| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ihavenet.com Virus - leider auch bei mir!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.04.2013, 21:39
| #1 |
| |  ihavenet.com Virus - leider auch bei mir! Hei Zusammen, auf dem Rechner meiner Frau, die damit beruflich viel im Internet unterwegs ist, hat sich ebenfalls der ihavenet.com - Virus breit gemacht (automatische Umleitung der URL im Browser)! Dazu habe ich mir hier im Forum schon einige Threads durchgelesen. Ich habe allerdings nur die Dinge gemacht, die ich problemlos ohne Hilfe durchführen konnte. Leider ist bisher alles ohne Erfolg geblieben. Über Hilfe wäre ich wirklich sehr dankbar! Nun zu den Details (in den verschiedenen Threads wurden verschiedene Tools in unterschiedlicher Reihenfolge vorgeschlagen und eingesetzt, hier nun die Meinige(n)) : 1. Schritt - OTL.exe mit den bekannten Einstellungen, hier die Logdateien: OTL.txt Code:
ATTFilter OTL logfile created on: 02.04.2013 20:15:59 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 69,50% Memory free 4,83 Gb Paging File | 3,89 Gb Available in Paging File | 80,45% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 144,04 Gb Total Space | 78,90 Gb Free Space | 54,78% Space Free | Partition Type: NTFS Drive D: | 298,09 Gb Total Space | 296,60 Gb Free Space | 99,50% Space Free | Partition Type: NTFS Drive E: | 144,04 Gb Total Space | 111,44 Gb Free Space | 77,37% Space Free | Partition Type: NTFS Computer Name: BC-NOTEBOOK1 | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan\OTL.exe (OldTimer Tools) PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe () PRC - C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe () PRC - C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) PRC - C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.) PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe () PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe (Acer Inc.) PRC - C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP) PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) PRC - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Programme\Siemens\HiPath 1220\CommServer2.0\CommSvr.exe () PRC - C:\Programme\Siemens\HiPath 1220\CommServer2.0\GatewayGUI.exe (Siemens) ========== Modules (No Company Name) ========== MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_511ad9ea\mscorlib.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_2b4c3030\system.drawing.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_d2ccf7f3\system.xml.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_21ff7873\system.windows.forms.dll () MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_f241508a\system.dll () MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll () MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll () MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll () MOD - C:\Programme\NVIDIA Corporation\nView\nvShell.dll () MOD - C:\Programme\CDBurnerXP\NMSAccessU.exe () MOD - C:\Programme\Acer\Acer Bio Protection\PwdFilter.dll () MOD - C:\Programme\Acer\Acer Bio Protection\BASVC.exe () MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll () MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll () MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll () MOD - c:\windows\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll () MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll () MOD - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe () MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll () MOD - C:\WINDOWS\system32\msjetoledb40.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll () MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll () MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll () MOD - C:\WINDOWS\system32\btwicons.dll () MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll () MOD - C:\Programme\HP\ToolBoxFX\bin\NativeUtils.dll () MOD - C:\Program Files\Acer\Empowering Technology\ePower\DialogDLL.dll () MOD - C:\Program Files\Acer\Empowering Technology\ePower\SysHook.dll () MOD - C:\Programme\Siemens\HiPath 1220\CommServer2.0\CommSvr.exe () MOD - C:\WINDOWS\system32\redmonnt.dll () ========== Services (SafeList) ========== SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe () SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe () SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (PSI_SVC_2) -- C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (IviRegMgr) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (CommServer) -- C:\Programme\Siemens\HiPath 1220\CommServer2.0\CommSvr.exe () ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (usbcdc) -- system32\DRIVERS\usbcdc.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (isdnusb) -- system32\DRIVERS\isdnusb.sys File not found DRV - (Changer) -- File not found DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation) DRV - (AlfaFF) -- C:\WINDOWS\system32\drivers\AlfaFF.sys (Alfa Corporation) DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (JMCR) -- C:\WINDOWS\system32\drivers\jmcr.sys (JMicron Technology Corp.) DRV - (ATSWPDRV) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.) DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation) DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys () DRV - (regi) -- C:\WINDOWS\system32\drivers\regi.sys (InterVideo) DRV - (Int15) -- C:\WINDOWS\system32\drivers\int15.sys () DRV - (vi2000) -- C:\WINDOWS\system32\drivers\usbeval.sys (SIEMENS AG) DRV - (usbcomm) -- C:\WINDOWS\system32\drivers\usbcomm.sys (SIEMENS AG) DRV - (vcdc) -- C:\WINDOWS\system32\drivers\vcdc.sys (SIEMENS AG) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-18\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-64859507-2245545985-2604432375-1012\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com IE - HKU\S-1-5-21-64859507-2245545985-2604432375-1012\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=xpp&d=0109&m=travelmate_7730g IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\SearchScopes\{986F32F5-EC00-467B-9F08-E53936C84B11}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE310 IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.03.18 23:25:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.04.02 19:48:52 | 000,000,000 | ---D | M] [2009.01.14 22:27:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions [2013.03.13 21:31:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\extensions [2011.05.22 13:34:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013.03.18 21:05:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.08.28 17:58:01 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2013.03.07 16:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.11.21 21:52:56 | 000,000,818 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 192.168.10.13 NPI0D1F2A O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [Boot] C:\Program Files\Acer\Empowering Technology\ePower\Boot.exe () O4 - HKLM..\Run: [CallBridgeReg.exe] File not found O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe () O4 - HKLM..\Run: [eRecoveryService] C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix) O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe File not found O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [ToolBoxFX] C:\Programme\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP) O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.) O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation) O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer Empowering Technology.lnk = C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe (Acer Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\CommServer.lnk = C:\Programme\Siemens\HiPath 1220\CommServer2.0\GatewayGUI.exe (Siemens) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: HVZLOPZS = rundll32 "C:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\licdlle.dll",DPPMNJC O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-64859507-2245545985-2604432375-1012\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231797340642 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1245603456343 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DEB71D6-915B-427B-BB48-90607ED74627}: NameServer = 195.50.140.178,195.50.140.114 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFB25294-18E6-4871-98BE-38C5BA9CB206}: NameServer = 195.50.140.178,195.50.140.114 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (C:\Programme\Acer\Acer Bio Protection\CompPtc.dll) - C:\Programme\Acer\Acer Bio Protection\CompPtc.dll (Arachnoid Biometrics Identification Group Corp.) O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Programme\Acer\Acer Bio Protection\WinNotify.dll) - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.09.20 08:49:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 90 Days ========== [2013.04.02 20:10:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan [2013.04.02 19:48:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe [2013.04.02 19:43:01 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2013.04.02 19:39:55 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.04.02 19:39:55 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013.04.02 19:39:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.04.02 19:39:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.04.02 19:39:50 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.04.02 19:39:35 | 000,000,000 | ---D | C] -- C:\Programme\Java [2013.03.20 22:51:32 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys [2013.03.18 21:02:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Avira [2013.03.18 20:57:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe [2013.03.18 20:57:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Google [2013.03.18 20:57:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira [2013.03.18 20:56:52 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2013.03.18 20:56:49 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2013.03.18 20:56:49 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2013.03.18 20:56:49 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2013.03.18 20:56:43 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2013.04.02 20:08:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.04.02 19:48:52 | 000,001,723 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk [2013.04.02 19:39:40 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013.04.02 19:39:40 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013.04.02 19:39:40 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.04.02 19:39:40 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.04.02 19:39:40 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.04.02 19:39:40 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013.04.02 19:39:40 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.04.02 19:36:11 | 000,512,204 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.04.02 19:36:11 | 000,493,490 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.04.02 19:36:11 | 000,104,964 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.04.02 19:36:11 | 000,091,270 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.04.02 19:32:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.04.02 19:16:30 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2013.04.02 19:16:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.04.02 19:16:25 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.04.02 12:00:15 | 000,000,860 | ---- | M] () -- C:\WINDOWS\tasks\Spinger_Arbeitsbereich.job [2013.04.02 06:50:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.02 06:50:31 | 3215,839,232 | -HS- | M] () -- C:\hiberfil.sys [2013.03.26 20:43:50 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat [2013.03.21 14:54:56 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2013.03.21 14:54:56 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2013.03.21 14:54:56 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2013.03.18 21:05:11 | 000,000,705 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2013.03.18 20:57:03 | 000,001,680 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2013.03.18 19:28:05 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2013.03.14 09:07:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.03.13 13:08:48 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.03.13 13:08:48 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.03.01 04:28:11 | 006,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2013.02.15 15:52:16 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.02.12 02:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys [2013.02.12 02:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys [2013.02.12 02:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys [2013.02.05 21:56:42 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2013.02.05 21:56:41 | 001,212,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2013.02.05 21:56:41 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2013.02.05 21:56:41 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2013.02.05 21:56:41 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2013.02.05 21:56:41 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll [2013.02.05 21:56:41 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll [2013.02.05 21:56:41 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2013.02.05 21:56:40 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2013.02.05 21:56:40 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2013.02.05 21:56:40 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll [2013.02.05 21:56:40 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2013.02.05 21:56:40 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2013.02.05 21:56:40 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll [2013.02.05 21:56:40 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll [2013.02.05 21:56:40 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2013.02.05 21:56:40 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2013.02.05 21:56:39 | 002,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2013.02.05 21:56:39 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2013.02.05 21:56:39 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2013.02.05 21:56:38 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2013.02.05 21:56:38 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2013.02.05 21:56:38 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2013.02.05 21:56:37 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2013.02.05 21:56:37 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2013.02.05 21:56:37 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [2013.02.05 07:54:07 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe [2013.02.05 07:54:07 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe [2013.02.05 07:53:57 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2013.01.26 05:55:37 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll [2013.01.10 21:33:23 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2013.01.07 09:24:26 | 002,195,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2013.01.07 09:24:26 | 002,072,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2013.01.07 09:24:24 | 002,151,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe [2013.01.07 09:24:24 | 002,151,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2013.01.07 09:24:23 | 002,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2013.01.07 09:24:23 | 002,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe [2013.01.04 12:09:09 | 001,867,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2013.01.04 12:09:09 | 001,867,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.02 19:48:52 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk [2013.04.02 19:48:52 | 000,001,723 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk [2013.03.18 20:57:03 | 000,001,680 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.05.14 17:57:03 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2012.05.14 17:56:57 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2012.05.14 17:56:57 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2012.05.14 17:50:37 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2012.02.15 10:58:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2009.02.05 14:49:10 | 000,000,900 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KGyGaAvL.sys [2008.09.20 09:00:44 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2008.09.20 08:59:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.15 05:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.15 05:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 02.04.2013 20:15:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 69,50% Memory free
4,83 Gb Paging File | 3,89 Gb Available in Paging File | 80,45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 144,04 Gb Total Space | 78,90 Gb Free Space | 54,78% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 296,60 Gb Free Space | 99,50% Space Free | Partition Type: NTFS
Drive E: | 144,04 Gb Total Space | 111,44 Gb Free Space | 77,37% Space Free | Partition Type: NTFS
Computer Name: BC-NOTEBOOK1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe" = C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:*:Enabled:BackupSvc.exe -- (NewTech InfoSystems, Inc.)
"C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe" = C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:*:Enabled:SchedulerSvc.exe -- ()
"C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe" = C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:*:Enabled:AgentSvc.exe -- (NewTech Infosystems, Inc.)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\HP\HP LaserJet 3050_3052_3055_3390\Fax Config Utility.exe" = C:\Programme\HP\HP LaserJet 3050_3052_3055_3390\Fax Config Utility.exe:*:Enabled:Fax Config Utility -- ()
"C:\Programme\ACT\Act for Windows\ActSage.exe" = C:\Programme\ACT\Act for Windows\ActSage.exe:*:Enabled:ACT! 9.x/2007
"C:\Programme\Microsoft Office\Office12\EXCEL.EXE" = C:\Programme\Microsoft Office\Office12\EXCEL.EXE:*:Enabled:Microsoft Office Excel -- (Microsoft Corporation)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"F:\setup\hppniprint01.exe" = F:\setup\hppniprint01.exe:*:Enabled:hppniprint01.exe
"F:\setup\hpntwkexe.exe" = F:\setup\hpntwkexe.exe:*:Enabled:hpntwkexe.exe
"E:\Guild Wars 2 Beta\Gw2.exe" = E:\Guild Wars 2 Beta\Gw2.exe:*:Enabled:Guild Wars 2 Game Client
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{12FE86D4-77FA-4FC7-8C23-A988E72FC5A5}" = hpp3390usg
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1DD670BE-C678-4D83-89D0-E7CF65D8DB98}" = hppManuals3390
"{1FFDDCA5-A2FA-414C-8C8E-5432575C2BE3}" = HFDB32GU
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24739100-AD64-40C0-936C-03590B95C225}" = hppSendFax
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (ACT7)
"{31A5ED9F-E07B-4F6E-8179-27325BAAC502}" = AuthenTec Fingerprint Sensor Minimum Install
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
"{4435A8D0-D8E4-458D-A72D-5162376452D9}" = Hoppenstedt Auskunfts-CD Großunternehmen
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{57DA304D-27B0-40D1-A796-92CEFF20FA32}" = hppIOFiles
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B32A23C-2BB0-4767-8150-F977E43E7E2A}" = hppscan3390
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7642C5E3-0E6D-48E5-AE0B-A4878362711E}" = hppToolBoxFX
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8038AEF9-EF53-4B55-97CA-CF3D8574C135}" = hpzTLBXFX
"{83E016DD-1566-457E-B65C-B531186CED56}" = hppfaxdrv3390
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92F0B809-0D52-48CF-9694-23E500DF6AA6}" = hppLJ3390
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9651D2CF-B973-4F96-9D49-7D499000EC21}" = hppScanTo
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99280A96-892D-41C0-A75D-D35A943C2FA4}" = HiPath 1220 - 2.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CA56FE36-091E-4914-A70A-93E3C09D3093}" = hppTooCool
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.62.623
"{D2169E0C-1C6A-4B83-BD30-9E8DADE1C391}" = hppFaxUtility
"{D8AC1EB5-E8B0-44A0-B113-899407188A2F}" = hppFonts
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0F4DAC1-60DC-4D01-8BD9-DB8DA05A8A0F}" = 32 Bit HP BiDi Channel Components Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"7-Zip" = 7-Zip 4.65
"Acer Acer Bio Protection 6.0.00.18" = Acer Bio Protection
ATA 6.0.00.18
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Avira AntiVir Desktop" = Avira Antivirus Premium
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"FreePDF_XP" = FreePDF XP (Remove only)
"GridVista" = Acer GridVista
"HP LaserJet 3050/3052/3055/3390/3392" = HP LaserJet 3050/3052/3055/3390/3392 4.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallShield_{99280A96-892D-41C0-A75D-D35A943C2FA4}" = HiPath 1220 - 2.0
"LManager" = Launch Manager
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Picasa 3" = Picasa 3
"PROHYBRIDR" = 2007 Microsoft Office system
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.04.2013 00:59:50 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
hr = 0x80040e4d. SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI
Error - 02.04.2013 00:59:50 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
hr = 0x80040e4d. SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI
Error - 02.04.2013 00:59:50 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
hr = 0x80040e4d. SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI
Error - 02.04.2013 00:59:50 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
hr = 0x80040e4d. SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI
Error - 02.04.2013 01:00:04 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
hr = 0x80040e4d. SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI
Error - 02.04.2013 01:00:04 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
hr = 0x80040e4d. SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI
Error - 02.04.2013 01:00:04 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
hr = 0x80040e4d. SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI
Error - 02.04.2013 01:00:04 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
hr = 0x80040e4d. SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI
Error - 02.04.2013 06:00:13 | Computer Name = BC-NOTEBOOK1 | Source = NTBackup | ID = 8001
Description = Ende der Sicherung von 'D:' 'Es wurden Warnungen oder Fehler gefunden.'
Überprüfen:
On Modus: Append Typ: Inc Einzelheiten finden Sie im Sicherungsbericht.
Error - 02.04.2013 13:16:32 | Computer Name = BC-NOTEBOOK1 | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung svchost.exe, Version 0.0.0.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
[ OSession Events ]
Error - 26.12.2012 09:43:39 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1498
seconds with 1020 seconds of active time. This session ended with a crash.
