| |
| |||||||
Log-Analyse und Auswertung: IPA Trojaner, abgesicherter Modus nicht möglich - LogfilesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
16.09.2012, 22:15
| #1 |
| |  IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles Hallo, habe auf einem alten Rechner mit Windows XP den IPA Trojaner. Habe schon einiges vesucht diesen zu entfernen. Leider scheitert es hauptsächlich daran, dass das Starten im a.M. nicht möglich ist (bluescreen). Ich bin daher auf den OTL gestoßen und habe die logfiles erstellt. Über Hilfe wäre ich sehr dankbar. MfG Wallex P.S Die otl.txt war zu groß um sie hochzuladen. OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 9/16/2012 10:26:54 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
502.00 Mb Total Physical Memory | 251.00 Mb Available Physical Memory | 50.00% Memory free
454.00 Mb Paging File | 306.00 Mb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37.25 Gb Total Space | 11.84 Gb Free Space | 31.79% Space Free | Partition Type: NTFS
Drive E: | 979.70 Mb Total Space | 496.34 Mb Free Space | 50.66% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
========== Win32 Services (All) ==========
SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2012/09/04 23:13:40 | 000,194,032 | ---- | M] (Google) [Auto] -- C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2012/07/06 09:59:07 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2012/05/08 21:53:07 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/08 21:52:49 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012/05/08 21:52:47 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/08/27 01:57:36 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2010/08/17 09:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/05/03 23:20:00 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand] -- C:\Programme\Google\Update\GoogleUpdate.exe -- (gupdatem) Google Update-Dienst (gupdatem)
SRV - [2010/05/03 23:20:00 | 000,135,664 | ---- | M] (Google Inc.) [Auto] -- C:\Programme\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/07/27 19:16:05 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009/07/27 19:16:05 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/27 19:16:05 | 000,135,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009/06/10 02:14:21 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009/04/20 13:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/09 07:21:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009/02/09 07:21:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009/02/09 06:51:45 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remoteprozeduraufruf (RPC)
SRV - [2009/02/09 06:51:45 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2008/07/07 16:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/06/20 12:02:46 | 000,247,296 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) NLA (Network Location Awareness)
SRV - [2008/06/10 13:26:28 | 000,222,456 | ---- | M] () [Auto] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/04/13 22:23:06 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008/04/13 22:23:04 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 22:23:03 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008/04/13 22:23:01 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/13 22:23:00 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/13 22:22:59 | 000,099,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/13 22:22:55 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 22:22:55 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 22:22:53 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 22:22:53 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008/04/13 22:22:52 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/13 22:22:51 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 22:22:51 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 22:22:51 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 22:22:51 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/13 22:22:51 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 22:22:50 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator)
SRV - [2008/04/13 22:22:48 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 22:22:47 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\fxssvc.exe -- (Fax)
SRV - [2008/04/13 22:22:42 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 22:22:42 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 22:22:42 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008/04/13 22:22:38 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/13 22:22:38 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008/04/13 22:22:34 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 22:22:33 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/13 22:22:33 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008/04/13 22:22:33 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 22:22:32 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows-Bilderfassung (WIA)
SRV - [2008/04/13 22:22:32 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/13 22:22:32 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/13 22:22:32 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/13 22:22:31 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008/04/13 22:22:31 | 000,177,152 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008/04/13 22:22:31 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 22:22:30 | 000,297,472 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/13 22:22:30 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 22:22:30 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 22:22:30 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) Überwachung verteilter Verknüpfungen (Client)
SRV - [2008/04/13 22:22:30 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/04/13 22:22:24 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/13 22:22:24 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 22:22:23 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/13 22:22:23 | 000,294,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent) NAP-Agent (Network Access Protection)
SRV - [2008/04/13 22:22:23 | 000,193,536 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 22:22:23 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/13 22:22:23 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 22:22:23 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/13 22:22:20 | 000,438,272 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 22:22:19 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/13 22:22:18 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2008/04/13 22:22:16 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 22:22:15 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 22:22:13 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008/04/13 22:22:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 22:22:12 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 22:22:12 | 000,028,160 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\irmon.dll -- (Irmon)
