Trojaner-Board - Leerlaufprozess bei 95% trotzdem startet jede Anwendung erst nach 2 Min nach dem booten.

Hallo Cosinus,

Kleines Feedback:
1. Der Bootvorgang dauert länger. Besonders der schwarze Bildschirm zwischen Windows-Logo und Desktop-Anzeige.
2. Nach der vollständigen Desktop-Anzeige rattert weiterhin meine Festplatte. Programme starten weiterhin verzögert, aber nicht mehr so lange.

Die Antiviren, Malware etc Programme, die Du mir genannt hattest, habe ich NICHT erneut gestartet. Jedoch wusste ich noch, dass ich beim TDSS-Killer anfänglich 4 Threats hatte, 1 threat wurde behoben.
Ich habe den Killer erneut gestartet.
3 Threats wurde gefunden.

Anbei der log-file.

Grüße

Code:

20:06:36.0734 0404  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

20:06:38.0437 0404  ============================================================

20:06:38.0437 0404  Current date / time: 2013/04/10 20:06:38.0437

20:06:38.0437 0404  SystemInfo:

20:06:38.0437 0404  

20:06:38.0437 0404  OS Version: 5.1.2600 ServicePack: 3.0

20:06:38.0437 0404  Product type: Workstation

20:06:38.0437 0404  ComputerName: MS-PC

20:06:38.0437 0404  UserName: MS

20:06:38.0437 0404  Windows directory: C:\WINDOWS

20:06:38.0437 0404  System windows directory: C:\WINDOWS

20:06:38.0437 0404  Processor architecture: Intel x86

20:06:38.0437 0404  Number of processors: 1

20:06:38.0437 0404  Page size: 0x1000

20:06:38.0437 0404  Boot type: Normal boot

20:06:38.0437 0404  ============================================================

20:06:41.0421 0404  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

20:06:41.0421 0404  ============================================================

20:06:41.0421 0404  \Device\Harddisk0\DR0:

20:06:41.0421 0404  MBR partitions:

20:06:41.0421 0404  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A81400

20:06:41.0453 0404  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4A8147E, BlocksNum 0x44B2C45

20:06:41.0468 0404  \Device\Harddisk0\DR0\Partition3: MBR, Type 0xB, StartLBA 0x8F34102, BlocksNum 0x5DA3BF

20:06:41.0468 0404  ============================================================

20:06:41.0500 0404  D: <-> \Device\Harddisk0\DR0\Partition2

20:06:41.0500 0404  E: <-> \Device\Harddisk0\DR0\Partition3

20:06:41.0562 0404  C: <-> \Device\Harddisk0\DR0\Partition1

20:06:41.0562 0404  ============================================================

20:06:41.0562 0404  Initialize success

20:06:41.0562 0404  ============================================================

20:10:55.0718 1940  ============================================================

20:10:55.0718 1940  Scan started

20:10:55.0718 1940  Mode: Manual; SigCheck; TDLFS; 

20:10:55.0718 1940  ============================================================

20:10:56.0218 1940  ================ Scan system memory ========================

20:10:56.0218 1940  System memory - ok

20:10:56.0234 1940  ================ Scan services =============================

20:10:56.0515 1940  Abiosdsk - ok

20:10:56.0531 1940  abp480n5 - ok

20:10:56.0625 1940  [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc        C:\WINDOWS\system32\drivers\ac97intc.sys

20:10:57.0765 1940  ac97intc - ok

20:10:57.0875 1940  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

20:10:58.0218 1940  ACPI - ok

20:10:58.0281 1940  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

20:10:58.0593 1940  ACPIEC - ok

20:10:58.0750 1940  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

20:10:58.0890 1940  AdobeFlashPlayerUpdateSvc - ok

20:10:58.0906 1940  adpu160m - ok

20:10:58.0984 1940  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

20:10:59.0296 1940  aec - ok

20:10:59.0390 1940  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

20:10:59.0500 1940  AFD - ok

20:10:59.0562 1940  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys

20:10:59.0859 1940  agp440 - ok

20:10:59.0875 1940  Aha154x - ok

20:10:59.0906 1940  aic78u2 - ok

20:10:59.0921 1940  aic78xx - ok

20:10:59.0968 1940  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

20:11:00.0265 1940  Alerter - ok

20:11:00.0312 1940  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe

20:11:00.0578 1940  ALG - ok

20:11:00.0593 1940  AliIde - ok

20:11:00.0609 1940  amsint - ok

20:11:00.0625 1940  AppMgmt - ok

20:11:00.0640 1940  asc - ok

20:11:00.0671 1940  asc3350p - ok

20:11:00.0687 1940  asc3550 - ok

20:11:00.0859 1940  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

20:11:00.0906 1940  aspnet_state - ok

20:11:00.0953 1940  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

20:11:01.0218 1940  AsyncMac - ok

20:11:01.0296 1940  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

20:11:01.0546 1940  atapi - ok

20:11:01.0562 1940  Atdisk - ok

20:11:01.0640 1940  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

20:11:01.0921 1940  Atmarpc - ok

20:11:01.0984 1940  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

20:11:02.0281 1940  AudioSrv - ok

20:11:02.0328 1940  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

20:11:02.0625 1940  audstub - ok

20:11:02.0671 1940  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

20:11:02.0968 1940  Beep - ok

20:11:03.0437 1940  [ 75A51EA67D28E41543B8B354A47DF430 ] BHDrvx86        C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20130322.001\BHDrvx86.sys

20:11:04.0125 1940  BHDrvx86 - ok

20:11:04.0281 1940  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll

20:11:04.0812 1940  BITS - ok

20:11:04.0906 1940  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll

20:11:05.0031 1940  Browser - ok

20:11:05.0093 1940  [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb        C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys

