| |
| |||||||
Log-Analyse und Auswertung: Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
04.10.2011, 15:54
| #1 |
 |  Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Hallo! Leider kann ich seit einiger Zeit nicht mehr auf die Ordner meiner externen Festplatte zugreifen. Diese werden nämlich nur noch als Verknüpfungen angezeigt, bei deren Öffnung der Fehler "F:\RECYCLER\0xD80A89C7.exe konnte nicht gefunden werden" erscheint. Im Folgenden sind die Ergebnisse der verschiedenen Tests in .txt-Dateien gelistet: OTL: Anhang 22773 Extras: Anhang 22776 mbam-log: Anhang 22774 ESET Scan: Anhang 22775 Vielen Dank im Voraus für Ihre Hilfe!!! Gruß! |
|
04.10.2011, 17:01
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Das ESET-Log ist unvollständig.
__________________Und mach mit Malwarebytes bitte mal einen Vollscan, vorher immer auf Updates prüfen.
__________________ |
|
05.10.2011, 00:02
| #3 |
| | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Danke für die schnelle Antwort!
__________________Hier ist das vollständige ESET- Log und das Ergebnis des Vollscans: Anhang 22794 Anhang 22793 Gruß! |
|
05.10.2011, 01:59
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Du hast mit OTL keinen CustomScan gemacht, bitte auch nachholen. CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
05.10.2011, 10:16
| #5 |
| | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Hier ist der Output vom CustomScan von OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.10.2011 10:44:43 - Run 2 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Medion\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,43 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 71,88% Memory free 6,85 Gb Paging File | 5,73 Gb Available in Paging File | 83,57% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 424,66 Gb Total Space | 398,13 Gb Free Space | 93,75% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 20,29 Gb Free Space | 50,73% Space Free | Partition Type: NTFS Drive F: | 111,76 Gb Total Space | 26,18 Gb Free Space | 23,43% Space Free | Partition Type: FAT32 Computer Name: MEDION-PC | User Name: Medion | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.10.04 15:32:40 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Medion\Downloads\OTL.exe PRC - [2011.10.01 15:55:59 | 000,308,560 | ---- | M] (BullGuard Ltd.) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate.exe PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2010.03.02 15:18:50 | 000,678,432 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe PRC - [2010.01.13 11:18:30 | 000,413,696 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WButton.exe PRC - [2009.12.14 12:25:00 | 000,200,704 | ---- | M] (Wistron) -- C:\Programme\Launch Manager\HotkeyApp.exe PRC - [2009.12.11 16:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\OSD.exe PRC - [2009.12.10 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009.12.10 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009.11.07 04:46:52 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe PRC - [2009.11.02 15:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009.10.22 18:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WisLMSvc.exe PRC - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.05.19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009.03.30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.03.30 17:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.02.03 15:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe ========== Modules (No Company Name) ========== MOD - [2011.10.01 15:55:59 | 000,380,928 | ---- | M] () -- C:\Programme\BullGuard Ltd\BullGuard\libxml2.dll MOD - [2011.10.01 15:55:59 | 000,061,952 | ---- | M] () -- C:\Programme\BullGuard Ltd\BullGuard\zlib1.dll MOD - [2011.08.31 19:13:52 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll MOD - [2009.11.02 15:23:36 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009.11.02 15:20:10 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009.06.18 10:34:14 | 000,099,664 | ---- | M] () -- C:\Programme\BullGuard Ltd\BullGuard\res\de\BackupShellNamespaceRes.dll ========== Win32 Services (SafeList) ========== SRV - [2011.10.01 15:55:59 | 000,308,560 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BgLiveSvc) SRV - [2011.10.01 15:55:57 | 000,079,184 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll -- (BgMainSvc) SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010.11.20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2009.12.10 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009.12.10 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009.11.07 04:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets) SRV - [2009.10.22 18:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc) SRV - [2009.10.02 14:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.03.31 09:38:50 | 000,087,376 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsMailProxy.dll -- (BsMailProxy) SRV - [2009.03.23 13:43:50 | 000,132,432 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Programme\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan) SRV - [2009.02.03 15:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) ========== Driver Services (SafeList) ========== DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se) DRV - [2010.02.10 16:01:10 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\Impcd.sys -- (Impcd) DRV - [2010.01.08 04:50:08 | 000,232,448 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV - [2009.12.22 19:18:58 | 000,065,576 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2009.09.18 05:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\HECI.sys -- (HECI) Intel(R) DRV - [2009.08.13 17:39:40 | 000,786,400 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mod7700.sys -- (mod7700) DRV - [2009.07.31 03:45:22 | 000,171,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial) DRV - [2009.05.13 13:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\x10ufx2.sys -- (XUIF) DRV - [2009.05.13 13:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\x10hid.sys -- (X10Hid) DRV - [2009.01.23 15:48:56 | 000,055,504 | ---- | M] (BullGuard Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\BdFileSpy.sys -- (BdFileSpy) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Suche" FF - prefs.js..browser.search.order.1: "Suche" FF - prefs.js..browser.search.selectedEngine: "Suche" FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - user.js..browser.search.selectedEngine: "Suche" FF - user.js..browser.search.order.1: "Suche" FF - user.js..browser.search.defaultenginename: "Suche" FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Medion\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Medion\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.04 13:56:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.04 13:56:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Medion\AppData\Roaming\mozilla\Extensions [2011.10.04 13:56:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.09.29 09:09:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.09.29 03:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.09.29 03:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.09.29 03:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.09.29 03:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.04 15:26:52 | 000,000,139 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Suche.src [2011.09.29 03:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.09.29 03:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Medion\AppData\Local\Google\Chrome\Application\14.0.835.187\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U18 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Medion\AppData\Local\Google\Chrome\Application\14.0.835.187\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Medion\AppData\Local\Google\Chrome\Application\14.0.835.187\pdf.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Medion\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (xplugin) - {DFEFCDEE-CF1A-4FC8-88AD-18272BE37E29} - C:\Users\Medion\AppData\Roaming\xplugin\toolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe (BullGuard Ltd.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe" File not found O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.) O4 - HKCU..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{142F2D10-AFAC-4319-8B97-F2F9242E1639}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F29B529-65D9-42E5-91A3-E253BDE00FE2}: DhcpNameServer = 61.177.7.1 218.104.32.106 168.95.