Error - 30.12.2012 14:52:21 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 9797
seconds with 6900 seconds of active time. This session ended with a crash.
Error - 15.01.2013 06:38:56 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 986
seconds with 360 seconds of active time. This session ended with a crash.
Error - 15.01.2013 06:39:09 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 15.01.2013 06:40:17 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 65
seconds with 60 seconds of active time. This session ended with a crash.
Error - 29.01.2013 07:47:42 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 10239
seconds with 1020 seconds of active time. This session ended with a crash.
Error - 29.01.2013 07:50:53 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 126
seconds with 120 seconds of active time. This session ended with a crash.
Error - 22.02.2013 03:39:19 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 180
seconds with 60 seconds of active time. This session ended with a crash.
Error - 15.03.2013 06:53:06 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6652.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 318
seconds with 300 seconds of active time. This session ended with a crash.
Error - 15.03.2013 11:11:12 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6652.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2478
seconds with 360 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 21.03.2013 14:48:36 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
(0x80072751)
Error - 21.03.2013 14:48:36 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 25.03.2013 05:44:56 | Computer Name = BC-NOTEBOOK1 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 25.03.2013 05:44:56 | Computer Name = BC-NOTEBOOK1 | Source = DCOM | ID = 10010
Description = Der Server "{1BE1F766-5536-11D1-B726-00C04FB926AF}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 25.03.2013 05:45:27 | Computer Name = BC-NOTEBOOK1 | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Starten Sie
den Dienst neu.) durchzuführen, ist fehlgeschlagen. Fehler: %%1056
Error - 28.03.2013 15:03:36 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
(0x80072751)
Error - 28.03.2013 15:03:36 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 02.04.2013 00:51:05 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
(0x80072751)
Error - 02.04.2013 00:51:05 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 02.04.2013 13:16:42 | Computer Name = BC-NOTEBOOK1 | Source = System Error | ID = 1003
Description = Fehlercode 1000000a, 1. Parameter 00000004, 2. Parameter 0000001c,
3. Parameter 00000000, 4. Parameter 804ffa98.
< End of report >
|
|
03.04.2013, 21:41
| #2 |
| | ihavenet.com Virus - leider auch bei mir! Fortsetzung:
__________________2. Schritt - mbar.exe mit CleanUp, hier die Logdatei: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org
Database version: v2013.04.02.12
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: BC-NOTEBOOK1 [administrator]
02.04.2013 21:18:31
mbar-log-2013-04-02 (21-18-31).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29726
Time elapsed: 29 minute(s), 8 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
c:\Dokumente und Einstellungen\C.Spinger\Startmenü\Programme\Disk Antivirus Professional (Rogue.FakeAV) -> Delete on reboot.
Files Detected: 4
c:\Dokumente und Einstellungen\C.Spinger\Desktop\Disk Antivirus Professional.lnk (Trojan.FakeAV) -> Delete on reboot.
c:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\avdrn.dat (Malware.Trace) -> Delete on reboot.
c:\Dokumente und Einstellungen\C.Spinger\systems.exe (Trojan.Ransom) -> Delete on reboot.
c:\Dokumente und Einstellungen\C.Spinger\Startmenü\Programme\Disk Antivirus Professional\Disk Antivirus Professional.lnk (Rogue.FakeAV) -> Delete on reboot.
(end)
3. Schritt - adwcleaner.exe, hier die Logdateien: AdwCleaner[R1] Code:
ATTFilter # AdwCleaner v2.200 - Datei am 02/04/2013 um 21:44:49 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Administrator - BC-NOTEBOOK1
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan\adwcleaner\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Programme\Mozilla Firefox\.autoreg
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\Mozilla\Firefox\Profiles\wwp9j1eq.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [1139 octets] - [02/04/2013 21:44:49]
########## EOF - C:\AdwCleaner[R1].txt - [1199 octets] ##########
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 02/04/2013 um 21:46:05 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Administrator - BC-NOTEBOOK1
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan\adwcleaner\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Programme\Mozilla Firefox\.autoreg
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\Mozilla\Firefox\Profiles\wwp9j1eq.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [1268 octets] - [02/04/2013 21:44:49]
AdwCleaner[R2].txt - [1199 octets] - [02/04/2013 21:46:05]
########## EOF - C:\AdwCleaner[R2].txt - [1259 octets] ##########
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 02/04/2013 um 21:46:31 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Administrator - BC-NOTEBOOK1
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan\adwcleaner\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Programme\Mozilla Firefox\.autoreg
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\Mozilla\Firefox\Profiles\wwp9j1eq.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [1268 octets] - [02/04/2013 21:44:49]
AdwCleaner[R2].txt - [1328 octets] - [02/04/2013 21:46:05]
AdwCleaner[S1].txt - [1261 octets] - [02/04/2013 21:46:31]
########## EOF - C:\AdwCleaner[S1].txt - [1321 octets] ##########
5. Schritt - tdssKiller.exe nur mit 'Cure', hier die Logdatei: Code:
ATTFilter 22:17:50.0562 5944 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:17:50.0703 5944 ============================================================
22:17:50.0703 5944 Current date / time: 2013/04/02 22:17:50.0703
22:17:50.0703 5944 SystemInfo:
22:17:50.0703 5944
22:17:50.0703 5944 OS Version: 5.1.2600 ServicePack: 3.0
22:17:50.0703 5944 Product type: Workstation
22:17:50.0703 5944 ComputerName: BC-NOTEBOOK1
22:17:50.0703 5944 UserName: Administrator
22:17:50.0703 5944 Windows directory: C:\WINDOWS
22:17:50.0703 5944 System windows directory: C:\WINDOWS
22:17:50.0703 5944 Processor architecture: Intel x86
22:17:50.0703 5944 Number of processors: 2
22:17:50.0703 5944 Page size: 0x1000
22:17:50.0703 5944 Boot type: Normal boot
22:17:50.0703 5944 ============================================================
22:17:51.0218 5944 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:17:51.0218 5944 Drive \Device\Harddisk1\DR4 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:17:51.0218 5944 ============================================================
22:17:51.0218 5944 \Device\Harddisk0\DR0:
22:17:51.0218 5944 MBR partitions:
22:17:51.0218 5944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x12016800
22:17:51.0218 5944 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x13417000, BlocksNum 0x12017000
22:17:51.0218 5944 \Device\Harddisk1\DR4:
22:17:51.0218 5944 MBR partitions:
22:17:51.0218 5944 \Device\Harddisk1\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
22:17:51.0218 5944 ============================================================
22:17:51.0250 5944 C: <-> \Device\Harddisk0\DR0\Partition1
22:17:51.0625 5944 D: <-> \Device\Harddisk1\DR4\Partition1
22:17:51.0750 5944 E: <-> \Device\Harddisk0\DR0\Partition2
22:17:51.0781 5944 ============================================================
22:17:51.0781 5944 Initialize success
22:17:51.0781 5944 ============================================================
22:18:42.0265 0916 ============================================================
22:18:42.0265 0916 Scan started
22:18:42.0265 0916 Mode: Manual; SigCheck; TDLFS;
22:18:42.0265 0916 ============================================================
22:18:42.0390 0916 ================ Scan system memory ========================
22:18:42.0390 0916 System memory - ok
22:18:42.0390 0916 ================ Scan services =============================
22:18:42.0515 0916 Abiosdsk - ok
22:18:42.0546 0916 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:18:43.0921 0916 abp480n5 - ok
22:18:43.0968 0916 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:18:44.0078 0916 ACPI - ok
22:18:44.0093 0916 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:18:44.0203 0916 ACPIEC - ok
22:18:44.0265 0916 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:18:44.0281 0916 AdobeFlashPlayerUpdateSvc - ok
22:18:44.0296 0916 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:18:44.0390 0916 adpu160m - ok
22:18:44.0406 0916 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:18:44.0531 0916 aec - ok
22:18:44.0546 0916 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:18:44.0625 0916 AFD - ok
22:18:44.0640 0916 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
22:18:44.0750 0916 agp440 - ok
22:18:44.0765 0916 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:18:44.0859 0916 agpCPQ - ok
22:18:44.0859 0916 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:18:44.0906 0916 Aha154x - ok
22:18:44.0921 0916 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:18:45.0000 0916 aic78u2 - ok
22:18:45.0015 0916 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:18:45.0093 0916 aic78xx - ok
22:18:45.0125 0916 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:18:45.0218 0916 Alerter - ok
22:18:45.0218 0916 [ 8D59617A9C3DBF4650AA44F4E9215744 ] AlfaFF C:\WINDOWS\system32\Drivers\AlfaFF.sys
22:18:45.0390 0916 AlfaFF - ok
22:18:45.0406 0916 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
22:18:45.0453 0916 ALG - ok
22:18:45.0468 0916 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