20:11:05.0156 1940  BrScnUsb - ok

20:11:05.0343 1940  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc         C:\Programme\Browny02\BrYNSvc.exe

20:11:05.0468 1940  BrYNSvc ( UnsignedFile.Multi.Generic ) - warning

20:11:05.0468 1940  BrYNSvc - detected UnsignedFile.Multi.Generic (1)

20:11:05.0562 1940  catchme - ok

20:11:05.0625 1940  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

20:11:05.0937 1940  cbidf2k - ok

20:11:05.0953 1940  cd20xrnt - ok

20:11:06.0000 1940  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

20:11:06.0296 1940  Cdaudio - ok

20:11:06.0359 1940  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

20:11:06.0656 1940  Cdfs - ok

20:11:06.0734 1940  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

20:11:07.0015 1940  Cdrom - ok

20:11:07.0031 1940  Changer - ok

20:11:07.0078 1940  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc           C:\WINDOWS\system32\cisvc.exe

20:11:07.0359 1940  cisvc - ok

20:11:07.0500 1940  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

20:11:07.0796 1940  ClipSrv - ok

20:11:07.0921 1940  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:11:08.0171 1940  clr_optimization_v2.0.50727_32 - ok

20:11:08.0250 1940  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:11:08.0406 1940  clr_optimization_v4.0.30319_32 - ok

20:11:08.0421 1940  CmdIde - ok

20:11:08.0437 1940  COMSysApp - ok

20:11:08.0468 1940  Cpqarray - ok

20:11:08.0546 1940  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

20:11:08.0843 1940  CryptSvc - ok

20:11:08.0859 1940  dac2w2k - ok

20:11:08.0890 1940  dac960nt - ok

20:11:09.0062 1940  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

20:11:09.0296 1940  DcomLaunch - ok

20:11:09.0375 1940  [ 4BB22F61E7257ED353A39130B3ED2461 ] DefragFS        C:\WINDOWS\system32\drivers\DefragFS.sys

20:11:09.0453 1940  DefragFS - ok

20:11:09.0546 1940  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

20:11:09.0890 1940  Dhcp - ok

20:11:09.0906 1940  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

20:11:10.0171 1940  Disk - ok

20:11:10.0187 1940  dmadmin - ok

20:11:10.0468 1940  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

20:11:11.0187 1940  dmboot - ok

20:11:11.0265 1940  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

20:11:11.0562 1940  dmio - ok

20:11:11.0609 1940  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

20:11:11.0890 1940  dmload - ok

20:11:11.0953 1940  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll

20:11:12.0234 1940  dmserver - ok

20:11:12.0281 1940  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

20:11:12.0546 1940  DMusic - ok

20:11:12.0625 1940  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

20:11:12.0812 1940  Dnscache - ok

20:11:12.0906 1940  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

20:11:13.0187 1940  Dot3svc - ok

20:11:13.0203 1940  dpti2o - ok

20:11:13.0265 1940  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

20:11:13.0531 1940  drmkaud - ok

20:11:13.0578 1940  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll

20:11:13.0875 1940  EapHost - ok

20:11:14.0078 1940  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys

20:11:14.0343 1940  eeCtrl - ok

20:11:14.0406 1940  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

20:11:14.0453 1940  EraserUtilRebootDrv - ok

20:11:14.0500 1940  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll

20:11:14.0796 1940  ERSvc - ok

20:11:14.0875 1940  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe

20:11:14.0921 1940  Eventlog - ok

20:11:15.0062 1940  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\System32\es.dll

20:11:15.0203 1940  EventSystem - ok

20:11:15.0281 1940  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

20:11:15.0578 1940  Fastfat - ok

20:11:15.0687 1940  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

20:11:15.0796 1940  FastUserSwitchingCompatibility - ok

20:11:15.0859 1940  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

20:11:16.0109 1940  Fdc - ok

20:11:16.0171 1940  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

20:11:16.0437 1940  Fips - ok

20:11:16.0484 1940  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

20:11:16.0750 1940  Flpydisk - ok

20:11:16.0828 1940  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

20:11:17.0109 1940  FltMgr - ok

20:11:17.0203 1940  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

20:11:17.0265 1940  FontCache3.0.0.0 - ok

20:11:17.0312 1940  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

20:11:17.0562 1940  Fs_Rec - ok

20:11:17.0640 1940  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

20:11:18.0000 1940  Ftdisk - ok

20:11:18.0031 1940  [ 065639773D8B03F33577F6CDAEA21063 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys

20:11:18.0265 1940  gameenum - ok

20:11:18.0328 1940  [ 5AE3A887ECE5BBB72CFAB273C2FD1CFA ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

20:11:18.0406 1940  GEARAspiWDM - ok

20:11:18.0468 1940  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

20:11:18.0750 1940  Gpc - ok

20:11:18.0984 1940  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

20:11:19.0234 1940  helpsvc - ok

20:11:19.0250 1940  HidServ - ok

20:11:19.0312 1940  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

20:11:19.0578 1940  hkmsvc - ok

20:11:19.0593 1940  hpn - ok

20:11:19.0609 1940  hpt3xx - ok

20:11:19.0765 1940  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

20:11:19.0937 1940  HTTP - ok

20:11:19.0984 1940  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

20:11:20.0250 1940  HTTPFilter - ok

20:11:20.0250 1940  i2omgmt - ok

20:11:20.0265 1940  i2omp - ok

20:11:20.0328 1940  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

20:11:20.0593 1940  i8042prt - ok

20:11:20.0937 1940  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

20:11:21.0609 1940  idsvc - ok

20:11:21.0906 1940  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20130406.002\IDSxpx86.sys