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.04.18 23:41:20 | 000,000,089 | ---- | M] () - F:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: BgMainSvc - C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll (BullGuard Ltd.) SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: BgLiveSvc - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (BullGuard Ltd.) SafeBootNet: BgMainSvc - C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll (BullGuard Ltd.) SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: aux - wdmaud.drv (Microsoft Corporation) Drivers32: aux1 - wdmaud.drv (Microsoft Corporation) Drivers32: midi - wdmaud.drv (Microsoft Corporation) Drivers32: midi1 - wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - midimap.dll (Microsoft Corporation) Drivers32: mixer - wdmaud.drv (Microsoft Corporation) Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation) Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation) Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation) Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation) Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation) Drivers32: vidc.cvid - iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation) Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation) Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation) Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation) Drivers32: wave - wdmaud.drv (Microsoft Corporation) Drivers32: wave1 - wdmaud.drv (Microsoft Corporation) Drivers32: wavemapper - msacm32.drv (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.10.04 15:49:03 | 000,000,000 | ---D | C] -- C:\Users\Medion\Desktop\fest [2011.10.04 15:47:39 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011.10.04 15:37:38 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Malwarebytes [2011.10.04 15:37:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.10.04 15:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.10.04 15:37:31 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.10.04 15:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.10.04 15:32:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2011.10.04 15:32:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2011.10.04 15:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2011.10.04 15:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011.10.04 15:27:32 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.10.04 15:26:33 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\xplugin [2011.10.04 14:44:36 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Adobe [2011.10.04 13:56:50 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Mozilla [2011.10.04 13:56:50 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Mozilla [2011.10.04 13:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2011.10.04 13:52:52 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011.10.03 16:59:22 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Diagnostics [2011.10.03 11:43:34 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll [2011.10.01 16:25:26 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Macromedia [2011.10.01 15:56:03 | 000,087,376 | ---- | C] (BullGuard Ltd.) -- C:\Windows\System32\BGLsp.dll [2011.10.01 15:52:11 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Google [2011.10.01 15:52:05 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Adobe [2011.10.01 15:51:55 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Deployment [2011.10.01 15:51:55 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Apps [2011.09.26 10:03:35 | 000,000,000 | ---D | C] -- C:\img [2011.09.23 14:57:39 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Power2Go [2011.09.23 14:57:38 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\BullGuard [2011.09.23 14:57:25 | 000,000,000 | R--D | C] -- C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.09.23 14:57:25 | 000,000,000 | R--D | C] -- C:\Users\Medion\Searches [2011.09.23 14:57:25 | 000,000,000 | R--D | C] -- C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.09.23 14:57:16 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Identities [2011.09.23 14:57:15 | 000,000,000 | R--D | C] -- C:\Users\Medion\Contacts [2011.09.23 14:57:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011.09.23 14:57:05 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\VirtualStore [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Vorlagen [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\AppData\Local\Verlauf [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\AppData\Local\Temporary Internet Files [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Startmenü [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\SendTo [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Recent [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Netzwerkumgebung [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Lokale Einstellungen [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Documents\Eigene Videos [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Documents\Eigene Musik [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Eigene Dateien [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Documents\Eigene Bilder [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Druckumgebung [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Cookies [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\AppData\Local\Anwendungsdaten [2011.09.23 14:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Medion\Anwendungsdaten [2011.09.23 14:57:01 | 000,000,000 | --SD | C] -- C:\Users\Medion\AppData\Roaming\Microsoft [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\Videos [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\Saved Games [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\Pictures [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\Music [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\Links [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\Favorites [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\Downloads [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\Documents [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\Desktop [2011.09.23 14:57:01 | 000,000,000 | R--D | C] -- C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.09.23 14:57:01 | 000,000,000 | -H-D | C] -- C:\Users\Medion\AppData [2011.09.23 14:57:01 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Temp [2011.09.23 14:57:01 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Local\Microsoft [2011.09.23 14:57:01 | 000,000,000 | ---D | C] -- C:\Users\Medion\AppData\Roaming\Media Center Programs [2011.09.23 14:56:51 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\Programme [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.09.23 14:56:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2011.09.23 14:55:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.08.31 19:15:48 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll ========== Files - Modified Within 30 Days ========== [2011.10.05 10:45:51 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.10.05 10:45:51 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.10.05 10:45:51 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.10.05 10:45:51 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.10.05 10:35:11 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3571920699-3839743047-2692850820-1000UA.job [2011.10.05 10:35:07 | 000,002,372 | ---- | M] () -- C:\Users\Medion\Desktop\Google Chrome.lnk [2011.10.05 10:34:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.10.05 01:33:27 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.10.05 01:33:27 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.10.05 01:26:56 | 000,383,528 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.10.05 01:26:00 | 2760,843,264 | -HS- | M] () -- C:\hiberfil.sys [2011.10.04 15:57:02 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3571920699-3839743047-2692850820-1000Core.job [2011.10.04 15:38:41 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011.10.04 15:38:04 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft IntelliPoint installieren.lnk [2011.10.04 15:37:35 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.10.04 15:28:14 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.10.01 15:56:03 | 000,087,376 | ---- | M] (BullGuard Ltd.) -- C:\Windows\System32\BGLsp.dll [2011.09.26 10:03:38 | 000,012,296 | ---- | M] () -- C:\mqaReport_q.html [2011.09.23 15:54:56 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf [2011.09.23 15:20:47 | 000,000,560 | ---- | M] () -- C:\Users\Public\Desktop\WST Report.lnk ========== Files Created - No Company Name ========== [2011.10.04 15:38:41 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011.10.04 15:38:04 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft IntelliPoint installieren.lnk [2011.10.04 15:37:35 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.10.04 