Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Logfile zu Google-Umleitung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 23.01.2012, 17:27   #1
Wasp793
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



Hallo,

habe das bekannte Problem mit der Umleitung auf Werbeseiten wenn ich über Google, Bing etc. was suche und auf den Link klicke.

Hier das Logfile von Hijack This:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:43, on 23.01.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\ICQ7.5\ICQ.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\David\Desktop\HiJackThis204.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Steam] "D:\Stream\Steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 5476 bytes

Hoffe auf eure Hilfe!

Alt 23.01.2012, 17:38   #2
markusg
/// Malware-holic
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 23.01.2012, 18:30   #3
Wasp793
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



So hier kommts:

Extras:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.01.2012 18:15:48 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\David\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 74,53% Memory free
7,00 Gb Paging File | 5,91 Gb Available in Paging File | 84,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 56,14 Gb Total Space | 2,02 Gb Free Space | 3,59% Space Free | Partition Type: NTFS
Drive D: | 292,43 Gb Total Space | 254,33 Gb Free Space | 86,97% Space Free | Partition Type: NTFS
Drive S: | 117,19 Gb Total Space | 86,56 Gb Free Space | 73,87% Space Free | Partition Type: NTFS
 
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{05CAF469-9765-8FBF-10AD-FD621091824A}" = CCC Help English
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.2 Build #3143 Banner Remover 1.1
"{1808A2AC-DB66-6B80-9340-F6476390CB18}" = AMD Drag and Drop Transcoding
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{26D4FB2E-BA55-3E2C-CC6F-97D6A0A74306}" = AMD Fuel
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3A8DED06-80E7-4555-AA1F-FF4A2A4D353C}" = Aerosoft's - DHC-6 Twin Otter X
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1D0591-14F7-736E-143A-62DC3E552A1A}" = Catalyst Control Center InstallProxy
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{6F64A42C-6D93-6788-EB4F-07CC066DE194}" = Catalyst Control Center Graphics Previews Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76D1FBEB-FBBF-0D1E-BB0A-CAA0D19E2C7F}" = ccc-utility
"{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8D8B8115-40C1-A707-B7DA-599514076A81}" = AMD VISION Engine Control Center
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A716BE0A-331D-4603-9E70-319153D1943F}_is1" = Mafia 2
"{A942958E-AF92-7901-861B-7F373A1B6ABA}" = AMD Catalyst Install Manager
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E29CFB36-F070-4612-8DB5-7038161B6294}" = O&O Defrag Free Edition
"{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}" = Microsoft Flight Simulator X Service Pack 2
"{F01F90DD-10AD-4230-A501-3419FAE06ACA}" = MyWorld Complete
"{F48756D1-A348-2DA5-B59B-DF39F293F750}" = AMD Media Foundation Decoders
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Boeing 737 Fuel Planner 1.5" = Boeing 737 Fuel Planner 1.5
"CCleaner" = CCleaner
"Classics Hangar Fw 190 A, die frühen Baureihen 2.0" = Classics Hangar Fw 190 A, die frühen Baureihen 2.0
"Classics Hangar Fw 190 A, die späten Baureihen" = Classics Hangar Fw 190 A, die späten Baureihen
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.93
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"IrfanView" = IrfanView (remove only)
"IvAe_is1" = The Eye v1.0.8 (b367)
"Lexmark 1200 Series" = Lexmark 1200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SkyTest® BU-Trainingssoftware_is1" = SkyTest® BU-Trainingssoftware 2.3
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"StarCraft II" = StarCraft II
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player 1.1.0
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Flight1 ATR 72-500 for FSX (Includes SP1)" = Flight1 ATR 72-500 for FSX (Includes SP1)re.exe
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 20.11.2011 12:03:25 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fs9.exe, Version: 9.1.0.40901, Zeitstempel:
 0x4135a208  Name des fehlerhaften Moduls: MFC70.DLL, Version: 7.0.9466.0, Zeitstempel:
 0x3c36f60b  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000f0e7  ID des fehlerhaften Prozesses:
 0x8e0  Startzeit der fehlerhaften Anwendung: 0x01cca79d63089280  Pfad der fehlerhaften
 Anwendung: S:\FS2004\fs9.exe  Pfad des fehlerhaften Moduls: S:\FS2004\MFC70.DLL  Berichtskennung:
 2cfbd200-1391-11e1-b847-001d60c0e463
 
Error - 20.11.2011 12:06:50 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fs9.exe, Version: 9.1.0.40901, Zeitstempel:
 0x4135a208  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften Prozesses:
 0xdc8  Startzeit der fehlerhaften Anwendung: 0x01cca79e40fe0390  Pfad der fehlerhaften
 Anwendung: S:\FS2004\fs9.exe  Pfad des fehlerhaften Moduls: unknown  Berichtskennung:
 a71f8d10-1391-11e1-b847-001d60c0e463
 
Error - 20.11.2011 12:06:54 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fs9.exe, Version: 9.1.0.40901, Zeitstempel:
 0x4135a208  Name des fehlerhaften Moduls: MFC70.DLL, Version: 7.0.9466.0, Zeitstempel:
 0x3c36f60b  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000f0e7  ID des fehlerhaften Prozesses:
 0xdc8  Startzeit der fehlerhaften Anwendung: 0x01cca79e40fe0390  Pfad der fehlerhaften
 Anwendung: S:\FS2004\fs9.exe  Pfad des fehlerhaften Moduls: S:\FS2004\MFC70.DLL  Berichtskennung:
 a9617660-1391-11e1-b847-001d60c0e463
 
Error - 20.11.2011 13:07:11 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fs9.exe, Version: 9.1.0.40901, Zeitstempel:
 0x4135a208  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften Prozesses:
 0xf68  Startzeit der fehlerhaften Anwendung: 0x01cca79eab4580c0  Pfad der fehlerhaften
 Anwendung: S:\FS2004\fs9.exe  Pfad des fehlerhaften Moduls: unknown  Berichtskennung:
 158ea9e0-139a-11e1-b847-001d60c0e463
 
Error - 20.11.2011 15:41:32 | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = Programm wmplayer.exe, Version 12.0.7600.16667 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 8f8    Startzeit: 01cca7bc519d8632    Endzeit: 1441    Anwendungspfad:
 C:\Program Files\Windows Media Player\wmplayer.exe    Berichts-ID: a23851b3-13af-11e1-a7bf-001d60c0e463

 
Error - 23.11.2011 17:45:04 | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16768 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: a9c    Startzeit: 01ccaa1602cc07f0    Endzeit: 60000    Anwendungspfad:
 C:\Windows\Explorer.EXE    Berichts-ID: 39cc7ec1-161c-11e1-93d5-001d60c0e463  
 
Error - 29.11.2011 17:57:34 | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = Programm wmplayer.exe, Version 12.0.7600.16667 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 28c    Startzeit: 01ccaee1dcb16670    Endzeit: 18    Anwendungspfad: 
C:\Program Files\Windows Media Player\wmplayer.exe    Berichts-ID: 22751441-1ad5-11e1-89b8-001d60c0e463

 
Error - 08.12.2011 14:53:34 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LXCZaiox.exe, Version: 1.50.0.0, 
Zeitstempel: 0x45a49f3d  Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7600.16644,
 Zeitstempel: 0x4c4ee5ad  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0023cfda  ID des fehlerhaften
 Prozesses: 0xc8c  Startzeit der fehlerhaften Anwendung: 0x01ccb5d8910ecf20  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Lexmark 1200 Series\LXCZaiox.exe  Pfad des
 fehlerhaften Moduls: C:\Windows\system32\SHELL32.dll  Berichtskennung: edb10070-21cd-11e1-ae55-001d60c0e463
 
Error - 11.12.2011 11:44:33 | Computer Name = David-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\Anno1701\Tools\Tages\DrvSetup_x64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 03.01.2012 11:59:05 | Computer Name = David-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\Anno1701\Tools\Tages\DrvSetup_x64.exe".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ System Events ]
Error - 22.01.2012 13:30:28 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 22.01.2012 13:31:44 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 22.01.2012 14:16:44 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 22.01.2012 14:50:42 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 22.01.2012 14:51:04 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 22.01.2012 14:52:13 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 23.01.2012 12:11:45 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 23.01.2012 12:12:10 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 23.01.2012 12:13:32 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 23.01.2012 12:57:07 | Computer Name = David-PC | Source = WMPNetworkSvc | ID = 866300
Description = 
 