20:11:22.0015 1940  IDSxpx86 - ok

20:11:22.0062 1940  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

20:11:22.0328 1940  Imapi - ok

20:11:22.0421 1940  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe

20:11:22.0734 1940  ImapiService - ok

20:11:22.0750 1940  ini910u - ok

20:11:22.0812 1940  [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys

20:11:23.0062 1940  IntelIde - ok

20:11:23.0125 1940  [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys

20:11:23.0500 1940  ip6fw - ok

20:11:23.0546 1940  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

20:11:23.0859 1940  IpFilterDriver - ok

20:11:23.0890 1940  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

20:11:24.0156 1940  IpInIp - ok

20:11:24.0234 1940  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

20:11:24.0640 1940  IpNat - ok

20:11:24.0687 1940  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

20:11:24.0953 1940  IPSec - ok

20:11:25.0000 1940  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

20:11:25.0250 1940  IRENUM - ok

20:11:25.0296 1940  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

20:11:25.0671 1940  isapnp - ok

20:11:25.0828 1940  [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe

20:11:25.0875 1940  JavaQuickStarterService - ok

20:11:25.0890 1940  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

20:11:26.0156 1940  Kbdclass - ok

20:11:26.0250 1940  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

20:11:26.0546 1940  kmixer - ok

20:11:26.0625 1940  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

20:11:26.0796 1940  KSecDD - ok

20:11:26.0875 1940  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

20:11:26.0984 1940  lanmanserver - ok

20:11:27.0078 1940  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

20:11:27.0187 1940  lanmanworkstation - ok

20:11:27.0203 1940  lbrtfdc - ok

20:11:27.0281 1940  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

20:11:27.0531 1940  LmHosts - ok

20:11:27.0578 1940  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

20:11:27.0875 1940  Messenger - ok

20:11:27.0921 1940  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

20:11:28.0187 1940  mnmdd - ok

20:11:28.0234 1940  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe

20:11:28.0484 1940  mnmsrvc - ok

20:11:28.0562 1940  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

20:11:28.0828 1940  Modem - ok

20:11:28.0875 1940  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

20:11:29.0125 1940  Mouclass - ok

20:11:29.0171 1940  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

20:11:29.0437 1940  MountMgr - ok

20:11:29.0765 1940  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

20:11:29.0859 1940  MozillaMaintenance - ok

20:11:29.0875 1940  mraid35x - ok

20:11:29.0953 1940  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

20:11:30.0281 1940  MRxDAV - ok

20:11:30.0453 1940  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

20:11:30.0781 1940  MRxSmb - ok

20:11:30.0812 1940  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\System32\msdtc.exe

20:11:31.0078 1940  MSDTC - ok

20:11:31.0140 1940  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

20:11:31.0390 1940  Msfs - ok

20:11:31.0406 1940  MSIServer - ok

20:11:31.0453 1940  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

20:11:31.0734 1940  MSKSSRV - ok

20:11:31.0750 1940  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

20:11:32.0015 1940  MSPCLOCK - ok

20:11:32.0046 1940  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

20:11:32.0328 1940  MSPQM - ok

20:11:32.0375 1940  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

20:11:32.0640 1940  mssmbios - ok

20:11:32.0687 1940  [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401       C:\WINDOWS\system32\drivers\msmpu401.sys

20:11:33.0000 1940  ms_mpu401 - ok

20:11:33.0078 1940  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

20:11:33.0234 1940  Mup - ok

20:11:33.0406 1940  [ E78A365CC3E0FBFC018A33DCE01909F8 ] N360            C:\Programme\Norton 360\Engine\5.2.2.3\ccSvcHst.exe

20:11:33.0453 1940  N360 - ok

20:11:33.0703 1940  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll

20:11:34.0156 1940  napagent - ok

20:11:34.0421 1940  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130410.003\NAVENG.SYS

20:11:34.0453 1940  NAVENG - ok

20:11:34.0984 1940  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130410.003\NAVEX15.SYS

20:11:35.0515 1940  NAVEX15 - ok

20:11:35.0609 1940  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

20:11:35.0937 1940  NDIS - ok

20:11:35.0984 1940  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

20:11:36.0062 1940  NdisTapi - ok

20:11:36.0125 1940  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

20:11:36.0375 1940  Ndisuio - ok

20:11:36.0437 1940  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:11:36.0734 1940  NdisWan - ok

20:11:36.0781 1940  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

20:11:36.0859 1940  NDProxy - ok

20:11:36.0906 1940  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

20:11:37.0234 1940  NetBIOS - ok

20:11:37.0343 1940  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

20:11:37.0671 1940  NetBT - ok

20:11:37.0859 1940  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe

20:11:38.0265 1940  NetDDE - ok

20:11:38.0328 1940  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

20:11:39.0171 1940  NetDDEdsdm - ok

20:11:39.0218 1940  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe

20:11:39.0453 1940  Netlogon - ok

20:11:39.0578 1940  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll

20:11:39.0937 1940  Netman - ok

20:11:40.0015 1940  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

20:11:40.0109 1940  NetTcpPortSharing - ok

20:11:40.0234 1940  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll

20:11:40.0328 1940  Nla - ok

20:11:40.0406 1940  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess       C:\Programme\CDBurnerXP\NMSAccessU.exe

20:11:40.0468 1940  NMSAccess - ok

20:11:40.0515 1940  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

20:11:40.0765 1940  Npfs - ok

20:11:41.0000 1940  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

20:11:41.0515 1940  Ntfs - ok

20:11:41.0546 1940  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe

20:11:41.0859 1940  NtLmSsp - ok

20:11:42.0140 1940  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

20:11:42.0593 1940  NtmsSvc - ok

20:11:42.0625 1940  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

20:11:42.0875 1940  Null - ok

20:11:43.0500 1940  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

20:11:44.0906 1940  nv - ok

20:11:45.0171 1940  [ 4D31783965B0B7CED7DB3F4EE14CF260 ] nv4             C:\WINDOWS\system32\DRIVERS\nv4.sys