15:27:44 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2011.10.04 15:27:44 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.10.04 13:56:47 | 000,001,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.10.04 13:52:56 | 000,002,372 | ---- | C] () -- C:\Users\Medion\Desktop\Google Chrome.lnk [2011.10.03 11:44:34 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd [2011.10.03 11:43:13 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml [2011.10.03 11:43:05 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml [2011.10.01 15:52:14 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3571920699-3839743047-2692850820-1000UA.job [2011.10.01 15:52:13 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3571920699-3839743047-2692850820-1000Core.job [2011.09.26 10:03:38 | 000,012,296 | ---- | C] () -- C:\mqaReport_q.html [2011.09.23 15:50:37 | 2760,843,264 | -HS- | C] () -- C:\hiberfil.sys [2011.09.23 15:20:47 | 000,000,560 | ---- | C] () -- C:\Users\Public\Desktop\WST Report.lnk [2011.09.23 14:57:27 | 000,001,417 | ---- | C] () -- C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.08.31 19:46:18 | 000,128,204 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin [2011.08.31 19:46:12 | 000,105,608 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin [2011.08.31 19:46:10 | 000,867,020 | ---- | C] () -- C:\Windows\System32\igkrng575.bin [2011.08.31 19:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\System32\ig4icd32.dll [2011.08.31 19:13:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll [2010.03.13 06:58:11 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2010.03.03 12:55:22 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2010.03.02 07:40:12 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe [2010.03.02 07:40:12 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe [2010.03.02 07:39:10 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2010.03.02 06:59:42 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2009.08.03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009.08.03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009.07.14 10:47:43 | 000,643,866 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,126,394 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,383,528 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,607,190 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,103,568 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat ========== LOP Check ========== [2011.09.23 14:57:48 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\BullGuard [2011.10.04 15:26:52 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\xplugin [2009.07.14 06:53:46 | 000,013,480 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.10.04 14:44:36 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\Adobe [2011.09.23 14:57:48 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\BullGuard [2011.09.23 14:57:16 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\Identities [2011.10.01 16:25:26 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\Macromedia [2011.10.04 15:37:38 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\Malwarebytes [2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\Media Center Programs [2011.10.04 23:05:56 | 000,000,000 | --SD | M] -- C:\Users\Medion\AppData\Roaming\Microsoft [2011.10.04 13:56:56 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\Mozilla [2011.10.04 15:26:52 | 000,000,000 | ---D | M] -- C:\Users\Medion\AppData\Roaming\xplugin < %APPDATA%\*.exe /s > [2011.09.19 09:30:04 | 012,697,088 | ---- | M] () -- C:\Users\Medion\AppData\Roaming\xplugin\ffmpeg.exe [2011.09.19 09:30:04 | 001,242,112 | ---- | M] (Synatix GmbH) -- C:\Users\Medion\AppData\Roaming\xplugin\uninstall.exe [2011.09.19 09:30:04 | 001,020,928 | ---- | M] (Synatix GmbH) -- C:\Users\Medion\AppData\Roaming\xplugin\ytdl.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll < MD5 for: IASTOR.SYS > [2009.10.02 13:40:50 | 000,432,664 | ---- | M] (Intel Corporation) MD5=D5EDB998656E6ECF1A17C78DAB019A3C -- C:\Windows\System32\drivers\iaStor.sys [2009.10.02 13:40:50 | 000,432,664 | ---- | M] (Intel Corporation) MD5=D5EDB998656E6ECF1A17C78DAB019A3C -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_c08288e6bf102290\iaStor.sys < MD5 for: IASTORV.SYS > [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < End of report > Dank und Gruß! |
|
05.10.2011, 14:46
| #6 |
| | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Ist der Output-Log so korrekt? Gruß! |
|
05.10.2011, 16:25
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aldi.com
FF - prefs.js..browser.search.defaultenginename: "Suche"
FF - prefs.js..browser.search.order.1: "Suche"
FF - prefs.js..browser.search.selectedEngine: "Suche"
FF - prefs.js..keyword.URL: "http://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - user.js..browser.search.selectedEngine: "Suche"
FF - user.js..browser.search.order.1: "Suche"
FF - user.js..browser.search.defaultenginename: "Suche"
FF - user.js..keyword.URL: "http://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.04.18 23:41:20 | 000,000,089 | ---- | M] () - F:\autorun.inf -- [ FAT32 ]
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.10.2011, 16:51
| #8 |
| | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen So, hier ist der Log: PHP-Code:  Gibt es noch weiteres Vorgehen? Gruß! |
|
05.10.2011, 17:24
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.10.2011, 17:43
| #10 |
| | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Wie es mir scheint hat das Programm leider nichts gefunden. Auch die Ordner sind leider immer noch Verknüpfungen und lassen sich nicht öffnen. Hier ist der Scan-Log: Code:
ATTFilter 18:30:54.0509 4724 TDSS rootkit removing tool 2.6.4.0 Oct 3 2011 17:37:01
18:30:54.0727 4724 ============================================================
18:30:54.0727 4724 Current date / time: 2011/10/05 18:30:54.0727
18:30:54.0727 4724 SystemInfo:
18:30:54.0727 4724
18:30:54.0727 4724 OS Version: 6.1.7601 ServicePack: 1.0
18:30:54.0727 4724 Product type: Workstation
18:30:54.0727 4724 ComputerName: MEDION-PC
18:30:54.0727 4724 UserName: Medion
18:30:54.0727 4724 Windows directory: C:\Windows
18:30:54.0727 4724 System windows directory: C:\Windows
18:30:54.0727 4724 Processor architecture: Intel x86
18:30:54.0727 4724 Number of processors: 4
18:30:54.0727 4724 Page size: 0x1000
18:30:54.0727 4724 Boot type: Normal boot
18:30:54.0727 4724 ============================================================
18:30:55.0320 4724 Initialize success
18:31:26.0863 0912 ============================================================
18:31:26.0863 0912 Scan started
18:31:26.0863 0912 Mode: Manual; SigCheck; TDLFS;
18:31:26.0863 0912 ============================================================
18:31:27.0518 0912 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:31:27.0596 0912 1394ohci - ok
18:31:27.0737 0912 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:31:27.0752 0912 ACPI - ok
18:31:27.0877 0912 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:31:27.0924 0912 AcpiPmi - ok
18:31:28.0049 0912 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:31:28.0080 0912 adp94xx - ok
18:31:28.0205 0912 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:31:28.0236 0912 adpahci - ok
18:31:28.0345 0912 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:31:28.0376 0912 adpu320 - ok
18:31:28.0501 0912 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:31:28.0548 0912 AFD - ok
18:31:28.0657 0912 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:31:28.0673 0912 agp440 - ok
18:31:28.0782 0912 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:31:28.0797 0912 aic78xx - ok
18:31:28.0953 0912 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:31:28.0969 0912 aliide - ok
18:31:29.0078 0912 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:31:29.0094 0912 amdagp - ok
18:31:29.0234 0912 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:31:29.0250 0912 amdide - ok
18:31:29.0343 0912 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:31:29.0375 0912 AmdK8 - ok
18:31:29.0484 0912 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:31:29.0499 0912 AmdPPM - ok
18:31:29.0624 0912 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:31:29.0640 0912 amdsata - ok
18:31:29.0780 0912 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:31:29.0796 0912 amdsbs - ok
18:31:29.0905 0912 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:31:29.0921 0912 amdxata - ok
18:31:30.0045 0912 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:31:30.0092 0912 AppID - ok
18:31:30.0217 0912 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:31:30.0233 0912 arc - ok
18:31:30.0326 0912 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:31:30.0342 0912 arcsas - ok
