Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Zugriffsverweigerungsfehler bei msconfig + langsame Browser (https://www.trojaner-board.de/105885-zugriffsverweigerungsfehler-msconfig-langsame-browser.html)

Taranos 06.12.2011 22:08
Zugriffsverweigerungsfehler bei msconfig + langsame Browser
 
Guten Abend und Hallo liebe Gemeinde.

Ich habe in letzter Zeit bemerkt, dass meine Browser (Firefox + Chrome) zeitweilig ziemlich langsam reagieren. Ich defragementiere regelmässig und nutze ebenso regelmässig ccleaner.

Das andere Problem ist, dass wenn ich "msconfig" benutze, und dort etwas ändern möchte, ich folgende Meldung bekomme :

"Es wurde ein Zugriffsverweigerungsfehler, beim Versuch einen Dienst zu ändern, zurückgegeben. Sie können sich als Administrator anmelden, um diese Änderungen durchzuführen"

Die Änderungen werden jedoch übernommen.

Ich wäre für Überprüfung der Logs sehr dankbar.

Die OTL war zu groß, um sie hier als Code zu posten, daher im Anhang mit den anderen Logs.

cosinus 07.12.2011 19:07
Zitat:
und nutze ebenso regelmässig ccleaner.
Ich hoffe für dich, dass du die Registry in Ruhe lässt und auch nie "bereinigt" hast!

Taranos 07.12.2011 19:08
Hallo Arne.

Ehhhm... du hoffst leider falsch :pfeiff:
Ich werde das wohl in Zukunft sein lassen?

cosinus 07.12.2011 19:09
Zitat:
Ich werde das wohl in Zukunft sein lassen?
Wenn das noch was bringt...

Finger weg von Registry-Cleanern!!

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr startet.
  • Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
  • Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
  • Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.

Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.

Taranos 07.12.2011 19:12
Gut, vielen Dank.

Dann werde ich davon zukünftig die Finger lassen. :nono:

cosinus 07.12.2011 19:13
Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Taranos 08.12.2011 16:02
Hier das ESET Log und im Anhang das aktuelle und 2 ältere Mbamb logs.
zu der "install_flash_player.exe" in einem der mbam-Logs kann ich sagen,
dass ich das meines Wissens nach, nie ausgeführt habe.

Code:
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fa52920e3dcb7d43b8158688f121464f
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-07 11:24:55
# local_time=2011-12-08 12:24:55 (+0100, Westeuropäische Normalzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 266 266 0 0
# scanned=435491
# found=2
# cleaned=0
# scan_time=13314
C:\Dokumente und Einstellungen\Swift\Eigene Dateien\Downloads\Unlocker1.9.1.exe        Win32/Adware.ADON application (unable to clean)        00000000000000000000000000000000        I
I:\Tools\Codecs\cole2k.media.-.codec.pack.v7.8.0.-standard-.setup.exe        Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
Vielen Dank schonmal für deine Mühe.

cosinus 08.12.2011 16:42
Mach bitte ein neue OTL Log, dies in CODE-Tags umschlossen posten:

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Taranos 08.12.2011 18:30
Hallo Arne

Aufgrund der Größe, muss ich es wieder als Archiv anhängen.
Es war leider >100000 Zeichen.

Gruß,
Chris

cosinus 08.12.2011 21:03
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 8A ED 12 11 AA CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=616163"
FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=616163&p="
FF - prefs.js..network.proxy.ftp: "localhost"
FF - prefs.js..network.proxy.ftp_port: 8118
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 8118
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.11.08 12:14:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.03.22 16:17:28 | 000,000,175 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\Shell - "" = AutoRun
O33 - MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\Shell\AutoRun\command - "" = J:\setup.exe -- [2010.03.12 07:05:28 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\Shell\configure\command - "" = J:\setup.exe -- [2010.03.12 07:05:28 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\Shell\install\command - "" = J:\setup.exe -- [2010.03.12 07:05:28 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{2bffefaf-0acc-11e1-8cca-00184d449a60}\Shell - "" = AutoRun
O33 - MountPoints2\{2bffefaf-0acc-11e1-8cca-00184d449a60}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2bffefaf-0acc-11e1-8cca-00184d449a60}\Shell\AutoRun\command - "" = K:\iStudio.exe
[2011.12.01 17:31:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Swift\Anwendungsdaten\Temp
[2011.12.01 17:23:29 | 000,000,000 | ---D | C] -- C:\Temp
[2011.12.01 17:22:18 | 000,000,000 | ---D | C] -- C:\WINXP\System32\System32
[2011.12.01 17:22:14 | 000,000,000 | ---D | C] -- C:\WINXP\s

:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Taranos 09.12.2011 18:19
Hallo Arne, hier das Log.

Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "chr-greentree_ff&type=616163" removed from browser.search.param.yahoo-fr
Prefs.js: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=616163&p=" removed from keyword.URL
Prefs.js: "localhost" removed from network.proxy.ftp
Prefs.js: 8118 removed from network.proxy.ftp_port
Prefs.js: "localhost" removed from network.proxy.http
Prefs.js: 8118 removed from network.proxy.http_port
Prefs.js: "localhost,127.0.0.1" removed from network.proxy.no_proxies_on
Prefs.js: "localhost" removed from network.proxy.socks
Prefs.js: 9050 removed from network.proxy.socks_port
Prefs.js: "localhost" removed from network.proxy.ssl
Prefs.js: 8118 removed from network.proxy.ssl_port
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
File move failed. J:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ not found.
File move failed. J:\setup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ not found.
File move failed. J:\setup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10d0f0a0-0a09-11e1-8cc5-00184d449a60}\ not found.
File move failed. J:\setup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bffefaf-0acc-11e1-8cca-00184d449a60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2bffefaf-0acc-11e1-8cca-00184d449a60}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bffefaf-0acc-11e1-8cca-00184d449a60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2bffefaf-0acc-11e1-8cca-00184d449a60}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bffefaf-0acc-11e1-8cca-00184d449a60}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2bffefaf-0acc-11e1-8cca-00184d449a60}\ not found.
File K:\iStudio.exe not found.
C:\Dokumente und Einstellungen\Swift\Anwendungsdaten\Temp\Phonebook folder moved successfully.
C:\Dokumente und Einstellungen\Swift\Anwendungsdaten\Temp folder moved successfully.
C:\Temp folder moved successfully.
C:\WINXP\System32\System32 folder moved successfully.
C:\WINXP\s folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Swift
->Temp folder emptied: 350493689 bytes
->Temporary Internet Files folder emptied: 50894690 bytes
->Java cache emptied: 2471577 bytes
->FireFox cache emptied: 488411127 bytes
->Google Chrome cache emptied: 274644607 bytes
->Flash cache emptied: 43579 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1621943 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7055898 bytes
RecycleBin emptied: 8722144 bytes
 
Total Files Cleaned = 1.130,00 mb
 
C:\WINXP\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 12092011_180526

Files\Folders moved on Reboot...
File\Folder J:\autorun.inf not found!
File\Folder J:\setup.exe not found!
File\Folder C:\WINXP\temp\Perflib_Perfdata_b24.dat not found!

Registry entries deleted on Reboot...

cosinus 10.12.2011 00:53
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Taranos 10.12.2011 14:31
Bitteschön =)

