| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: W-Lan und Lan finden internet, aber keine konnektivität zum Internet.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.12.2010, 16:41
| #1 |
 |  W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Guten Tag erst mal,  Ich habe Folgendes Problem, ich habe vor einer knappen Stunde noch ein Spiel über's internet gespielt. Mein Pc blieb auf einmal hängen und ich dachte mir nichts dabei also habe ich den [Restart] knopf getrückt. Als mein Pc wieder hochgefahren hatte war alles wie normal, ich versucte eine verbindung über skype aufzubauen die er nicht gefunden hatte, ab da wurde ich stutzig und machte den browser auf und wollet auf google mal nachschauen. Doch bei google und allen anderen seiten stand nur "Server konnte nicht gefunden werden". Ich habe in meiner autostart 2 einträge gefunden die mit "◘◘◘" benannt waren. Die Autostart einträge sind entfernt und die Liste von euch ist abgearbeitet.Doch immer noch keine Verbesserung. Kann mir jemand helfen ?. Gruß, Cola |
|
20.12.2010, 11:01
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
21.12.2010, 00:49
| #3 | |
| | W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Hey, das ist das log von Mbytes
__________________Zitat:
OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.12.2010 00:50:23 - Run 1
OTL by OldTimer - Version 3.2.17.4 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 25,35 Gb Free Space | 51,93% Space Free | Partition Type: NTFS
Drive D: | 416,93 Gb Total Space | 230,46 Gb Free Space | 55,28% Space Free | Partition Type: NTFS
Computer Name: KEV | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
https [open] -- "C:\Programme\Opera\opera.exe" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"57259:TCP" = 57259:TCP:*:Enabled:Pando Media Booster
"57259:UDP" = 57259:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"57259:TCP" = 57259:TCP:*:Enabled:Pando Media Booster
"57259:UDP" = 57259:UDP:*:Enabled:Pando Media Booster
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"8395:TCP" = 8395:TCP:*:Enabled:League of Legends Launcher
"8395:UDP" = 8395:UDP:*:Enabled:League of Legends Launcher
"11155:TCP" = 11155:TCP:*:Enabled:Tunngle Port
"1034:TCP" = 1034:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe -- File not found
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Spiele\World of Warcraft\WoW-3.2.0-deDE-downloader.exe" = D:\Spiele\World of Warcraft\WoW-3.2.0-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\Spiele\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe" = D:\Spiele\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"D:\Spiele\TmNationsForever\TmForever.exe" = D:\Spiele\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"C:\Dokumente und Einstellungen\Administrator\temp\TeamViewer\Version5\TeamViewer.exe" = C:\Dokumente und Einstellungen\Administrator\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer -- (TeamViewer GmbH)
"D:\Spiele\Warcraft III\Warcraft III.exe" = D:\Spiele\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"D:\Programme\ijji\ijji REACTOR\REACTOR.exe" = D:\Programme\ijji\ijji REACTOR\REACTOR.exe:*:Enabled:Reactor Application -- File not found
"C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe" = C:\WINDOWS\Downloaded Program Files\ijjiOptimizer.exe:*:Enabled:ijjiOptimizer.exe -- ()
"D:\Spiele\Gunz\Gunz.exe" = D:\Spiele\Gunz\Gunz.exe:*:Enabled:Gunz -- File not found
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- File not found
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- File not found
"C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Apps\2.0\5D2C3BTB.9NB\9CBKLOR5.6T1\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe" = C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Apps\2.0\5D2C3BTB.9NB\9CBKLOR5.6T1\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)
"D:\Programme\ijji\ijji REACTOR\ijjiOptimizer.exe" = D:\Programme\ijji\ijji REACTOR\ijjiOptimizer.exe:*:Enabled:ijjiOptimizer.exe -- File not found
"D:\Spiele\Die Schlacht um Mittelerde II\game.dat" = D:\Spiele\Die Schlacht um Mittelerde II\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II -- File not found
"D:\Spiele\Call of Duty 2\CoD2MP_s.exe" = D:\Spiele\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"D:\Spiele\Battlefield Bad Company 2\BFBC2Updater.exe" = D:\Spiele\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- File not found
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Spiele\World of Warcraft\Wow.exe" = D:\Spiele\World of Warcraft\Wow.exe:*:Enabled:Wow -- (Blizzard Entertainment)
"D:\Spiele\League of Legends\League of Legends\Air\LolClient.exe" = D:\Spiele\League of Legends\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- (Adobe Systems Inc.)