18:31:30.0467 0912 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:31:30.0513 0912 AsyncMac - ok
18:31:30.0638 0912 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:31:30.0654 0912 atapi - ok
18:31:30.0779 0912 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:31:30.0857 0912 b06bdrv - ok
18:31:30.0966 0912 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:31:30.0997 0912 b57nd60x - ok
18:31:31.0169 0912 BdFileSpy (8c455a0b7bcd2bec2919a4da525d53bd) C:\Windows\system32\drivers\BdFileSpy.sys
18:31:31.0215 0912 BdFileSpy - ok
18:31:31.0340 0912 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:31:31.0403 0912 Beep - ok
18:31:31.0574 0912 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:31:31.0590 0912 blbdrive - ok
18:31:31.0715 0912 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:31:31.0746 0912 bowser - ok
18:31:31.0824 0912 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:31:31.0855 0912 BrFiltLo - ok
18:31:31.0886 0912 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:31:31.0917 0912 BrFiltUp - ok
18:31:32.0058 0912 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:31:32.0089 0912 Brserid - ok
18:31:32.0198 0912 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:31:32.0229 0912 BrSerWdm - ok
18:31:32.0323 0912 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:31:32.0370 0912 BrUsbMdm - ok
18:31:32.0479 0912 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:31:32.0510 0912 BrUsbSer - ok
18:31:32.0666 0912 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:31:32.0697 0912 BTHMODEM - ok
18:31:32.0853 0912 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:31:32.0916 0912 cdfs - ok
18:31:33.0041 0912 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
18:31:33.0087 0912 cdrom - ok
18:31:33.0212 0912 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:31:33.0259 0912 circlass - ok
18:31:33.0368 0912 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:31:33.0384 0912 CLFS - ok
18:31:33.0540 0912 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:31:33.0555 0912 CmBatt - ok
18:31:33.0665 0912 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:31:33.0696 0912 cmdide - ok
18:31:33.0774 0912 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
18:31:33.0805 0912 CNG - ok
18:31:33.0930 0912 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:31:33.0945 0912 Compbatt - ok
18:31:34.0070 0912 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:31:34.0101 0912 CompositeBus - ok
18:31:34.0179 0912 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:31:34.0211 0912 crcdisk - ok
18:31:34.0335 0912 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:31:34.0382 0912 DfsC - ok
18:31:34.0429 0912 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:31:34.0460 0912 discache - ok
18:31:34.0569 0912 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:31:34.0585 0912 Disk - ok
18:31:34.0694 0912 dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
18:31:34.0757 0912 dot4 - ok
18:31:34.0850 0912 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:31:34.0881 0912 Dot4Print - ok
18:31:34.0959 0912 Dot4Scan (9f7de667c505ce6500becdd8e11644d7) C:\Windows\system32\DRIVERS\Dot4Scan.sys
18:31:35.0006 0912 Dot4Scan - ok
18:31:35.0115 0912 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
18:31:35.0162 0912 dot4usb - ok
18:31:35.0271 0912 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:31:35.0318 0912 drmkaud - ok
18:31:35.0396 0912 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:31:35.0443 0912 DXGKrnl - ok
18:31:35.0615 0912 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:31:35.0677 0912 ebdrv - ok
18:31:35.0802 0912 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:31:35.0833 0912 elxstor - ok
18:31:35.0880 0912 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:31:35.0911 0912 ErrDev - ok
18:31:36.0051 0912 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:31:36.0114 0912 exfat - ok
18:31:36.0254 0912 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:31:36.0317 0912 fastfat - ok
18:31:36.0426 0912 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:31:36.0457 0912 fdc - ok
18:31:36.0535 0912 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:31:36.0566 0912 FileInfo - ok
18:31:36.0613 0912 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:31:36.0675 0912 Filetrace - ok
18:31:36.0769 0912 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:31:36.0800 0912 flpydisk - ok
18:31:36.0878 0912 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:31:36.0909 0912 FltMgr - ok
18:31:37.0003 0912 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:31:37.0019 0912 FsDepends - ok
18:31:37.0081 0912 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
18:31:37.0097 0912 Fs_Rec - ok
18:31:37.0237 0912 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:31:37.0253 0912 fvevol - ok
18:31:37.0315 0912 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:31:37.0315 0912 gagp30kx - ok
18:31:37.0409 0912 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:31:37.0440 0912 hcw85cir - ok
18:31:37.0565 0912 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:31:37.0611 0912 HdAudAddService - ok
18:31:37.0721 0912 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:31:37.0752 0912 HDAudBus - ok
18:31:37.0799 0912 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys
18:31:37.0830 0912 HECI - ok
18:31:37.0923 0912 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:31:37.0955 0912 HidBatt - ok
18:31:38.0017 0912 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:31:38.0048 0912 HidBth - ok
18:31:38.0173 0912 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:31:38.0189 0912 HidIr - ok
18:31:38.0313 0912 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
18:31:38.0345 0912 HidUsb - ok
18:31:38.0407 0912 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:31:38.0438 0912 HpSAMD - ok
18:31:38.0563 0912 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:31:38.0610 0912 HTTP - ok
18:31:38.0657 0912 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:31:38.0657 0912 hwpolicy - ok
18:31:38.0719 0912 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:31:38.0766 0912 i8042prt - ok
18:31:38.0875 0912 iaStor (d5edb998656e6ecf1a17c78dab019a3c) C:\Windows\system32\DRIVERS\iaStor.sys
18:31:38.0906 0912 iaStor - ok
18:31:39.0031 0912 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
18:31:39.0062 0912 iaStorV - ok
18:31:39.0343 0912 igfx (24ccec128bebb148e50c6093523ad686) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:31:39.0686 0912 igfx - ok
18:31:39.0780 0912 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:31:39.0795 0912 iirsp - ok
18:31:39.0905 0912 Impcd (03c0d99bc2913226f1cea7cb0d984659) C:\Windows\system32\DRIVERS\Impcd.sys
18:31:39.0936 0912 Impcd - ok
18:31:40.0139 0912 IntcAzAudAddService (e4d9b6d1b012db75a01729bc3d4c5b56) C:\Windows\system32\drivers\RTKVHDA.sys
18:31:40.0201 0912 IntcAzAudAddService - ok
18:31:40.0310 0912 IntcDAud (4ea6b57a3b71fd1a208af054e97fba37) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:31:40.0341 0912 IntcDAud - ok
18:31:40.0451 0912 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:31:40.0482 0912 intelide - ok
18:31:40.0591 0912 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:31:40.0622 0912 intelppm - ok
18:31:40.0716 0912 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:31:40.0778 0912 IpFilterDriver - ok
18:31:40.0887 0912 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:31:40.0919 0912 IPMIDRV - ok
18:31:40.0950 0912 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:31:41.0012 0912 IPNAT - ok
18:31:41.0106 0912 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:31:41.0137 0912 IRENUM - ok
18:31:41.0199 0912 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:31:41.0215 0912 isapnp - ok
18:31:41.0277 0912 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:31:41.0309 0912 iScsiPrt - ok
18:31:41.0371 0912 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
18:31:41.0402 0912 kbdclass - ok
18:31:41.0511 0912 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
18:31:41.0543 0912 kbdhid - ok
18:31:41.0605 0912 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
18:31:41.0621 0912 KSecDD - ok
18:31:41.0714 0912 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
18:31:41.0730 0912 KSecPkg - ok
18:31:41.0855 0912 L1C (6ef8146358452995a4a9335e44abb015) C:\Windows\system32\DRIVERS\L1C62x86.sys
18:31:41.0855 0912 L1C - ok
18:31:41.0979 0912 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:31:42.0026 0912 lltdio - ok
18:31:42.0167 0912 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:31:42.0182 0912 LSI_FC - ok
18:31:42.0245 0912 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:31:42.0260 0912 LSI_SAS - ok