Code:
13:27:30.0718 2804        TDSS rootkit removing tool 2.6.22.0 Dec  7 2011 13:21:06
13:27:30.0843 2804        ============================================================
13:27:30.0843 2804        Current date / time: 2011/12/10 13:27:30.0843
13:27:30.0843 2804        SystemInfo:
13:27:30.0843 2804       
13:27:30.0843 2804        OS Version: 5.1.2600 ServicePack: 3.0
13:27:30.0843 2804        Product type: Workstation
13:27:30.0843 2804        ComputerName: BIE
13:27:30.0843 2804        UserName: Swift
13:27:30.0843 2804        Windows directory: C:\WINXP
13:27:30.0843 2804        System windows directory: C:\WINXP
13:27:30.0843 2804        Processor architecture: Intel x86
13:27:30.0843 2804        Number of processors: 4
13:27:30.0843 2804        Page size: 0x1000
13:27:30.0843 2804        Boot type: Normal boot
13:27:30.0843 2804        ============================================================
13:27:31.0906 2804        Initialize success
13:27:38.0609 2216        ============================================================
13:27:38.0609 2216        Scan started
13:27:38.0609 2216        Mode: Manual; SigCheck; TDLFS;
13:27:38.0609 2216        ============================================================
13:27:40.0265 2216        Aavmker4        (b6de0336f9f4b687b4ff57939f7b657a) C:\WINXP\system32\drivers\Aavmker4.sys
13:27:40.0343 2216        Aavmker4 - ok
13:27:41.0156 2216        Abiosdsk - ok
13:27:41.0984 2216        abp480n5 - ok
13:27:42.0828 2216        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINXP\system32\DRIVERS\ACPI.sys
13:27:43.0843 2216        ACPI - ok
13:27:44.0687 2216        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINXP\system32\DRIVERS\ACPIEC.sys
13:27:44.0765 2216        ACPIEC - ok
13:27:45.0656 2216        adpu160m - ok
13:27:46.0656 2216        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINXP\system32\drivers\aec.sys
13:27:46.0718 2216        aec - ok
13:27:48.0031 2216        AegisP          (30bb1bde595ca65fd5549462080d94e5) C:\WINXP\system32\DRIVERS\AegisP.sys
13:27:48.0046 2216        AegisP ( UnsignedFile.Multi.Generic ) - warning
13:27:48.0046 2216        AegisP - detected UnsignedFile.Multi.Generic (1)
13:27:49.0234 2216        AFD            (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:\WINXP\System32\drivers\afd.sys
13:27:49.0281 2216        AFD - ok
13:27:50.0562 2216        Aha154x - ok
13:27:51.0421 2216        aic78u2 - ok
13:27:52.0578 2216        aic78xx - ok
13:27:53.0421 2216        AliIde - ok
13:27:54.0281 2216        Ambfilt        (267fc636801edc5ab28e14036349e3be) C:\WINXP\system32\drivers\Ambfilt.sys
13:27:54.0343 2216        Ambfilt - ok
13:27:55.0171 2216        amsint - ok
13:27:56.0015 2216        androidusb      (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINXP\system32\Drivers\ssadadb.sys
13:27:56.0015 2216        androidusb - ok
13:27:56.0859 2216        asc - ok
13:27:57.0671 2216        asc3350p - ok
13:27:58.0515 2216        asc3550 - ok
13:27:59.0375 2216        aswFsBlk        (054df24c92b55427e0757cfff160e4f2) C:\WINXP\system32\drivers\aswFsBlk.sys
13:27:59.0375 2216        aswFsBlk - ok
13:28:00.0406 2216        aswMon2        (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINXP\system32\drivers\aswMon2.sys
13:28:00.0421 2216        aswMon2 - ok
13:28:01.0265 2216        aswRdr          (352d5a48ebab35a7693b048679304831) C:\WINXP\system32\drivers\aswRdr.sys
13:28:01.0281 2216        aswRdr - ok
13:28:02.0125 2216        aswSnx          (8d34d2b24297e27d93e847319abfdec4) C:\WINXP\system32\drivers\aswSnx.sys
13:28:02.0140 2216        aswSnx - ok
13:28:02.0984 2216        aswSP          (010012597333da1f46c3243f33f8409e) C:\WINXP\system32\drivers\aswSP.sys
13:28:03.0000 2216        aswSP - ok
13:28:03.0843 2216        aswTdi          (f9f84364416658e9786235904d448d37) C:\WINXP\system32\drivers\aswTdi.sys
13:28:03.0843 2216        aswTdi - ok
13:28:04.0718 2216        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINXP\system32\DRIVERS\asyncmac.sys
13:28:04.0781 2216        AsyncMac - ok
13:28:05.0625 2216        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINXP\system32\DRIVERS\atapi.sys
13:28:05.0687 2216        atapi - ok
13:28:06.0515 2216        Atdisk - ok
13:28:07.0375 2216        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINXP\system32\DRIVERS\atmarpc.sys
13:28:07.0453 2216        Atmarpc - ok
13:28:08.0281 2216        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINXP\system32\DRIVERS\audstub.sys
13:28:08.0343 2216        audstub - ok
13:28:09.0171 2216        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINXP\system32\drivers\Beep.sys
13:28:09.0234 2216        Beep - ok
13:28:10.0109 2216        BootScreen      (9666afbfda204a327a488404caf3b88c) C:\WINXP\System32\drivers\vidstub.sys
13:28:10.0125 2216        BootScreen ( UnsignedFile.Multi.Generic ) - warning
13:28:10.0125 2216        BootScreen - detected UnsignedFile.Multi.Generic (1)
13:28:10.0968 2216        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINXP\system32\drivers\cbidf2k.sys
13:28:11.0046 2216        cbidf2k - ok
13:28:11.0875 2216        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINXP\system32\DRIVERS\CCDECODE.sys
13:28:11.0953 2216        CCDECODE - ok
13:28:12.0781 2216        cd20xrnt - ok
13:28:13.0609 2216        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINXP\system32\drivers\Cdaudio.sys
13:28:13.0687 2216        Cdaudio - ok
13:28:14.0515 2216        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINXP\system32\drivers\Cdfs.sys
13:28:14.0593 2216        Cdfs - ok
13:28:15.0421 2216        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINXP\system32\DRIVERS\cdrom.sys
13:28:15.0500 2216        Cdrom - ok
13:28:16.0312 2216        Changer - ok
13:28:17.0187 2216        CmdIde - ok
13:28:18.0046 2216        Cpqarray - ok
13:28:18.0140 2216        cpuz130 - ok
13:28:19.0015 2216        dac2w2k - ok
13:28:19.0859 2216        dac960nt - ok
13:28:20.0750 2216        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINXP\system32\DRIVERS\disk.sys
13:28:20.0812 2216        Disk - ok
13:28:21.0671 2216        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINXP\system32\drivers\dmboot.sys
13:28:21.0750 2216        dmboot - ok
13:28:22.0593 2216        dmio            (53720ab12b48719d00e327da470a619a) C:\WINXP\system32\drivers\dmio.sys
13:28:22.0671 2216        dmio - ok
13:28:23.0500 2216        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINXP\system32\drivers\dmload.sys
13:28:23.0578 2216        dmload - ok
13:28:24.0406 2216        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINXP\system32\drivers\DMusic.sys
13:28:24.0468 2216        DMusic - ok
13:28:25.0296 2216        dpti2o - ok
13:28:26.0140 2216        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINXP\system32\drivers\drmkaud.sys
13:28:26.0203 2216        drmkaud - ok
13:28:27.0062 2216        dtsoftbus01    (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\WINXP\system32\DRIVERS\dtsoftbus01.sys
13:28:27.0062 2216        dtsoftbus01 - ok
13:28:27.0921 2216        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINXP\system32\drivers\Fastfat.sys
13:28:28.0000 2216        Fastfat - ok
13:28:28.0828 2216        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINXP\system32\drivers\Fdc.sys
13:28:28.0906 2216        Fdc - ok
13:28:29.0734 2216        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINXP\system32\drivers\Fips.sys
13:28:29.0812 2216        Fips - ok
13:28:30.0656 2216        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINXP\system32\drivers\Flpydisk.sys
13:28:30.0718 2216        Flpydisk - ok
13:28:31.0562 2216        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINXP\system32\DRIVERS\fltMgr.sys
13:28:31.0625 2216        FltMgr - ok
13:28:32.0453 2216        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINXP\system32\drivers\Fs_Rec.sys
13:28:32.0531 2216        Fs_Rec - ok
13:28:33.0359 2216        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINXP\system32\DRIVERS\ftdisk.sys
13:28:33.0437 2216        Ftdisk - ok
13:28:34.0250 2216        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINXP\system32\DRIVERS\msgpc.sys
13:28:34.0328 2216        Gpc - ok
13:28:35.0171 2216        hamachi        (833051c6c6c42117191935f734cfbd97) C:\WINXP\system32\DRIVERS\hamachi.sys
13:28:35.0171 2216        hamachi - ok
13:28:36.0109 2216        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINXP\system32\DRIVERS\HDAudBus.sys
13:28:36.0171 2216        HDAudBus - ok
13:28:37.0015 2216        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINXP\system32\DRIVERS\hidusb.sys
13:28:37.0093 2216        hidusb - ok
13:28:37.0921 2216        hpn - ok
13:28:38.0781 2216        HTTP            (937031c085718c1c04a9c0864625ec6b) C:\WINXP\system32\Drivers\HTTP.sys
13:28:38.0828 2216        HTTP - ok
13:28:39.0687 2216        i2omgmt - ok
13:28:40.0531 2216        i2omp - ok
13:28:41.0671 2216        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINXP\system32\drivers\i8042prt.sys
13:28:41.0734 2216        i8042prt - ok
13:28:42.0593 2216        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINXP\system32\DRIVERS\imapi.sys
13:28:42.0671 2216        Imapi - ok
13:28:43.0500 2216        ini910u - ok
13:28:44.0421 2216        IntcAzAudAddService (988a112c4061f309ce9c1abfc971d001) C:\WINXP\system32\drivers\RtkHDAud.sys
13:28:44.0546 2216        IntcAzAudAddService - ok
13:28:45.0375 2216        IntelIde - ok
13:28:46.0218 2216        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINXP\system32\DRIVERS\Ip6Fw.sys
13:28:46.0281 2216        Ip6Fw - ok
13:28:47.0140 2216        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINXP\system32\DRIVERS\ipfltdrv.sys
13:28:47.0203 2216        IpFilterDriver - ok