20:11:45.0843 1940  nv4 - ok

20:11:45.0875 1940  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

20:11:46.0187 1940  NwlnkFlt - ok

20:11:46.0218 1940  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

20:11:46.0515 1940  NwlnkFwd - ok

20:11:46.0562 1940  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

20:11:46.0859 1940  Parport - ok

20:11:46.0921 1940  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

20:11:47.0156 1940  PartMgr - ok

20:11:47.0203 1940  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

20:11:47.0484 1940  ParVdm - ok

20:11:47.0531 1940  [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

20:11:47.0609 1940  pccsmcfd - ok

20:11:47.0671 1940  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

20:11:47.0953 1940  PCI - ok

20:11:47.0953 1940  PCIDump - ok

20:11:47.0984 1940  PCIIde - ok

20:11:48.0046 1940  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

20:11:48.0281 1940  Pcmcia - ok

20:11:48.0859 1940  [ 5F422A3DBF7E7E791F182ACA06D8FD0F ] PDAgent         C:\Programme\PerfectDisk_11_Pro\PDAgent.exe

20:11:49.0796 1940  PDAgent - ok

20:11:49.0828 1940  PDCOMP - ok

20:11:50.0281 1940  [ C88664DC38694D2F39C0F39F426CBF77 ] PDEngine        C:\Programme\PerfectDisk_11_Pro\PDEngine.exe

20:11:51.0203 1940  PDEngine - ok

20:11:51.0218 1940  PDFRAME - ok

20:11:51.0234 1940  PDRELI - ok

20:11:51.0250 1940  PDRFRAME - ok

20:11:51.0265 1940  perc2 - ok

20:11:51.0281 1940  perc2hib - ok

20:11:51.0375 1940  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe

20:11:51.0406 1940  PlugPlay - ok

20:11:51.0437 1940  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

20:11:51.0656 1940  PolicyAgent - ok

20:11:51.0734 1940  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

20:11:52.0000 1940  PptpMiniport - ok

20:11:52.0015 1940  PROCEXP150 - ok

20:11:52.0046 1940  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

20:11:52.0265 1940  ProtectedStorage - ok

20:11:52.0312 1940  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

20:11:52.0562 1940  PSched - ok

20:11:52.0593 1940  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

20:11:52.0890 1940  Ptilink - ok

20:11:52.0906 1940  ql1080 - ok

20:11:52.0921 1940  Ql10wnt - ok

20:11:52.0937 1940  ql12160 - ok

20:11:52.0953 1940  ql1240 - ok

20:11:52.0984 1940  ql1280 - ok

20:11:53.0015 1940  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

20:11:53.0296 1940  RasAcd - ok

20:11:53.0375 1940  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

20:11:53.0625 1940  RasAuto - ok

20:11:53.0687 1940  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

20:11:53.0968 1940  Rasl2tp - ok

20:11:54.0078 1940  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll

20:11:54.0375 1940  RasMan - ok

20:11:54.0421 1940  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

20:11:54.0671 1940  RasPppoe - ok

20:11:54.0703 1940  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

20:11:55.0015 1940  Raspti - ok

20:11:55.0093 1940  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

20:11:55.0375 1940  Rdbss - ok

20:11:55.0421 1940  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

20:11:55.0687 1940  RDPCDD - ok

20:11:55.0812 1940  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

20:11:55.0937 1940  RDPWD - ok

20:11:56.0015 1940  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

20:11:56.0296 1940  RDSessMgr - ok

20:11:56.0343 1940  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

20:11:56.0609 1940  redbook - ok

20:11:56.0656 1940  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

20:11:56.0968 1940  RemoteAccess - ok

20:11:57.0031 1940  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\System32\locator.exe

20:11:57.0281 1940  RpcLocator - ok

20:11:57.0437 1940  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\System32\rpcss.dll

20:11:57.0578 1940  RpcSs - ok

20:11:57.0656 1940  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\System32\rsvp.exe

20:11:58.0031 1940  RSVP - ok

20:11:58.0078 1940  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

20:11:58.0296 1940  rtl8139 - ok

20:11:58.0343 1940  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe

20:11:58.0578 1940  SamSs - ok

20:11:58.0640 1940  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

20:11:58.0953 1940  SCardSvr - ok

20:11:59.0046 1940  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll

20:11:59.0343 1940  Schedule - ok

20:11:59.0406 1940  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

20:11:59.0640 1940  Secdrv - ok

20:11:59.0703 1940  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll

20:11:59.0968 1940  seclogon - ok

20:12:00.0015 1940  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll

20:12:00.0265 1940  SENS - ok

20:12:00.0312 1940  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

20:12:00.0562 1940  serenum - ok

20:12:00.0609 1940  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

20:12:00.0906 1940  Serial - ok

20:12:01.0203 1940  [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer    C:\Programme\PC Connectivity Solution\ServiceLayer.exe

20:12:01.0687 1940  ServiceLayer - ok

20:12:01.0796 1940  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

20:12:02.0046 1940  Sfloppy - ok

20:12:02.0187 1940  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

20:12:02.0625 1940  SharedAccess - ok

20:12:02.0687 1940  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

20:12:02.0750 1940  ShellHWDetection - ok

20:12:02.0765 1940  Simbad - ok

20:12:02.0796 1940  Sparrow - ok

20:12:02.0828 1940  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

20:12:03.0062 1940  splitter - ok

20:12:03.0125 1940  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

20:12:03.0203 1940  Spooler - ok

20:12:03.0265 1940  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

20:12:03.0515 1940  sr - ok

20:12:03.0593 1940  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll

20:12:03.0937 1940  srservice - ok

20:12:04.0218 1940  [ 83726CF02ECED69138948083E06B6EAC ] SRTSP           C:\WINDOWS\System32\Drivers\N360\0502020.003\SRTSP.SYS