18:31:42.0307 0912 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:31:42.0323 0912 LSI_SAS2 - ok
18:31:42.0416 0912 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:31:42.0432 0912 LSI_SCSI - ok
18:31:42.0494 0912 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:31:42.0557 0912 luafv - ok
18:31:42.0681 0912 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
18:31:42.0697 0912 MBAMProtector - ok
18:31:42.0759 0912 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:31:42.0775 0912 megasas - ok
18:31:42.0869 0912 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:31:42.0900 0912 MegaSR - ok
18:31:43.0025 0912 mod7700 (5b9ca81817e046666e7abf8b9b101545) C:\Windows\system32\DRIVERS\mod7700.sys
18:31:43.0056 0912 mod7700 - ok
18:31:43.0118 0912 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:31:43.0165 0912 Modem - ok
18:31:43.0274 0912 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:31:43.0321 0912 monitor - ok
18:31:43.0446 0912 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
18:31:43.0461 0912 mouclass - ok
18:31:43.0508 0912 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:31:43.0539 0912 mouhid - ok
18:31:43.0680 0912 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:31:43.0695 0912 mountmgr - ok
18:31:43.0742 0912 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:31:43.0773 0912 mpio - ok
18:31:43.0805 0912 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:31:43.0867 0912 mpsdrv - ok
18:31:43.0976 0912 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:31:44.0023 0912 MRxDAV - ok
18:31:44.0070 0912 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:31:44.0117 0912 mrxsmb - ok
18:31:44.0132 0912 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:31:44.0179 0912 mrxsmb10 - ok
18:31:44.0210 0912 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:31:44.0241 0912 mrxsmb20 - ok
18:31:44.0351 0912 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:31:44.0366 0912 msahci - ok
18:31:44.0429 0912 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:31:44.0460 0912 msdsm - ok
18:31:44.0569 0912 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:31:44.0616 0912 Msfs - ok
18:31:44.0663 0912 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:31:44.0709 0912 mshidkmdf - ok
18:31:44.0772 0912 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:31:44.0787 0912 msisadrv - ok
18:31:44.0912 0912 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:31:44.0975 0912 MSKSSRV - ok
18:31:45.0084 0912 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:31:45.0146 0912 MSPCLOCK - ok
18:31:45.0193 0912 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:31:45.0240 0912 MSPQM - ok
18:31:45.0349 0912 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:31:45.0365 0912 MsRPC - ok
18:31:45.0474 0912 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:31:45.0489 0912 mssmbios - ok
18:31:45.0536 0912 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:31:45.0599 0912 MSTEE - ok
18:31:45.0692 0912 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:31:45.0739 0912 MTConfig - ok
18:31:45.0801 0912 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:31:45.0817 0912 Mup - ok
18:31:45.0942 0912 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:31:45.0973 0912 NativeWifiP - ok
18:31:46.0113 0912 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:31:46.0160 0912 NDIS - ok
18:31:46.0191 0912 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:31:46.0254 0912 NdisCap - ok
18:31:46.0347 0912 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:31:46.0410 0912 NdisTapi - ok
18:31:46.0503 0912 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:31:46.0535 0912 Ndisuio - ok
18:31:46.0597 0912 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:31:46.0675 0912 NdisWan - ok
18:31:46.0800 0912 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:31:46.0862 0912 NDProxy - ok
18:31:46.0925 0912 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:31:46.0987 0912 NetBIOS - ok
18:31:47.0096 0912 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:31:47.0159 0912 NetBT - ok
18:31:47.0283 0912 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:31:47.0299 0912 nfrd960 - ok
18:31:47.0408 0912 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:31:47.0471 0912 Npfs - ok
18:31:47.0549 0912 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:31:47.0611 0912 nsiproxy - ok
18:31:47.0767 0912 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:31:47.0861 0912 Ntfs - ok
18:31:47.0892 0912 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:31:47.0923 0912 Null - ok
18:31:48.0063 0912 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:31:48.0079 0912 nvraid - ok
18:31:48.0110 0912 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:31:48.0141 0912 nvstor - ok
18:31:48.0157 0912 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:31:48.0173 0912 nv_agp - ok
18:31:48.0313 0912 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:31:48.0344 0912 ohci1394 - ok
18:31:48.0469 0912 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:31:48.0500 0912 Parport - ok
18:31:48.0609 0912 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:31:48.0625 0912 partmgr - ok
18:31:48.0672 0912 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:31:48.0687 0912 Parvdm - ok
18:31:48.0750 0912 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:31:48.0765 0912 pci - ok
18:31:48.0812 0912 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:31:48.0828 0912 pciide - ok
18:31:48.0890 0912 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:31:48.0906 0912 pcmcia - ok
18:31:48.0968 0912 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:31:48.0984 0912 pcw - ok
18:31:48.0999 0912 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:31:49.0077 0912 PEAUTH - ok
18:31:49.0218 0912 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
18:31:49.0233 0912 Point32 - ok
18:31:49.0343 0912 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:31:49.0405 0912 PptpMiniport - ok
18:31:49.0452 0912 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:31:49.0483 0912 Processor - ok
18:31:49.0592 0912 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:31:49.0623 0912 Psched - ok
18:31:49.0779 0912 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:31:49.0826 0912 ql2300 - ok
18:31:49.0873 0912 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:31:49.0873 0912 ql40xx - ok
18:31:49.0920 0912 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:31:49.0935 0912 QWAVEdrv - ok
18:31:49.0967 0912 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:31:50.0029 0912 RasAcd - ok
18:31:50.0138 0912 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:31:50.0185 0912 RasAgileVpn - ok
18:31:50.0216 0912 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:31:50.0263 0912 Rasl2tp - ok
18:31:50.0372 0912 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:31:50.0435 0912 RasPppoe - ok
18:31:50.0544 0912 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:31:50.0606 0912 RasSstp - ok
18:31:50.0731 0912 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:31:50.0793 0912 rdbss - ok
18:31:50.0903 0912 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:31:50.0934 0912 rdpbus - ok
18:31:51.0012 0912 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:31:51.0059 0912 RDPCDD - ok
18:31:51.0105 0912 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:31:51.0183 0912 RDPENCDD - ok
18:31:51.0261 0912 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:31:51.0324 0912 RDPREFMP - ok
18:31:51.0433 0912 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
18:31:51.0480 0912 RDPWD - ok
18:31:51.0542 0912 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:31:51.0558 0912 rdyboost - ok
18:31:51.0667 0912 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:31:51.0698 0912 rspndr - ok
18:31:51.0792 0912 RSUSBSTOR (ef8b2afc3c0751c5e5a59983c8893260) C:\Windows\system32\Drivers\RtsUStor.sys
18:31:51.0823 0912 RSUSBSTOR - ok
18:31:51.0948 0912 rtl8192se (b5e9979fbb26fc059bd87a81f763d5da) C:\Windows\system32\DRIVERS\rtl8192se.sys
18:31:51.0995 0912 rtl8192se - ok
18:31:52.0010 0912 RtsUIR - ok
18:31:52.0073 0912 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:31:52.0088 0912 sbp2port - ok
18:31:52.0197 0912 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:31:52.0260 0912 scfilter - ok
18:31:52.0385 0912 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:31:52.0463 0912 secdrv - ok
18:31:52.0572 0912 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:31:52.0603 0912 Serenum - ok
18:31:52.0681 0912 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:31:52.0728 0912 Serial - ok
18:31:52.0837 0912 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:31:52.0853 0912 sermouse - ok