13:28:48.0046 2216        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINXP\system32\DRIVERS\ipinip.sys
13:28:48.0109 2216        IpInIp - ok
13:28:48.0968 2216        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINXP\system32\DRIVERS\ipnat.sys
13:28:49.0031 2216        IpNat - ok
13:28:49.0890 2216        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINXP\system32\DRIVERS\ipsec.sys
13:28:49.0953 2216        IPSec - ok
13:28:50.0796 2216        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINXP\system32\DRIVERS\irenum.sys
13:28:50.0843 2216        IRENUM - ok
13:28:51.0687 2216        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINXP\system32\DRIVERS\isapnp.sys
13:28:51.0765 2216        isapnp - ok
13:28:52.0593 2216        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINXP\system32\DRIVERS\kbdclass.sys
13:28:52.0671 2216        Kbdclass - ok
13:28:53.0500 2216        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINXP\system32\DRIVERS\kbdhid.sys
13:28:53.0562 2216        kbdhid - ok
13:28:54.0406 2216        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINXP\system32\drivers\kmixer.sys
13:28:54.0484 2216        kmixer - ok
13:28:55.0312 2216        KSecDD          (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINXP\system32\drivers\KSecDD.sys
13:28:55.0359 2216        KSecDD - ok
13:28:56.0218 2216        LBeepKE        (be2dc24d403643a2d1d98f33c7087b38) C:\WINXP\system32\Drivers\LBeepKE.sys
13:28:56.0218 2216        LBeepKE - ok
13:28:57.0046 2216        lbrtfdc - ok
13:28:57.0890 2216        LCcfltr        (fb5e7a5c86c0b58aa155487b141b8457) C:\WINXP\system32\drivers\lccfltr.sys
13:28:57.0906 2216        LCcfltr - ok
13:28:58.0750 2216        LHidFilt        (01cc7fb6e790ef044b411377f3a1ff41) C:\WINXP\system32\DRIVERS\LHidFilt.Sys
13:28:58.0750 2216        LHidFilt - ok
13:28:59.0593 2216        LMouFilt        (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\WINXP\system32\DRIVERS\LMouFilt.Sys
13:28:59.0609 2216        LMouFilt - ok
13:29:00.0453 2216        LUsbFilt        (ddfa88e36d5f8db5fbdbdddc4969db0a) C:\WINXP\system32\Drivers\LUsbFilt.Sys
13:29:00.0468 2216        LUsbFilt - ok
13:29:01.0312 2216        MBAMSwissArmy - ok
13:29:02.0140 2216        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINXP\system32\drivers\mnmdd.sys
13:29:02.0218 2216        mnmdd - ok
13:29:03.0062 2216        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINXP\system32\drivers\Modem.sys
13:29:03.0140 2216        Modem - ok
13:29:04.0000 2216        Monfilt        (c7d9f9717916b34c1b00dd4834af485c) C:\WINXP\system32\drivers\Monfilt.sys
13:29:04.0031 2216        Monfilt - ok
13:29:04.0890 2216        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINXP\system32\DRIVERS\mouclass.sys
13:29:04.0968 2216        Mouclass - ok
13:29:05.0796 2216        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINXP\system32\DRIVERS\mouhid.sys
13:29:05.0875 2216        mouhid - ok
13:29:06.0718 2216        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINXP\system32\drivers\MountMgr.sys
13:29:06.0796 2216        MountMgr - ok
13:29:07.0625 2216        mraid35x - ok
13:29:08.0484 2216        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINXP\system32\DRIVERS\mrxdav.sys
13:29:08.0562 2216        MRxDAV - ok
13:29:09.0406 2216        MRxSmb          (fb2fccc70f7174c7bf64f48e96d3adf4) C:\WINXP\system32\DRIVERS\mrxsmb.sys
13:29:09.0453 2216        MRxSmb - ok
13:29:10.0312 2216        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINXP\system32\drivers\Msfs.sys
13:29:10.0375 2216        Msfs - ok
13:29:11.0218 2216        MSHUSBVideo    (7a0f9cbdbdb135113b9a3c138e20c85d) C:\WINXP\system32\Drivers\nx6000.sys
13:29:11.0218 2216        MSHUSBVideo - ok
13:29:12.0093 2216        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINXP\system32\drivers\MSKSSRV.sys
13:29:12.0156 2216        MSKSSRV - ok
13:29:13.0000 2216        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINXP\system32\drivers\MSPCLOCK.sys
13:29:13.0062 2216        MSPCLOCK - ok
13:29:13.0921 2216        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINXP\system32\drivers\MSPQM.sys
13:29:14.0000 2216        MSPQM - ok
13:29:14.0843 2216        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINXP\system32\DRIVERS\mssmbios.sys
13:29:14.0906 2216        mssmbios - ok
13:29:15.0765 2216        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINXP\system32\drivers\MSTEE.sys
13:29:15.0828 2216        MSTEE - ok
13:29:16.0718 2216        MTsensor        (d48659bb24c48345d926ecb45c1ebdf5) C:\WINXP\system32\DRIVERS\ASACPI.sys
13:29:16.0765 2216        MTsensor - ok
13:29:17.0640 2216        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINXP\system32\drivers\Mup.sys
13:29:17.0671 2216        Mup - ok
13:29:18.0546 2216        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINXP\system32\DRIVERS\NABTSFEC.sys
13:29:18.0609 2216        NABTSFEC - ok
13:29:19.0531 2216        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINXP\system32\drivers\NDIS.sys
13:29:19.0593 2216        NDIS - ok
13:29:20.0437 2216        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINXP\system32\DRIVERS\NdisIP.sys
13:29:20.0515 2216        NdisIP - ok
13:29:21.0343 2216        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINXP\system32\DRIVERS\ndistapi.sys
13:29:21.0375 2216        NdisTapi - ok
13:29:22.0218 2216        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINXP\system32\DRIVERS\ndisuio.sys
13:29:22.0296 2216        Ndisuio - ok
13:29:23.0125 2216        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINXP\system32\DRIVERS\ndiswan.sys
13:29:23.0203 2216        NdisWan - ok
13:29:24.0031 2216        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINXP\system32\drivers\NDProxy.sys
13:29:24.0078 2216        NDProxy - ok
13:29:24.0921 2216        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINXP\system32\DRIVERS\netbios.sys
13:29:25.0000 2216        NetBIOS - ok
13:29:25.0859 2216        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINXP\system32\DRIVERS\netbt.sys
13:29:25.0921 2216        NetBT - ok
13:29:26.0796 2216        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINXP\system32\drivers\Npfs.sys
13:29:26.0859 2216        Npfs - ok
13:29:27.0718 2216        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINXP\system32\drivers\Ntfs.sys
13:29:27.0796 2216        Ntfs - ok
13:29:28.0640 2216        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINXP\system32\drivers\Null.sys
13:29:28.0718 2216        Null - ok
13:29:29.0546 2216        nusb3hub        (ee0cb811a0f03038c2bc64538aa780f8) C:\WINXP\system32\DRIVERS\nusb3hub.sys
13:29:29.0593 2216        nusb3hub - ok
13:29:30.0437 2216        nusb3xhc        (7caa9f5d8602b236a92b17edc87549f9) C:\WINXP\system32\DRIVERS\nusb3xhc.sys
13:29:30.0468 2216        nusb3xhc - ok
13:29:31.0468 2216        nv              (4b54dcd6adee535df80f07c59ddd8f14) C:\WINXP\system32\DRIVERS\nv4_mini.sys
13:29:31.0796 2216        nv - ok
13:29:32.0656 2216        NVHDA          (6a839ac21ecde8945d52007152f2695e) C:\WINXP\system32\drivers\nvhda32.sys
13:29:32.0656 2216        NVHDA - ok
13:29:33.0515 2216        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINXP\system32\DRIVERS\nwlnkflt.sys
13:29:33.0578 2216        NwlnkFlt - ok
13:29:34.0421 2216        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINXP\system32\DRIVERS\nwlnkfwd.sys
13:29:34.0500 2216        NwlnkFwd - ok
13:29:35.0343 2216        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINXP\system32\DRIVERS\parport.sys
13:29:35.0406 2216        Parport - ok
13:29:36.0250 2216        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINXP\system32\drivers\PartMgr.sys
13:29:36.0312 2216        PartMgr - ok
13:29:37.0140 2216        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINXP\system32\drivers\ParVdm.sys
13:29:37.0203 2216        ParVdm - ok
13:29:38.0062 2216        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINXP\system32\DRIVERS\pccsmcfd.sys
13:29:38.0093 2216        pccsmcfd - ok
13:29:38.0937 2216        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINXP\system32\DRIVERS\pci.sys
13:29:39.0000 2216        PCI - ok
13:29:39.0812 2216        PCIDump - ok
13:29:40.0656 2216        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINXP\system32\DRIVERS\pciide.sys
13:29:40.0718 2216        PCIIde - ok
13:29:41.0562 2216        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINXP\system32\drivers\Pcmcia.sys
13:29:41.0640 2216        Pcmcia - ok
13:29:42.0453 2216        PDCOMP - ok
13:29:43.0265 2216        PDFRAME - ok
13:29:44.0093 2216        PDRELI - ok
13:29:44.0921 2216        PDRFRAME - ok
13:29:45.0750 2216        perc2 - ok
13:29:46.0578 2216        perc2hib - ok
13:29:47.0484 2216        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINXP\system32\DRIVERS\raspptp.sys
13:29:47.0546 2216        PptpMiniport - ok
13:29:48.0406 2216        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINXP\system32\DRIVERS\processr.sys
13:29:48.0484 2216        Processor - ok
13:29:49.0328 2216        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINXP\system32\DRIVERS\psched.sys
13:29:49.0406 2216        PSched - ok
13:29:50.0234 2216        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINXP\system32\DRIVERS\ptilink.sys
13:29:50.0312 2216        Ptilink - ok
13:29:51.0140 2216        PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINXP\system32\Drivers\PxHelp20.sys
13:29:51.0140 2216        PxHelp20 - ok
13:29:51.0968 2216        ql1080 - ok
13:29:52.0781 2216        Ql10wnt - ok
13:29:53.0609 2216        ql12160 - ok
13:29:54.0421 2216        ql1240 - ok
13:29:55.0234 2216        ql1280 - ok
13:29:56.0062 2216        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINXP\system32\DRIVERS\rasacd.sys