 
< End of report >
         
--- --- ---


OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.01.2012 18:15:48 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\David\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 74,53% Memory free
7,00 Gb Paging File | 5,91 Gb Available in Paging File | 84,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 56,14 Gb Total Space | 2,02 Gb Free Space | 3,59% Space Free | Partition Type: NTFS
Drive D: | 292,43 Gb Total Space | 254,33 Gb Free Space | 86,97% Space Free | Partition Type: NTFS
Drive S: | 117,19 Gb Total Space | 86,56 Gb Free Space | 73,87% Space Free | Partition Type: NTFS
 
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\David\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
PRC - C:\Programme\OO Software\Defrag\oodag.exe (O&O Software GmbH)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Lexmark 1200 Series\LXCZbmgr.exe (Lexmark International, Inc.)
PRC - C:\Programme\Lexmark 1200 Series\LXCZbmon.exe (Lexmark International, Inc.)
PRC - C:\Windows\System32\lxczcoms.exe ( )
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b8ee7bf7d7ac34623238f731b05395a2\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\442eed762e21796e8e497fcd14f1295a\System.Runtime.Remoting.ni.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dabeb21f09f88576c2cce838280c7f44\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\2b0b477db8f5a19d6365b93106b26651\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a5feb05f9283b0e79e0959b5df220130\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\6d859463c9e6a7423ddb335211a79dda\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\fccf285ecdd9091a3f8d5e73d79c3300\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\401a9dbeaad6b6ca70c90ae4fbd2e0b8\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b540398c49e7c32ab58666de7f09f645\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\af091a68303117ca2166aa13bcbfbbd0\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\c0afb5fbfbc7a8d670b430672c5fd578\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\90223e809b1ff291a7f65509702e2fa1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a48e483c6b13da563725d72ec518a0bb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\69adb8f9940fa1330f6f1b706e3dc31e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\2b1af7649e57195b4b85bbf4c5cb7c90\mscorlib.ni.dll ()
MOD - C:\Users\David\AppData\Local\Temp\9b93aee4-5d0f-43c6-98ae-ec0b1e7534ab\CliSecureRT.dll ()
MOD - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (OODefragAgent) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxcz_device) -- C:\Windows\System32\lxczcoms.exe ( )
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (GDPkIcpt) -- C:\Windows\System32\drivers\PktIcpt.sys (G Data Software AG)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (HCW85BDA) -- C:\Windows\System32\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (gfvknt) -- C:\Windows\System32\drivers\gfvknt.sys (GoFlight, Inc.)
DRV - (npusbio) -- C:\Windows\System32\drivers\npusbio.sys (Thesycon GmbH, Germany)
DRV - (SaiH0763) -- C:\Windows\System32\drivers\SaiH0763.sys (Saitek)
DRV - (SaiH0BAC) -- C:\Windows\System32\drivers\SaiH0BAC.sys (Saitek)
DRV - (USBPNPA) -- C:\Windows\System32\drivers\CM108.sys (C-Media Inc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 91 6A DE 32 D9 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {906305f7-aafc-45e9-8bbd-941950a84dad}:1.1.11222.991
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.14 18:11:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.10 20:34:01 | 000,000,000 | ---D | M]
 
[2010.09.18 20:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Extensions
[2010.10.22 16:34:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\fcgehftb.default\extensions
[2010.10.22 15:50:37 | 000,003,915 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fcgehftb.default\searchplugins\sweetim.xml
[2012.01.11 20:26:22 | 000,002,057 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fcgehftb.default\searchplugins\youtube-videosuche.xml
[2011.10.23 17:24:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.08.15 19:35:03 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Programme\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2010.10.28 20:47:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.30 11:21:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.12 22:40:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.16 21:17:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.24 20:15:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.23 17:24:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.08.15 19:35:03 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{906305F7-AAFC-45E9-8BBD-941950A84DAD}
[2010.10.28 20:47:03 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.30 11:21:10 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.12 22:40:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.16 21:17:40 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.24 20:15:33 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.23 17:24:31 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.09.14 22:32:39 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.14 22:32:39 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.09.14 22:32:39 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.09.14 22:32:39 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.14 22:32:39 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.10.22 15:48:58 | 000,001,021 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 ar.atwola.com
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 127.0.0.1 71i.de
O2 - BHO: (no name) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [lxczbmgr.exe] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OODefragTray] C:\Programme\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [Steam] D:\Stream\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34F41EE6-4E29-4426-8CAF-751466165E39}: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{44cf3c0c-265e-11e0-b676-001d60c0e463}\Shell - "" = AutoRun
O33 - MountPoints2\{44cf3c0c-265e-11e0-b676-001d60c0e463}\Shell\AutoRun\command - "" = L:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.23 18:01:14 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012.01.23 17:14:38 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\David\Desktop\HiJackThis204.exe
[2012.01.22 18:33:27 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2012.01.22 18:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.22 18:33:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.22 18:33:21 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.01.22 18:33:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.01.22 18:32:08 | 010,847,608 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\David\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.22 18:26:34 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\tdsskiller
[2012.01.21 14:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2012.01.21 14:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2012.01.14 18:38:52 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\PoWi-Protokolle
[2012.01.11 23:05:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.05 17:12:07 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012.01.05 17:12:04 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\TeamSpeak 3 Client
[2012.01.01 17:37:15 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\ABIVorbereitung
[2010.09.26 15:39:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll
[2010.09.26 15:39:51 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll
[2010.09.26 15:39:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll
[2010.09.26 15:39:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll
[2010.09.26 15:39:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll
[2010.09.26 15:39:51 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll
[2010.09.26 15:39:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll
[2010.09.26 15:39:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll
[2010.09.26 15:39:50 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll
[2010.09.26 15:39:50 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll
[2010.09.26 15:39:50 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll
[2010.09.26 15:39:50 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxczcoms.exe
[2010.09.26 15:39:50 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll
[2010.09.26 15:39:50 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxczih.exe
[2010.09.26 15:39:50 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxczcfg.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.23 18:01:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012.01.23 17:18:34 | 000,014,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.23 17:18:34 | 000,014,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.23 17:14:39 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\David\Desktop\HiJackThis204.exe
[2012.01.23 17:10:50 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\ALNLIIFE.job
[2012.01.23 17:10:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.23 17:10:39 | 2817,433,600 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.22 18:33:23 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.22 18:32:57 | 010,847,608 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\David\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.21 19:44:07 | 000,122,880 | RHS- | M] () -- C:\Windows\System32\he-IL0.dll
[2012.01.21 19:41:59 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.21 19:41:59 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.21 19:41:59 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.21 19:41:59 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.21 19:41:40 | 003,913,348 | ---- | M] () -- C:\Users\David\Desktop\Me gusta.mp3
[2012.01.21 17:45:53 | 001,135,342 | ---- | M] () -- C:\Users\David\Documents\Arbeitstechniken_Schießen.pdf
[2012.01.21 14:37:37 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2012.01.19 14:58:06 | 000,118,520 | ---- | M] () -- C:\Users\David\Desktop\Profil.odt
[2012.01.17 18:35:34 | 000,012,901 | ---- | M] () -- C:\Users\David\Desktop\Erklärung.odt
[2012.01.15 21:58:38 | 001,234,605 | ---- | M] () -- C:\Users\David\Documents\kernphysik.pdf
[2012.01.05 17:12:07 | 000,001,207 | ---- | M] () -- C:\Users\David\Desktop\TeamSpeak 3 Client.lnk
[2012.01.04 19:25:20 | 002,782,011 | ---- | M] () -- C:\Users\David\Desktop\P Stands For Paddy.mp3
[2012.01.04 19:24:12 | 003,347,922 | ---- | M] () -- C:\Users\David\Desktop\Wall Of Folk.mp3
[2011.12.30 12:27:12 | 000,005,632 | ---- | M] () -- C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.28 20:41:00 | 000,034,004 | ---- | M] () -- C:\Users\David\Desktop\flugzeug-sonnenuntergang_596.jpg
 