"D:\Spiele\League of Legends\League of Legends\Game\League of Legends.exe" = D:\Spiele\League of Legends\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()
"C:\Dokumente und Einstellungen\Administrator\Desktop\Crypload\RouterClient.exe" = C:\Dokumente und Einstellungen\Administrator\Desktop\Crypload\RouterClient.exe:*:Disabled:RouterClient -- File not found
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- File not found
"D:\Programme\IncrediMail\Bin\IncMail.exe" = D:\Programme\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail -- File not found
"D:\Programme\IncrediMail\Bin\ImApp.exe" = D:\Programme\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail -- File not found
"D:\Programme\IncrediMail\Bin\ImpCnt.exe" = D:\Programme\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail -- File not found
"D:\Programme\Electronic Arts\EADM\Core.exe" = D:\Programme\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- File not found
"D:\Programme\Novo's Easy WoW Server\0.4.0.5\udrive\usr\local\apache2\bin\Apache_16.exe" = D:\Programme\Novo's Easy WoW Server\0.4.0.5\udrive\usr\local\apache2\bin\Apache_16.exe:*:Enabled:Apache HTTP Server -- File not found
"D:\Programme\Novo's Easy WoW Server\0.4.0.5\udrive\usr\local\mysql\bin\mysqld-opt.exe" = D:\Programme\Novo's Easy WoW Server\0.4.0.5\udrive\usr\local\mysql\bin\mysqld-opt.exe:*:Enabled:mysqld-opt -- File not found
"D:\Programme\Novo's Easy WoW Server\0.4.0.5\Logonserver.exe" = D:\Programme\Novo's Easy WoW Server\0.4.0.5\Logonserver.exe:*:Enabled:Logonserver -- File not found
"D:\Programme\Novo's Easy WoW Server\0.4.0.5\WorldServer.exe" = D:\Programme\Novo's Easy WoW Server\0.4.0.5\WorldServer.exe:*:Enabled:WorldServer -- File not found
"D:\Programme\Novo's Easy WoW Server\0.4.1\udrive\usr\local\mysql\bin\mysqld-opt.exe" = D:\Programme\Novo's Easy WoW Server\0.4.1\udrive\usr\local\mysql\bin\mysqld-opt.exe:*:Enabled:The MySQL Server -- File not found
"D:\Programme\Novo's Easy WoW Server\0.4.1\udrive\usr\local\apache2\bin\Apache_16.exe" = D:\Programme\Novo's Easy WoW Server\0.4.1\udrive\usr\local\apache2\bin\Apache_16.exe:*:Enabled:Apache HTTP Server -- File not found
"D:\Programme\Novo's Easy WoW Server\0.4.1\LogonServer.exe" = D:\Programme\Novo's Easy WoW Server\0.4.1\LogonServer.exe:*:Enabled:LogonServer -- File not found
"D:\Programme\Novo's Easy WoW Server\0.4.1\WorldServer.exe" = D:\Programme\Novo's Easy WoW Server\0.4.1\WorldServer.exe:*:Enabled:WorldServer -- File not found
"D:\Spiele\Warcraft III\war3.exe" = D:\Spiele\Warcraft III\war3.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Dokumente und Einstellungen\Administrator\Desktop\Cryptload\RouterClient.exe" = C:\Dokumente und Einstellungen\Administrator\Desktop\Cryptload\RouterClient.exe:*:Enabled:RouterClient -- (hxxp://cryptload.info)
"D:\Spiele\Steamless Left4Dead2 Pack\left4dead2.exe" = D:\Spiele\Steamless Left4Dead2 Pack\left4dead2.exe:*:Enabled:left4dead2 -- ()
"D:\Programme\Skype\Plugin Manager\skypePM.exe" = D:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- File not found
"D:\Spiele\Valve\Steam\SteamApps\killing_joke313\counter-strike\hl.exe" = D:\Spiele\Valve\Steam\SteamApps\killing_joke313\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"D:\Programme\Mozilla Firefox\firefox.exe" = D:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe" = C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe:*:Enabled:Kaspersky Anti-Virus -- (Kaspersky Lab)
"D:\Spiele\Rune\System\Rune.exe" = D:\Spiele\Rune\System\Rune.exe:*:Disabled:Rune -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0928B2C5-0B16-C2FB-7BAE-A25901414687}" = ATI Catalyst Install Manager
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3763A2B4-B07A-4E4D-994D-7D2C6AF0CF9E}" = Safari
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3C5F1B30-B10B-4579-86DD-D00F662E1031}" = Nero 8
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8DB77BE4-629D-458D-BD68-9F36667C2177}" = TubeBox!