13:29:56.0140 2216        RasAcd - ok
13:29:56.0968 2216        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINXP\system32\DRIVERS\rasl2tp.sys
13:29:57.0046 2216        Rasl2tp - ok
13:29:57.0906 2216        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINXP\system32\DRIVERS\raspppoe.sys
13:29:57.0984 2216        RasPppoe - ok
13:29:58.0828 2216        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINXP\system32\DRIVERS\raspti.sys
13:29:58.0890 2216        Raspti - ok
13:29:59.0750 2216        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINXP\system32\DRIVERS\rdbss.sys
13:29:59.0828 2216        Rdbss - ok
13:30:00.0687 2216        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINXP\system32\DRIVERS\RDPCDD.sys
13:30:00.0765 2216        RDPCDD - ok
13:30:01.0593 2216        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINXP\system32\DRIVERS\rdpdr.sys
13:30:01.0656 2216        rdpdr - ok
13:30:02.0500 2216        RDPWD          (fc105dd312ed64eb66bff111e8ec6eac) C:\WINXP\system32\drivers\RDPWD.sys
13:30:02.0531 2216        RDPWD - ok
13:30:03.0359 2216        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINXP\system32\DRIVERS\redbook.sys
13:30:03.0421 2216        redbook - ok
13:30:04.0296 2216        RTLE8023xp      (c6d34a1874cd2b212dc3e788091c64b4) C:\WINXP\system32\DRIVERS\Rtenicxp.sys
13:30:04.0296 2216        RTLE8023xp - ok
13:30:05.0156 2216        RTLWUSB        (c3880bf1bad0b8eb69efb07a9c3fa7d9) C:\WINXP\system32\DRIVERS\wg111v2.sys
13:30:05.0187 2216        RTLWUSB - ok
13:30:05.0281 2216        SbieDrv        (1a62c808cda47b11005b77ee15e40483) C:\Programme\Sandboxie\SbieDrv.sys
13:30:05.0296 2216        SbieDrv - ok
13:30:06.0140 2216        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINXP\system32\DRIVERS\secdrv.sys
13:30:06.0171 2216        Secdrv - ok
13:30:07.0031 2216        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINXP\system32\DRIVERS\serenum.sys
13:30:07.0109 2216        serenum - ok
13:30:07.0937 2216        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINXP\system32\DRIVERS\serial.sys
13:30:08.0015 2216        Serial - ok
13:30:08.0875 2216        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINXP\system32\drivers\Sfloppy.sys
13:30:08.0937 2216        Sfloppy - ok
13:30:09.0765 2216        Simbad - ok
13:30:10.0625 2216        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINXP\system32\DRIVERS\SLIP.sys
13:30:10.0687 2216        SLIP - ok
13:30:11.0515 2216        Sparrow - ok
13:30:12.0359 2216        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINXP\system32\drivers\splitter.sys
13:30:12.0421 2216        splitter - ok
13:30:13.0265 2216        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINXP\system32\DRIVERS\sr.sys
13:30:13.0296 2216        sr - ok
13:30:14.0140 2216        Srv            (9b390283569ea58d43d2586032b892f5) C:\WINXP\system32\DRIVERS\srv.sys
13:30:14.0171 2216        Srv - ok
13:30:15.0015 2216        ssadbus        (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\WINXP\system32\DRIVERS\ssadbus.sys
13:30:15.0015 2216        ssadbus - ok
13:30:15.0875 2216        ssadmdfl        (bb2c84a15c765da89fd832b0e73f26ce) C:\WINXP\system32\DRIVERS\ssadmdfl.sys
13:30:15.0875 2216        ssadmdfl - ok
13:30:16.0750 2216        ssadmdm        (6d0d132ddc6f43eda00dced6d8b1ca31) C:\WINXP\system32\DRIVERS\ssadmdm.sys
13:30:16.0750 2216        ssadmdm - ok
13:30:17.0625 2216        ssadserd        (1a5a397bc459f346ab56492b61ef79f6) C:\WINXP\system32\DRIVERS\ssadserd.sys
13:30:17.0640 2216        ssadserd - ok
13:30:18.0500 2216        sscdbus        (069351a1d7d291013177a90ae6edccbc) C:\WINXP\system32\DRIVERS\sscdbus.sys
13:30:18.0515 2216        sscdbus - ok
13:30:19.0406 2216        sscdmdfl        (1c925be223a5c0f9f469252292a48df6) C:\WINXP\system32\DRIVERS\sscdmdfl.sys
13:30:19.0406 2216        sscdmdfl - ok
13:30:20.0281 2216        sscdmdm        (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\WINXP\system32\DRIVERS\sscdmdm.sys
13:30:20.0281 2216        sscdmdm - ok
13:30:21.0140 2216        StarOpen        (e57b778208c783d8debab320c16a1b82) C:\WINXP\system32\drivers\StarOpen.sys
13:30:21.0156 2216        StarOpen ( UnsignedFile.Multi.Generic ) - warning
13:30:21.0156 2216        StarOpen - detected UnsignedFile.Multi.Generic (1)
13:30:22.0031 2216        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINXP\system32\DRIVERS\StreamIP.sys
13:30:22.0093 2216        streamip - ok
13:30:22.0937 2216        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINXP\system32\DRIVERS\swenum.sys
13:30:23.0015 2216        swenum - ok
13:30:23.0859 2216        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINXP\system32\drivers\swmidi.sys
13:30:23.0937 2216        swmidi - ok
13:30:24.0765 2216        symc810 - ok
13:30:25.0609 2216        symc8xx - ok
13:30:26.0421 2216        sym_hi - ok
13:30:27.0250 2216        sym_u3 - ok
13:30:28.0093 2216        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINXP\system32\drivers\sysaudio.sys
13:30:28.0171 2216        sysaudio - ok
13:30:29.0000 2216        Tcpip          (ad978a1b783b5719720cff204b666c8e) C:\WINXP\system32\DRIVERS\tcpip.sys
13:30:29.0031 2216        Tcpip - ok
13:30:29.0875 2216        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINXP\system32\drivers\TDPIPE.sys
13:30:29.0937 2216        TDPIPE - ok
13:30:30.0765 2216        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINXP\system32\drivers\TDTCP.sys
13:30:30.0843 2216        TDTCP - ok
13:30:31.0671 2216        TermDD          (88155247177638048422893737429d9e) C:\WINXP\system32\DRIVERS\termdd.sys
13:30:31.0734 2216        TermDD - ok
13:30:32.0578 2216        TosIde - ok
13:30:33.0421 2216        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINXP\system32\drivers\Udfs.sys
13:30:33.0484 2216        Udfs - ok
13:30:34.0312 2216        ultra - ok
13:30:34.0406 2216        UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Programme\Unlocker\UnlockerDriver5.sys
13:30:34.0421 2216        UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
13:30:34.0421 2216        UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
13:30:35.0281 2216        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINXP\system32\DRIVERS\update.sys
13:30:35.0359 2216        Update - ok
13:30:36.0203 2216        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINXP\system32\drivers\usbaudio.sys
13:30:36.0281 2216        usbaudio - ok
13:30:37.0109 2216        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINXP\system32\DRIVERS\usbccgp.sys
13:30:37.0171 2216        usbccgp - ok
13:30:38.0031 2216        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINXP\system32\DRIVERS\usbehci.sys
13:30:38.0093 2216        usbehci - ok
13:30:38.0921 2216        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINXP\system32\DRIVERS\usbhub.sys
13:30:39.0000 2216        usbhub - ok
13:30:39.0843 2216        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINXP\system32\DRIVERS\usbohci.sys
13:30:39.0906 2216        usbohci - ok
13:30:40.0750 2216        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINXP\system32\DRIVERS\usbprint.sys
13:30:40.0812 2216        usbprint - ok
13:30:41.0656 2216        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINXP\system32\DRIVERS\usbscan.sys
13:30:41.0734 2216        usbscan - ok
13:30:42.0562 2216        usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINXP\system32\drivers\usbser.sys
13:30:42.0625 2216        usbser - ok
13:30:43.0453 2216        usbstor        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINXP\system32\DRIVERS\USBSTOR.SYS
13:30:43.0531 2216        usbstor - ok
13:30:44.0359 2216        usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINXP\system32\Drivers\usbvideo.sys
13:30:44.0437 2216        usbvideo - ok
13:30:45.0281 2216        VBoxDrv        (49a4673b3e1e167fe5c18f6571d00af5) C:\WINXP\system32\DRIVERS\VBoxDrv.sys
13:30:45.0281 2216        VBoxDrv - ok
13:30:46.0125 2216        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINXP\System32\drivers\vga.sys
13:30:46.0187 2216        VgaSave - ok
13:30:47.0046 2216        ViaIde - ok
13:30:47.0906 2216        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINXP\system32\drivers\VolSnap.sys
13:30:47.0984 2216        VolSnap - ok
13:30:48.0828 2216        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINXP\system32\DRIVERS\wanarp.sys
13:30:48.0906 2216        Wanarp - ok
13:30:49.0750 2216        Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINXP\system32\Drivers\wdf01000.sys
13:30:49.0765 2216        Wdf01000 - ok
13:30:50.0593 2216        WDICA - ok
13:30:51.0437 2216        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINXP\system32\drivers\wdmaud.sys
13:30:51.0500 2216        wdmaud - ok
13:30:52.0375 2216        WmiAcpi        (c42584fd66ce9e17403aebca199f7bdb) C:\WINXP\system32\DRIVERS\wmiacpi.sys
13:30:52.0437 2216        WmiAcpi - ok
13:30:53.0265 2216        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINXP\system32\DRIVERS\wpdusb.sys
13:30:53.0296 2216        WpdUsb - ok
13:30:54.0156 2216        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINXP\system32\DRIVERS\WSTCODEC.SYS
13:30:54.0218 2216        WSTCODEC - ok
13:30:55.0046 2216        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINXP\system32\DRIVERS\WudfPf.sys
13:30:55.0078 2216        WudfPf - ok
13:30:55.0921 2216        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINXP\system32\DRIVERS\wudfrd.sys
13:30:55.0937 2216        WudfRd - ok
13:30:55.0968 2216        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
13:30:56.0156 2216        \Device\Harddisk0\DR0 - ok
13:30:56.0171 2216        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
13:30:56.0390 2216        \Device\Harddisk1\DR1 - ok