20:12:04.0531 1940  SRTSP - ok

20:12:04.0593 1940  [ 4E7EAB2E5615D39CF1F1DF9C71E5E225 ] SRTSPX          C:\WINDOWS\system32\drivers\N360\0502020.003\SRTSPX.SYS

20:12:04.0640 1940  SRTSPX - ok

20:12:04.0843 1940  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

20:12:05.0140 1940  Srv - ok

20:12:05.0203 1940  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

20:12:05.0468 1940  SSDPSRV - ok

20:12:05.0531 1940  [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys

20:12:05.0562 1940  StarOpen ( UnsignedFile.Multi.Generic ) - warning

20:12:05.0562 1940  StarOpen - detected UnsignedFile.Multi.Generic (1)

20:12:05.0718 1940  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

20:12:06.0218 1940  stisvc - ok

20:12:06.0281 1940  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

20:12:06.0515 1940  swenum - ok

20:12:06.0562 1940  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

20:12:06.0843 1940  swmidi - ok

20:12:06.0859 1940  SwPrv - ok

20:12:06.0984 1940  [ DAEC63566C399E59B91F8993A491D5DB ] SXDS10          C:\Programme\Gemeinsame Dateien\soft Xpansion\SXDS10.exe

20:12:07.0093 1940  SXDS10 ( UnsignedFile.Multi.Generic ) - warning

20:12:07.0093 1940  SXDS10 - detected UnsignedFile.Multi.Generic (1)

20:12:07.0109 1940  symc810 - ok

20:12:07.0125 1940  symc8xx - ok

20:12:07.0265 1940  [ 9BBEB8C6258E72D62E7560E6667AAD39 ] SymDS           C:\WINDOWS\system32\drivers\N360\0502020.003\SYMDS.SYS

20:12:07.0484 1940  SymDS - ok

20:12:07.0765 1940  [ D5C02629C02A820A7E71BCA3D44294A3 ] SymEFA          C:\WINDOWS\system32\drivers\N360\0502020.003\SYMEFA.SYS

20:12:08.0265 1940  SymEFA - ok

20:12:08.0359 1940  [ AB33C3B196197CA467CBDDA717860DBA ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

20:12:08.0421 1940  SymEvent - ok

20:12:08.0515 1940  [ A73399804D5D4A8B20BA60FCF70C9F1F ] SymIRON         C:\WINDOWS\system32\drivers\N360\0502020.003\Ironx86.SYS

20:12:08.0593 1940  SymIRON - ok

20:12:08.0781 1940  [ 336CACE58F0359D5CBB1AE6B8A2FB205 ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\0502020.003\SYMTDI.SYS

20:12:09.0031 1940  SYMTDI - ok

20:12:09.0046 1940  sym_hi - ok

20:12:09.0062 1940  sym_u3 - ok

20:12:09.0140 1940  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

20:12:09.0406 1940  sysaudio - ok

20:12:09.0453 1940  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

20:12:09.0750 1940  SysmonLog - ok

20:12:10.0140 1940  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

20:12:10.0468 1940  TapiSrv - ok

20:12:10.0609 1940  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

20:12:10.0875 1940  Tcpip - ok

20:12:10.0921 1940  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

20:12:11.0156 1940  TDPIPE - ok

20:12:11.0203 1940  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

20:12:11.0421 1940  TDTCP - ok

20:12:11.0484 1940  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

20:12:11.0734 1940  TermDD - ok

20:12:11.0875 1940  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll

20:12:12.0218 1940  TermService - ok

20:12:12.0296 1940  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll

20:12:12.0328 1940  Themes - ok

20:12:12.0343 1940  TosIde - ok

20:12:12.0437 1940  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll

20:12:12.0687 1940  TrkWks - ok

20:12:12.0781 1940  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

20:12:13.0062 1940  Udfs - ok

20:12:13.0078 1940  ultra - ok

20:12:13.0359 1940  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

20:12:13.0812 1940  Update - ok

20:12:13.0953 1940  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll

20:12:14.0265 1940  upnphost - ok

20:12:14.0312 1940  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe

20:12:14.0546 1940  UPS - ok

20:12:14.0609 1940  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

20:12:14.0890 1940  usbccgp - ok

20:12:14.0953 1940  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

20:12:15.0203 1940  usbhub - ok

20:12:15.0234 1940  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

20:12:15.0468 1940  usbprint - ok

20:12:15.0515 1940  [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser          C:\WINDOWS\system32\drivers\usbser.sys

20:12:15.0750 1940  usbser - ok

20:12:15.0812 1940  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

20:12:16.0062 1940  USBSTOR - ok

20:12:16.0109 1940  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

20:12:16.0359 1940  usbuhci - ok

20:12:16.0406 1940  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

20:12:16.0625 1940  VgaSave - ok

20:12:16.0640 1940  ViaIde - ok

20:12:16.0703 1940  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

20:12:16.0984 1940  VolSnap - ok

20:12:17.0109 1940  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe

20:12:17.0437 1940  VSS - ok

20:12:17.0515 1940  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll

20:12:17.0859 1940  W32Time - ok

20:12:17.0906 1940  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:12:18.0171 1940  Wanarp - ok