18:31:52.0899 0912 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:31:52.0931 0912 sffdisk - ok
18:31:52.0977 0912 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:31:53.0009 0912 sffp_mmc - ok
18:31:53.0071 0912 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:31:53.0118 0912 sffp_sd - ok
18:31:53.0180 0912 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:31:53.0211 0912 sfloppy - ok
18:31:53.0321 0912 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:31:53.0321 0912 sisagp - ok
18:31:53.0367 0912 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:31:53.0383 0912 SiSRaid2 - ok
18:31:53.0461 0912 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:31:53.0492 0912 SiSRaid4 - ok
18:31:53.0570 0912 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:31:53.0617 0912 Smb - ok
18:31:53.0726 0912 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:31:53.0742 0912 spldr - ok
18:31:53.0835 0912 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:31:53.0882 0912 srv - ok
18:31:53.0991 0912 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:31:54.0023 0912 srv2 - ok
18:31:54.0069 0912 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:31:54.0069 0912 srvnet - ok
18:31:54.0147 0912 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:31:54.0147 0912 stexstor - ok
18:31:54.0272 0912 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:31:54.0272 0912 swenum - ok
18:31:54.0397 0912 SynTP (d776eb85a20696d9d43129ccf6e703e2) C:\Windows\system32\DRIVERS\SynTP.sys
18:31:54.0413 0912 SynTP - ok
18:31:54.0537 0912 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
18:31:54.0584 0912 Tcpip - ok
18:31:54.0631 0912 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
18:31:54.0662 0912 TCPIP6 - ok
18:31:54.0725 0912 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:31:54.0756 0912 tcpipreg - ok
18:31:54.0803 0912 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:31:54.0849 0912 TDPIPE - ok
18:31:54.0881 0912 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
18:31:54.0896 0912 TDTCP - ok
18:31:54.0959 0912 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:31:54.0990 0912 tdx - ok
18:31:55.0037 0912 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:31:55.0052 0912 TermDD - ok
18:31:55.0115 0912 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:31:55.0177 0912 tssecsrv - ok
18:31:55.0302 0912 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:31:55.0349 0912 TsUsbFlt - ok
18:31:55.0473 0912 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:31:55.0520 0912 tunnel - ok
18:31:55.0551 0912 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:31:55.0567 0912 uagp35 - ok
18:31:55.0598 0912 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:31:55.0629 0912 udfs - ok
18:31:55.0770 0912 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:31:55.0785 0912 uliagpkx - ok
18:31:55.0848 0912 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:31:55.0879 0912 umbus - ok
18:31:55.0973 0912 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:31:56.0004 0912 UmPass - ok
18:31:56.0082 0912 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\drivers\usbccgp.sys
18:31:56.0097 0912 usbccgp - ok
18:31:56.0160 0912 USBCCID - ok
18:31:56.0253 0912 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:31:56.0300 0912 usbcir - ok
18:31:56.0409 0912 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
18:31:56.0441 0912 usbehci - ok
18:31:56.0565 0912 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:31:56.0597 0912 usbhub - ok
18:31:56.0643 0912 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
18:31:56.0675 0912 usbohci - ok
18:31:56.0721 0912 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:31:56.0753 0912 usbprint - ok
18:31:56.0862 0912 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:31:56.0893 0912 USBSTOR - ok
18:31:56.0940 0912 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
18:31:56.0971 0912 usbuhci - ok
18:31:57.0111 0912 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
18:31:57.0143 0912 usbvideo - ok
18:31:57.0189 0912 uxddrv - ok
18:31:57.0314 0912 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:31:57.0330 0912 vdrvroot - ok
18:31:57.0361 0912 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:31:57.0392 0912 vga - ok
18:31:57.0486 0912 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:31:57.0533 0912 VgaSave - ok
18:31:57.0611 0912 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:31:57.0642 0912 vhdmp - ok
18:31:57.0751 0912 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:31:57.0767 0912 viaagp - ok
18:31:57.0798 0912 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:31:57.0829 0912 ViaC7 - ok
18:31:57.0876 0912 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:31:57.0891 0912 viaide - ok
18:31:57.0954 0912 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:31:57.0969 0912 volmgr - ok
18:31:58.0016 0912 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:31:58.0032 0912 volmgrx - ok
18:31:58.0079 0912 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:31:58.0110 0912 volsnap - ok
18:31:58.0203 0912 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:31:58.0235 0912 vsmraid - ok
18:31:58.0281 0912 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
18:31:58.0328 0912 vwifibus - ok
18:31:58.0437 0912 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
18:31:58.0469 0912 vwififlt - ok
18:31:58.0578 0912 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:31:58.0625 0912 WacomPen - ok
18:31:58.0749 0912 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:31:58.0796 0912 WANARP - ok
18:31:58.0796 0912 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:31:58.0827 0912 Wanarpv6 - ok
18:31:58.0874 0912 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:31:58.0874 0912 Wd - ok
18:31:58.0921 0912 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:31:58.0952 0912 Wdf01000 - ok
18:31:59.0077 0912 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:31:59.0124 0912 WfpLwf - ok
18:31:59.0155 0912 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:31:59.0155 0912 WIMMount - ok
18:31:59.0311 0912 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:31:59.0327 0912 WmiAcpi - ok
18:31:59.0436 0912 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:31:59.0498 0912 ws2ifsl - ok
18:31:59.0545 0912 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:31:59.0592 0912 WudfPf - ok
18:31:59.0623 0912 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:31:59.0670 0912 WUDFRd - ok
18:31:59.0763 0912 X10Hid (1f93fcb5bab3a921ecba522f63586f4a) C:\Windows\System32\Drivers\x10hid.sys
18:31:59.0779 0912 X10Hid - ok
18:31:59.0857 0912 XUIF (378dc1b0b1f62a7488ee8d31a3c6e949) C:\Windows\System32\Drivers\x10ufx2.sys
18:31:59.0857 0912 XUIF - ok
18:31:59.0888 0912 MBR (0x1B8) (8a1c59e4dfef87510470928550466632) \Device\Harddisk0\DR0
18:32:00.0684 0912 \Device\Harddisk0\DR0 - ok
18:32:00.0855 0912 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
18:32:01.0043 0912 \Device\Harddisk1\DR1 - ok
18:32:01.0058 0912 Boot (0x1200) (cfcd6c67b7af1183d6374c13a8a6a872) \Device\Harddisk0\DR0\Partition0
18:32:01.0058 0912 \Device\Harddisk0\DR0\Partition0 - ok
18:32:01.0074 0912 Boot (0x1200) (697878c955c3c37a0204ab850c8f13e6) \Device\Harddisk0\DR0\Partition1
18:32:01.0074 0912 \Device\Harddisk0\DR0\Partition1 - ok
18:32:01.0105 0912 Boot (0x1200) (b194fe945cefef9fb26c96c6e6be0016) \Device\Harddisk0\DR0\Partition2
18:32:01.0105 0912 \Device\Harddisk0\DR0\Partition2 - ok
18:32:01.0121 0912 Boot (0x1200) (01d684f92db00524fac0c2e64471c518) \Device\Harddisk1\DR1\Partition0
18:32:01.0121 0912 \Device\Harddisk1\DR1\Partition0 - ok
18:32:01.0121 0912 ============================================================
18:32:01.0121 0912 Scan finished
18:32:01.0121 0912 ============================================================
18:32:01.0136 5708 Detected object count: 0
18:32:01.0136 5708 Actual detected object count: 0
|
|
05.10.2011, 17:45
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.10.2011, 23:51
| #12 |
| | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Wunderbar! Das hat geklappt!!!  Vielen Dank! Das einzige Problem ist, dass ich jetzt die Anwendungen auf dem Laptop nicht mehr benutzen kann, also auch nicht die Internet Explorer Chrome etc. (schreibe gerade von meinem alten Computer).Hier ist der Log: Code:
ATTFilter ComboFix 11-10-05.02 - Medion 05.10.2011 23:37:36.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3511.2602 [GMT 2:00]
ausgeführt von:: c:\users\Medion\Downloads\ComboFix.exe
AV: BullGuard Antivirus *Disabled/Outdated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
SP: BullGuard Antispyware *Disabled/Outdated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-09-05 bis 2011-10-05 ))))))))))))))))))))))))))))))
.