13:30:56.0468 2216        Boot (0x1200)  (fd9769de2e96106b74fe44c4cd2e1b6a) \Device\Harddisk0\DR0\Partition0
13:30:56.0468 2216        \Device\Harddisk0\DR0\Partition0 - ok
13:30:56.0468 2216        Boot (0x1200)  (071c2e3da54f8ac431561b4672864736) \Device\Harddisk0\DR0\Partition1
13:30:56.0484 2216        \Device\Harddisk0\DR0\Partition1 - ok
13:30:56.0484 2216        Boot (0x1200)  (8192221707ca58798e1dcc19c30877d9) \Device\Harddisk0\DR0\Partition2
13:30:56.0500 2216        \Device\Harddisk0\DR0\Partition2 - ok
13:30:56.0500 2216        Boot (0x1200)  (bfcd39f0e3e242e6ab7ae2ffe72b2eec) \Device\Harddisk0\DR0\Partition3
13:30:56.0500 2216        \Device\Harddisk0\DR0\Partition3 - ok
13:30:56.0515 2216        Boot (0x1200)  (8222578bb84b287635bffad195c36a0f) \Device\Harddisk0\DR0\Partition4
13:30:56.0515 2216        \Device\Harddisk0\DR0\Partition4 - ok
13:30:56.0546 2216        Boot (0x1200)  (ea7c255cf91a36e5fe664204b3daf623) \Device\Harddisk1\DR1\Partition0
13:30:56.0546 2216        \Device\Harddisk1\DR1\Partition0 - ok
13:30:56.0562 2216        Boot (0x1200)  (9b3752b8442cbe1de589371d168886d4) \Device\Harddisk1\DR1\Partition1
13:30:56.0562 2216        \Device\Harddisk1\DR1\Partition1 - ok
13:30:56.0562 2216        ============================================================
13:30:56.0562 2216        Scan finished
13:30:56.0562 2216        ============================================================
13:30:56.0671 4032        Detected object count: 4
13:30:56.0671 4032        Actual detected object count: 4
14:29:00.0406 4032        AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
14:29:00.0406 4032        AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:29:00.0406 4032        BootScreen ( UnsignedFile.Multi.Generic ) - skipped by user
14:29:00.0406 4032        BootScreen ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:29:00.0406 4032        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
14:29:00.0406 4032        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:29:00.0421 4032        UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:29:00.0421 4032        UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 12.12.2011 10:06
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Taranos 13.12.2011 13:47
Hier das Combofix Log
[code]
Combofix Logfile:
Code:
ComboFix 11-12-12.02 - Swift 13.12.2011  13:25:45.1.4 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.3327.2815 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\Swift\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\PostBuild.exe
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe
c:\dokumente und einstellungen\Swift\Favoriten\DOWNLOAD5000.COM - FREE DOWNLOADS, GAMES, UTILITIES.url
c:\dokumente und einstellungen\Swift\Favoriten\OPENSCREENSAVER.COM - HUNDREDS OF FREE SCREENSAVERS.url
c:\dokumente und einstellungen\Swift\WINDOWS
c:\winxp\system32\muzapp.exe
c:\winxp\system32\PowerToyReadme.htm
c:\winxp\unin0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-11-13 bis 2011-12-13  ))))))))))))))))))))))))))))))
.
.
2011-12-09 17:05 . 2011-12-09 17:05        --------        d-----w-        C:\_OTL
2011-12-07 23:50 . 2011-12-07 23:50        --------        d-----w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\TechSmith
2011-12-07 19:38 . 2011-12-07 19:38        --------        d-----w-        c:\programme\ESET
2011-12-07 15:16 . 2011-12-07 15:16        --------        d-----w-        c:\programme\UPHClean
2011-12-07 14:33 . 2011-12-07 14:33        --------        d-----w-        c:\programme\MSECache
2011-12-03 12:46 . 2011-03-28 19:51        4323256        ----a-w-        c:\winxp\system32\GameMon.des
2011-12-03 12:46 . 2005-01-02 21:43        4682        ----a-w-        c:\winxp\system32\npptNT2.sys
2011-12-03 12:46 . 2003-07-19 06:17        5174        ----a-w-        c:\winxp\system32\nppt9x.vxd
2011-12-03 12:45 . 2011-12-03 12:45        --------        d-----w-        C:\Program Files
2011-12-03 01:06 . 2011-12-03 01:06        --------        d-----w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\assembly
2011-12-03 01:05 . 2011-12-03 01:05        --------        d-----w-        c:\programme\NCSoft
2011-12-03 00:41 . 2011-12-03 00:41        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\ReactGames
2011-12-02 20:34 . 2008-04-13 21:15        26112        -c--a-w-        c:\winxp\system32\dllcache\usbser.sys
2011-12-02 20:34 . 2008-04-13 21:15        26112        ----a-w-        c:\winxp\system32\drivers\usbser.sys
2011-12-02 20:33 . 2011-12-02 20:33        --------        d-----w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\Nokia
2011-12-02 20:33 . 2011-12-02 20:33        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\PC Suite
2011-12-02 20:33 . 2011-12-02 20:43        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\PC Suite
2011-12-02 20:32 . 2011-12-02 20:32        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Nokia
2011-12-02 20:32 . 2011-12-02 20:32        --------        d-----w-        c:\programme\DIFX
2011-12-02 20:32 . 2008-08-26 09:26        18816        ----a-w-        c:\winxp\system32\drivers\pccsmcfd.sys
2011-12-02 20:32 . 2011-12-02 20:32        --------        d-----w-        c:\programme\PC Connectivity Solution
2011-12-02 20:32 . 2011-08-17 11:57        123904        ----a-w-        c:\winxp\system32\ccdcmbwu.dll
2011-12-02 20:32 . 2011-08-17 11:57        605696        ----a-w-        c:\winxp\system32\nmwcdcocls.dll
2011-12-02 20:32 . 2011-05-18 09:09        1461992        ----a-w-        c:\winxp\system32\wdfcoinstaller01009.dll
2011-12-02 20:32 . 2011-08-17 11:57        75264        ----a-w-        c:\winxp\system32\nmwcdcls.dll
2011-12-02 20:31 . 2011-12-04 12:25        --------        d-----w-        c:\programme\Nokia
2011-12-02 19:42 . 2011-12-02 19:42        --------        d-----w-        c:\programme\Recuva
2011-12-02 02:35 . 2011-12-02 02:35        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Age of Empires 3
2011-12-02 00:26 . 2011-12-03 03:08        --------        d-----w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
2011-12-02 00:25 . 2011-12-13 12:35        --------        d-----w-        c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
2011-12-02 00:25 . 2011-12-02 00:25        --------        d-----w-        c:\programme\LogMeIn Hamachi
2011-12-01 16:19 . 2011-12-01 16:19        --------        d-----w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\Samsung
2011-12-01 16:19 . 2011-12-01 16:19        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Samsung
2011-12-01 16:17 . 2011-10-31 10:22        4659712        ----a-w-        c:\winxp\system32\Redemption.dll
2011-12-01 16:17 . 2011-12-01 16:17        --------        d-----w-        c:\programme\MarkAny
2011-12-01 16:17 . 2011-10-31 10:22        821824        ----a-w-        c:\winxp\system32\dgderapi.dll
2011-12-01 16:17 . 2011-10-31 10:22        319456        ----a-w-        c:\winxp\system32\DIFxAPI.dll
2011-12-01 16:17 . 2011-10-31 10:22        20032        ----a-w-        c:\winxp\system32\drivers\dgderdrv.sys
2011-12-01 16:16 . 2011-12-01 16:18        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Samsung
2011-11-25 22:47 . 2011-11-25 22:47        --------        d-----w-        c:\programme\SuperScan
2011-11-25 20:04 . 2011-11-25 20:25        --------        d-----w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\Ubisoft Game Launcher
2011-11-25 00:49 . 2011-11-25 00:49        --------        d-----w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\Criterion Games
2011-11-24 21:18 . 2011-11-24 21:18        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\EA Core
2011-11-24 21:18 . 2011-11-24 21:18        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Electronic Arts
2011-11-24 21:18 . 2011-11-24 21:18        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\EA Logs
2011-11-24 21:16 . 2011-11-24 21:16        --------        d--h--w-        c:\programme\Gemeinsame Dateien\EAInstaller
2011-11-24 21:01 . 2011-12-07 02:15        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Kalypso Media
2011-11-24 19:14 . 2011-11-24 19:14        --------        d-----w-        c:\programme\Microsoft.NET
2011-11-23 16:48 . 2011-11-29 02:06        --------        d-----w-        c:\programme\Gemeinsame Dateien\BioWare
2011-11-22 18:23 . 2011-11-22 18:23        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Canneverbe Limited
2011-11-22 18:23 . 2011-11-22 18:23        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
2011-11-22 17:56 . 2011-11-22 17:56        --------        d-----w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\Xara
2011-11-22 17:56 . 2011-11-22 18:17        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\MAGIX
2011-11-22 17:49 . 2011-11-22 17:49        --------        d-----w-        c:\programme\Gemeinsame Dateien\MAGIX Shared
2011-11-22 17:44 . 2011-11-22 17:44        --------        d-----w-        c:\programme\MAGIX
2011-11-22 17:44 . 2011-11-22 18:17        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\MAGIX
2011-11-22 17:44 . 2011-11-22 17:44        --------        d-----w-        c:\programme\Gemeinsame Dateien\MAGIX Services
2011-11-22 17:44 . 2011-11-22 17:44        --------        d-----w-        c:\programme\MSXML 4.0
2011-11-22 00:29 . 2011-11-22 00:29        --------        d-----w-        c:\programme\Gemeinsame Dateien\DVDVideoSoft
2011-11-22 00:29 . 2011-11-22 00:29        --------        d-----w-        c:\programme\DVDVideoSoft
2011-11-21 23:49 . 2011-11-21 23:51        --------        d-----w-        c:\programme\Das Planetarium
2011-11-21 21:37 . 2011-11-21 23:50        --------        d-----w-        c:\winxp\backup_planetarium
2011-11-21 21:37 . 2009-11-09 08:46        81920        ----a-w-        c:\winxp\system32\GkSui20.EXE
2011-11-21 21:37 . 2004-08-04 18:42        233542        ----a-w-        c:\winxp\system32\vcdll.dll