========== Files Created - No Company Name ==========
 
[2012.01.22 18:33:23 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.21 19:44:07 | 000,122,880 | RHS- | C] () -- C:\Windows\System32\he-IL0.dll
[2012.01.21 19:44:07 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\ALNLIIFE.job
[2012.01.21 18:26:17 | 003,913,348 | ---- | C] () -- C:\Users\David\Desktop\Me gusta.mp3
[2012.01.21 17:45:53 | 001,135,342 | ---- | C] () -- C:\Users\David\Documents\Arbeitstechniken_Schießen.pdf
[2012.01.21 14:37:37 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2012.01.19 14:50:05 | 000,118,520 | ---- | C] () -- C:\Users\David\Desktop\Profil.odt
[2012.01.17 18:35:32 | 000,012,901 | ---- | C] () -- C:\Users\David\Desktop\Erklärung.odt
[2012.01.15 21:58:38 | 001,234,605 | ---- | C] () -- C:\Users\David\Documents\kernphysik.pdf
[2012.01.05 17:12:07 | 000,001,207 | ---- | C] () -- C:\Users\David\Desktop\TeamSpeak 3 Client.lnk
[2012.01.04 18:10:11 | 003,347,922 | ---- | C] () -- C:\Users\David\Desktop\Wall Of Folk.mp3
[2012.01.04 17:56:10 | 002,782,011 | ---- | C] () -- C:\Users\David\Desktop\P Stands For Paddy.mp3
[2011.12.28 20:41:00 | 000,034,004 | ---- | C] () -- C:\Users\David\Desktop\flugzeug-sonnenuntergang_596.jpg
[2011.11.24 12:35:37 | 000,000,080 | ---- | C] () -- C:\Users\David\AppData\Local\X-Plane Installer.prf
[2011.11.10 03:28:32 | 000,204,960 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2011.11.10 03:28:32 | 000,157,152 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2011.11.09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011.11.09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011.11.02 23:09:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\zlib1i.dll
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll
[2011.10.21 20:30:14 | 000,243,168 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.10.03 13:45:21 | 000,083,872 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011.10.03 13:45:05 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011.09.21 08:53:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.08.15 20:46:06 | 000,417,066 | ---- | C] () -- C:\Windows\System32\sig.bin
[2011.06.23 17:21:14 | 000,552,960 | ---- | C] () -- C:\Windows\System32\FS2AUDIO.dll
[2011.05.05 20:49:04 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.05.05 20:31:28 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.02.22 18:55:20 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011.02.22 18:55:20 | 000,042,112 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011.01.30 18:58:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.04 16:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.01.04 16:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.01.04 16:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.01.04 16:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.01.04 16:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.11.04 14:46:30 | 000,286,208 | ---- | C] () -- C:\Windows\System32\binkw32.dll
[2010.11.02 18:01:39 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.dat
[2010.10.31 14:05:48 | 000,005,632 | ---- | C] () -- C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.26 15:40:34 | 000,000,245 | ---- | C] () -- C:\Windows\Lexstat.ini
[2010.09.26 15:39:51 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll
[2010.09.26 15:39:51 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll
[2009.07.14 09:47:43 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,304,568 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007.07.18 10:31:30 | 000,008,704 | ---- | C] () -- C:\Windows\System32\SaiC0763_0C.dll
[2007.07.18 10:31:30 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0763_10.dll
[2007.07.18 10:31:30 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0763_0A.dll
[2007.07.18 10:31:30 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0763_09.dll
[2007.07.18 10:31:30 | 000,005,632 | ---- | C] () -- C:\Windows\System32\SaiC0763_11.dll
[2007.07.18 10:31:28 | 000,831,488 | ---- | C] () -- C:\Windows\System32\SaiC0763.Dll
[2007.07.18 10:31:28 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0763_07.dll
[2007.07.18 10:31:28 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0763_0402.dll
[2007.07.02 07:50:54 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0BAC_0402.dll
[2007.07.02 07:50:54 | 000,005,632 | ---- | C] () -- C:\Windows\System32\SaiC0BAC_11.dll
[2007.07.02 07:50:52 | 000,008,704 | ---- | C] () -- C:\Windows\System32\SaiC0BAC_0C.dll
[2007.07.02 07:50:52 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0BAC_10.dll
[2007.07.02 07:50:52 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0BAC_0A.dll
[2007.07.02 07:50:52 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0BAC_09.dll
[2007.07.02 07:50:50 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0BAC_07.dll
[2007.07.02 07:46:40 | 000,839,680 | ---- | C] () -- C:\Windows\System32\SaiC0BAC.Dll
[2007.06.20 19:39:26 | 000,271,872 | ---- | C] () -- C:\Windows\System32\flt1chk3.dll
[2007.02.07 17:58:12 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007.01.22 08:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll
[2006.06.07 13:23:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006.03.27 11:19:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2006.03.07 11:59:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006.02.22 23:37:47 | 000,318,014 | ---- | C] () -- C:\Windows\System32\flt1chk4.dll
[2006.01.10 17:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
[2006.01.10 17:11:06 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll
[2005.09.25 18:48:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2005.01.15 00:51:21 | 000,000,151 | ---- | C] () -- C:\Windows\swfl5.ini
 
========== LOP Check ==========
 
[2011.10.17 16:46:11 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\.ZMatrix
[2011.11.07 21:05:08 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Canneverbe Limited
[2011.07.21 16:27:31 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
[2011.05.05 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FreeAudioPack
[2011.06.15 21:26:02 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\FreeCDRipper
[2011.08.22 19:33:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GameRanger
[2010.11.14 19:52:49 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GetRightToGo
[2011.05.25 17:49:24 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\gtk-2.0
[2010.10.14 18:03:28 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\HiFi
[2012.01.23 18:15:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ICQ
[2010.09.23 20:33:39 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\IrfanView
[2010.09.20 18:02:14 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\OpenOffice.org
[2011.02.22 18:54:03 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Samsung
[2011.10.15 20:53:19 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\SkyTestBU1
[2011.05.05 21:01:51 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TeraCopy
[2012.01.05 17:28:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\TS3Client
[2011.11.17 13:33:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Ubisoft
[2012.01.23 17:10:50 | 000,000,308 | ---- | M] () -- C:\Windows\Tasks\ALNLIIFE.job
[2012.01.18 20:36:55 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.10.05 15:52:20 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.09.21 08:48:38 | 000,000,000 | ---D | M] -- C:\ATI
[2010.09.16 22:20:37 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.01.12 11:33:20 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.09.16 21:32:37 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.09.26 15:38:44 | 000,000,000 | ---D | M] -- C:\lexmark
[2010.10.06 17:44:01 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.01.22 18:33:21 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.01.22 18:33:22 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.09.16 21:32:37 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.09.16 21:32:37 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.01.23 18:17:12 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.12.08 20:49:42 | 000,000,000 | ---D | M] -- C:\temp
[2010.09.28 17:29:16 | 000,000,000 | R--D | M] -- C:\Users
[2012.01.22 19:49:31 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.11.10 04:12:24 | 000,466,944 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
[2012.01.21 19:44:07 | 000,122,880 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\system32\he-IL0.dll
 
< %USERPROFILE%\*.* >
[2011.05.25 17:49:23 | 000,000,886 | ---- | M] () -- C:\Users\David\.recently-used.xbel
[2012.01.23 18:25:11 | 002,621,440 | -HS- | M] () -- C:\Users\David\NTUSER.DAT
[2012.01.23 18:25:11 | 000,262,144 | -HS- | M] () -- C:\Users\David\ntuser.dat.LOG1
[2010.09.16 21:32:49 | 000,000,000 | -HS- | M] () -- C:\Users\David\ntuser.dat.LOG2
[2010.09.16 21:35:11 | 000,065,536 | -HS- | M] () -- C:\Users\David\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.09.16 21:35:11 | 000,524,288 | -HS- | M] () -- C:\Users\David\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.09.16 21:35:11 | 000,524,288 | -HS- | M] () -- C:\Users\David\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.09.16 21:32:49 | 000,000,020 | -HS- | M] () -- C:\Users\David\ntuser.ini
[2010.12.17 14:23:37 | 000,000,199 | ---- | M] () -- C:\Users\David\QualityWings_Ultimate 757 Collection.reg
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:EFD9810A
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:A1D5C6AA

< End of report >
         
--- --- ---
__________________

Alt 23.01.2012, 19:19   #4
markusg
/// Malware-holic
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



öffne malwarebytes, berichte und poste mir alle logs.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2012, 21:50   #5
Wasp793
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



Ich habe einen kompletten Suchvorgang gemacht aber es wurde nichts gefunden:

Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.23.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
David :: DAVID-PC [Administrator]

Schutz: Aktiviert

23.01.2012 20:49:17
mbam-log-2012-01-23 (20-49-17).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 414499
Laufzeit: 57 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Das Problem besteht weiterhin