22:18:45.0562 0916 AliIde - ok
22:18:45.0578 0916 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:18:45.0671 0916 alim1541 - ok
22:18:45.0703 0916 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:18:45.0796 0916 amdagp - ok
22:18:45.0796 0916 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
22:18:45.0859 0916 amsint - ok
22:18:45.0953 0916 [ 76544F01FA0D79CE6F525B6EB475BEF9 ] AntiVirMailService C:\Programme\Avira\AntiVir Desktop\avmailc.exe
22:18:46.0000 0916 AntiVirMailService - ok
22:18:46.0046 0916 [ 90C69DF5FB36F8B74109583652575BD3 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
22:18:46.0109 0916 AntiVirSchedulerService - ok
22:18:46.0140 0916 [ B6F85597831F63C27FD278F4E05C3020 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
22:18:46.0156 0916 AntiVirService - ok
22:18:46.0218 0916 [ 932B178CF3840CFC8B0051523F657A8A ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
22:18:46.0250 0916 AntiVirWebService - ok
22:18:46.0281 0916 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:18:46.0343 0916 AppMgmt - ok
22:18:46.0375 0916 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
22:18:46.0484 0916 asc - ok
22:18:46.0484 0916 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:18:46.0546 0916 asc3350p - ok
22:18:46.0546 0916 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:18:46.0640 0916 asc3550 - ok
22:18:46.0718 0916 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:18:46.0781 0916 aspnet_state - ok
22:18:46.0796 0916 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:18:46.0890 0916 AsyncMac - ok
22:18:46.0890 0916 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:18:46.0984 0916 atapi - ok
22:18:47.0000 0916 Atdisk - ok
22:18:47.0015 0916 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:18:47.0109 0916 Atmarpc - ok
22:18:47.0140 0916 [ 73742099982CF514512E1941F2862C33 ] ATSWPDRV C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
22:18:47.0140 0916 ATSWPDRV - ok
22:18:47.0156 0916 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:18:47.0250 0916 AudioSrv - ok
22:18:47.0265 0916 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:18:47.0359 0916 audstub - ok
22:18:47.0375 0916 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
22:18:47.0406 0916 avgntflt - ok
22:18:47.0437 0916 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
22:18:47.0468 0916 avipbb - ok
22:18:47.0484 0916 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
22:18:47.0500 0916 avkmgr - ok
22:18:47.0531 0916 [ 559DDDA2C88459478056174247706DEB ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
22:18:47.0578 0916 b57w2k - ok
22:18:47.0609 0916 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:18:47.0703 0916 Beep - ok
22:18:47.0765 0916 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
22:18:47.0890 0916 BITS - ok
22:18:47.0921 0916 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
22:18:47.0984 0916 Browser - ok
22:18:48.0000 0916 btaudio - ok
22:18:48.0000 0916 BTDriver - ok
22:18:48.0015 0916 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
22:18:48.0109 0916 BthEnum - ok
22:18:48.0140 0916 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
22:18:48.0250 0916 BthPan - ok
22:18:48.0281 0916 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
22:18:48.0328 0916 BTHPORT - ok
22:18:48.0359 0916 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
22:18:48.0453 0916 BthServ - ok
22:18:48.0468 0916 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
22:18:48.0546 0916 BTHUSB - ok
22:18:48.0562 0916 BTWDNDIS - ok
22:18:48.0562 0916 btwhid - ok
22:18:48.0562 0916 BTWUSB - ok
22:18:48.0609 0916 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
22:18:48.0609 0916 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
22:18:48.0609 0916 BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
22:18:48.0640 0916 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:18:48.0718 0916 cbidf - ok
22:18:48.0718 0916 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:18:48.0812 0916 cbidf2k - ok
22:18:48.0828 0916 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:18:48.0906 0916 CCDECODE - ok
22:18:48.0906 0916 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:18:48.0968 0916 cd20xrnt - ok
22:18:48.0984 0916 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:18:49.0078 0916 Cdaudio - ok
22:18:49.0078 0916 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:18:49.0171 0916 Cdfs - ok
22:18:49.0187 0916 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:18:49.0281 0916 Cdrom - ok
22:18:49.0281 0916 Changer - ok
22:18:49.0312 0916 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:18:49.0390 0916 CiSvc - ok
22:18:49.0406 0916 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:18:49.0500 0916 ClipSrv - ok
22:18:49.0546 0916 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:18:49.0609 0916 clr_optimization_v2.0.50727_32 - ok
22:18:49.0640 0916 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:18:49.0734 0916 CmBatt - ok
22:18:49.0734 0916 [ C687F81290303D90099B027A6474F99F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:18:49.0812 0916 CmdIde - ok
22:18:49.0875 0916 [ 1D30634D908376422DAD9615AA18F652 ] CommServer C:\Programme\Siemens\HiPath 1220\CommServer2.0\CommSvr.exe
22:18:49.0890 0916 CommServer ( UnsignedFile.Multi.Generic ) - warning
22:18:49.0890 0916 CommServer - detected UnsignedFile.Multi.Generic (1)
22:18:49.0906 0916 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:18:49.0984 0916 Compbatt - ok
22:18:50.0000 0916 COMSysApp - ok
22:18:50.0015 0916 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:18:50.0109 0916 Cpqarray - ok
22:18:50.0109 0916 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:18:50.0203 0916 CryptSvc - ok
22:18:50.0203 0916 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:18:50.0343 0916 dac2w2k - ok
22:18:50.0343 0916 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:18:50.0437 0916 dac960nt - ok
22:18:50.0484 0916 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:18:50.0531 0916 DcomLaunch - ok
22:18:50.0562 0916 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:18:50.0671 0916 Dhcp - ok
22:18:50.0671 0916 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:18:50.0750 0916 Disk - ok
22:18:50.0796 0916 [ 08D30AF92C270F2E76787C81589DBAD6 ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
22:18:50.0843 0916 DKbFltr - ok
22:18:50.0843 0916 dmadmin - ok
22:18:50.0921 0916 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:18:51.0046 0916 dmboot - ok
22:18:51.0062 0916 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:18:51.0156 0916 dmio - ok
22:18:51.0156 0916 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:18:51.0250 0916 dmload - ok
22:18:51.0265 0916 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:18:51.0375 0916 dmserver - ok
22:18:51.0390 0916 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:18:51.0484 0916 DMusic - ok
22:18:51.0515 0916 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:18:51.0625 0916 Dnscache - ok
22:18:51.0656 0916 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:18:51.0750 0916 Dot3svc - ok
22:18:51.0796 0916 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:18:51.0875 0916 dpti2o - ok
22:18:51.0890 0916 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:18:51.0984 0916 drmkaud - ok
22:18:52.0015 0916 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:18:52.0109 0916 EapHost - ok
22:18:52.0125 0916 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:18:52.0218 0916 ERSvc - ok
22:18:52.0250 0916 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
22:18:52.0265 0916 Eventlog - ok
22:18:52.0312 0916 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
22:18:52.0343 0916 EventSystem - ok
22:18:52.0375 0916 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:18:52.0468 0916 Fastfat - ok
22:18:52.0500 0916 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:18:52.0562 0916 FastUserSwitchingCompatibility - ok
22:18:52.0578 0916 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe
22:18:52.0671 0916 Fax - ok
22:18:52.0687 0916 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
22:18:52.0781 0916 Fdc - ok
22:18:52.0796 0916 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:18:52.0890 0916 Fips - ok
22:18:52.0890 0916 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
22:18:52.0984 0916 Flpydisk - ok
22:18:53.0000 0916 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:18:53.0109 0916 FltMgr - ok
22:18:53.0171 0916 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:18:53.0187 0916 FontCache3.0.0.0 - ok
22:18:53.0203 0916 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:18:53.0281 0916 Fs_Rec - ok
22:18:53.0296 0916 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:18:53.0390 0916 Ftdisk - ok
22:18:53.0406 0916 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:18:53.0500 0916 Gpc - ok
22:18:53.0562 0916 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
22:18:53.0593 0916 gupdate - ok
22:18:53.0625 0916 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
22:18:53.0640 0916 gupdatem - ok
22:18:53.0687 0916 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
22:18:53.0718 0916 gusvc - ok
22:18:53.0734 0916 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:18:53.0828 0916 HDAudBus - ok
22:18:53.0859 0916 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:18:53.0937 0916 helpsvc - ok
22:18:53.0953 0916 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
22:18:54.0062 0916 HidServ - ok
22:18:54.0078 0916 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:18:54.0171 0916 HidUsb - ok
22:18:54.0203 0916 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:18:54.0281 0916 hkmsvc - ok
22:18:54.0296 0916 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
22:18:54.0390 0916 hpn - ok
22:18:54.0484 0916 [ 390920E11D7729A7B98799EBE20E38FB ] hpqcxs08 C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