2011-11-21 21:37 . 2000-10-01 23:00        125712        ----a-w-        c:\winxp\system32\vb6de.dll
2011-11-21 21:37 . 2000-07-14 23:00        101888        ----a-w-        c:\winxp\system32\VB6STKIT.DLL
2011-11-21 21:37 . 1998-07-05 23:00        16896        ----a-w-        c:\winxp\system32\winskde.dll
2011-11-21 21:37 . 1998-07-05 22:00        6656        ----a-w-        c:\winxp\system32\STDFTDE.DLL
2011-11-21 21:37 . 2004-03-08 23:00        212240        ----a-w-        c:\winxp\system32\richtx32.ocx
2011-11-21 21:37 . 1998-07-05 22:00        36352        ----a-w-        c:\winxp\system32\RCHTXDE.DLL
2011-11-21 21:29 . 2011-11-21 21:29        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Stellarium
2011-11-21 21:29 . 2011-11-21 21:29        --------        d-----w-        c:\programme\Stellarium
2011-11-20 17:53 . 2011-11-20 17:53        --------        d-----w-        c:\programme\Pegasys Inc
2011-11-20 17:00 . 2011-11-20 17:00        --------        d-----w-        c:\dokumente und einstellungen\Swift\VirtualBox VMs
2011-11-20 16:40 . 2011-12-06 17:25        --------        d-----w-        c:\dokumente und einstellungen\Swift\.VirtualBox
2011-11-20 10:18 . 2011-11-20 10:18        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Apple Computer
2011-11-20 03:26 . 2011-11-20 03:26        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Pegasys Inc
2011-11-19 19:22 . 2011-11-19 19:22        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer
2011-11-19 19:21 . 2011-11-19 19:21        --------        d-----w-        c:\programme\Apple Software Update
2011-11-19 19:17 . 2011-11-19 19:17        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Sony
2011-11-19 19:17 . 2011-11-19 19:17        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Publish Providers
2011-11-19 19:15 . 2011-11-19 19:40        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Sony
2011-11-19 19:15 . 2011-11-19 19:15        --------        d-----w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\Sony
2011-11-18 21:52 . 2009-09-27 08:39        369152        ----a-w-        c:\winxp\system32\avisynth.dll
2011-11-18 21:52 . 2005-07-14 11:31        32256        ----a-w-        c:\winxp\system32\AVSredirect.dll
2011-11-18 21:52 . 2004-02-22 09:11        719872        ----a-w-        c:\winxp\system32\devil.dll
2011-11-18 21:52 . 2004-01-24 23:00        70656        ----a-w-        c:\winxp\system32\yv12vfw.dll
2011-11-18 21:52 . 2004-01-24 23:00        70656        ----a-w-        c:\winxp\system32\i420vfw.dll
2011-11-18 21:52 . 2011-11-18 21:52        --------        d-----w-        c:\programme\AviSynth 2.5
2011-11-18 21:50 . 2011-11-18 21:50        --------        d-----w-        c:\programme\Babylon
2011-11-18 17:22 . 2007-10-20 11:04        1708        ----a-w-        c:\winxp\system32\openIE.js
2011-11-18 17:22 . 2011-11-18 17:22        --------        d-----w-        c:\winxp\system32\languages
2011-11-18 17:22 . 2009-12-06 14:35        248320        ----a-w-        c:\winxp\system32\ff_kernelDeint.dll
2011-11-18 17:22 . 2011-11-18 17:21        1190521        ----a-w-        c:\winxp\system32\unins000.exe
2011-11-18 17:22 . 2009-12-09 16:38        4844283        ----a-w-        c:\winxp\system32\libavcodec.dll
2011-11-18 17:22 . 2009-12-05 20:55        146944        ----a-w-        c:\winxp\system32\ff_tremor.dll
2011-11-18 17:22 . 2009-12-05 16:16        957491        ----a-w-        c:\winxp\system32\ff_x264.dll
2011-11-18 17:22 . 2009-12-05 16:12        612342        ----a-w-        c:\winxp\system32\libmplayer.dll
2011-11-18 13:33 . 2008-04-14 09:00        26624        ----a-w-        c:\dokumente und einstellungen\LocalService\Anwendungsdaten\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-11-17 22:27 . 2011-11-17 22:27        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\boost_interprocess
2011-11-17 22:16 . 2011-11-04 12:42        158512        ----a-w-        c:\winxp\system32\drivers\VBoxDrv.sys
2011-11-17 22:16 . 2011-11-17 22:16        --------        d-----w-        c:\programme\Oracle
2011-11-17 12:16 . 2011-11-17 12:16        --------        d-----w-        c:\programme\OO Software
2011-11-17 01:00 . 2011-11-17 01:00        --------        d-----w-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Foxit Software
2011-11-14 14:07 . 2008-04-13 21:17        25856        -c--a-w-        c:\winxp\system32\dllcache\usbprint.sys
2011-11-14 14:07 . 2008-04-13 21:17        25856        ----a-w-        c:\winxp\system32\drivers\usbprint.sys
2011-11-14 14:07 . 2011-11-14 14:11        --------        d-----w-        c:\programme\Lexmark X1100 Series
2011-11-14 14:07 . 2008-04-13 21:15        15104        -c--a-w-        c:\winxp\system32\dllcache\usbscan.sys
2011-11-14 14:07 . 2008-04-13 21:15        15104        ----a-w-        c:\winxp\system32\drivers\usbscan.sys
2011-11-14 14:07 . 2001-08-18 01:54        87040        -c--a-w-        c:\winxp\system32\dllcache\wiafbdrv.dll
2011-11-14 14:07 . 2001-08-18 01:54        87040        ----a-w-        c:\winxp\system32\wiafbdrv.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-11-08 11:37        41184        ----a-w-        c:\winxp\avastSS.scr
2011-11-28 18:01 . 2011-11-08 11:37        199816        ----a-w-        c:\winxp\system32\aswBoot.exe
2011-11-28 17:53 . 2011-11-08 11:37        435032        ----a-w-        c:\winxp\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-11-08 11:37        314456        ----a-w-        c:\winxp\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-11-08 11:37        34392        ----a-w-        c:\winxp\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-11-08 11:37        52952        ----a-w-        c:\winxp\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-11-08 11:37        111320        ----a-w-        c:\winxp\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-11-08 11:37        105176        ----a-w-        c:\winxp\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-11-08 11:37        20568        ----a-w-        c:\winxp\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-11-08 11:37        30808        ----a-w-        c:\winxp\system32\drivers\aavmker4.sys
2011-11-16 11:49 . 2011-11-08 12:43        414368        ----a-w-        c:\winxp\system32\FlashPlayerCPLApp.cpl
2011-11-09 12:44 . 2008-04-14 09:00        219136        ----a-w-        c:\winxp\system32\uxtheme.dll
2011-11-09 12:43 . 2011-11-09 02:20        163584        ----a-w-        c:\winxp\system32\drivers\vidstub.sys
2011-11-08 18:47 . 2009-08-18 10:30        564632        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\IdentityCRL\production\wlidui.dll
2011-11-08 18:47 . 2009-08-18 10:24        18328        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-08 18:41 . 2011-11-08 17:30        444952        ----a-w-        c:\winxp\system32\wrap_oal.dll
2011-11-08 18:41 . 2011-11-08 17:30        109080        ----a-w-        c:\winxp\system32\OpenAL32.dll
2011-11-08 13:12 . 2011-11-08 13:12        40960        ----a-r-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Microsoft\Installer\{A1A2ACDC-0C22-4EB1-B958-1898A93DAF28}\NewShortcut5_A1A2ACDC0C224EB1B9581898A93DAF28_1.exe
2011-11-08 13:12 . 2011-11-08 13:12        40960        ----a-r-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Microsoft\Installer\{A1A2ACDC-0C22-4EB1-B958-1898A93DAF28}\NewShortcut4_A1A2ACDC0C224EB1B9581898A93DAF28_2.exe
2011-11-08 13:12 . 2011-11-08 13:12        40960        ----a-r-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Microsoft\Installer\{A1A2ACDC-0C22-4EB1-B958-1898A93DAF28}\NewShortcut3_A1A2ACDC0C224EB1B9581898A93DAF28_2.exe
2011-11-08 13:12 . 2011-11-08 13:12        40960        ----a-r-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Microsoft\Installer\{A1A2ACDC-0C22-4EB1-B958-1898A93DAF28}\NewShortcut2_A1A2ACDC0C224EB1B9581898A93DAF28_2.exe
2011-11-08 13:12 . 2011-11-08 13:12        40960        ----a-r-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Microsoft\Installer\{A1A2ACDC-0C22-4EB1-B958-1898A93DAF28}\NewShortcut1_A1A2ACDC0C224EB1B9581898A93DAF28_2.exe
2011-11-08 13:02 . 2011-11-08 13:02        53248        ----a-r-        c:\dokumente und einstellungen\Swift\Anwendungsdaten\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-11-08 13:01 . 2011-11-08 13:01        16400        ----a-w-        c:\winxp\system32\drivers\LNonPnP.sys
2011-11-08 12:57 . 2011-11-08 12:57        232512        ----a-w-        c:\winxp\system32\drivers\dtsoftbus01.sys
2011-11-08 11:39 . 2011-11-08 11:39        21035        ----a-w-        c:\winxp\system32\drivers\AegisP.sys
2011-10-31 10:22 . 2011-10-31 10:22        90112        ----a-w-        c:\winxp\MAMCityDownload.ocx
2011-10-31 10:22 . 2011-10-31 10:22        325552        ----a-w-        c:\winxp\MASetupCaller.dll
2011-10-31 10:22 . 2011-10-31 10:22        30568        ----a-w-        c:\winxp\MusiccityDownload.exe
2011-10-31 10:22 . 2011-10-31 10:22        81920        ----a-w-        c:\winxp\system32\issacapi_bs-2.3.dll
2011-10-31 10:22 . 2011-10-31 10:22        65536        ----a-w-        c:\winxp\system32\issacapi_pe-2.3.dll
2011-10-31 10:22 . 2011-10-31 10:22        57344        ----a-w-        c:\winxp\system32\issacapi_se-2.3.dll
2011-10-31 10:22 . 2011-10-31 10:22        49152        ----a-w-        c:\winxp\system32\MaJGUILib.dll
2011-10-31 10:22 . 2011-10-31 10:22        45056        ----a-w-        c:\winxp\system32\MaXMLProto.dll
2011-10-31 10:22 . 2011-10-31 10:22        40960        ----a-w-        c:\winxp\system32\MTTELECHIP.dll
2011-10-31 10:22 . 2011-10-31 10:22        200704        ----a-w-        c:\winxp\system32\muzwmts.dll
2011-10-31 10:22 . 2011-10-31 10:22        143360        ----a-w-        c:\winxp\system32\3DAudio.ax
2011-10-31 10:22 . 2011-10-31 10:22        135168        ----a-w-        c:\winxp\system32\muzaf1.dll