SRV - [2008/04/13 22:22:10 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/13 22:22:09 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc) Automatische Konfiguration (verkabelt)
SRV - [2008/04/13 22:22:09 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/13 22:22:09 | 000,024,064 | ---- | M] (Microsoft Corp.) [On_Demand] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 22:22:08 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/13 22:22:08 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 22:22:07 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 22:22:07 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2006/03/02 21:49:14 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/07/14 20:49:26 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2002/08/29 08:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2001/02/23 04:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
========== Driver Services (All) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (mailKmd)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - [2012/07/04 10:05:05 | 000,139,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2012/05/08 21:53:10 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/08 21:53:10 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/09/16 11:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/08/17 09:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 09:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 10:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/04/21 09:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/02/17 09:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/11/02 11:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009/11/11 08:26:02 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2009/10/20 12:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/10/08 11:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/06/24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008/06/20 07:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 22:23:26 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 22:23:26 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 22:23:26 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 22:02:33 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 22:02:16 | 000,120,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 22:02:13 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 22:02:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 21:58:36 | 000,025,216 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 21:58:18 | 000,154,112 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 21:58:13 | 000,800,384 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 21:58:03 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 21:57:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 21:57:19 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\intelide.sys -- (IntelIde)
DRV - [2008/04/13 21:55:34 | 000,052,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 21:54:59 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 21:52:51 | 000,057,728 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 21:52:51 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 21:52:02 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 21:51:21 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/13 21:49:36 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 21:49:32 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 21:49:03 | 000,188,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 15:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 15:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 15:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 15:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 15:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN-Miniport (PPTP)
DRV - [2008/04/13 15:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN-Miniport (L2TP)
DRV - [2008/04/13 15:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 15:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 15:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 15:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 15:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 15:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 14:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 14:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 14:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 14:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 14:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 14:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 14:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 14:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 14:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 14:54:36 | 000,088,192 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\irda.sys -- (irda)
DRV - [2008/04/13 14:54:36 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008/04/13 14:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 14:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (ip6fw)
DRV - [2008/04/13 14:53:23 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bridge.sys -- (BridgeMP)
DRV - [2008/04/13 14:53:23 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bridge.sys -- (Bridge)
DRV - [2008/04/13 14:51:25 | 000,061,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394)
DRV - [2008/04/13 14:51:25 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394)
DRV - [2008/04/13 14:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 14:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 14:46:18 | 000,061,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2008/04/13 14:45:39 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 14:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 14:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 14:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 14:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 14:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 14:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 14:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 14:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 14:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 14:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 14:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 14:41:22 | 000,018,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\i2omp.sys -- (i2omp)