.
2011-10-05 21:42 . 2011-10-05 21:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-05 21:19 . 2011-10-05 21:19 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C565C9B0-CBF0-46D5-A885-E7AD236FC2BB}\offreg.dll
2011-10-05 15:39 . 2011-10-05 15:39 -------- d-----w- C:\_OTL
2011-10-05 12:29 . 2011-10-05 12:30 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-10-04 23:15 . 2011-10-04 23:15 -------- d-----w- c:\windows\system32\wbem\en-US
2011-10-04 13:47 . 2011-10-04 13:47 -------- d-----w- c:\program files\ESET
2011-10-04 13:37 . 2011-10-04 13:37 -------- d-----w- c:\programdata\Malwarebytes
2011-10-04 13:37 . 2011-10-04 13:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-04 13:37 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-04 13:32 . 2011-10-04 13:32 -------- d-----w- c:\windows\system32\SPReview
2011-10-04 13:32 . 2011-10-04 13:32 -------- d-----w- c:\windows\system32\EventProviders
2011-10-04 13:29 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-10-04 13:29 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-10-04 13:29 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-10-04 13:27 . 2011-10-04 13:27 -------- d-----w- c:\program files\Common Files\Adobe
2011-10-04 13:27 . 2011-10-04 13:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-04 11:07 . 2011-09-21 07:00 7269712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C565C9B0-CBF0-46D5-A885-E7AD236FC2BB}\mpengine.dll
2011-10-03 09:43 . 2010-11-20 12:30 28032 ----a-w- c:\windows\system32\drivers\msahci.sys
2011-10-03 09:42 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll
2011-10-03 09:42 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-10-03 09:42 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2011-10-03 09:42 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-10-03 09:42 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll
2011-10-01 15:01 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-10-01 14:02 . 2011-06-21 05:34 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-10-01 14:01 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-10-01 14:01 . 2010-11-20 12:18 219136 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-10-01 14:01 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-10-01 14:01 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-10-01 14:01 . 2011-02-23 04:47 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-10-01 14:01 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-10-01 14:01 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-10-01 14:01 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-10-01 14:01 . 2010-11-20 12:29 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-10-01 14:01 . 2010-11-20 11:56 107520 ----a-w- c:\windows\system32\cdd.dll
2011-10-01 13:56 . 2011-10-01 13:56 87376 ----a-w- c:\windows\system32\BGLsp.dll
2011-09-26 08:03 . 2011-09-26 08:03 -------- d-----w- C:\img
2011-09-23 12:57 . 2011-09-23 12:57 -------- d-----w- c:\users\Medion
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-04 23:21 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-08-31 18:10 . 2011-08-31 18:10 8198936 ----a-w- c:\windows\system32\TVWSetup.exe
2011-08-31 18:10 . 2011-08-31 18:10 142616 ----a-w- c:\windows\system32\igfxtray.exe
2011-08-31 18:09 . 2011-08-31 18:09 267544 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-08-31 18:09 . 2011-08-31 18:09 176408 ----a-w- c:\windows\system32\igfxpers.exe
2011-08-31 18:09 . 2011-08-31 18:09 188184 ----a-w- c:\windows\system32\igfxext.exe
2011-08-31 18:09 . 2011-08-31 18:09 177432 ----a-w- c:\windows\system32\hkcmd.exe
2011-08-31 18:09 . 2011-08-31 18:09 4699416 ----a-w- c:\windows\system32\GfxUI.exe
2011-08-31 17:57 . 2011-08-31 17:57 81920 ----a-w- c:\windows\system32\igfxCoIn_v2509.dll
2011-08-31 17:48 . 2011-08-31 17:48 10855424 ----a-w- c:\windows\system32\drivers\igdkmd32.sys
2011-08-31 17:47 . 2010-03-12 11:07 6322688 ----a-w- c:\windows\system32\igdumd32.dll
2011-08-31 17:45 . 2010-03-12 11:07 581120 ----a-w- c:\windows\system32\igdumdx32.dll
2011-08-31 17:37 . 2010-03-12 11:07 12340224 ----a-w- c:\windows\system32\igd10umd32.dll
2011-08-31 17:26 . 2011-08-31 17:26 13903872 ----a-w- c:\windows\system32\ig4icd32.dll
2011-08-31 17:19 . 2011-08-31 17:19 284672 ----a-w- c:\windows\system32\igfxrsky.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284672 ----a-w- c:\windows\system32\igfxrrom.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284672 ----a-w- c:\windows\system32\igfxrhrv.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284160 ----a-w- c:\windows\system32\igfxrtrk.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284160 ----a-w- c:\windows\system32\igfxrslv.lrc
2011-08-31 17:19 . 2011-08-31 17:19 283648 ----a-w- c:\windows\system32\igfxrtha.lrc
2011-08-31 17:19 . 2011-08-31 17:19 285184 ----a-w- c:\windows\system32\igfxresn.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284160 ----a-w- c:\windows\system32\igfxrsve.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284672 ----a-w- c:\windows\system32\igfxrrus.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284672 ----a-w- c:\windows\system32\igfxrptg.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284160 ----a-w- c:\windows\system32\igfxrptb.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284672 ----a-w- c:\windows\system32\igfxrplk.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284160 ----a-w- c:\windows\system32\igfxrnor.lrc
2011-08-31 17:19 . 2011-08-31 17:19 281088 ----a-w- c:\windows\system32\igfxrkor.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284672 ----a-w- c:\windows\system32\igfxrita.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284160 ----a-w- c:\windows\system32\igfxrhun.lrc
2011-08-31 17:19 . 2011-08-31 17:19 281600 ----a-w- c:\windows\system32\igfxrjpn.lrc
2011-08-31 17:19 . 2011-08-31 17:19 285184 ----a-w- c:\windows\system32\igfxrell.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284672 ----a-w- c:\windows\system32\igfxrdeu.lrc