Alt 24.01.2012, 12:20   #6
markusg
/// Malware-holic
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



ich wollte kein neues log, ich wollte die alten, wenn sie denn vorhanden sind
__________________
--> Logfile zu Google-Umleitung

Alt 24.01.2012, 16:41   #7
Wasp793
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



Ok, hier sind sie alle. Die ältesten zuerst:

Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.22.03

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
David :: DAVID-PC [Administrator]

Schutz: Aktiviert

22.01.2012 18:34:33
mbam-log-2012-01-22 (18-34-33).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 186770
Laufzeit: 4 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.22.03

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
David :: DAVID-PC [Administrator]

Schutz: Aktiviert

22.01.2012 18:39:49
mbam-log-2012-01-22 (18-39-49).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 413948
Laufzeit: 56 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
S:\Flusi-Dateien\9Dragons - Kai Tak\9dv2-1\9Dragons v2.1 Update.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt.
S:\Flusi-Dateien\fsonlinecenter_v2.0\FSOnlineCenter_v2.0.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.23.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
David :: DAVID-PC [Administrator]

Schutz: Aktiviert

23.01.2012 20:44:29
mbam-log-2012-01-23 (20-44-29).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 186629
Laufzeit: 4 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.23.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
David :: DAVID-PC [Administrator]

Schutz: Aktiviert

23.01.2012 20:49:17
mbam-log-2012-01-23 (20-49-17).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 414499
Laufzeit: 57 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Alt 24.01.2012, 16:58   #8
markusg
/// Malware-holic
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



danke.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 29.01.2012, 15:42   #9
Wasp793
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



Hier jetzt das Logfile von Combofix:

Combofix Logfile:
Code:
ATTFilter
ComboFix 12-01-29.01 - David 29.01.2012  15:22:58.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3583.2730 [GMT 1:00]
ausgeführt von:: c:\users\David\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\David\AppData\Local\Temp\9b93aee4-5d0f-43c6-98ae-ec0b1e7534ab\CliSecureRT.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\system32
c:\windows\system32\system32\3DAudio.ax
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-12-28 bis 2012-01-29  ))))))))))))))))))))))))))))))
.
.
2012-01-29 14:28 . 2012-01-29 14:30	--------	d-----w-	c:\users\David\AppData\Local\temp
2012-01-26 12:44 . 2012-01-26 12:44	--------	d-----w-	c:\program files\Blobby Volley 2.0 Version 0.9c
2012-01-26 11:55 . 2011-11-17 05:48	134000	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-01-26 11:55 . 2011-11-17 05:42	369352	----a-w-	c:\windows\system32\drivers\cng.sys
2012-01-26 11:55 . 2011-11-17 05:39	224768	----a-w-	c:\windows\system32\schannel.dll
2012-01-26 11:55 . 2011-11-17 05:38	1037312	----a-w-	c:\windows\system32\lsasrv.dll
2012-01-26 11:55 . 2011-11-17 05:48	67440	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-01-26 11:55 . 2011-11-17 05:39	314368	----a-w-	c:\windows\system32\webio.dll
2012-01-26 11:55 . 2011-11-17 05:39	99840	----a-w-	c:\windows\system32\sspicli.dll
2012-01-26 11:55 . 2011-11-17 05:39	15360	----a-w-	c:\windows\system32\sspisrv.dll
2012-01-26 11:55 . 2011-11-17 05:39	22016	----a-w-	c:\windows\system32\secur32.dll
2012-01-26 11:55 . 2011-11-17 05:36	22528	----a-w-	c:\windows\system32\lsass.exe
2012-01-22 17:33 . 2012-01-22 17:33	--------	d-----w-	c:\users\David\AppData\Roaming\Malwarebytes
2012-01-22 17:33 . 2012-01-22 17:33	--------	d-----w-	c:\programdata\Malwarebytes
2012-01-21 18:44 . 2012-01-21 18:44	122880	--sha-r-	c:\windows\system32\he-IL0.dll
2012-01-21 13:36 . 2012-01-21 13:39	--------	d-----w-	c:\program files\ICQ7.5
2012-01-20 15:55 . 2012-01-06 04:19	6557240	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA148999-415C-4D63-82C6-B475BA9CC945}\mpengine.dll
2012-01-11 21:11 . 2011-11-17 05:41	1288984	----a-w-	c:\windows\system32\ntdll.dll
2012-01-11 21:11 . 2011-11-19 14:06	67072	----a-w-	c:\windows\system32\packager.dll
2012-01-11 21:11 . 2011-10-26 04:28	1328640	----a-w-	c:\windows\system32\quartz.dll
2012-01-11 21:10 . 2011-10-26 04:28	514560	----a-w-	c:\windows\system32\qdvd.dll
2012-01-05 16:12 . 2012-01-05 16:12	--------	d-----w-	c:\users\David\AppData\Local\TeamSpeak 3 Client
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-16 19:46 . 2011-05-22 19:22	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-24 04:23 . 2011-12-14 16:17	2340352	----a-w-	c:\windows\system32\win32k.sys
2011-11-15 13:29 . 2010-09-17 14:48	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-11-10 03:44 . 2011-11-10 03:44	8913920	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2011-11-10 03:17 . 2011-11-10 03:17	159744	----a-w-	c:\windows\system32\atiapfxx.exe
2011-11-10 03:16 . 2011-07-28 21:40	774656	----a-w-	c:\windows\system32\aticfx32.dll
2011-11-10 03:12 . 2011-11-10 03:12	466944	----a-w-	c:\windows\system32\ATIDEMGX.dll
2011-11-10 03:11 . 2011-11-10 03:11	417792	----a-w-	c:\windows\system32\atieclxx.exe
2011-11-10 03:11 . 2011-11-10 03:11	176128	----a-w-	c:\windows\system32\atiesrxx.exe
2011-11-10 03:10 . 2011-11-10 03:10	163840	----a-w-	c:\windows\system32\atitmmxx.dll
2011-11-10 03:09 . 2011-11-10 03:09	360448	----a-w-	c:\windows\system32\atipdlxx.dll
2011-11-10 03:09 . 2011-11-10 03:09	278528	----a-w-	c:\windows\system32\Oemdspif.dll
2011-11-10 03:09 . 2011-11-10 03:09	20992	----a-w-	c:\windows\system32\atimuixx.dll
2011-11-10 03:09 . 2011-11-10 03:09	43520	----a-w-	c:\windows\system32\ati2edxx.dll
2011-11-10 03:06 . 2011-07-28 21:30	6077952	----a-w-	c:\windows\system32\atidxx32.dll
2011-11-10 02:58 . 2011-11-10 02:58	18996224	----a-w-	c:\windows\system32\atioglxx.dll
2011-11-10 02:40 . 2011-11-10 02:40	1828864	----a-w-	c:\windows\system32\atiumdmv.dll
2011-11-10 02:34 . 2011-11-10 02:34	46080	----a-w-	c:\windows\system32\aticalrt.dll
2011-11-10 02:34 . 2011-11-10 02:34	44032	----a-w-	c:\windows\system32\aticalcl.dll
2011-11-10 02:33 . 2011-07-28 21:09	5852672	----a-w-	c:\windows\system32\atiumdag.dll
2011-11-10 02:29 . 2011-11-10 02:29	11300864	----a-w-	c:\windows\system32\aticaldd.dll
2011-11-10 02:29 . 2011-07-28 21:03	4200960	----a-w-	c:\windows\system32\atiumdva.dll
2011-11-10 02:18 . 2011-07-28 21:01	51200	----a-w-	c:\windows\system32\coinst.dll
2011-11-10 02:13 . 2011-11-10 02:13	348160	----a-w-	c:\windows\system32\atiadlxx.dll
2011-11-10 02:13 . 2011-11-10 02:13	14336	----a-w-	c:\windows\system32\atiglpxx.dll
2011-11-10 02:12 . 2011-11-10 02:12	32768	----a-w-	c:\windows\system32\atigktxx.dll
2011-11-10 02:12 . 2011-11-10 02:12	263680	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2011-11-10 02:11 . 2011-07-28 20:53	32256	----a-w-	c:\windows\system32\atiuxpag.dll
2011-11-10 02:11 . 2011-07-28 20:53	29184	----a-w-	c:\windows\system32\atiu9pag.dll
2011-11-10 02:11 . 2011-11-10 02:11	53760	----a-w-	c:\windows\system32\atimpc32.dll
2011-11-10 02:11 . 2011-11-10 02:11	53760	----a-w-	c:\windows\system32\amdpcom32.dll
2011-11-10 02:10 . 2011-11-10 02:10	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2011-11-09 21:39 . 2011-11-09 21:39	59904	----a-w-	c:\windows\system32\OpenVideo.dll
2011-11-09 21:39 . 2011-11-09 21:39	54784	----a-w-	c:\windows\system32\OVDecode.dll
2011-11-09 21:38 . 2011-11-09 21:38	14375936	----a-w-	c:\windows\system32\amdocl.dll
2011-11-05 04:35 . 2011-12-14 16:19	981504	----a-w-	c:\windows\system32\wininet.dll
2011-11-05 04:34 . 2011-12-14 16:19	44544	----a-w-	c:\windows\system32\licmgr10.dll
2011-11-05 04:30 . 2011-12-14 16:17	2048	----a-w-	c:\windows\system32\tzres.dll
2011-11-05 03:28 . 2011-12-14 16:19	386048	----a-w-	c:\windows\system32\html.iec
2011-11-05 02:55 . 2011-12-14 16:19	1638912	----a-w-	c:\windows\system32\mshtml.tlb
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-04-28 934800]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-04-28 3373968]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-04-28 19856]
"Steam"="d:\stream\Steam.exe" [2011-08-05 1242448]
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" [2011-08-01 124480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lxczbmgr.exe"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2009-04-27 74408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 2729800]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
.
c:\users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 30312]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-08-15 49016]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-07-13 1394688]
R3 npusbio;npusbio;c:\windows\system32\Drivers\npusbio.sys [2008-04-25 36384]
R3 SaiH0763;SaiH0763;c:\windows\system32\DRIVERS\SaiH0763.sys [2007-07-18 135680]
R3 SaiH0BAC;SaiH0BAC;c:\windows\system32\DRIVERS\SaiH0BAC.sys [2007-07-02 135168]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-01-03 121192]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 136680]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-01-03 114152]
R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [2007-06-28 1310720]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-01-05 222568]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 2336072]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-10-17 85520]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2011-01-05 42112]
S3 gfvknt;GoFlight Virtual HID Keyboard;c:\windows\system32\DRIVERS\gfvknt.sys [2008-12-08 19968]
S3 netr73;USB-Drahtlos-802.11 b/g-Adaptertreiber für Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - FSUSBEXDISK
.
Inhalt des "geplante Tasks" Ordners
.
2012-01-29 c:\windows\Tasks\ALNLIIFE.job
- c:\windows\system32\he-IL0.dll [2012-01-21 18:44]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\fcgehftb.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: G Data BankGuard: {906305f7-aafc-45e9-8bbd-941950a84dad} - c:\program files\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
SafeBoot-28383296.sys
SafeBoot-66989573.sys
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\Kies\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\Kies\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\lxczcoms.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Lexmark 1200 Series\lxczbmon.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnscfg.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-29  15:35:04 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-01-29 14:35
.
Vor Suchlauf: 1.890.889.728 Bytes frei
Nach Suchlauf: 1.909.264.384 Bytes frei
.
- - End Of File - - F9BC303A983DC686D01A9BB350D90B6F
         