DRV - [2008/04/13 14:41:22 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\i2omgmt.sys -- (i2omgmt)
DRV - [2008/04/13 14:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 14:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 14:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 14:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 14:40:31 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaide.sys -- (ViaIde)
DRV - [2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 14:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 14:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 14:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008/04/13 14:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 14:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 14:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 14:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 14:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 14:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 14:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 14:36:40 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\viaagp.sys -- (viaagp)
DRV - [2008/04/13 14:36:39 | 000,044,928 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\agpCPQ.sys -- (agpCPQ)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 14:36:38 | 000,042,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\alim1541.sys -- (alim1541)
DRV - [2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\agp440.sys -- (agp440)
DRV - [2008/04/13 14:36:37 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmbatt.sys -- (CmBatt)
DRV - [2008/04/13 14:36:37 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/04/13 14:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 14:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 14:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 14:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 14:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 14:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 12:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2007/11/13 06:25:53 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/12/10 11:53:22 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/03 16:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004/06/07 12:40:32 | 000,029,440 | ---- | M] (Siemens AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser)
DRV - [2004/03/21 23:35:58 | 000,021,744 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2004/03/21 23:35:52 | 000,016,496 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2004/03/21 23:35:48 | 000,051,088 | ---- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hpzid412.sys -- (HPZid412)
DRV - [2004/03/07 22:43:10 | 001,657,344 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w22n51.sys -- (w22n51) Intel(R)
DRV - [2003/07/14 11:33:26 | 000,111,168 | ---- | M] (Applied Drivers Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cwawdm.sys -- (cs429x)
DRV - [2003/04/24 10:08:16 | 000,270,448 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2003/04/23 04:15:06 | 000,113,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ialmsbw.sys -- ({6080A529-897E-4629-A488-ABA0C29B635E}) Intel(R) Graphics Platform (SoftBIOS)
DRV - [2003/04/23 04:14:56 | 000,078,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ialmkchw.sys -- ({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel(R) Graphics Chipset (KCH)
DRV - [2003/04/23 04:10:12 | 000,033,335 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wa301a.sys -- ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55})
DRV - [2003/04/23 04:10:06 | 000,090,907 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2003/02/14 05:59:14 | 001,169,792 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2002/12/17 05:41:36 | 000,042,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/28 12:04:48 | 000,025,600 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wbsd.sys -- (WBSD) Winbond Secure Digital Storage (SD/MMC)
DRV - [2002/11/20 08:52:14 | 000,033,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gv3.sys -- (gv3)
DRV - [2002/11/07 14:48:00 | 000,030,208 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wbms.sys -- (WBMS) Winbond Memory Stick Storage (MS)
DRV - [2002/10/29 08:25:54 | 000,008,843 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\drivers\HOTKEY.sys -- (Hotkey)
DRV - [2002/10/23 05:25:48 | 000,002,920 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\Wbutton.sys -- (Wbutton)
DRV - [2002/08/29 08:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2002/08/29 08:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2002/08/29 08:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2002/08/29 08:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2002/08/29 08:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) Parallelanschluss (direkt)
DRV - [2002/08/29 08:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2002/08/29 08:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2002/08/29 08:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2002/08/29 08:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2002/08/29 08:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2002/08/29 08:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2002/08/29 08:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2002/08/29 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2002/08/29 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2002/08/29 08:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2002/08/29 08:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2002/08/29 08:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2002/08/28 17:59:26 | 000,154,624 | ---- | M] (Lucent Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wlluc48.sys -- (wlluc48)
DRV - [2001/08/17 23:34:52 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
DRV - [2001/08/17 22:32:48 | 000,126,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/17 22:30:42 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/17 22:22:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 22:22:44 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 22:20:38 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\toside.sys -- (TosIde)
DRV - [2001/08/17 08:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001/08/17 08:56:16 | 000,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB-Filtertreiber (SONYPVU1)
DRV - [2001/08/17 08:51:32 | 000,019,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasirda.sys -- (Rasirda) WAN-Miniport (IrDA)
DRV - [2001/08/17 08:07:44 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\hpn.sys -- (hpn)