2011-08-31 17:19 . 2011-08-31 17:19 283136 ----a-w- c:\windows\system32\igfxrheb.lrc
2011-08-31 17:19 . 2011-08-31 17:19 285184 ----a-w- c:\windows\system32\igfxrfra.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284672 ----a-w- c:\windows\system32\igfxrnld.lrc
2011-08-31 17:19 . 2011-08-31 17:19 284160 ----a-w- c:\windows\system32\igfxrfin.lrc
2011-08-31 17:19 . 2011-08-31 17:19 283648 ----a-w- c:\windows\system32\igfxrdan.lrc
2011-08-31 17:18 . 2011-08-31 17:18 284672 ----a-w- c:\windows\system32\igfxrcsy.lrc
2011-08-31 17:18 . 2011-08-31 17:18 280576 ----a-w- c:\windows\system32\igfxrcht.lrc
2011-08-31 17:18 . 2011-08-31 17:18 280576 ----a-w- c:\windows\system32\igfxrchs.lrc
2011-08-31 17:18 . 2011-08-31 17:18 283136 ----a-w- c:\windows\system32\igfxrara.lrc
2011-08-31 17:16 . 2010-03-12 11:07 306176 ----a-w- c:\windows\system32\igfxpph.dll
2011-08-31 17:16 . 2011-08-31 17:16 260608 ----a-w- c:\windows\system32\igfxTMM.dll
2011-08-31 17:16 . 2011-08-31 17:16 24576 ----a-w- c:\windows\system32\igfxexps.dll
2011-08-31 17:16 . 2011-08-31 17:16 120320 ----a-w- c:\windows\system32\igfxcpl.cpl
2011-08-31 17:16 . 2010-03-12 11:07 57856 ----a-w- c:\windows\system32\igfxsrvc.dll
2011-08-31 17:16 . 2011-08-31 17:16 130048 ----a-w- c:\windows\system32\igfxdo.dll
2011-08-31 17:15 . 2010-03-12 11:07 96256 ----a-w- c:\windows\system32\hccutils.dll
2011-08-31 17:15 . 2011-08-31 17:15 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2011-08-31 17:15 . 2011-08-31 17:15 146944 ----a-w- c:\windows\system32\gfxSrvc.dll
2011-08-31 17:15 . 2010-03-12 11:07 294400 ----a-w- c:\windows\system32\igfxdev.dll
2011-08-31 17:15 . 2011-08-31 17:15 283648 ----a-w- c:\windows\system32\igfxrenu.lrc
2011-08-31 17:15 . 2010-03-12 11:07 9030656 ----a-w- c:\windows\system32\igfxress.dll
2011-08-31 17:13 . 2011-08-31 17:13 98304 ----a-w- c:\windows\system32\iglhcp32.dll
2011-08-31 17:13 . 2011-08-31 17:13 94208 ----a-w- c:\windows\system32\IccLibDll.dll
2011-08-31 17:13 . 2011-08-31 17:13 376832 ----a-w- c:\windows\system32\iglhsip32.dll
2011-08-31 17:13 . 2011-08-31 17:13 162816 ----a-w- c:\windows\system32\igfxcmrt32.dll
2011-08-01 13:56 . 2011-08-01 13:56 40936 ----a-w- c:\windows\system32\drivers\point32.sys
2011-09-29 07:09 . 2011-10-04 11:56 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{DFEFCDEE-CF1A-4FC8-88AD-18272BE37E29}"= "c:\users\Medion\AppData\Roaming\xplugin\toolbar.dll" [2011-09-19 633344]
.
[HKEY_CLASSES_ROOT\clsid\{dfefcdee-cf1a-4fc8-88ad-18272be37e29}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\BullGuard.exe" [2011-10-01 304464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2009-12-14 200704]
"LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2010-01-13 413696]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-12-11 1594664]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-02 8522272]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2010-03-02 678432]
"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\bullguard.exe" [2011-10-01 304464]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 142616]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 177432]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 176408]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BgMainSvc]
@="Service"
.
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-31 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 uxddrv;Dynamically loaded UxdDrv;e:\diagnose\WSTGER32\2PART\uxddrv86.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 BdFileSpy;BullGuard File Monitor Driver;c:\windows\system32\drivers\BdFileSpy.sys [2009-01-23 55504]
S2 BsFileScan;BullGuard File Scan Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 BsMailProxy;BullGuard Email Monitoring Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-02-03 1155072]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-10 2320920]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 132352]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-08 232448]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2009-12-22 65576]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-01 1009184]
S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2009-10-22 118560]
S3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys [2009-05-13 13720]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
BullGuard REG_MULTI_SZ BgMainSvc BsFileScan BsMailProxy
.
Inhalt des "geplante Tasks" Ordners
.
2011-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3571920699-3839743047-2692850820-1000Core.job
- c:\users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-01 13:52]
.
2011-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3571920699-3839743047-2692850820-1000UA.job
- c:\users\Medion\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-01 13:52]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
LSP: c:\windows\system32\BGLsp.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\c9al74jl.default\
FF - prefs.js: browser.search.selectedEngine -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-LMgrOSD - c:\program files\Launch Manager\OSDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-10-05 23:44:02
ComboFix-quarantined-files.txt 2011-10-05 21:44
.
Vor Suchlauf: 9 Verzeichnis(se), 427.187.761.152 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 426.720.559.104 Bytes frei
.
- - End Of File - - 78104F6C9BC7C6AE271799F14A066B83
|
|
06.10.2011, 12:51
| #13 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.10.2011, 18:07
| #14 |
| | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen ja das war es  Jetzt funktioniert alles Vielen, vielen Dank!   |
|
07.10.2011, 15:32
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen |
| angezeigt, einiger, ergebnisse, externe, externe festplatte, externen, externer, fehler, festplatte, flash drive, folge, folgende, gen, hilfe!, hilfe!!, konnte, nicht gefunden, nicht mehr, nicht öffnen, ordner, platte, recycler, recycler\, scan, tests, verknüpfung, verknüpfungen, verschiedene, verschiedenen, öffnen |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