20:12:18.0359 1940  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys

20:12:18.0671 1940  Wdf01000 - ok

20:12:18.0687 1940  WDICA - ok

20:12:18.0765 1940  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

20:12:19.0078 1940  wdmaud - ok

20:12:19.0156 1940  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll

20:12:19.0406 1940  WebClient - ok

20:12:19.0562 1940  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

20:12:19.0890 1940  winmgmt - ok

20:12:19.0968 1940  [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll

20:12:20.0203 1940  WmdmPmSN - ok

20:12:20.0296 1940  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe

20:12:20.0562 1940  WmiApSrv - ok

20:12:20.0921 1940  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

20:12:21.0421 1940  WPFFontCache_v0400 - ok

20:12:21.0484 1940  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys

20:12:21.0765 1940  WS2IFSL - ok

20:12:21.0906 1940  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

20:12:22.0156 1940  wscsvc - ok

20:12:22.0203 1940  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

20:12:22.0437 1940  wuauserv - ok

20:12:22.0640 1940  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

20:12:23.0218 1940  WZCSVC - ok

20:12:23.0296 1940  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

20:12:23.0562 1940  xmlprov - ok

20:12:23.0578 1940  ================ Scan global ===============================

20:12:23.0656 1940  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll

20:12:23.0812 1940  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll

20:12:24.0046 1940  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll

20:12:24.0109 1940  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe

20:12:24.0109 1940  [Global] - ok

20:12:24.0109 1940  ================ Scan MBR ==================================

20:12:24.0156 1940  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

20:12:24.0562 1940  \Device\Harddisk0\DR0 - ok

20:12:24.0562 1940  ================ Scan VBR ==================================

20:12:24.0578 1940  [ 9A345D0CA7625E8B638D31A135AB55E1 ] \Device\Harddisk0\DR0\Partition1

20:12:24.0578 1940  \Device\Harddisk0\DR0\Partition1 - ok

20:12:24.0593 1940  [ 73E3C56B81359A0D4D2EE35BEE3A0353 ] \Device\Harddisk0\DR0\Partition2

20:12:24.0593 1940  \Device\Harddisk0\DR0\Partition2 - ok

20:12:24.0625 1940  [ 209C7526185E9815D1153D8C69E0D12E ] \Device\Harddisk0\DR0\Partition3

20:12:24.0625 1940  \Device\Harddisk0\DR0\Partition3 - ok

20:12:24.0640 1940  ============================================================

20:12:24.0640 1940  Scan finished

20:12:24.0640 1940  ============================================================

20:12:24.0765 2356  Detected object count: 3

20:12:24.0765 2356  Actual detected object count: 3

20:13:10.0796 2356  BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user

20:13:10.0796 2356  BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:13:10.0812 2356  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user

20:13:10.0812 2356  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:13:10.0812 2356  SXDS10 ( UnsignedFile.Multi.Generic ) - skipped by user

20:13:10.0812 2356  SXDS10 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Guten Abend Cosinus,

OTL lief problemlos durch.

Grüße

OTL Logfile:

Code:

OTL logfile created on: 16.04.2013 19:40:08 - Run 4

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\MS\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,25 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 62,40% Memory free

2,98 Gb Paging File | 2,70 Gb Available in Paging File | 90,58% Paging File free

Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 37,25 Gb Total Space | 21,08 Gb Free Space | 56,59% Space Free | Partition Type: NTFS

Drive D: | 34,35 Gb Total Space | 4,97 Gb Free Space | 14,48% Space Free | Partition Type: NTFS

Drive E: | 2,92 Gb Total Space | 1,56 Gb Free Space | 53,40% Space Free | Partition Type: FAT32

 

Computer Name: MS-PC | User Name: MS | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\MS\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)

PRC - C:\Programme\Norton 360\Engine\5.2.2.3\ccsvchst.exe (Symantec Corporation)

PRC - C:\Programme\PerfectDisk_11_Pro\PDAgent.exe (Raxco Software, Inc.)

PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Programme\CDBurnerXP\NMSAccessU.exe ()

 

 
 ========== Services (SafeList) ==========

 

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)

SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (N360) -- C:\Programme\Norton 360\Engine\5.2.2.3\ccSvcHst.exe (Symantec Corporation)

SRV - (PDAgent) -- C:\Programme\PerfectDisk_11_Pro\PDAgent.exe (Raxco Software, Inc.)

SRV - (PDEngine) -- C:\Programme\PerfectDisk_11_Pro\PDEngine.exe (Raxco Software, Inc.)

SRV - (NMSAccess) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()

SRV - (BrYNSvc) -- C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)

SRV - (SXDS10) -- C:\Programme\Gemeinsame Dateien\soft Xpansion\SXDS10.exe (soft Xpansion)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (PROCEXP150) -- C:\WINDOWS\system32\Drivers\PROCEXP150.SYS File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (catchme) -- C:\DOKUME~1\MS\LOKALE~1\Temp\catchme.sys File not found

DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130416.003\NAVEX15.SYS (Symantec Corporation)

DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20130416.003\NAVENG.SYS (Symantec Corporation)

DRV - (BHDrvx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20130322.001\BHDrvx86.sys (Symantec Corporation)

DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20130413.001\IDSXpx86.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)

DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\N360\0502020.003\symtdi.sys (Symantec Corporation)

DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\N360\0502020.003\srtsp.sys (Symantec Corporation)

DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\N360\0502020.003\srtspx.sys (Symantec Corporation)

DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\N360\0502020.003\symefa.sys (Symantec Corporation)

DRV - (SymDS) -- C:\WINDOWS\system32\drivers\N360\0502020.003\symds.sys (Symantec Corporation)

DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\N360\0502020.003\ironx86.sys (Symantec Corporation)

DRV - (DefragFS) -- C:\WINDOWS\System32\drivers\DefragFs.sys (Raxco Software, Inc.)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)

DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)

DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)