22:18:54.0515 0916 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
22:18:54.0515 0916 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
22:18:54.0546 0916 [ 03A51D7D5666DF3D4331581B3A3109DC ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
22:18:54.0609 0916 HSFHWAZL - ok
22:18:54.0656 0916 [ D92272A376BBA4A0ED61F92280D71A10 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:18:54.0765 0916 HSF_DPV - ok
22:18:54.0812 0916 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:18:54.0859 0916 HTTP - ok
22:18:54.0890 0916 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:18:54.0984 0916 HTTPFilter - ok
22:18:55.0000 0916 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
22:18:55.0093 0916 i2omgmt - ok
22:18:55.0109 0916 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:18:55.0203 0916 i2omp - ok
22:18:55.0218 0916 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:18:55.0312 0916 i8042prt - ok
22:18:55.0375 0916 [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:18:55.0406 0916 IAANTMON - ok
22:18:55.0421 0916 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
22:18:55.0437 0916 iaStor - ok
22:18:55.0531 0916 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:18:55.0562 0916 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:18:55.0562 0916 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:18:55.0625 0916 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:18:55.0718 0916 idsvc - ok
22:18:55.0828 0916 [ A7C362FCFAA1593D90943D97C73D5177 ] IGBASVC C:\Programme\Acer\Acer Bio Protection\BASVC.exe
22:18:56.0093 0916 IGBASVC ( UnsignedFile.Multi.Generic ) - warning
22:18:56.0093 0916 IGBASVC - detected UnsignedFile.Multi.Generic (1)
22:18:56.0109 0916 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:18:56.0218 0916 Imapi - ok
22:18:56.0234 0916 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
22:18:56.0328 0916 ImapiService - ok
22:18:56.0328 0916 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:18:56.0421 0916 ini910u - ok
22:18:56.0437 0916 [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] Int15 C:\WINDOWS\System32\drivers\int15.sys
22:18:56.0453 0916 Int15 ( UnsignedFile.Multi.Generic ) - warning
22:18:56.0453 0916 Int15 - detected UnsignedFile.Multi.Generic (1)
22:18:56.0578 0916 [ 12CD9F66B64B25CBE18F1BB2C6F54832 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:18:56.0765 0916 IntcAzAudAddService - ok
22:18:56.0781 0916 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
22:18:56.0859 0916 IntelIde - ok
22:18:56.0875 0916 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:18:56.0968 0916 intelppm - ok
22:18:56.0984 0916 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:18:57.0078 0916 Ip6Fw - ok
22:18:57.0093 0916 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:18:57.0187 0916 IpFilterDriver - ok
22:18:57.0203 0916 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:18:57.0296 0916 IpInIp - ok
22:18:57.0312 0916 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:18:57.0390 0916 IpNat - ok
22:18:57.0406 0916 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:18:57.0515 0916 IPSec - ok
22:18:57.0515 0916 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:18:57.0578 0916 IRENUM - ok
22:18:57.0593 0916 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:18:57.0687 0916 isapnp - ok
22:18:57.0687 0916 isdnusb - ok
22:18:57.0718 0916 [ 4AC11B2250106774F694DF2DB4FFED61 ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
22:18:57.0718 0916 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
22:18:57.0718 0916 Iviaspi - detected UnsignedFile.Multi.Generic (1)
22:18:57.0750 0916 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
22:18:57.0765 0916 IviRegMgr - ok
22:18:57.0890 0916 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
22:18:57.0906 0916 JavaQuickStarterService - ok
22:18:57.0937 0916 [ 016A634A4D623C26093C967AC5A4ED99 ] JMCR C:\WINDOWS\system32\DRIVERS\jmcr.sys
22:18:58.0000 0916 JMCR - ok
22:18:58.0015 0916 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:18:58.0109 0916 Kbdclass - ok
22:18:58.0109 0916 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:18:58.0203 0916 kbdhid - ok
22:18:58.0218 0916 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:18:58.0328 0916 kmixer - ok
22:18:58.0375 0916 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:18:58.0484 0916 KSecDD - ok
22:18:58.0515 0916 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
22:18:58.0546 0916 LanmanServer - ok
22:18:58.0578 0916 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:18:58.0640 0916 lanmanworkstation - ok
22:18:58.0640 0916 lbrtfdc - ok
22:18:58.0703 0916 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
22:18:58.0750 0916 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
22:18:58.0750 0916 LightScribeService - detected UnsignedFile.Multi.Generic (1)
22:18:58.0781 0916 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:18:58.0875 0916 LmHosts - ok
22:18:58.0906 0916 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:18:58.0921 0916 mdmxsdk - ok
22:18:58.0968 0916 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:18:59.0046 0916 Messenger - ok
22:18:59.0062 0916 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:18:59.0140 0916 mnmdd - ok
22:18:59.0187 0916 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:18:59.0281 0916 mnmsrvc - ok
22:18:59.0312 0916 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:18:59.0406 0916 Modem - ok
22:18:59.0421 0916 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:18:59.0515 0916 Mouclass - ok
22:18:59.0546 0916 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:18:59.0640 0916 mouhid - ok
22:18:59.0671 0916 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:18:59.0765 0916 MountMgr - ok
22:18:59.0812 0916 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
22:18:59.0843 0916 MozillaMaintenance - ok
22:18:59.0843 0916 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:18:59.0937 0916 mraid35x - ok
22:18:59.0937 0916 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:19:00.0046 0916 MRxDAV - ok
22:19:00.0078 0916 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:19:00.0140 0916 MRxSmb - ok
22:19:00.0156 0916 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:19:00.0250 0916 MSDTC - ok
22:19:00.0250 0916 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:19:00.0343 0916 Msfs - ok
22:19:00.0343 0916 MSIServer - ok
22:19:00.0359 0916 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:19:00.0437 0916 MSKSSRV - ok
22:19:00.0468 0916 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:19:00.0562 0916 MSPCLOCK - ok
22:19:00.0562 0916 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:19:00.0671 0916 MSPQM - ok
22:19:00.0671 0916 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:19:00.0750 0916 mssmbios - ok
22:19:00.0828 0916 MSSQL$ACT7 - ok
22:19:00.0859 0916 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe
22:19:00.0875 0916 MSSQLServerADHelper - ok
22:19:00.0906 0916 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:19:00.0984 0916 MSTEE - ok
22:19:01.0031 0916 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:19:01.0078 0916 Mup - ok
22:19:01.0093 0916 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:19:01.0187 0916 NABTSFEC - ok
22:19:01.0234 0916 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
22:19:01.0328 0916 napagent - ok
22:19:01.0359 0916 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:19:01.0468 0916 NDIS - ok
22:19:01.0500 0916 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:19:01.0578 0916 NdisIP - ok
22:19:01.0625 0916 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:19:01.0671 0916 NdisTapi - ok
22:19:01.0703 0916 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:19:01.0781 0916 Ndisuio - ok
22:19:01.0796 0916 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:19:01.0875 0916 NdisWan - ok
22:19:01.0906 0916 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:19:02.0000 0916 NDProxy - ok
22:19:02.0031 0916 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
22:19:02.0046 0916 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:19:02.0046 0916 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:19:02.0062 0916 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:19:02.0140 0916 NetBIOS - ok
22:19:02.0171 0916 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:19:02.0265 0916 NetBT - ok
22:19:02.0296 0916 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
22:19:02.0406 0916 NetDDE - ok
22:19:02.0421 0916 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:19:02.0500 0916 NetDDEdsdm - ok
22:19:02.0531 0916 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:19:02.0609 0916 Netlogon - ok
22:19:02.0625 0916 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
22:19:02.0718 0916 Netman - ok
22:19:02.0750 0916 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:19:02.0781 0916 NetTcpPortSharing - ok
22:19:02.0875 0916 [ 0888844230083CE3B47395102BCA8207 ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
22:19:03.0078 0916 NETw5x32 - ok
22:19:03.0109 0916 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
22:19:03.0140 0916 Nla - ok
22:19:03.0218 0916 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Programme\CDBurnerXP\NMSAccessU.exe
22:19:03.0234 0916 NMSAccessU - ok
22:19:03.0265 0916 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:19:03.0359 0916 Npfs - ok
22:19:03.0375 0916 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:19:03.0468 0916 Ntfs - ok
22:19:03.0500 0916 [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
22:19:03.0500 0916 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - warning
22:19:03.0500 0916 NTIBackupSvc - detected UnsignedFile.Multi.Generic (1)
22:19:03.0531 0916 [ 5535174933A08BB8F1CEE26DFFB930E4 ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
22:19:03.0546 0916 NTIDrvr - ok