--- --- ---

Alt 30.01.2012, 12:33   #10
markusg
/// Malware-holic
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 30.01.2012, 15:16   #11
Wasp793
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



15:13:28.0356 3804 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
15:13:28.0465 3804 ============================================================
15:13:28.0465 3804 Current date / time: 2012/01/30 15:13:28.0465
15:13:28.0465 3804 SystemInfo:
15:13:28.0465 3804
15:13:28.0465 3804 OS Version: 6.1.7600 ServicePack: 0.0
15:13:28.0465 3804 Product type: Workstation
15:13:28.0465 3804 ComputerName: DAVID-PC
15:13:28.0465 3804 UserName: David
15:13:28.0465 3804 Windows directory: C:\Windows
15:13:28.0465 3804 System windows directory: C:\Windows
15:13:28.0465 3804 Processor architecture: Intel x86
15:13:28.0465 3804 Number of processors: 2
15:13:28.0465 3804 Page size: 0x1000
15:13:28.0465 3804 Boot type: Normal boot
15:13:28.0465 3804 ============================================================
15:13:29.0089 3804 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
15:13:29.0214 3804 Initialize success
15:14:19.0197 3604 ============================================================
15:14:19.0197 3604 Scan started
15:14:19.0197 3604 Mode: Manual; SigCheck; TDLFS;
15:14:19.0197 3604 ============================================================
15:14:19.0618 3604 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
15:14:19.0712 3604 1394ohci - ok
15:14:19.0759 3604 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
15:14:19.0759 3604 ACPI - ok
15:14:19.0806 3604 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
15:14:19.0837 3604 AcpiPmi - ok
15:14:19.0884 3604 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:14:19.0899 3604 adp94xx - ok
15:14:19.0915 3604 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:14:19.0930 3604 adpahci - ok
15:14:19.0930 3604 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:14:19.0946 3604 adpu320 - ok
15:14:20.0008 3604 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
15:14:20.0055 3604 AFD - ok
15:14:20.0055 3604 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
15:14:20.0071 3604 agp440 - ok
15:14:20.0102 3604 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:14:20.0118 3604 aic78xx - ok
15:14:20.0133 3604 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
15:14:20.0149 3604 aliide - ok
15:14:20.0180 3604 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
15:14:20.0196 3604 amdagp - ok
15:14:20.0211 3604 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
15:14:20.0211 3604 amdide - ok
15:14:20.0258 3604 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
15:14:20.0305 3604 amdiox86 - ok
15:14:20.0336 3604 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:14:20.0352 3604 AmdK8 - ok
15:14:20.0664 3604 amdkmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
15:14:21.0288 3604 amdkmdag - ok
15:14:21.0350 3604 amdkmdap (32d68d05b871eed5572d0c2c764ea4ec) C:\Windows\system32\DRIVERS\atikmpag.sys
15:14:21.0381 3604 amdkmdap - ok
15:14:21.0412 3604 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:14:21.0428 3604 AmdPPM - ok
15:14:21.0459 3604 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
15:14:21.0475 3604 amdsata - ok
15:14:21.0506 3604 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:14:21.0537 3604 amdsbs - ok
15:14:21.0568 3604 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
15:14:21.0584 3604 amdxata - ok
15:14:21.0631 3604 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
15:14:21.0646 3604 androidusb - ok
15:14:21.0709 3604 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
15:14:21.0787 3604 AppID - ok
15:14:21.0849 3604 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:14:21.0865 3604 arc - ok
15:14:21.0865 3604 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:14:21.0880 3604 arcsas - ok
15:14:21.0912 3604 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:14:22.0005 3604 AsyncMac - ok
15:14:22.0036 3604 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
15:14:22.0052 3604 atapi - ok
15:14:22.0114 3604 AtiHDAudioService (7725aecceddf81bd8374c77157e450ea) C:\Windows\system32\drivers\AtihdW73.sys
15:14:22.0130 3604 AtiHDAudioService - ok
15:14:22.0192 3604 atksgt (547f07839f71a4357a5e503646cac2b0) C:\Windows\system32\DRIVERS\atksgt.sys
15:14:22.0239 3604 atksgt - ok
15:14:22.0286 3604 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
15:14:22.0302 3604 avgntflt - ok
15:14:22.0317 3604 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
15:14:22.0348 3604 avipbb - ok
15:14:22.0411 3604 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:14:22.0458 3604 b06bdrv - ok
15:14:22.0504 3604 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:14:22.0520 3604 b57nd60x - ok
15:14:22.0551 3604 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:14:22.0598 3604 Beep - ok
15:14:22.0614 3604 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:14:22.0645 3604 blbdrive - ok
15:14:22.0676 3604 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
15:14:22.0707 3604 bowser - ok
15:14:22.0723 3604 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:14:22.0738 3604 BrFiltLo - ok
15:14:22.0754 3604 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:14:22.0785 3604 BrFiltUp - ok
15:14:22.0832 3604 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
15:14:22.0863 3604 BridgeMP - ok
15:14:22.0941 3604 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:14:22.0988 3604 Brserid - ok
15:14:23.0004 3604 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:14:23.0035 3604 BrSerWdm - ok
15:14:23.0050 3604 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:14:23.0082 3604 BrUsbMdm - ok
15:14:23.0082 3604 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:14:23.0097 3604 BrUsbSer - ok
15:14:23.0113 3604 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:14:23.0144 3604 BTHMODEM - ok
15:14:23.0253 3604 catchme - ok
15:14:23.0347 3604 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:14:23.0378 3604 cdfs - ok
15:14:23.0425 3604 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
15:14:23.0440 3604 cdrom - ok
15:14:23.0472 3604 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:14:23.0487 3604 circlass - ok
15:14:23.0518 3604 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:14:23.0534 3604 CLFS - ok
15:14:23.0565 3604 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:14:23.0581 3604 CmBatt - ok
15:14:23.0581 3604 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
15:14:23.0596 3604 cmdide - ok
15:14:23.0643 3604 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
15:14:23.0659 3604 CNG - ok
15:14:23.0674 3604 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:14:23.0690 3604 Compbatt - ok
15:14:23.0706 3604 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:14:23.0737 3604 CompositeBus - ok
15:14:23.0752 3604 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:14:23.0752 3604 crcdisk - ok
15:14:23.0815 3604 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
15:14:23.0846 3604 DfsC - ok
15:14:23.0893 3604 dgderdrv - ok
15:14:23.0924 3604 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:14:23.0986 3604 discache - ok
15:14:24.0033 3604 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:14:24.0049 3604 Disk - ok
15:14:24.0096 3604 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:14:24.0111 3604 drmkaud - ok
15:14:24.0158 3604 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
15:14:24.0189 3604 DXGKrnl - ok
15:14:24.0220 3604 EagleXNt - ok
15:14:24.0314 3604 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:14:24.0423 3604 ebdrv - ok
15:14:24.0454 3604 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:14:24.0486 3604 elxstor - ok
15:14:24.0486 3604 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
15:14:24.0501 3604 ErrDev - ok
15:14:24.0532 3604 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:14:24.0579 3604 exfat - ok
15:14:24.0579 3604 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:14:24.0610 3604 fastfat - ok
15:14:24.0642 3604 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:14:24.0673 3604 fdc - ok
15:14:24.0688 3604 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:14:24.0688 3604 FileInfo - ok
15:14:24.0704 3604 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:14:24.0735 3604 Filetrace - ok
15:14:24.0751 3604 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:14:24.0782 3604 flpydisk - ok
15:14:24.0829 3604 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:14:24.0860 3604 FltMgr - ok
15:14:24.0876 3604 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:14:24.0891 3604 FsDepends - ok
15:14:24.0938 3604 FsUsbExDisk (10398b515653442a5b89fdf6a1d06180) C:\Windows\system32\FsUsbExDisk.SYS
15:14:24.0954 3604 FsUsbExDisk - ok
15:14:24.0985 3604 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
15:14:25.0000 3604 Fs_Rec - ok
15:14:25.0047 3604 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
15:14:25.0047 3604 fvevol - ok
15:14:25.0094 3604 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:14:25.0110 3604 gagp30kx - ok
15:14:25.0156 3604 GDPkIcpt (0f917bcee8f65402a2dd4024cf85ce32) C:\Windows\system32\drivers\PktIcpt.sys
15:14:25.0172 3604 GDPkIcpt - ok
15:14:25.0188 3604 GearAspiWDM (5dc17164f66380cbfefd895c18467773) C:\Windows\system32\drivers\GEARAspiWDM.sys
15:14:25.0188 3604 GearAspiWDM - ok
15:14:25.0234 3604 gfvknt (d2bdb0aedf24b4d1c88385415d83ab1b) C:\Windows\system32\DRIVERS\gfvknt.sys
15:14:25.0250 3604 gfvknt - ok
15:14:25.0328 3604 HCW85BDA (89364cc2a694364f4aa148b7cb802d57) C:\Windows\system32\drivers\HCW85BDA.sys
15:14:25.0390 3604 HCW85BDA - ok
15:14:25.0422 3604 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:14:25.0437 3604 hcw85cir - ok
15:14:25.0484 3604 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
15:14:25.0515 3604 HdAudAddService - ok
15:14:25.0562 3604 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:14:25.0578 3604 HDAudBus - ok