DRV - (nv4) -- C:\WINDOWS\system32\drivers\nv4.sys (NVIDIA Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search

 

 

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\..\SearchScopes\{FB909426-9B52-425D-8336-755FB1C8F597}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}

IE - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.7

FF - prefs.js..extensions.enabledAddons: %7Bc50ca3c4-5656-43c2-a061-13e717f73fc8%7D:4.2.5

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012.02.11 14:17:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2 [2013.04.16 19:26:31 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2012.10.01 19:25:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.04.11 21:10:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.03.08 17:18:30 | 000,000,000 | ---D | M]

 

[2013.04.11 21:11:09 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Mozilla\Extensions

[2013.04.14 11:10:35 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Mozilla\Firefox\Profiles\5o4vc4ds.default\extensions

[2013.04.13 18:57:32 | 000,275,665 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Mozilla\Firefox\Profiles\5o4vc4ds.default\extensions\artur.dubovoy@gmail.com.xpi

[2013.04.14 11:10:35 | 000,316,778 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Mozilla\Firefox\Profiles\5o4vc4ds.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi

[2013.04.11 21:10:35 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2013.03.08 17:18:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2010.10.12 21:28:08 | 000,002,027 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\McSiteAdvisor.xml

[2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2013.04.05 20:49:20 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)

O3 - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 67108863

O7 - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O15 - HKU\S-1-5-21-1060284298-1647877149-682003330-1004\..Trusted Domains:   ([]msn in My Computer)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1357406469017 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C94311B-E53A-4875-BFA2-CDC8B70F1F17}: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010.07.07 13:59:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (PDBoot.exe)

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.04.15 18:54:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData

[2013.04.15 18:23:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Desktop\Scans 2013-04-15

[2013.04.15 18:13:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MS\Desktop\OTL.exe

[2013.04.14 11:08:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Desktop\fast_video_download-4.2.5-fx

[2013.04.13 18:01:58 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Connect 2

[2013.04.13 17:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF

[2013.04.12 18:22:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Lokale Einstellungen\Anwendungsdaten\FastStone

[2013.04.12 18:22:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\FastStone

[2013.04.12 18:21:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FastStone Capture

[2013.04.12 18:21:23 | 000,000,000 | ---D | C] -- C:\Programme\FastStone Capture

[2013.04.11 21:10:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Mozilla

[2013.04.09 18:50:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Desktop\Scans_2013-04-09

[2013.04.08 19:10:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2013.04.07 19:53:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Desktop\Scans_2013-04-07

[2013.04.07 18:59:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2013.04.07 18:59:13 | 000,000,000 | ---D | C] -- C:\JRT

[2013.04.05 20:33:47 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2013.04.05 20:30:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2013.04.05 20:30:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2013.04.05 20:30:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2013.04.05 20:30:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2013.04.05 20:29:59 | 000,000,000 | ---D | C] -- C:\ComboFix

[2013.04.05 20:24:08 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013.04.05 20:21:57 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos

[2013.04.05 20:21:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\MS\Startmenü\Programme\Verwaltung

[2013.04.05 20:19:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt

[2013.04.05 20:16:13 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW

[2013.04.05 19:58:34 | 005,047,274 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\MS\Desktop\ComboFix.exe

[2013.04.04 18:26:05 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2013.04.04 18:10:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Desktop\Scans_2013-04-04

[2013.04.03 14:29:14 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\MS\Recent

[2013.04.02 23:34:27 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\MS\Desktop\aswMBR.exe

[2013.04.02 21:57:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Desktop\Scans_2013-03-31

[2013.04.01 11:57:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PDF Architect

[2013.03.31 13:06:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Malwarebytes

[2013.03.31 13:02:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2013.03.19 22:56:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MS\Desktop\Klavier

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.04.16 19:32:06 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013.04.16 19:26:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013.04.16 19:26:11 | 1341,706,240 | -HS- | M] () -- C:\hiberfil.sys

[2013.04.15 19:13:22 | 000,000,032 | ---- | M] () -- C:\WINDOWS\Menu.INI

[2013.04.15 18:12:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MS\Desktop\OTL.exe

[2013.04.15 18:11:59 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\Defogger.exe

[2013.04.14 11:42:50 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013.04.14 11:39:28 | 000,264,535 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\trojaner board.odt

[2013.04.13 20:08:37 | 000,023,462 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\2013-04-13_Eigen Sekundär Kanal.png

[2013.04.13 20:08:18 | 000,022,894 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\2013-04-13_Eigen Primär Kanal.png

[2013.04.13 19:49:07 | 000,003,083 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\resetdma.vbs

[2013.04.13 18:25:49 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2013.04.13 18:25:49 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2013.04.13 17:56:36 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2013.04.13 17:54:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2013.04.12 19:44:04 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk

[2013.04.12 18:23:13 | 000,022,702 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\Eigenschaften Primär Kanal.png

[2013.04.12 18:21:28 | 000,000,722 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\FastStone Capture.lnk

[2013.04.12 16:39:58 | 000,113,079 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\trojaner board.pdf

[2013.04.11 21:10:42 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2013.04.11 20:45:47 | 000,075,731 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\bookmarks-2013-04-11.json

[2013.04.11 19:28:19 | 000,122,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013.04.07 18:54:06 | 000,613,083 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\adwcleaner.exe

[2013.04.07 18:30:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013.04.05 20:49:20 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2013.04.05 20:34:00 | 000,000,327 | -HS- | M] () -- C:\boot.ini

[2013.04.05 20:03:16 | 005,047,274 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\MS\Desktop\ComboFix.exe

[2013.04.02 23:35:39 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\MS\Desktop\aswMBR.exe

[2013.04.02 20:58:30 | 023,019,081 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\Vollständiger Verlauf.mcf