22:19:03.0546 0916 [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
22:19:03.0578 0916 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
22:19:03.0578 0916 NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
22:19:03.0593 0916 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:19:03.0671 0916 NtLmSsp - ok
22:19:03.0734 0916 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:19:03.0843 0916 NtmsSvc - ok
22:19:03.0859 0916 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:19:03.0937 0916 Null - ok
22:19:04.0187 0916 [ 18C9B152DA7BEA76B2F9E4B6412E0AAF ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:19:04.0703 0916 nv - ok
22:19:04.0750 0916 [ 50ACB7253D1104E5917E15A0670D63D5 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
22:19:04.0765 0916 NVHDA - ok
22:19:04.0796 0916 [ A8C1E6FF53FB0628A302843EA5FA5AB6 ] nvsvc C:\WINDOWS\system32\nvsvc32.exe
22:19:04.0828 0916 nvsvc - ok
22:19:04.0875 0916 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:19:04.0968 0916 NwlnkFlt - ok
22:19:05.0000 0916 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:19:05.0078 0916 NwlnkFwd - ok
22:19:05.0156 0916 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
22:19:05.0187 0916 odserv - ok
22:19:05.0234 0916 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
22:19:05.0250 0916 ose - ok
22:19:05.0281 0916 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
22:19:05.0390 0916 Parport - ok
22:19:05.0406 0916 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:19:05.0500 0916 PartMgr - ok
22:19:05.0515 0916 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:19:05.0593 0916 ParVdm - ok
22:19:05.0593 0916 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:19:05.0703 0916 PCI - ok
22:19:05.0703 0916 PCIDump - ok
22:19:05.0703 0916 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:19:05.0796 0916 PCIIde - ok
22:19:05.0796 0916 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:19:05.0890 0916 Pcmcia - ok
22:19:05.0906 0916 PDCOMP - ok
22:19:05.0906 0916 PDFRAME - ok
22:19:05.0906 0916 PDRELI - ok
22:19:05.0906 0916 PDRFRAME - ok
22:19:05.0921 0916 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
22:19:06.0000 0916 perc2 - ok
22:19:06.0015 0916 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:19:06.0093 0916 perc2hib - ok
22:19:06.0109 0916 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
22:19:06.0125 0916 PlugPlay - ok
22:19:06.0140 0916 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
22:19:06.0187 0916 Pml Driver HPZ12 - ok
22:19:06.0203 0916 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:19:06.0281 0916 PolicyAgent - ok
22:19:06.0296 0916 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:19:06.0390 0916 PptpMiniport - ok
22:19:06.0406 0916 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:19:06.0500 0916 ProtectedStorage - ok
22:19:06.0500 0916 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:19:06.0593 0916 PSched - ok
22:19:06.0625 0916 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe
22:19:06.0640 0916 PSI_SVC_2 - ok
22:19:06.0656 0916 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:19:06.0750 0916 Ptilink - ok
22:19:06.0765 0916 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:19:06.0859 0916 ql1080 - ok
22:19:06.0859 0916 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:19:06.0953 0916 Ql10wnt - ok
22:19:06.0953 0916 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:19:07.0031 0916 ql12160 - ok
22:19:07.0046 0916 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:19:07.0125 0916 ql1240 - ok
22:19:07.0125 0916 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:19:07.0218 0916 ql1280 - ok
22:19:07.0234 0916 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:19:07.0312 0916 RasAcd - ok
22:19:07.0343 0916 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:19:07.0421 0916 RasAuto - ok
22:19:07.0437 0916 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:19:07.0531 0916 Rasl2tp - ok
22:19:07.0546 0916 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:19:07.0625 0916 RasMan - ok
22:19:07.0640 0916 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:19:07.0718 0916 RasPppoe - ok
22:19:07.0718 0916 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:19:07.0812 0916 Raspti - ok
22:19:07.0828 0916 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:19:07.0937 0916 Rdbss - ok
22:19:07.0953 0916 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:19:08.0031 0916 RDPCDD - ok
22:19:08.0031 0916 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:19:08.0125 0916 rdpdr - ok
22:19:08.0156 0916 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:19:08.0218 0916 RDPWD - ok
22:19:08.0250 0916 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:19:08.0343 0916 RDSessMgr - ok
22:19:08.0375 0916 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:19:08.0468 0916 redbook - ok
22:19:08.0484 0916 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\WINDOWS\system32\drivers\regi.sys
22:19:08.0500 0916 regi - ok
22:19:08.0531 0916 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:19:08.0609 0916 RemoteAccess - ok
22:19:08.0656 0916 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:19:08.0734 0916 RemoteRegistry - ok
22:19:08.0765 0916 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
22:19:08.0859 0916 RFCOMM - ok
22:19:08.0875 0916 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
22:19:08.0953 0916 RpcLocator - ok
22:19:08.0984 0916 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:19:09.0000 0916 RpcSs - ok
22:19:09.0015 0916 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:19:09.0109 0916 RSVP - ok
22:19:09.0125 0916 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
22:19:09.0203 0916 SamSs - ok
22:19:09.0234 0916 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:19:09.0312 0916 SCardSvr - ok
22:19:09.0328 0916 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:19:09.0437 0916 Schedule - ok
22:19:09.0453 0916 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:19:09.0562 0916 sdbus - ok
22:19:09.0578 0916 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:19:09.0625 0916 Secdrv - ok
22:19:09.0640 0916 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
22:19:09.0734 0916 seclogon - ok
22:19:09.0750 0916 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
22:19:09.0859 0916 SENS - ok
22:19:09.0875 0916 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
22:19:09.0968 0916 Serial - ok
22:19:10.0000 0916 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:19:10.0078 0916 Sfloppy - ok
22:19:10.0125 0916 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:19:10.0218 0916 SharedAccess - ok
22:19:10.0218 0916 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:19:10.0250 0916 ShellHWDetection - ok
22:19:10.0250 0916 Simbad - ok
22:19:10.0265 0916 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:19:10.0343 0916 sisagp - ok
22:19:10.0390 0916 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
22:19:10.0453 0916 SkypeUpdate - ok
22:19:10.0468 0916 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:19:10.0625 0916 SLIP - ok
22:19:10.0703 0916 [ 0302BC619D4A723317E7F8EB0C362BD3 ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
22:19:10.0843 0916 SNP2UVC - ok
22:19:10.0859 0916 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:19:10.0937 0916 Sparrow - ok
22:19:10.0953 0916 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:19:11.0046 0916 splitter - ok
22:19:11.0078 0916 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:19:11.0125 0916 Spooler - ok
22:19:11.0171 0916 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:19:11.0187 0916 SQLBrowser - ok
22:19:11.0203 0916 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:19:11.0218 0916 SQLWriter - ok
22:19:11.0234 0916 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:19:11.0312 0916 sr - ok
22:19:11.0312 0916 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
22:19:11.0375 0916 srservice - ok
22:19:11.0406 0916 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:19:11.0468 0916 Srv - ok
22:19:11.0484 0916 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:19:11.0562 0916 SSDPSRV - ok
22:19:11.0609 0916 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
22:19:11.0625 0916 ssmdrv - ok
22:19:11.0671 0916 [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
22:19:11.0765 0916 StillCam - ok
22:19:11.0796 0916 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:19:11.0906 0916 stisvc - ok
22:19:11.0921 0916 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:19:12.0015 0916 streamip - ok
22:19:12.0031 0916 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:19:12.0109 0916 swenum - ok
22:19:12.0125 0916 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:19:12.0218 0916 swmidi - ok
22:19:12.0218 0916 SwPrv - ok
22:19:12.0234 0916 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
22:19:12.0328 0916 symc810 - ok
22:19:12.0328 0916 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:19:12.0406 0916 symc8xx - ok
22:19:12.0421 0916 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:19:12.0500 0916 sym_hi - ok
22:19:12.0515 0916 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:19:12.0593 0916 sym_u3 - ok
22:19:12.0625 0916 [ 13E0D1974CE03E88C265A68325CB16DE ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:19:12.0656 0916 SynTP - ok
22:19:12.0703 0916 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:19:12.0781 0916 sysaudio - ok
22:19:12.0812 0916 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:19:12.0890 0916 SysmonLog - ok
22:19:12.0937 0916 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:19:13.0031 0916 TapiSrv - ok
22:19:13.0078 0916 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:19:13.0109 0916 Tcpip - ok
22:19:13.0140 0916 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:19:13.0234 0916 TDPIPE - ok