2011-10-31 10:22 . 2011-10-31 10:22        122880        ----a-w-        c:\winxp\system32\muzeffect.ax
2011-10-31 10:22 . 2011-10-31 10:22        118784        ----a-w-        c:\winxp\system32\MaDRM.dll
2011-10-31 10:22 . 2011-10-31 10:22        110592        ----a-w-        c:\winxp\system32\muzmp4sp.ax
2011-10-31 10:22 . 2011-10-31 10:22        974848        ----a-w-        c:\winxp\system32\cis-2.4.dll
2011-10-31 10:22 . 2011-10-31 10:22        57344        ----a-w-        c:\winxp\system32\MTXSYNCICON.dll
2011-10-31 10:22 . 2011-10-31 10:22        57344        ----a-w-        c:\winxp\system32\MK_Lyric.dll
2011-10-31 10:22 . 2011-10-31 10:22        569344        ----a-w-        c:\winxp\system32\muzdecode.ax
2011-10-31 10:22 . 2011-10-31 10:22        491520        ----a-w-        c:\winxp\system32\muzapp.dll
2011-10-31 10:22 . 2011-10-31 10:22        45056        ----a-w-        c:\winxp\system32\MACXMLProto.dll
2011-10-31 10:22 . 2011-10-31 10:22        40960        ----a-w-        c:\winxp\system32\MAMACExtract.dll
2011-10-31 10:22 . 2011-10-31 10:22        352256        ----a-w-        c:\winxp\system32\MSLUR71.dll
2011-10-31 10:22 . 2011-10-31 10:22        258048        ----a-w-        c:\winxp\system32\muzoggsp.ax
2011-10-31 10:22 . 2011-10-31 10:22        245760        ----a-w-        c:\winxp\system32\MSCLib.dll
2011-10-31 10:22 . 2011-10-31 10:22        24576        ----a-w-        c:\winxp\system32\MASetupCleaner.exe
2011-10-31 10:22 . 2011-10-31 10:22        155648        ----a-w-        c:\winxp\system32\MSFLib.dll
2011-10-31 10:22 . 2011-10-31 10:22        14336        ----a-w-        c:\winxp\system32\avrt.dll
2011-10-31 10:22 . 2011-10-31 10:22        131072        ----a-w-        c:\winxp\system32\muzmpgsp.ax
2011-10-25 21:57 . 2011-10-25 21:57        1627472        ----a-w-        c:\winxp\system32\ooscrsav.scr
2011-10-25 21:56 . 2011-10-25 21:56        275792        ----a-w-        c:\winxp\system32\oodbs.exe
2011-10-25 21:56 . 2011-10-25 21:56        536400        ----a-w-        c:\winxp\system32\oodssrs.dll
2011-10-25 21:55 . 2011-10-25 21:55        10576        ----a-w-        c:\winxp\system32\oodbsrs.dll
2011-10-24 13:29 . 2011-10-24 13:29        94208        ----a-w-        c:\winxp\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29        69632        ----a-w-        c:\winxp\system32\QuickTime.qts
2011-10-19 13:16 . 2011-10-19 13:16        49152        ----a-r-        c:\winxp\system32\inetwh32.dll
2011-10-19 13:16 . 2011-10-19 13:16        1044480        ----a-r-        c:\winxp\system32\roboex32.dll
2011-10-10 14:21 . 2011-11-08 11:12        692736        ----a-w-        c:\winxp\system32\inetcomm.dll
2011-10-08 04:50 . 2011-11-08 11:30        335872        ----a-w-        c:\winxp\system32\nvrsar.dll
2011-10-08 04:50 . 2011-11-08 11:30        331776        ----a-w-        c:\winxp\system32\nvrshe.dll
2011-10-08 04:50 . 2011-11-08 11:30        298304        ----a-w-        c:\winxp\system32\nvsvc32.exe
2011-10-08 04:50 . 2011-11-08 11:30        286720        ----a-w-        c:\winxp\system32\nvrsfr.dll
2011-10-08 04:50 . 2011-11-08 11:30        282624        ----a-w-        c:\winxp\system32\nvrsit.dll
2011-10-08 04:50 . 2011-11-08 11:30        282624        ----a-w-        c:\winxp\system32\nvrses.dll
2011-10-08 04:50 . 2011-11-08 11:30        282624        ----a-w-        c:\winxp\system32\nvrsel.dll
2011-10-08 04:50 . 2011-11-08 11:30        278528        ----a-w-        c:\winxp\system32\nvrsde.dll
2011-10-08 04:50 . 2011-11-08 11:30        274432        ----a-w-        c:\winxp\system32\nvrspt.dll
2011-10-08 04:50 . 2011-11-08 11:30        274432        ----a-w-        c:\winxp\system32\nvrsnl.dll
2011-10-08 04:50 . 2011-11-08 11:30        274432        ----a-w-        c:\winxp\system32\nvrsesm.dll
2011-10-08 04:50 . 2011-11-08 11:30        270336        ----a-w-        c:\winxp\system32\nvrsru.dll
2011-10-08 04:50 . 2011-11-08 11:30        270336        ----a-w-        c:\winxp\system32\nvrsptb.dll
2011-10-08 04:50 . 2011-11-08 11:30        270336        ----a-w-        c:\winxp\system32\nvrsja.dll
2011-10-08 04:50 . 2011-11-08 11:30        266240        ----a-w-        c:\winxp\system32\nvrsko.dll
2011-10-08 04:50 . 2011-11-08 11:30        262144        ----a-w-        c:\winxp\system32\nvrshu.dll
2011-10-08 04:50 . 2011-11-08 11:30        258048        ----a-w-        c:\winxp\system32\nvrstr.dll
2011-10-08 04:50 . 2011-11-08 11:30        258048        ----a-w-        c:\winxp\system32\nvrssl.dll
2011-10-08 04:50 . 2011-11-08 11:30        258048        ----a-w-        c:\winxp\system32\nvrssk.dll
2011-10-08 04:50 . 2011-11-08 11:30        258048        ----a-w-        c:\winxp\system32\nvrspl.dll
2011-10-08 04:50 . 2011-11-08 11:30        253952        ----a-w-        c:\winxp\system32\nvrsth.dll
2011-10-08 04:50 . 2011-11-08 11:30        253952        ----a-w-        c:\winxp\system32\nvrssv.dll
2011-10-08 04:50 . 2011-11-08 11:30        253952        ----a-w-        c:\winxp\system32\nvrsno.dll
2011-10-08 04:50 . 2011-11-08 11:30        253952        ----a-w-        c:\winxp\system32\nvrsda.dll
2011-10-08 04:50 . 2011-11-08 11:30        249856        ----a-w-        c:\winxp\system32\nvrsfi.dll
2011-10-08 04:50 . 2011-11-08 11:30        249856        ----a-w-        c:\winxp\system32\nvrseng.dll
2011-10-08 04:50 . 2011-11-08 11:30        249856        ----a-w-        c:\winxp\system32\nvrscs.dll
2011-10-08 04:50 . 2011-11-08 11:30        229376        ----a-w-        c:\winxp\system32\nvrszhc.dll
2011-10-08 04:50 . 2011-11-08 11:30        220992        ----a-w-        c:\winxp\system32\nvcolor.exe
2011-10-08 04:50 . 2011-11-08 11:30        126976        ----a-w-        c:\winxp\system32\nvrszht.dll
2011-10-08 04:50 . 2011-11-08 11:30        203072        ----a-w-        c:\winxp\system32\nvmctray.dll
2011-10-08 04:50 . 2011-11-08 11:30        16744256        ----a-w-        c:\winxp\system32\nvcpl.dll
2011-10-08 04:50 . 2011-11-08 11:30        602432        ----a-w-        c:\winxp\system32\easyupdatusapiu.dll
2011-10-08 04:50 . 2011-11-08 11:30        54272        ----a-w-        c:\winxp\system32\nvwddi.dll
2011-10-08 04:50 . 2011-11-08 11:29        877376        ----a-w-        c:\winxp\system32\nvgenco32.dll
2011-10-08 04:50 . 2011-11-08 11:29        65536        ----a-w-        c:\winxp\system32\OpenCL.dll
2011-11-09 00:51 . 2011-11-08 11:41        134104        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll
2006-05-03 11:06        163328        --sha-r-        c:\winxp\system32\flvDX.dll
2007-02-21 12:47        31232        --sha-r-        c:\winxp\system32\msfDX.dll
2008-03-16 14:30        216064        --sha-r-        c:\winxp\system32\nbDX.dll
2010-01-06 23:00        107520        --sha-r-        c:\winxp\system32\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01        122512        ----a-w-        c:\programme\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\programme\Sandboxie\SbieCtrl.exe" [2011-10-12 438544]
"DAEMON Tools Lite"="c:\programme\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-06 19556968]
"NvCplDaemon"="c:\winxp\system32\NvCpl.dll" [2011-10-08 16744256]
"NvMediaCenter"="c:\winxp\system32\NvMcTray.dll" [2011-10-08 203072]
"nwiz"="c:\programme\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]
"avast"="c:\programme\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"EvtMgr6"="c:\programme\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"zBrowser Launcher"="c:\programme\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"BootSkin Startup Jobs"="c:\programme\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"OODefragTray"="c:\programme\OO Software\Defrag\oodtray.exe" [2011-10-25 2770768]
.
c:\dokumente und einstellungen\Swift\Startmenü\Programme\Autostart\
Gammacontrol.exe [2004-9-17 19968]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
NETGEAR WG111v2 Smart Wizard.lnk - c:\programme\NETGEAR\WG111v2\WG111v2.exe [2011-11-8 1268192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03        66328        ----a-w-        c:\programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
2011-11-17 05:58        3303000        ----a-w-        c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 06:22        59240        ----a-w-        c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 09:00        15360        ----a-w-        c:\winxp\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
2011-12-01 03:04        929280        ----a-w-        c:\programme\Samsung\Kies\KiesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2011-11-30 11:28        21392        ----a-w-        c:\programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2011-11-30 11:28        3508624        ----a-w-        c:\programme\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
2003-08-19 09:51        57344        ----a-w-        c:\programme\Lexmark X1100 Series\lxbkbmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2010-12-13 13:37        135536        ----a-w-        c:\programme\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2011-08-04 13:34        1955208        ----a-w-        c:\programme\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
2010-03-30 07:40        113296        ----a-w-        c:\programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2011-10-25 21:57        2770768        ----a-w-        c:\programme\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28        421888        ----a-w-        c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06        254696        ----a-w-        c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
2008-08-07 16:18        90112        ----a-w-        c:\programme\MAGIX\Video_deluxe_MX_Premium\Trayserver_DE.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Programme\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Programme\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Programme\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Programme\\Microsoft LifeCam\\LifeTray.exe"=