15:14:25.0593 3604 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:14:25.0609 3604 HidBatt - ok
15:14:25.0624 3604 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:14:25.0656 3604 HidBth - ok
15:14:25.0656 3604 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:14:25.0671 3604 HidIr - ok
15:14:25.0718 3604 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
15:14:25.0734 3604 HidUsb - ok
15:14:25.0765 3604 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:14:25.0765 3604 HpSAMD - ok
15:14:25.0812 3604 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
15:14:25.0890 3604 HTTP - ok
15:14:25.0921 3604 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
15:14:25.0921 3604 hwpolicy - ok
15:14:25.0936 3604 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
15:14:25.0968 3604 i8042prt - ok
15:14:25.0999 3604 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
15:14:26.0014 3604 iaStorV - ok
15:14:26.0077 3604 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:14:26.0077 3604 iirsp - ok
15:14:26.0092 3604 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
15:14:26.0108 3604 intelide - ok
15:14:26.0124 3604 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:14:26.0155 3604 intelppm - ok
15:14:26.0155 3604 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:14:26.0202 3604 IpFilterDriver - ok
15:14:26.0233 3604 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:14:26.0248 3604 IPMIDRV - ok
15:14:26.0248 3604 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:14:26.0326 3604 IPNAT - ok
15:14:26.0342 3604 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:14:26.0373 3604 IRENUM - ok
15:14:26.0404 3604 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
15:14:26.0420 3604 isapnp - ok
15:14:26.0436 3604 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
15:14:26.0451 3604 iScsiPrt - ok
15:14:26.0451 3604 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:14:26.0467 3604 kbdclass - ok
15:14:26.0498 3604 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
15:14:26.0514 3604 kbdhid - ok
15:14:26.0545 3604 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
15:14:26.0560 3604 KSecDD - ok
15:14:26.0592 3604 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
15:14:26.0592 3604 KSecPkg - ok
15:14:26.0670 3604 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
15:14:26.0701 3604 lirsgt - ok
15:14:26.0763 3604 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:14:26.0826 3604 lltdio - ok
15:14:26.0841 3604 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:14:26.0857 3604 LSI_FC - ok
15:14:26.0872 3604 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:14:26.0888 3604 LSI_SAS - ok
15:14:26.0904 3604 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:14:26.0904 3604 LSI_SAS2 - ok
15:14:26.0935 3604 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:14:26.0950 3604 LSI_SCSI - ok
15:14:26.0982 3604 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:14:27.0028 3604 luafv - ok
15:14:27.0060 3604 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:14:27.0060 3604 megasas - ok
15:14:27.0091 3604 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:14:27.0091 3604 MegaSR - ok
15:14:27.0106 3604 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:14:27.0138 3604 Modem - ok
15:14:27.0169 3604 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:14:27.0200 3604 monitor - ok
15:14:27.0216 3604 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:14:27.0231 3604 mouclass - ok
15:14:27.0247 3604 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:14:27.0278 3604 mouhid - ok
15:14:27.0294 3604 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
15:14:27.0309 3604 mountmgr - ok
15:14:27.0325 3604 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
15:14:27.0340 3604 mpio - ok
15:14:27.0356 3604 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:14:27.0496 3604 mpsdrv - ok
15:14:27.0512 3604 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
15:14:27.0543 3604 MRxDAV - ok
15:14:27.0574 3604 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:14:27.0637 3604 mrxsmb - ok
15:14:27.0652 3604 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:14:27.0699 3604 mrxsmb10 - ok
15:14:27.0715 3604 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:14:27.0730 3604 mrxsmb20 - ok
15:14:27.0762 3604 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
15:14:27.0762 3604 msahci - ok
15:14:27.0777 3604 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
15:14:27.0793 3604 msdsm - ok
15:14:27.0808 3604 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:14:27.0840 3604 Msfs - ok
15:14:27.0855 3604 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:14:27.0886 3604 mshidkmdf - ok
15:14:27.0886 3604 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
15:14:27.0902 3604 msisadrv - ok
15:14:27.0933 3604 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:14:27.0964 3604 MSKSSRV - ok
15:14:27.0980 3604 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:14:28.0011 3604 MSPCLOCK - ok
15:14:28.0011 3604 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:14:28.0058 3604 MSPQM - ok
15:14:28.0074 3604 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:14:28.0089 3604 MsRPC - ok
15:14:28.0105 3604 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
15:14:28.0120 3604 mssmbios - ok
15:14:28.0136 3604 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:14:28.0167 3604 MSTEE - ok
15:14:28.0183 3604 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:14:28.0183 3604 MTConfig - ok
15:14:28.0214 3604 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:14:28.0214 3604 Mup - ok
15:14:28.0261 3604 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:14:28.0292 3604 NativeWifiP - ok
15:14:28.0339 3604 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
15:14:28.0386 3604 NDIS - ok
15:14:28.0432 3604 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:14:28.0479 3604 NdisCap - ok
15:14:28.0510 3604 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:14:28.0542 3604 NdisTapi - ok
15:14:28.0557 3604 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
15:14:28.0588 3604 Ndisuio - ok
15:14:28.0604 3604 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
15:14:28.0635 3604 NdisWan - ok
15:14:28.0635 3604 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
15:14:28.0682 3604 NDProxy - ok
15:14:28.0698 3604 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:14:28.0729 3604 NetBIOS - ok
15:14:28.0744 3604 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
15:14:28.0760 3604 NetBT - ok
15:14:28.0838 3604 netr73 (76b1157ef850830c5ece61d3e591ca8b) C:\Windows\system32\DRIVERS\netr73.sys
15:14:28.0869 3604 netr73 - ok
15:14:28.0900 3604 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:14:28.0916 3604 nfrd960 - ok
15:14:28.0963 3604 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:14:28.0994 3604 Npfs - ok
15:14:29.0041 3604 npusbio (0a01056f5128d80f6e6826e32ba52177) C:\Windows\system32\Drivers\npusbio.sys
15:14:29.0041 3604 npusbio - ok
15:14:29.0072 3604 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:14:29.0103 3604 nsiproxy - ok
15:14:29.0166 3604 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
15:14:29.0244 3604 Ntfs - ok
15:14:29.0259 3604 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:14:29.0306 3604 Null - ok
15:14:29.0353 3604 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
15:14:29.0384 3604 NVENETFD - ok
15:14:29.0743 3604 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:14:30.0133 3604 nvlddmkm - ok
15:14:30.0164 3604 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
15:14:30.0180 3604 nvraid - ok
15:14:30.0211 3604 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
15:14:30.0226 3604 nvstor - ok
15:14:30.0258 3604 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
15:14:30.0273 3604 nv_agp - ok
15:14:30.0273 3604 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
15:14:30.0320 3604 ohci1394 - ok
15:14:30.0398 3604 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:14:30.0445 3604 Parport - ok
15:14:30.0460 3604 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
15:14:30.0460 3604 partmgr - ok
15:14:30.0492 3604 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:14:30.0507 3604 Parvdm - ok
15:14:30.0523 3604 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
15:14:30.0538 3604 pci - ok
15:14:30.0554 3604 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
15:14:30.0554 3604 pciide - ok
15:14:30.0585 3604 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:14:30.0585 3604 pcmcia - ok
15:14:30.0601 3604 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:14:30.0601 3604 pcw - ok
15:14:30.0632 3604 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:14:30.0694 3604 PEAUTH - ok
15:14:30.0757 3604 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:14:30.0788 3604 PptpMiniport - ok
15:14:30.0804 3604 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:14:30.0804 3604 Processor - ok
15:14:30.0866 3604 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:14:30.0882 3604 Psched - ok
15:14:30.0960 3604 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:14:31.0038 3604 ql2300 - ok
15:14:31.0053 3604 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:14:31.0069 3604 ql40xx - ok
15:14:31.0084 3604 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:14:31.0100 3604 QWAVEdrv - ok
15:14:31.0100 3604 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:14:31.0147 3604 RasAcd - ok
15:14:31.0178 3604 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:14:31.0209 3604 RasAgileVpn - ok
15:14:31.0225 3604 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:14:31.0256 3604 Rasl2tp - ok
15:14:31.0287 3604 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:14:31.0334 3604 RasPppoe - ok
15:14:31.0334 3604 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:14:31.0365 3604 RasSstp - ok
15:14:31.0381 3604 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
15:14:31.0412 3604 rdbss - ok