DRV - [2001/08/17 08:07:44 | 000,020,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dpti2o.sys -- (dpti2o)
DRV - [2001/08/17 08:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 08:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 08:07:42 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2hib.sys -- (perc2hib)
DRV - [2001/08/17 08:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 08:07:40 | 000,027,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\perc2.sys -- (perc2)
DRV - [2001/08/17 08:07:38 | 000,056,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78xx.sys -- (aic78xx)
DRV - [2001/08/17 08:07:36 | 000,055,168 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aic78u2.sys -- (aic78u2)
DRV - [2001/08/17 08:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 08:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 08:07:32 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\adpu160m.sys -- (adpu160m)
DRV - [2001/08/17 07:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 07:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 07:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 07:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 07:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 07:52:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql1240.sys -- (ql1240)
DRV - [2001/08/17 07:52:16 | 000,033,152 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ql10wnt.sys -- (Ql10wnt)
DRV - [2001/08/17 07:52:16 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\dac960nt.sys -- (dac960nt)
DRV - [2001/08/17 07:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 07:52:08 | 000,016,000 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ini910u.sys -- (ini910u)
DRV - [2001/08/17 07:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/17 07:52:08 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cbidf2k.sys -- (cbidf)
DRV - [2001/08/17 07:52:06 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cpqarray.sys -- (Cpqarray)
DRV - [2001/08/17 07:52:06 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys -- (cd20xrnt)
DRV - [2001/08/17 07:52:04 | 000,022,400 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3350p.sys -- (asc3350p)
DRV - [2001/08/17 07:52:04 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\amsint.sys -- (amsint)
DRV - [2001/08/17 07:52:02 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aha154x.sys -- (Aha154x)
DRV - [2001/08/17 07:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 07:52:00 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS -- (abp480n5)
DRV - [2001/08/17 07:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 07:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 07:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audiotreiber-Installationsdienst (WDM)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\xxx_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\xxx_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\xxx_ON_C\Software\Microsoft\Internet Explorer\Main,Prev Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\xxx_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\xxx_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\xxx_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\xxx_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = go.web.de/homehxxp://www.web.de/ [binary data]
IE - HKU\xxx_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\xxx_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\xxx_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\xxx_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\xxx_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\xxx_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Programme\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/04/06 16:36:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/04/17 11:06:53 | 000,000,000 | ---D | M]
[2012/04/06 16:37:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/04/06 16:36:12 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/04/17 11:07:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2011/04/17 11:07:04 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
[2012/04/06 16:36:09 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011/11/10 00:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012/04/06 16:35:51 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/04/06 16:35:51 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/04/06 16:35:51 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/04/06 16:35:51 | 000,002,364 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\google.xml
[2012/04/06 16:35:51 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/04/06 16:35:51 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/04/06 16:35:51 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2008/04/21 00:04:33 | 000,000,870 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts:
O1 - Hosts: 192.168.1.20 NPID292AE
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar mit Pop-Up-Blocker) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\xxx_ON_C\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\xxx_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\xxx_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\xxx_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\xxx_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\xxx_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar mit Pop-Up-Blocker) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\xxx_ON_C\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CtrlVol] C:\Program Files\Launch Manager\ctrlvol.exe ()
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Component Manager] C:\Programme\HP\hpcoretech\hpcmpmgr.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKLM..\Run: [WEB.DE Update] C:\Programme\Web.de\LiveUpdate\m2LUTray.exe (mquadr.at software engineering und consulting GmbH)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\xxx_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\xxx_ON_C..\Run: [MSMSGS] C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\xxx_ON_C..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\xxx_ON_C..\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKU\NetworkService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: System service = C:\Dokumente und Einstellungen\xxx\ms.exe (Serdzheo)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\xxx_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe (ICQ, Inc.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} https://stream.web.de/mail/activex/mail_upload_11213.cab (Attachment Upload Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab (IPSUploader Control)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/09/16 22:23:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/16 21:44:28 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent
[2012/09/16 21:44:28 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\LocalService\Eigene Dateien
[2012/09/07 17:41:16 | 000,068,354 | ---- | C] (Serdzheo) -- C:\Dokumente und Einstellungen\xxx\ms.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/09/16 14:22:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/16 14:20:45 | 000,001,424 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\sysfff.bat
[2012/09/16 14:20:30 | 000,002,529 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Excel.lnk
[2012/09/16 14:20:02 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/09/16 14:19:08 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/16 14:19:03 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/09/16 14:18:57 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/16 11:14:16 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/07 17:41:16 | 000,068,354 | ---- | M] (Serdzheo) -- C:\Dokumente und Einstellungen\xxx\ms.exe
[2012/08/25 15:55:58 | 000,002,501 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk
[2012/08/25 01:14:14 | 000,179,448 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/07 17:43:22 | 000,001,424 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\sysfff.bat
[2012/03/08 00:18:43 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/01/22 18:05:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/08/31 09:37:44 | 000,061,692 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\mdb.bin
[2008/08/31 09:12:35 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2006/12/28 16:36:46 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2006/12/10 11:54:03 | 000,100,724 | ---- | C] () -- C:\WINDOWS\cpeins04.dat
[2006/12/10 11:49:46 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/12/10 11:41:16 | 000,099,720 | ---- | C] () -- C:\WINDOWS\CPEins05.dat
[2006/12/10 11:41:16 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2006/09/08 12:40:59 | 000,000,616 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2006/09/08 12:30:23 | 000,104,141 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2006/09/08 12:30:23 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2005/07/24 02:30:01 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\xxx\mxfilerelatedcache.mxc2
[2005/07/24 02:18:21 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2005/05/05 18:42:46 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/02/11 13:53:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2005/02/07 17:48:32 | 000,003,206 | ---- | C] () -- C:\WINDOWS\tm.ini
[2004/12/29 10:37:14 | 000,015,428 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\RefEdit.exd
[2004/12/19 08:43:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2004/12/19 08:33:45 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/12/19 08:33:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/12/19 08:33:45 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/12/19 08:33:44 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/12/19 08:33:44 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/12/19 08:33:44 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/11/30 17:45:20 | 000,000,285 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2004/11/30 17:45:19 | 000,003,418 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2004/10/06 16:02:23 | 000,010,240 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/10/02 05:30:04 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/10/02 01:45:19 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2004/09/16 17:07:31 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/09/16 16:57:55 | 000,008,843 | ---- | C] () -- C:\WINDOWS\System32\drivers\HOTKEY.sys
[2004/09/16 16:57:55 | 000,002,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\WBUTTON.sys
[2004/09/16 16:57:40 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/09/16 16:55:01 | 000,001,052 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/02 08:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/09/17 00:40:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/17 00:38:41 | 000,179,448 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/17 00:33:29 | 000,000,857 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/09/17 00:30:04 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/09/16 23:57:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/09/16 23:48:55 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/16 14:22:23 | 000,393,086 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2002/09/16 14:22:23 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2002/09/16 14:22:23 | 000,064,848 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2002/09/16 14:22:23 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2002/09/16 14:21:47 | 000,382,026 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/09/16 14:21:47 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/16 14:21:46 | 000,053,770 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/09/16 14:21:46 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/16 14:21:45 | 000,004,678 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/16 14:21:44 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/16 14:21:41 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/09/16 14:21:31 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/16 14:21:31 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/16 14:21:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/16 14:21:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
========== LOP Check ==========
[2005/12/17 11:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Common Files
[2008/10/11 18:19:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\ICQ
[2004/10/02 07:33:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\ICQLite
[2004/12/19 08:43:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\InterVideo
[2005/01/15 12:49:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Leadertech
[2005/07/24 02:25:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\MAGIX
[2008/12/26 00:38:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\WEBDE
[2011/01/02 09:41:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Aldi Nord Fotoservice
[2008/10/11 18:18:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010/01/22 17:28:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IEConfiguration1und1
[2010/01/22 17:30:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{363125FC-D631-4A88-96A6-7ABCF7CE18F0}
[2010/01/22 17:30:12 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{B35DFC47-860C-44AC-9747-AD6208420DED}
[2012/09/16 14:20:02 | 000,000,232 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
< End of report >
OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 9/16/2012 10:26:54 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
502.00 Mb Total Physical Memory | 251.00 Mb Available Physical Memory | 50.00% Memory free
454.00 Mb Paging File | 306.00 Mb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37.25 Gb Total Space | 11.84 Gb Free Space | 31.79% Space Free | Partition Type: NTFS
Drive E: | 979.70 Mb Total Space | 496.34 Mb Free Space | 50.66% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Programme\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\WINDOWS\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Programme\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:HP Digital Imaging Monitor (CUE) -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:HP CUE-Scanning Flow Component -- (Hewlett-Packard)
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite
"C:\Temp\HP_WebRelease\Setup\HPZnet01.exe" = C:\Temp\HP_WebRelease\Setup\HPZnet01.exe:*:Enabled:ICE Network Plug in -- (Hewlett-Packard)
"C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\hp_gr_scan_update\Setup\DeviceCheck.exe" = C:\Dokumente und Einstellungen\xxx\Lokale Einstellungen\Temp\hp_gr_scan_update\Setup\DeviceCheck.exe:*:Disabled:DeviceCheck Module
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{20F1FFAF-1BFF-450C-A8C7-03D1BE24B950}" = Microsoft .NET Framework (German)
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6
"{72E67064-A144-42A6-BC85-12276B2D5D42}" = 2400_2500Help
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8B957F8D-FBDE-4DB4-99E7-192487575050}" = 23_24_2500Tour
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9AD84892-7664-479C-8F95-7A25B964B04D}" = 2400_2500trb
"{9B8E1C10-3952-48D3-BC66-F223DDC3A556}" = Firefox 3.6 WEB.DE Edition
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A70900000002}" = Adobe Reader 7.0.9 - Deutsch
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C4A978A3-CAE4-4856-89D5-696498A7B8F7}" = HPODiscovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.0.8
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1FCC8AD-0F88-4D77-8530-0FBB088485F1}" = WEB.DE Update
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FBCFA617-1856-4BE2-BA3C-BADD374757E7}" = 2500
"{FF102450-55AA-4AE1-ACE4-E271E2470C83}" = hpmdtab
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"Aldi Foto Service" = Aldi Foto Service 4.6
"Aldi Nord Fotoservice_is1" = Aldi Nord Fotoservice 2.7
"ALDI Nord Online Druck Service" = ALDI Nord Online Druck Service 4.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"Firefox 3.6 WEB.DE Edition" = Firefox 3.6 WEB.DE Edition
"Google Updater" = Google Updater
"hp deskjet 916c series" = hp deskjet 916c series (nur entfernen)
"hp deskjet 916c series_Driver" = hp deskjet 916c series
"HP Photo & Imaging" = HP Image Zone 4.2
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Internet Print Service" = Internet Print Service
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework Full v1.0.3705 (1031)" = Microsoft .NET Framework (German) v1.0.3705
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealArcade 1.2" = RealArcade
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WEB.DE Update" = WEB.DE Update
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Yahoo! Companion" = Yahoo! Toolbar mit Pop-Up-Blocker
"Yahoo! Toolbar" = Yahoo! Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\xxx_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
< End of report >
Geändert von cosinus (23.09.2012 um 16:25 Uhr) Grund: CODE-Tags korrigiert |
|
17.09.2012, 13:49
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles Geht auch der abgesicherte Modus mit Netzwerktreibern nicht?
__________________Abgesicherter Modus zur Bereinigung
__________________ |
|
17.09.2012, 17:39
| #3 |
| | IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles Ehrlich gesagt habe ich nur "Abgesicherter Modus" und "Abgesicherter Modus mit Eingabeaufforderung" probiert. Beide Male erhielt ich einen Bluescreen. Daher hatte ich die dritte Variante nicht probiert.
__________________Werde dieses gerne nochmal probieren, wenn ich zu hause bin. Gruß |
|
18.09.2012, 11:57
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles Probier bitte, nur wenn es nicht anders geht nehm ich noch OTLPE
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.09.2012, 22:43
| #5 |
| | IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles So, leider auch bei dieser Variante ein Bluescreen.  |
|
23.09.2012, 16:30
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles Mach einen OTL-Fix über OTLPE, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\xxx_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: System service = C:\Dokumente und Einstellungen\xxx\ms.exe (Serdzheo)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\xxx_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
:Files
C:\Dokumente und Einstellungen\xxx\*.exe
C:\Dokumente und Einstellungen\xxx\*.bat
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{*
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann! Danach sollte Windows wieder normal starten - stell uns bitte den Quarantäneordner von OTL zur Verfügung. Dabei bitte so vorgehen: 1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinträchtigen! 2.) Ordner movedfiles in C:\_OTL in eine Datei zippen 3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! 4.) Wenns erfolgreich war Bescheid sagen 5.) Erst dann wieder den Virenscanner einschalten
__________________ --> IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles |
|
27.09.2012, 21:19
| #7 |
| | IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles Danke, werde ich probieren und mich melden. Gruß |
|
21.10.2012, 16:55
| #8 | |
| | IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles Hat funktioniert, danke! Die movedfiles.zip habe ich hochgeladen. Die Logfile ist hier: Zitat:
|
|
21.10.2012, 20:03
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles Die ZIP ist nicht angekommen. Ist sie zu groß?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2012, 21:22
| #10 |
| | IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles Oh, kann ich nicht sagen. Werde es ein zweites Mal machen, sobald ich wieder beim PC (bei Eltern) bin. Gruß |
|
| Themen zu IPA Trojaner, abgesicherter Modus nicht möglich - Logfiles |
| antivir, askbar, avira, avira searchfree toolbar, bho, bluescreen, desktop, dllhost.exe, error, firefox, flash player, google, helper, homepage, hotkey.sys, iexplore.exe, lanmanworkstation, logfile, msiexec.exe, national, nicht möglich, object, officejet, plug in, plug-in, policyagent, pop-up-blocker, realtek, registry, scan, schannel.dll, security, server, software, starten, trojaner, windows, windows internet, windows xp, wscript.exe |
Linear-Darstellung