22:19:13.0250 0916 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:19:13.0343 0916 TDTCP - ok
22:19:13.0375 0916 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:19:13.0453 0916 TermDD - ok
22:19:13.0468 0916 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
22:19:13.0578 0916 TermService - ok
22:19:13.0593 0916 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
22:19:13.0609 0916 Themes - ok
22:19:13.0656 0916 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
22:19:13.0718 0916 TlntSvr - ok
22:19:13.0734 0916 [ D213A9247DC347F305A2D4CC9B951487 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
22:19:13.0812 0916 TosIde - ok
22:19:13.0828 0916 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:19:13.0921 0916 TrkWks - ok
22:19:13.0921 0916 [ 5E3966A0D9B57531264FC0C835021FA1 ] UBHelper C:\WINDOWS\system32\drivers\UBHelper.sys
22:19:13.0937 0916 UBHelper - ok
22:19:13.0953 0916 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:19:14.0062 0916 Udfs - ok
22:19:14.0062 0916 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
22:19:14.0109 0916 ultra - ok
22:19:14.0125 0916 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:19:14.0218 0916 Update - ok
22:19:14.0250 0916 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:19:14.0328 0916 upnphost - ok
22:19:14.0328 0916 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
22:19:14.0421 0916 UPS - ok
22:19:14.0453 0916 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
22:19:14.0546 0916 usbaudio - ok
22:19:14.0578 0916 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:19:14.0656 0916 usbccgp - ok
22:19:14.0656 0916 usbcdc - ok
22:19:14.0687 0916 [ 39675DCE4FB5815BAA3C04AC7BABBE6B ] usbcomm C:\WINDOWS\system32\DRIVERS\usbcomm.sys
22:19:14.0718 0916 usbcomm ( UnsignedFile.Multi.Generic ) - warning
22:19:14.0718 0916 usbcomm - detected UnsignedFile.Multi.Generic (1)
22:19:14.0718 0916 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:19:14.0812 0916 usbehci - ok
22:19:14.0828 0916 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:19:14.0906 0916 usbhub - ok
22:19:14.0921 0916 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:19:15.0015 0916 usbprint - ok
22:19:15.0031 0916 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:19:15.0125 0916 usbscan - ok
22:19:15.0171 0916 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:19:15.0250 0916 USBSTOR - ok
22:19:15.0265 0916 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:19:15.0343 0916 usbuhci - ok
22:19:15.0375 0916 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
22:19:15.0468 0916 usbvideo - ok
22:19:15.0515 0916 [ 318E41B1111D4A7D4C3D6573B7258151 ] vcdc C:\WINDOWS\system32\DRIVERS\vcdc.sys
22:19:15.0531 0916 vcdc ( UnsignedFile.Multi.Generic ) - warning
22:19:15.0531 0916 vcdc - detected UnsignedFile.Multi.Generic (1)
22:19:15.0546 0916 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:19:15.0640 0916 VgaSave - ok
22:19:15.0687 0916 [ 75D7D4FBDDEE2E6BA153C5260AB2D381 ] vi2000 C:\WINDOWS\system32\DRIVERS\usbeval.sys
22:19:15.0703 0916 vi2000 ( UnsignedFile.Multi.Generic ) - warning
22:19:15.0703 0916 vi2000 - detected UnsignedFile.Multi.Generic (1)
22:19:15.0718 0916 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:19:15.0812 0916 viaagp - ok
22:19:15.0812 0916 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
22:19:15.0906 0916 ViaIde - ok
22:19:15.0906 0916 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:19:16.0000 0916 VolSnap - ok
22:19:16.0031 0916 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
22:19:16.0109 0916 VSS - ok
22:19:16.0140 0916 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
22:19:16.0234 0916 W32Time - ok
22:19:16.0234 0916 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:19:16.0328 0916 Wanarp - ok
22:19:16.0328 0916 WDICA - ok
22:19:16.0343 0916 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:19:16.0437 0916 wdmaud - ok
22:19:16.0453 0916 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:19:16.0546 0916 WebClient - ok
22:19:16.0593 0916 [ ED10A3D367DD5596506022D5E2A3CBA0 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:19:16.0640 0916 winachsf - ok
22:19:16.0703 0916 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:19:16.0796 0916 winmgmt - ok
22:19:16.0843 0916 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
22:19:16.0937 0916 WmdmPmSN - ok
22:19:16.0953 0916 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
22:19:16.0984 0916 Wmi - ok
22:19:17.0015 0916 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:19:17.0109 0916 WmiAcpi - ok
22:19:17.0125 0916 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:19:17.0218 0916 WmiApSrv - ok
22:19:17.0250 0916 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:19:17.0328 0916 WS2IFSL - ok
22:19:17.0359 0916 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:19:17.0437 0916 wscsvc - ok
22:19:17.0453 0916 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:19:17.0546 0916 WSTCODEC - ok
22:19:17.0562 0916 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:19:17.0640 0916 wuauserv - ok
22:19:17.0671 0916 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:19:17.0781 0916 WZCSVC - ok
22:19:17.0812 0916 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:19:17.0906 0916 xmlprov - ok
22:19:17.0921 0916 ================ Scan global ===============================
22:19:17.0937 0916 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
22:19:17.0968 0916 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:19:17.0984 0916 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:19:18.0000 0916 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
22:19:18.0000 0916 [Global] - ok
22:19:18.0000 0916 ================ Scan MBR ==================================
22:19:18.0015 0916 [ 7BA4C7EA1EF33A92F5F01BE63EDACB6A ] \Device\Harddisk0\DR0
22:19:20.0312 0916 \Device\Harddisk0\DR0 - ok
22:19:20.0312 0916 [ F05261C246CE4B3C544521FFFF7AEF5D ] \Device\Harddisk1\DR4
22:19:22.0890 0916 \Device\Harddisk1\DR4 - ok
22:19:22.0890 0916 ================ Scan VBR ==================================
22:19:22.0890 0916 [ A420DAC1591724414CA44E164444AE5F ] \Device\Harddisk0\DR0\Partition1
22:19:22.0906 0916 \Device\Harddisk0\DR0\Partition1 - ok
22:19:22.0921 0916 [ B675FA0CC6AE84CE1385BDB693FB7BA9 ] \Device\Harddisk0\DR0\Partition2
22:19:22.0921 0916 \Device\Harddisk0\DR0\Partition2 - ok
22:19:22.0921 0916 [ C2D4DEC8B83D4E0B0581CB9F96EB1352 ] \Device\Harddisk1\DR4\Partition1
22:19:22.0921 0916 \Device\Harddisk1\DR4\Partition1 - ok
22:19:22.0921 0916 ============================================================
22:19:22.0921 0916 Scan finished
22:19:22.0921 0916 ============================================================
22:19:23.0046 4348 Detected object count: 14
22:19:23.0046 4348 Actual detected object count: 14
22:20:01.0718 4348 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0718 4348 CommServer ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 CommServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0718 4348 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0718 4348 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0718 4348 IGBASVC ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 IGBASVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0718 4348 Int15 ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 Int15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0718 4348 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0718 4348 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0718 4348 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0718 4348 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0718 4348 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0734 4348 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0734 4348 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0734 4348 usbcomm ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0734 4348 usbcomm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0734 4348 vcdc ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0734 4348 vcdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:01.0734 4348 vi2000 ( UnsignedFile.Multi.Generic ) - skipped by user
22:20:01.0734 4348 vi2000 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:20:08.0812 5936 Deinitialize success
hier die Logdatei: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:53 on 03/04/2013 (Administrator)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
7. Schritt - gmer.exe, mit Logdatei: Code:
ATTFilter GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-04-03 22:23:06
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 298,09GB
Running: gmer_2.1.19155.exe; Driver: C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\uwliipob.sys
---- System - GMER 2.1 ----
SSDT A5FA79EE ZwCreateKey
SSDT A5FA7A16 ZwCreateSymbolicLinkObject
SSDT A5FA79E4 ZwCreateThread
SSDT A5FA79F3 ZwDeleteKey
SSDT A5FA79FD ZwDeleteValueKey
SSDT A5FA7A1B ZwLoadDriver
SSDT A5FA7A02 ZwLoadKey
SSDT A5FA79D0 ZwOpenProcess
SSDT A5FA7A11 ZwOpenSection
SSDT A5FA79D5 ZwOpenThread
SSDT A5FA7A0C ZwReplaceKey
SSDT A5FA7A07 ZwRestoreKey
SSDT A5FA7A20 ZwSetSystemInformation
SSDT A5FA79F8 ZwSetValueKey
SSDT A5FA79DF ZwTerminateProcess
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB4EE83A0, 0x5FE082, 0xE8000020]
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001f3acdc5a1
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002269cee3ca
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001f3acdc5a1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\002269cee3ca (not active ControlSet)
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Mehr habe ich bisher nicht ausprobiert, ohne Anleitung gewagt! Gruß stheit00 Geändert von stheit00 (03.04.2013 um 21:48 Uhr) |
|
04.04.2013, 10:51
| #3 |
| /// Helfer-Team  | ihavenet.com Virus - leider auch bei mir! besteht das Problem immer noch? Welche Browser sind betroffen?