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{BE9A67F1-BDD3-4259-9F5C-2EFCE6B3A6C5}" = Clive Barker's Jericho
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E45CACFE-0576-4375-A84F-C34B99A7B652}" = D-Link DWA-125
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"ATI Display Driver" = ATI Display Driver
"AviSynth" = AviSynth 2.5
"Battle.net" = Battle.net
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Defraggler" = Defraggler
"EADM" = EA Download Manager
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.7.15
"Free Video to Sony PSP Converter_is1" = Free Video to Sony PSP Converter version 2.2.12
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"Hamachi" = Hamachi 1.0.1.4
"ICQToolbar" = ICQ Toolbar
"ICQ-Tools Statusmanager 1.1" = ICQ-Tools Statusmanager 1.1
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"IsoBuster_is1" = IsoBuster 2.7
"JDownloader" = JDownloader
"LastFM_is1" = Last.fm 1.5.4.27091
"League of Legends_is1" = League of Legends
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"PhotoScape" = PhotoScape
"Postal 2 Share The Pain" = Postal 2 Share The Pain
"Rune" = Rune
"Steamless Left4Dead2 Pack" = Steamless Left4Dead2 Pack
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.10.2010 17:08:12 | Computer Name = KEV | Source = Bonjour Service | ID = 100
Description =
Error - 28.10.2010 12:58:29 | Computer Name = KEV | Source = Bonjour Service | ID = 100
Description =
Error - 01.11.2010 16:21:25 | Computer Name = KEV | Source = Bonjour Service | ID = 100
Description =
Error - 02.11.2010 12:02:56 | Computer Name = KEV | Source = Bonjour Service | ID = 100
Description =
Error - 04.11.2010 16:10:40 | Computer Name = KEV | Source = Bonjour Service | ID = 100
Description =
Error - 05.11.2010 12:48:28 | Computer Name = KEV | Source = Bonjour Service | ID = 100
Description =
Error - 09.11.2010 19:14:51 | Computer Name = KEV | Source = Bonjour Service | ID = 100
Description =
Error - 10.11.2010 12:14:41 | Computer Name = KEV | Source = Bonjour Service | ID = 100
Description =
Error - 11.11.2010 13:08:04 | Computer Name = KEV | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 11.11.2010 16:43:02 | Computer Name = KEV | Source = Bonjour Service | ID = 100
Description =
[ System Events ]
Error - 19.12.2010 11:26:26 | Computer Name = KEV | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
CSVirtualDiskDrv Fips intelppm kl1 KLIF sptd
Error - 19.12.2010 12:16:36 | Computer Name = KEV | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 19.12.2010 12:17:55 | Computer Name = KEV | Source = Service Control Manager | ID = 7000
Description = Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 19.12.2010 13:43:33 | Computer Name = KEV | Source = Service Control Manager | ID = 7000
Description = Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 20.12.2010 12:37:17 | Computer Name = KEV | Source = Service Control Manager | ID = 7000
Description = Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 20.12.2010 12:37:51 | Computer Name = KEV | Source = MRxSmb | ID = 8003
Description = Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "SPEEDPORT.IP",
der
der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A83EEFA6-82EE-4-Transport zu
sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error - 20.12.2010 12:42:12 | Computer Name = KEV | Source = Service Control Manager | ID = 7000
Description = Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 20.12.2010 13:08:02 | Computer Name = KEV | Source = Srv | ID = 2000
Description = Der Aufruf eines Systemdienstes durch den Serverdienst ist unerwartet
fehlgeschlagen.