[2013.03.31 12:32:19 | 000,516,414 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013.03.31 12:32:19 | 000,493,298 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013.03.31 12:32:19 | 000,100,804 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013.03.31 12:32:19 | 000,083,946 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013.03.26 20:24:46 | 000,377,856 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\gmer_2.1.19155.exe

[2013.03.25 09:39:58 | 003,696,577 | ---- | M] () -- C:\Dokumente und Einstellungen\MS\Desktop\20110420hse.pdf

[2013.03.20 18:11:03 | 000,002,224 | ---- | M] () -- C:\{3D5ACB3C-9197-41E7-8EEF-79C6862ABAFC}

[2013.03.20 18:07:27 | 000,002,672 | ---- | M] () -- C:\{3A81EAD9-C923-4731-89E1-269CCB30A1B5}

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.04.15 19:13:22 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI

[2013.04.15 18:13:19 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\Defogger.exe

[2013.04.13 20:08:37 | 000,023,462 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\2013-04-13_Eigen Sekundär Kanal.png

[2013.04.13 20:08:18 | 000,022,894 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\2013-04-13_Eigen Primär Kanal.png

[2013.04.13 19:49:04 | 000,003,083 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\resetdma.vbs

[2013.04.13 18:03:56 | 000,000,768 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Startmenü\Programme\Windows Media Player.lnk

[2013.04.13 17:54:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2013.04.13 16:30:58 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013.04.12 18:29:34 | 003,696,577 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\20110420hse.pdf

[2013.04.12 18:23:12 | 000,022,702 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\Eigenschaften Primär Kanal.png

[2013.04.12 18:21:28 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\FastStone Capture.lnk

[2013.04.12 16:39:57 | 000,113,079 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\trojaner board.pdf

[2013.04.12 16:39:32 | 000,264,535 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\trojaner board.odt

[2013.04.11 21:10:42 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2013.04.11 21:10:41 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk

[2013.04.11 20:45:47 | 000,075,731 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\bookmarks-2013-04-11.json

[2013.04.10 23:15:57 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2013.04.07 18:53:44 | 000,613,083 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\adwcleaner.exe

[2013.04.05 20:34:00 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2013.04.05 20:33:54 | 000,262,448 | RHS- | C] () -- C:\cmldr

[2013.04.05 20:30:35 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2013.04.05 20:30:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2013.04.05 20:30:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2013.04.05 20:30:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2013.04.05 20:30:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2013.04.02 20:57:46 | 023,019,081 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\Vollständiger Verlauf.mcf

[2013.03.26 20:24:45 | 000,377,856 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Desktop\gmer_2.1.19155.exe

[2013.03.20 18:11:01 | 000,002,224 | ---- | C] () -- C:\{3D5ACB3C-9197-41E7-8EEF-79C6862ABAFC}

[2013.03.20 18:07:27 | 000,002,672 | ---- | C] () -- C:\{3A81EAD9-C923-4731-89E1-269CCB30A1B5}

[2013.03.09 18:20:33 | 000,000,537 | ---- | C] () -- C:\WINDOWS\wiso.ini

[2013.02.02 17:50:42 | 000,000,221 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini

[2013.02.02 17:50:42 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini

[2013.02.02 17:49:57 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI

[2013.02.02 17:48:49 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10A.DAT

[2013.02.02 17:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat

[2012.02.24 19:20:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011.12.28 18:09:52 | 000,000,045 | ---- | C] () -- C:\WINDOWS\tkkg_6.ini

[2011.11.23 23:04:09 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll

[2011.11.09 21:17:20 | 002,681,344 | ---- | C] () -- C:\WINDOWS\System32\dvmsg.dll

[2011.09.27 18:42:28 | 000,000,457 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\clipdat2.rdf

[2011.01.26 19:41:04 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

[2011.01.26 19:35:58 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

[2010.07.07 14:10:10 | 000,007,680 | ---- | C] () -- C:\Dokumente und Einstellungen\MS\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 
 ========== ZeroAccess Check ==========

 

[2011.01.12 21:17:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
 ========== LOP Check ==========

 

[2011.06.11 19:53:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV

[2013.03.09 18:25:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH

[2010.09.07 20:41:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited

[2010.11.03 11:40:49 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ

[2012.10.01 19:21:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations

[2012.01.29 14:43:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware

[2011.11.30 21:17:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX

[2011.09.05 20:10:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite

[2011.09.29 20:54:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCSettings

[2013.04.01 11:57:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PDF Architect

[2011.09.07 19:43:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\soft Xpansion

[2013.01.05 19:48:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\APP_NAME_NON_STRING

[2011.04.08 20:10:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Auslogics

[2013.03.09 18:17:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Buhl Data Service

[2010.09.07 20:41:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Canneverbe Limited

[2011.08.18 21:16:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\EurekaLog

[2010.09.07 22:07:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\eXPert PDF Editor

[2011.01.12 21:24:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Greenshot

[2011.12.05 20:04:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\IObit

[2012.01.29 14:42:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Lexware

[2011.11.23 23:11:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\MAGIX

[2012.05.05 20:32:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Nokia

[2010.07.09 22:20:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\OpenOffice.org

[2012.05.05 20:52:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\PC Suite

[2013.01.08 19:20:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\PDF Architect

[2011.11.28 21:55:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\streamWriter

[2011.11.09 21:59:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\Tobit

[2012.06.18 19:09:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\wtxpcom

[2012.01.06 22:11:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MS\Anwendungsdaten\XnView

 
 ========== Purity Check ==========

 

 
 

< End of report >

--- --- ---

[/CODE]

Hallo Cosinus,

habe noch vergessen zu sagen, dass nur 1 LOG-file erstellt worden ist.