__________________ |
|
04.04.2013, 19:22
| #4 |
| | ihavenet.com Virus - leider auch bei mir! Hi, danke für Dein Interesse ;-) Das Problem besteht immernoch! Mir ist aber aufgefallen, dass nicht alle Seiten die angesurft werden auch umgeleitet werden. Wenn z.B. ein Link mehrfach aufgerufen wird, landet man auch mehrmals auf der richtigen Seite. Nach dem Schließen und erneutem Öffnen des Browsers dauert es eine Weile, bis die erste Umleitung erfolgt! Aufgetreten ist das Phänomen beim Internet Explorer Version 8.0, den benutzen wir aber nicht zum Surfen, und bei Mozilla Firefox Version 19.0.2! Gruß stheit00 Nachtrag: Es hat grad nen Update von Firefox gegeben. Läuft jetzt unter der Version 20! Gefühlt ist es weniger geworden mit den Umleitungen. Wir sind aber, glaube ich, noch nicht bei 'null' angekommen. Ich lasse das meine Frau morgen den Tag über weiter beobachten und melde mich dann morgen Abend wieder. Gruß stheit00 |
|
05.04.2013, 06:35
| #5 | |
| /// Helfer-Team | ihavenet.com Virus - leider auch bei mir!Zitat:
|
|
05.04.2013, 17:11
| #6 |
| | ihavenet.com Virus - leider auch bei mir! Hi, also bräuchte jetzt doch Hilfe. Es werden noch immer einzelne Seiten umgeleitet! Irgendeine Idee, womit ich weitermachen kann? Danke! Gruß stheit00 |
|
06.04.2013, 10:52
| #7 |
| /// Helfer-Team | ihavenet.com Virus - leider auch bei mir! OK: Downloade Dir bitte  AdwCleaner auf deinen Desktop.
|
|
07.04.2013, 19:45
| #8 |
| | ihavenet.com Virus - leider auch bei mir! Hi t'john, Dir ist schon klar, dass ich das bereits gemacht habe. Siehe Oben! Habs jetzt noch zweimal wiederholt. Hier die Logs: AdwCleaner[R3].txt Code:
ATTFilter # AdwCleaner v2.200 - Datei am 07/04/2013 um 20:26:46 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Administrator - BC-NOTEBOOK1
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan\adwcleaner\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0 (de)
Datei : C:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\Mozilla\Firefox\Profiles\wwp9j1eq.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R3].txt - [963 octets] - [07/04/2013 20:26:46]
########## EOF - C:\AdwCleaner[R3].txt - [1022 octets] ##########
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 07/04/2013 um 20:27:08 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Administrator - BC-NOTEBOOK1
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan\adwcleaner\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0 (de)
Datei : C:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\Mozilla\Firefox\Profiles\wwp9j1eq.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R3].txt - [1091 octets] - [07/04/2013 20:26:46]
AdwCleaner[S2].txt - [1025 octets] - [07/04/2013 20:27:08]
########## EOF - C:\AdwCleaner[S2].txt - [1085 octets] ##########
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 07/04/2013 um 20:34:19 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Administrator - BC-NOTEBOOK1
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan\adwcleaner\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0 (de)
Datei : C:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\Mozilla\Firefox\Profiles\wwp9j1eq.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R3].txt - [1091 octets] - [07/04/2013 20:26:46]
AdwCleaner[R4].txt - [1023 octets] - [07/04/2013 20:34:19]
AdwCleaner[S2].txt - [1154 octets] - [07/04/2013 20:27:08]
########## EOF - C:\AdwCleaner[R4].txt - [1143 octets] ##########
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 07/04/2013 um 20:34:40 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Administrator - BC-NOTEBOOK1
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan\adwcleaner\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0 (de)
Datei : C:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\Mozilla\Firefox\Profiles\wwp9j1eq.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R3].txt - [1091 octets] - [07/04/2013 20:26:46]
AdwCleaner[R4].txt - [1212 octets] - [07/04/2013 20:34:19]
AdwCleaner[S2].txt - [1154 octets] - [07/04/2013 20:27:08]
AdwCleaner[S3].txt - [1145 octets] - [07/04/2013 20:34:40]
########## EOF - C:\AdwCleaner[S3].txt - [1205 octets] ##########
Gruß stheit00 |
|
07.04.2013, 21:07
| #9 |
| /// Helfer-Team | ihavenet.com Virus - leider auch bei mir! Gut: Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
|
|
10.04.2013, 19:38
| #10 |
| | ihavenet.com Virus - leider auch bei mir! Hi, sorry hat ein bischen gedauert, aber hab ja auch noch was anderes zu tun ;-) Also so wie es aussieht ist der Virus weg. Es gab zumindest keine Umleitungen mehr. Danke erstmal dafür. Hab aber die JRT.exe doch nochmal ausgeführt. Hier das Ergebnis: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on 10.04.2013 at 20:25:33,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.04.2013 at 20:30:58,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Gruß stheit00 |
|
11.04.2013, 16:55
| #11 |
| /// Helfer-Team | ihavenet.com Virus - leider auch bei mir! Sehr gut!  Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). danach: ESET Online Scanner
danach: Downloade Dir bitte  SecurityCheck und:
|
|
29.05.2013, 13:32
| #12 |
| /// Helfer-Team | ihavenet.com Virus - leider auch bei mir! Fehlende Rückmeldung Gibt es Probleme beim Abarbeiten obiger Anleitung? Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen. Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema. http://www.trojaner-board.de/69886-a...-beachten.html Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist. |
|
| Themen zu ihavenet.com Virus - leider auch bei mir! |
| .com, 32 bit, 7-zip, antivir, avira, browser, cdburnerxp, desktop, fehlercode 1, fehlercode 10, firefox, flash player, internet, launch, malware.trace, mozilla, office 2007, plug-in, realtek, registry, rogue.fakeav, security, software, svchost.exe, system, system error, trojan.fakeav, trojan.ransom, windows internet |
Linear-Darstellung
