17 16:01:39.0210 0404        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/17 16:01:39.0225 0404        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/17 16:01:39.0261 0404        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/03/17 16:01:39.0295 0404        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/17 16:01:39.0345 0404        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/03/17 16:01:39.0368 0404        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/03/17 16:01:39.0427 0404        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/03/17 16:01:39.0470 0404        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/17 16:01:39.0512 0404        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/03/17 16:01:39.0534 0404        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/17 16:01:40.0768 0404        ================================================================================
2011/03/17 16:01:40.0768 0404        Scan finished
2011/03/17 16:01:40.0768 0404        ================================================================================
Soll ich GMer nochmal versuchen?

cosinus 17.03.2011 19:39
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Thomas13 17.03.2011 22:51
So. Hier die Logfiles.

Superantispyware hat zwar ein bisschen gedauert, aber das ist denk ich mal normal bei relativ vielen Dateien.

Superantispyware:
Code:
SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com

Generiert 03/17/2011 bei 09:43 PM

Version der Applikation : 4.50.1002

Version der Kern-Datenbank : 6616
Version der Spur-Datenbank : 4428

Scan Art      : kompletter Scann
Totale Scann-Zeit : 01:52:32

Gescannte Speicherelemente  : 618
Erfasste Speicher-Bedrohungen  : 0
Gescannte Register-Elemente  : 12719
Erfasste Register-Bedrohungen  : 0
Gescannte Datei-Elemente    : 294139
Erfasste Datei-Elemente  : 0
Malwarebytes:
Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6084

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

17.03.2011 22:50:36
mbam-log-2011-03-17 (22-50-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Durchsuchte Objekte: 431710
Laufzeit: 47 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Könnte das mit Avira jetzt am ZoneAlarm gelegen haben?

cosinus 18.03.2011 11:51
Sieht ok aus. Noch Probleme? AntiVir update geht auch wieder?

Thomas13 18.03.2011 15:31
Keine weiteren Probleme momentan. Avira Update läuft auch wieder.

cosinus 18.03.2011 19:25
Dann wären wir durch! :abklatsch:

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update



PDF-Reader aktualisieren
Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst.

Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink (Mozilla und andere Browser) => http://filepony.de/?q=Flash+Player
Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe

Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Thomas13 18.03.2011 21:00
Ok. :party:

Danke für die Hilfe. :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:11 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131