15:14:31.0428 3604 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:14:31.0443 3604 rdpbus - ok
15:14:31.0459 3604 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:14:31.0490 3604 RDPCDD - ok
15:14:31.0490 3604 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:14:31.0521 3604 RDPENCDD - ok
15:14:31.0537 3604 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:14:31.0552 3604 RDPREFMP - ok
15:14:31.0568 3604 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
15:14:31.0615 3604 RDPWD - ok
15:14:31.0646 3604 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
15:14:31.0662 3604 rdyboost - ok
15:14:31.0693 3604 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:14:31.0771 3604 rspndr - ok
15:14:31.0833 3604 SaiH0763 (04e8c6bee76584f926a84d035ce5b977) C:\Windows\system32\DRIVERS\SaiH0763.sys
15:14:31.0849 3604 SaiH0763 - ok
15:14:31.0880 3604 SaiH0BAC (3252d5571633e0b244541615d6252358) C:\Windows\system32\DRIVERS\SaiH0BAC.sys
15:14:31.0896 3604 SaiH0BAC - ok
15:14:31.0911 3604 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
15:14:31.0927 3604 sbp2port - ok
15:14:31.0942 3604 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
15:14:31.0974 3604 scfilter - ok
15:14:32.0020 3604 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:14:32.0052 3604 secdrv - ok
15:14:32.0083 3604 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:14:32.0098 3604 Serenum - ok
15:14:32.0098 3604 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:14:32.0130 3604 Serial - ok
15:14:32.0145 3604 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:14:32.0145 3604 sermouse - ok
15:14:32.0161 3604 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
15:14:32.0192 3604 sffdisk - ok
15:14:32.0208 3604 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:14:32.0223 3604 sffp_mmc - ok
15:14:32.0223 3604 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:14:32.0254 3604 sffp_sd - ok
15:14:32.0270 3604 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:14:32.0286 3604 sfloppy - ok
15:14:32.0301 3604 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
15:14:32.0317 3604 sisagp - ok
15:14:32.0332 3604 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:14:32.0348 3604 SiSRaid2 - ok
15:14:32.0364 3604 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:14:32.0379 3604 SiSRaid4 - ok
15:14:32.0395 3604 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:14:32.0426 3604 Smb - ok
15:14:32.0473 3604 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:14:32.0488 3604 spldr - ok
15:14:32.0520 3604 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
15:14:32.0551 3604 srv - ok
15:14:32.0582 3604 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
15:14:32.0613 3604 srv2 - ok
15:14:32.0629 3604 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
15:14:32.0660 3604 srvnet - ok
15:14:32.0691 3604 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\Windows\system32\DRIVERS\ssadbus.sys
15:14:32.0722 3604 ssadbus - ok
15:14:32.0754 3604 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:14:32.0769 3604 ssadmdfl - ok
15:14:32.0800 3604 ssadmdm (9afaa23421622c392b55508fa9613949) C:\Windows\system32\DRIVERS\ssadmdm.sys
15:14:32.0816 3604 ssadmdm - ok
15:14:32.0847 3604 ssadserd (1cac71d756ce00ae0681f9028dde874b) C:\Windows\system32\DRIVERS\ssadserd.sys
15:14:32.0863 3604 ssadserd - ok
15:14:32.0910 3604 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\Windows\system32\DRIVERS\sscdbus.sys
15:14:32.0925 3604 sscdbus - ok
15:14:32.0941 3604 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
15:14:32.0956 3604 sscdmdfl - ok
15:14:32.0988 3604 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\Windows\system32\DRIVERS\sscdmdm.sys
15:14:33.0003 3604 sscdmdm - ok
15:14:33.0034 3604 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
15:14:33.0050 3604 ssmdrv - ok
15:14:33.0097 3604 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:14:33.0112 3604 stexstor - ok
15:14:33.0144 3604 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
15:14:33.0144 3604 swenum - ok
15:14:33.0237 3604 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
15:14:33.0284 3604 Tcpip - ok
15:14:33.0346 3604 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
15:14:33.0362 3604 TCPIP6 - ok
15:14:33.0393 3604 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
15:14:33.0440 3604 tcpipreg - ok
15:14:33.0440 3604 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
15:14:33.0471 3604 TDPIPE - ok
15:14:33.0487 3604 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
15:14:33.0518 3604 TDTCP - ok
15:14:33.0534 3604 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
15:14:33.0549 3604 tdx - ok
15:14:33.0580 3604 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
15:14:33.0596 3604 TermDD - ok
15:14:33.0627 3604 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:14:33.0658 3604 tssecsrv - ok
15:14:33.0690 3604 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
15:14:33.0721 3604 tunnel - ok
15:14:33.0736 3604 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:14:33.0736 3604 uagp35 - ok
15:14:33.0768 3604 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
15:14:33.0799 3604 udfs - ok
15:14:33.0846 3604 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:14:33.0861 3604 uliagpkx - ok
15:14:33.0877 3604 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
15:14:33.0908 3604 umbus - ok
15:14:33.0908 3604 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:14:33.0924 3604 UmPass - ok
15:14:33.0955 3604 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\drivers\usbccgp.sys
15:14:34.0002 3604 usbccgp - ok
15:14:34.0017 3604 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
15:14:34.0064 3604 usbcir - ok
15:14:34.0111 3604 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
15:14:34.0126 3604 usbehci - ok
15:14:34.0173 3604 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
15:14:34.0204 3604 usbhub - ok
15:14:34.0220 3604 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\DRIVERS\usbohci.sys
15:14:34.0251 3604 usbohci - ok
15:14:34.0329 3604 USBPNPA (41b758cff0a3c10a69e088f440677399) C:\Windows\system32\drivers\CM108.sys
15:14:34.0392 3604 USBPNPA - ok
15:14:34.0423 3604 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:14:34.0438 3604 usbprint - ok
15:14:34.0470 3604 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
15:14:34.0485 3604 usbscan - ok
15:14:34.0516 3604 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:14:34.0563 3604 USBSTOR - ok
15:14:34.0594 3604 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys
15:14:34.0594 3604 usbuhci - ok
15:14:34.0641 3604 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:14:34.0657 3604 vdrvroot - ok
15:14:34.0672 3604 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:14:34.0688 3604 vga - ok
15:14:34.0704 3604 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:14:34.0735 3604 VgaSave - ok
15:14:34.0750 3604 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
15:14:34.0766 3604 vhdmp - ok
15:14:34.0797 3604 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
15:14:34.0813 3604 viaagp - ok
15:14:34.0813 3604 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:14:34.0844 3604 ViaC7 - ok
15:14:34.0844 3604 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
15:14:34.0860 3604 viaide - ok
15:14:34.0860 3604 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
15:14:34.0875 3604 volmgr - ok
15:14:34.0891 3604 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:14:34.0906 3604 volmgrx - ok
15:14:34.0906 3604 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
15:14:34.0922 3604 volsnap - ok
15:14:34.0938 3604 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:14:34.0953 3604 vsmraid - ok
15:14:34.0969 3604 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
15:14:35.0000 3604 vwifibus - ok
15:14:35.0031 3604 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
15:14:35.0062 3604 vwififlt - ok
15:14:35.0078 3604 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:14:35.0078 3604 WacomPen - ok
15:14:35.0109 3604 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
15:14:35.0156 3604 WANARP - ok
15:14:35.0156 3604 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
15:14:35.0172 3604 Wanarpv6 - ok
15:14:35.0203 3604 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:14:35.0203 3604 Wd - ok
15:14:35.0234 3604 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:14:35.0265 3604 Wdf01000 - ok
15:14:35.0328 3604 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:14:35.0390 3604 WfpLwf - ok
15:14:35.0406 3604 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:14:35.0421 3604 WIMMount - ok
15:14:35.0484 3604 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
15:14:35.0499 3604 WinUsb - ok
15:14:35.0515 3604 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:14:35.0530 3604 WmiAcpi - ok
15:14:35.0593 3604 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:14:35.0624 3604 ws2ifsl - ok
15:14:35.0640 3604 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
15:14:35.0686 3604 WudfPf - ok
15:14:35.0702 3604 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:14:35.0733 3604 WUDFRd - ok
15:14:35.0780 3604 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:14:35.0874 3604 \Device\Harddisk0\DR0 - ok
15:14:35.0905 3604 Boot (0x1200) (d40c7076692434334a246a1fdca5ebfd) \Device\Harddisk0\DR0\Partition0
15:14:35.0905 3604 \Device\Harddisk0\DR0\Partition0 - ok
15:14:35.0920 3604 Boot (0x1200) (7b891ad8723fcaf37658e5941542fa6d) \Device\Harddisk0\DR0\Partition1
15:14:35.0920 3604 \Device\Harddisk0\DR0\Partition1 - ok
15:14:35.0936 3604 Boot (0x1200) (62283f294dd4de1c1a7bf119b8bb1a20) \Device\Harddisk0\DR0\Partition2
15:14:35.0936 3604 \Device\Harddisk0\DR0\Partition2 - ok
15:14:35.0936 3604 ============================================================
15:14:35.0936 3604 Scan finished
15:14:35.0936 3604 ============================================================
15:14:35.0967 3052 Detected object count: 0
15:14:35.0967 3052 Actual detected object count: 0