"c:\\Programme\\Winamp\\winamp.exe"=
"e:\\Steam\\Steam.exe"=
"c:\\Programme\\ICQ7.6\\ICQ.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Driver San Francisco\\Driver.exe"=
"c:\\Programme\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"d:\\Battlefield 2\\BF2.exe"=
"c:\\Programme\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programme\\Java\\jre6\\bin\\java.exe"=
"d:\\Fable III\\Fable3.exe"=
"e:\\Steam\\SteamApps\\common\\burnout(tm) paradise the ultimate box\\BurnoutParadise.exe"=
"e:\\Steam\\SteamApps\\common\\burnout(tm) paradise the ultimate box\\BurnoutConfigTool.exe"=
"e:\\Steam\\SteamApps\\common\\burnout(tm) paradise the ultimate box\\Support\\EA Help\\Electronic_Arts_Technical_Support.htm"=
"e:\\Steam\\SteamApps\\e02b51861a8808c834d4d99717a53d37\\team fortress 2\\hl2.exe"=
"e:\\Call of Duty- Modern Warfare 3\\iw5mp_server.exe"=
"e:\\HLServer\\orangebox\\srcds.exe"=
"e:\\Steam\\SteamApps\\common\\dc universe online\\LaunchPad.exe"=
"c:\\Dokumente und Einstellungen\\Swift\\Lokale Einstellungen\\Anwendungsdaten\\Akamai\\netsession_win.exe"=
"e:\\Steam\\SteamApps\\common\\dc universe online\\UNREAL3\\BINARIES\\WIN32\\DCGAME.EXE"=
"e:\\Steam\\SteamApps\\common\\magicka\\Magicka.exe"=
"f:\\Rock of Ages\\Binaries\\Win32\\RoA.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"f:\\Age of Empires III\\age3.exe"=
"f:\\Lineage II OFFI\\System\\L2.bin"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"f:\\Age of Empires III\\age3x.exe"=
"f:\\Age of Empires III\\age3y.exe"=
"e:\\Steam\\SteamApps\\e02b51861a8808c834d4d99717a53d37\\counter-strike\\hl.exe"=
.
R1 aswSnx;aswSnx;c:\winxp\system32\drivers\aswSnx.sys [08.11.2011 12:37 435032]
R1 aswSP;aswSP;c:\winxp\system32\drivers\aswSP.sys [08.11.2011 12:37 314456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\winxp\system32\drivers\dtsoftbus01.sys [08.11.2011 13:57 232512]
R1 VBoxDrv;VirtualBox Service;c:\winxp\system32\drivers\VBoxDrv.sys [17.11.2011 23:16 158512]
R2 Akamai;Akamai NetSession Interface;c:\winxp\System32\svchost.exe -k Akamai [14.04.2008 10:00 14336]
R2 aswFsBlk;aswFsBlk;c:\winxp\system32\drivers\aswFsBlk.sys [08.11.2011 12:37 20568]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe [24.05.2011 10:33 1840128]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\programme\LogMeIn Hamachi\hamachi-2.exe [04.08.2011 14:34 1361288]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\winxp\system32\drivers\LBeepKE.sys [08.11.2011 14:00 12184]
R2 OODefragAgent;O&O Defrag;c:\programme\OO Software\Defrag\oodag.exe [25.10.2011 22:56 2485072]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\winxp\system32\drivers\nusb3hub.sys [24.02.2010 11:09 60544]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\winxp\system32\drivers\nusb3xhc.sys [24.02.2010 11:09 141568]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\winxp\system32\drivers\nvhda32.sys [08.11.2011 12:29 119656]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\winxp\system32\drivers\wg111v2.sys [08.11.2011 12:38 272128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\winxp\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.03.2010 13:16 130384]
S3 Ambfilt;Ambfilt;c:\winxp\system32\drivers\Ambfilt.sys [08.11.2011 12:25 1691480]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\winxp\system32\drivers\ssadadb.sys [01.12.2011 17:18 30312]
S3 cpuz130;cpuz130;\??\c:\dokume~1\Swift\LOKALE~1\Temp\cpuz130\cpuz_x32.sys --> c:\dokume~1\Swift\LOKALE~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe [26.04.2011 13:54 2702848]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\winxp\system32\drivers\mbamswissarmy.sys --> c:\winxp\system32\drivers\mbamswissarmy.sys [?]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\winxp\system32\drivers\nx6000.sys [08.11.2011 13:04 30576]
S3 npggsvc;nProtect GameGuard Service;c:\winxp\system32\GameMon.des -service --> c:\winxp\system32\GameMon.des -service [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\winxp\system32\drivers\ssadbus.sys [01.12.2011 17:18 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\winxp\system32\drivers\ssadmdfl.sys [01.12.2011 17:18 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\winxp\system32\drivers\ssadmdm.sys [01.12.2011 17:18 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\winxp\system32\drivers\ssadserd.sys [01.12.2011 17:18 114280]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\winxp\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.03.2010 13:16 753504]
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - uphcleanhlp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-13 c:\winxp\Tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1343024091-725345543-1003Core.job
- c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2011-11-08 11:59]
.
2011-12-13 c:\winxp\Tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1343024091-725345543-1003UA.job
- c:\dokumente und einstellungen\Swift\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2011-11-08 11:59]
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page =
mLocal Page =
IE: Free YouTube to MP3 Converter - c:\dokumente und einstellungen\Swift\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\programme\ICQ7.6\ICQ.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{6D171304-CB9F-47FB-9996-5C726C97DEF3}: NameServer = 192.168.1.1,192.168.100.111
FF - ProfilePath - c:\dokumente und einstellungen\Swift\Anwendungsdaten\Mozilla\Firefox\Profiles\gne0ap18.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-Malwarebytes' Anti-Malware - c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe
AddRemove-InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046} - c:\programme\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\autorun.exe
AddRemove-01_Simmental - c:\programme\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\programme\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\programme\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\programme\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\programme\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\programme\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\programme\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\programme\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\programme\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\programme\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\programme\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\programme\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\programme\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\programme\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\programme\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\programme\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\programme\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\programme\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\programme\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-12-13 13:35
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="c:\programme\gemeinsame dateien\akamai/netsession_win_d768ebc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\winxp\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="F2ADAD6FBB4CFADE0EAC4B2D7AFCB31C95C19762D69292C557101F7E4186476BC351FED350F1F64916F8F45FE519173D7EA8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808FEBC9E127BECC74CFEBC9E127BECC74CC8A3B98CEF963E13990C2A8C0D43343A1F4200C2DD97721400E59767603B2C961C025B93B086C4BD1BD669D9E2FD7CFA8EEECA95EC082E7B2B8B3B20A704A3BB035AFDCA4C286B6DD97E442B1DB3CEA78FEAA53787ED4DF20708A3335FF62896AF2C426DAAE8084296E92FCA7D47A3FD08A074A0E3C085F24468C4E6574053FD3D4C4D30534AB291F0D01DF76530346F43CC1D3E5D0FD1AB7611177387A2017B2AE14739F563C9E371C088665BF8FDA2F0020B6F75F6F3FD96B715060872CF51D668DB9F645F6D74819970BC0BC144EFA5A5AC084F2E6B8281E7BDBF9319267287AF3E74147B83B5EE10D59644BD0C65D6F1745033FB810177FE96B48C142B84675B20381F8A354B6DAD3D827734A0C4DF74D7058CBC41F91CB1276EF7F44AE483653DE1C2716F0D92CE30823D801082810E53556BE17AA0F785F96B7E6035224C95CFDA612D638759A43E0F4F902B48DFF56566836E3ED8F8561F9AED0F5E01180F1980014905FC9FB3F7920F6A09757F358FCE2DFAE43FECD12B6135CF7F7820C4DD264B698F60A754F26C7CA28499CE2A591BE33489A20B7B339AEA0394B281FCE7118F43FE5B983349EE40E5B97A9A064D4B48590C03E8A8D511C61EDC903D5502FB3D229449FB5297E124728D13184FF9D39DC08E9985863107A7AADB26B9BCFD936BE255BAC0858000989D240EDEDD721C4C50F8D04091E9318CC45BB94077AFFBD4780BF439762978AF4CE7D0E861CC80DE06F4C45D1E26B81A206747FD1CF049D569C2701D203C6E9EFA87ED955BA2D18771F34A0452923A9A7F4F7E04989C067150CC5904D5667743397430A9A195D29736A6E6C2295EC7FA3DA74348AA9531CC5BBF10EEB959A11B2AE694CB5C45BB098E86D589F0BD65CAC549ABA3E63FBBB2CAF22A3E464A684984554D870CDA39F644CD05ABCD678B401C4F85D335020C117705EEB948F4C11493013F4D00FEEAA0B9FA96E2B49828B354194EF9D0CA7CF8CAD55B0BDE1413E6B66B046E5FE0E46B62D1E14B71101DA1974C3A1CCA8B59A0C20CA04181EB3850E1DAE8A324B3AE5EC6597164A211BDAB245131230536E7E1729022CE76C0FE051CD870871B2E45A5035D0392BAE3D397CA534EDBB846DABA7E8FF889DBDBABD880B24F1B660A9890C66B892081D31DCB70C261F871B6DECCA3FAF0AB220CF5C83EFBEE3F7B068C93D658AC3790B0C9568ED3ED8F0E08105EAD070C540D2307F3180B6D3D25E678468B3B45E8D6CD7F6932"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(908)
c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll
.
Zeit der Fertigstellung: 2011-12-13  13:38:08
ComboFix-quarantined-files.txt  2011-12-13 12:38
.
Vor Suchlauf: 7 Verzeichnis(se), 11.751.886.848 Bytes frei
Nach Suchlauf: 8 Verzeichnis(se), 11.741.921.280 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINXP
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINXP="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 2AD6BDDDE99901564F1AA9D712F99423
--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:25 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55