Alt 30.01.2012, 15:33   #12
markusg
/// Malware-holic
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



wird noch umgeleitet? wenn ja, tritt das problem mit allen browsern auf, und wohin wird umgeleitet?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 30.01.2012, 17:33   #13
Wasp793
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



Ja, es wird immer noch umgeleitet. Ich benutze den Firefox. Aber auch beim IE ist das so und zwar bei allen Suchmaschinen.

Ich werde auf Werbeseiten (Online-TV, Shoppen etc.). Manchmal steht im Tab oben in der Leiste "Redirecting", manchmal nicht...

Alt 30.01.2012, 17:36   #14
markusg
/// Malware-holic
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



hitmanpro laden:
http://www.trojaner-board.de/99424-c...o-scannen.html
doppelklick, settings, license, test lizense aktivieren.
dann scan, funde in quarantäne, am ende das log (xml) exportieren und die datei anhängen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 30.01.2012, 17:40   #15
Wasp793
 
Logfile zu Google-Umleitung - Standard

Logfile zu Google-Umleitung



Werde ich machen.

Update: Ich habe jetzt Opera als Browser installiert und damit funktioniert es tadellos. Liegts an den anderen Browsern?

Antwort

Themen zu Logfile zu Google-Umleitung
adobe, antivir, antivir guard, avg, avira, bho, desktop, explorer, firefox, google, hijack, hijack this, hijackthis, internet, internet explorer, logfile, mozilla, nvidia, object, plug-in, problem, software, suche, system, windows



Ähnliche Themen: Logfile zu Google-Umleitung


  1. Google Umleitung I have net
    Plagegeister aller Art und deren Bekämpfung - 10.04.2013 (16)
  2. ihavenet.com google Umleitung
    Plagegeister aller Art und deren Bekämpfung - 04.04.2013 (14)
  3. ASK Toolbar, bzw. Umleitung von google auf ASK
    Plagegeister aller Art und deren Bekämpfung - 26.11.2012 (26)
  4. System Fix / Google Umleitung
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (41)
  5. 100ksearch.com Umleitung bei Google
    Plagegeister aller Art und deren Bekämpfung - 27.07.2011 (4)
  6. Google-Umleitung und eingeschränkte Google-Suche
    Plagegeister aller Art und deren Bekämpfung - 14.06.2011 (7)
  7. Google-Umleitung bei Suchergebnisaufruf
    Log-Analyse und Auswertung - 01.06.2011 (27)
  8. Umleitung bei Google + Popups
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (5)
  9. Umleitung bei Google-Ergebnissen
    Log-Analyse und Auswertung - 06.09.2010 (4)
  10. GOOGLE umleitung
    Log-Analyse und Auswertung - 16.05.2010 (2)
  11. Google Umleitung
    Plagegeister aller Art und deren Bekämpfung - 30.07.2009 (33)
  12. Google-Umleitung, Systemwiederherstellung,
    Log-Analyse und Auswertung - 12.07.2009 (17)
  13. Umleitung der Google-Suchergebnisse
    Log-Analyse und Auswertung - 17.02.2009 (9)
  14. Umleitung von Google-Anfragen
    Mülltonne - 29.12.2008 (1)
  15. Google umleitung
    Plagegeister aller Art und deren Bekämpfung - 22.09.2008 (1)
  16. Umleitung bei google
    Log-Analyse und Auswertung - 17.09.2007 (1)
  17. Umleitung der Google-Suchergebnisse
    Log-Analyse und Auswertung - 14.02.2007 (5)

Zum Thema Logfile zu Google-Umleitung - Hallo, habe das bekannte Problem mit der Umleitung auf Werbeseiten wenn ich über Google, Bing etc. was suche und auf den Link klicke. Hier das Logfile von Hijack This: Logfile - Logfile zu Google-Umleitung...
Archiv
Du betrachtest: Logfile zu Google-Umleitung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.