Error - 20.12.2010 13:08:02 | Computer Name = KEV | Source = Srv | ID = 2000
Description = Der Aufruf eines Systemdienstes durch den Serverdienst ist unerwartet
fehlgeschlagen.
Error - 20.12.2010 16:04:14 | Computer Name = KEV | Source = Service Control Manager | ID = 7000
Description = Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.12.2010 00:50:23 - Run 1 OTL by OldTimer - Version 3.2.17.4 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 48,83 Gb Total Space | 25,35 Gb Free Space | 51,93% Space Free | Partition Type: NTFS Drive D: | 416,93 Gb Total Space | 230,46 Gb Free Space | 55,28% Space Free | Partition Type: NTFS Computer Name: KEV | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.12.21 00:50:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe PRC - [2010.12.15 17:37:56 | 000,912,344 | ---- | M] (Mozilla Corporation) -- D:\Programme\Mozilla Firefox\firefox.exe PRC - [2010.11.29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2010.11.29 17:42:14 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010.10.27 21:21:54 | 001,155,072 | ---- | M] (Last.fm) -- D:\Programme\Last.fm\LastFM.exe PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2010.08.13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.05.07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe PRC - [2010.05.07 17:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\LWS\Webcam Software\LWS.exe PRC - [2010.01.13 23:45:58 | 001,552,736 | ---- | M] (Nullsoft, Inc.) -- D:\Programme\Winamp\winamp.exe PRC - [2009.12.25 15:43:40 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe PRC - [2009.12.25 15:42:48 | 000,207,376 | ---- | M] (Kaspersky Lab) -- C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe PRC - [2009.12.21 16:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe PRC - [2009.10.19 18:03:50 | 000,995,328 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWA-125 revA\AirGCFG.exe PRC - [2009.10.19 17:39:38 | 000,122,880 | ---- | M] (Wireless Service) -- C:\Programme\D-Link\DWA-125 revA\WZCSLDR2.exe PRC - [2009.08.21 08:27:26 | 000,126,976 | ---- | M] (Wireless Service) -- C:\Programme\D-Link\DWA-125 revA\ANIWZCSdS.exe PRC - [2009.07.20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- D:\Programme\Logitech\SetPoint\SetPoint.exe PRC - [2009.07.10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe PRC - [2009.07.07 18:49:20 | 000,040,960 | ---- | M] () -- C:\Programme\D-Link\DWA-125 revA\ANIWConnService.exe PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.02.28 18:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe PRC - [2008.02.28 18:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe ========== Modules (SafeList) ========== MOD - [2010.12.21 00:50:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe MOD - [2010.08.23 17:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2009.07.20 12:29:06 | 000,045,584 | ---- | M] (Logitech, Inc.) -- D:\Programme\Logitech\SetPoint\lgscroll.dll MOD - [2009.07.20 12:25:22 | 000,064,016 | ---- | M] (Logitech, Inc.) -- D:\Programme\Logitech\SetPoint\GameHook.dll MOD - [2009.07.12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010.12.13 20:54:24 | 003,020,888 | ---- | M] () [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_aeec0f0.dll -- (Akamai) SRV - [2010.11.29 17:42:16 | 000,363,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.08.13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.05.07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2010.03.10 22:46:00 | 003,601,608 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2009.12.25 15:43:40 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe -- (AVP) SRV - [2009.12.21 16:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv) SRV - [2009.08.21 08:27:26 | 000,126,976 | ---- | M] (Wireless Service) [Auto | Running] -- C:\Programme\D-Link\DWA-125 revA\ANIWZCSdS.exe -- (D_Link_DWA-125) SRV - [2009.07.20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009.07.07 18:49:20 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Programme\D-Link\DWA-125 revA\ANIWConnService.exe -- (D_Link_DWA-125_WPS) SRV - [2008.02.28 18:07:48 | 000,529,704 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - [2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010.09.06 21:24:55 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANPD.SYS -- (ANPD) DRV - [2010.08.10 16:37:43 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.05.14 23:04:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2010.05.14 23:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 200(UVC) DRV - [2010.05.14 23:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2010.05.14 23:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2010.05.07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2010.03.02 21:57:28 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2010.03.02 21:57:27 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010.02.02 22:23:27 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009.12.29 03:29:12 | 000,779,136 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Drt2870.sys -- (rt2870) DRV - [2009.12.14 11:44:24 | 000,088,632 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\CSCrySec.sys -- (CSCrySec) DRV - [2009.12.14 11:44:24 | 000,039,352 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv) DRV - [2009.11.26 11:10:46 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF) DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009.10.14 19:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\klbg.sys -- (KLBG) DRV - [2009.10.02 17:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009.09.14 12:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5) DRV - [2009.09.01 13:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1) DRV - [2009.07.10 06:36:18 | 004,407,808 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009.07.01 11:09:56 | 000,012,704 | ---- | M] (MARX Datentechnik GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\cbmdev3.sys -- (CbmDev3) DRV - [2009.07.01 11:09:56 | 000,012,704 | ---- | M] (MARX Datentechnik GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\cbmdev2.sys -- (CbmDev2) DRV - [2009.07.01 11:09:56 | 000,012,704 | ---- | M] (MARX Datentechnik GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\cbmdev1.sys -- (CbmDev1) DRV - [2009.06.17 17:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2009.06.17 17:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2009.06.17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009.06.17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009.06.17 17:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2009.06.17 17:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou) DRV - [2009.06.17 17:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008.04.13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2006.11.22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock) DRV - [2006.11.03 09:32:30 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006.10.17 13:22:26 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32) DRV - [2001.08.17 13:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: D:\Programme\Mozilla Firefox\components [2010.12.15 17:38:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2010.12.15 17:38:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Programme\Kaspersky Lab\Kaspersky PURE\THBExt [2010.07.14 17:58:52 | 000,000,000 | ---D | M] [2010.02.14 16:11:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions [2010.12.20 18:43:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\2hjkntn0.KEv\extensions [2010.12.15 21:21:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\2hjkntn0.KEv\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.12.15 21:21:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\2hjkntn0.KEv\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.10.26 16:44:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\2hjkntn0.KEv\extensions\nasanightlaunch@example.com O1 HOSTS File: ([2010.06.14 20:59:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [ATICustomerCare] C:\Programme\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [D-Link D-Link DWA-125] C:\Programme\D-Link\DWA-125 revA\AirGCFG.exe (D-Link Corp.) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [LWS] C:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [WZCSLDR2] C:\Programme\D-Link\DWA-125 revA\WZCSLDR2.exe (Wireless Service) O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = D:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 351 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm () O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop Components:1 () - C:\Dokumente und Einstellungen\Administrator\Desktop\Beißspiel.Daniel Schneider,30.11.2010.html O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - Unable to read "AutoRun" value or value not present! O32 - AutoRun File - [2010.01.16 14:04:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{2b77823a-087b-11df-ab0f-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{2b77823a-087b-11df-ab0f-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{2b77823a-087b-11df-ab0f-806d6172696f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{96d6d1b5-fc01-11df-ac78-1caff772e1da}\Shell - "" = AutoRun O33 - MountPoints2\{96d6d1b5-fc01-11df-ac78-1caff772e1da}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{a8f563e6-33f5-11df-ab71-00252205dcdb}\Shell - "" = AutoRun O33 - MountPoints2\{a8f563e6-33f5-11df-ab71-00252205dcdb}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{a8f563e6-33f5-11df-ab71-00252205dcdb}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.12.19 23:19:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\http___wow-studio.net [2010.12.19 23:11:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\Release [2010.12.17 17:27:02 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2010.12.17 17:25:32 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2010.12.14 22:49:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.12.14 19:45:48 | 000,000,000 | ---D | C] -- C:\Programme\Skype [2010.12.14 19:45:48 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype [2010.12.13 23:50:33 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent [2010.12.13 23:33:14 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DVDVideoSoft [2010.12.13 22:52:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Geckofx [2010.12.13 22:51:17 | 000,000,000 | ---D | C] -- C:\Programme\AviSynth 2.5 [2010.12.13 19:54:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Kaspersky Lab [2010.12.09 18:19:20 | 000,000,000 | ---D | C] -- C:\Programme\tmp [2010.12.07 21:19:54 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Passwords Database [2010.12.05 19:50:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\.gimp-2.6 [2010.12.05 19:19:22 | 000,000,000 | ---D | C] -- C:\Programme\ICQ6Toolbar [2010.12.05 19:13:52 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2 [2010.12.05 17:42:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\MeinSpore-Kreationen [2010.12.05 17:42:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SPORE [2010.12.05 17:32:08 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SecuROM [2010.12.02 06:39:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\DVDVideoSoft [2010.12.02 06:38:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DVDVideoSoft [2010.12.01 18:23:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Tunngle [2010.11.29 22:45:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Degener [2010.11.29 22:45:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Degener [2010.11.26 15:37:34 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll [2010.11.26 15:37:18 | 001,554,944 | ---- | C] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) -- C:\WINDOWS\System32\vorbis.acm [2010.11.22 06:18:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\Cryptload [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.12.21 00:02:00 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010.12.20 21:05:55 | 000,002,235 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [2010.12.20 21:03:50 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010.12.20 21:03:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.12.20 21:03:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs [2010.12.20 21:03:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad [2010.12.20 18:43:38 | 000,000,569 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Wow.lnk [2010.12.20 18:07:46 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{A83EEFA6-82EE-4CDF-85AC-5D0B1D73672D} [2010.12.20 18:07:35 | 000,000,014 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{A83EEFA6-82EE-4CDF-85AC-5D0B1D73672D} [2010.12.20 17:40:37 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010.12.19 23:35:41 | 000,036,400 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat [2010.12.19 16:32:06 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.12.18 00:24:29 | 002,074,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.12.17 18:00:16 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010.12.17 17:24:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.12.15 21:17:54 | 000,000,562 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Zsnes.lnk [2010.12.15 20:05:54 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010.12.13 21:46:16 | 000,000,164 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{701ACAF9-F102-47c2-8907-36246F4DFB51} [2010.12.05 19:50:16 | 000,000,680 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\GIMP 2.lnk [2010.12.05 19:19:55 | 000,001,451 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ7.2.lnk [2010.12.05 19:07:02 | 000,124,928 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.05 17:32:07 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll [2010.12.05 17:26:59 | 000,000,721 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SPORE™.lnk [2010.12.03 06:10:01 | 000,000,584 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Rune.lnk [2010.12.01 18:31:34 | 000,000,645 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Left4Dead2.lnk [2010.12.01 06:37:47 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat [2010.11.30 20:04:19 | 000,000,781 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Beißspiel.Daniel Schneider,30.11.2010.html [2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.12.20 18:43:38 | 000,000,569 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Wow.lnk [2010.12.19 16:32:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.12.17 17:59:47 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010.12.15 21:17:54 | 000,000,562 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Zsnes.lnk [2010.12.14 19:45:51 | 000,002,235 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [2010.12.05 19:50:16 | 000,000,680 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\GIMP 2.lnk [2010.12.05 19:19:55 | 000,001,451 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ7.2.lnk [2010.12.05 17:26:59 | 000,000,721 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SPORE™.lnk [2010.12.03 06:10:01 | 000,000,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Rune.lnk [2010.12.01 18:31:34 | 000,000,645 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Left4Dead2.lnk [2010.11.30 19:40:47 | 000,000,781 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Beißspiel.Daniel Schneider,30.11.2010.html [2010.11.29 22:46:20 | 000,000,164 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{701ACAF9-F102-47c2-8907-36246F4DFB51} [2010.11.02 23:41:00 | 000,000,258 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ANICONFIG_{A83EEFA6-82EE-4CDF-85AC-5D0B1D73672D}.ini [2010.09.06 21:24:55 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANPDApi.dll [2010.09.06 21:24:55 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANPD64.SYS [2010.09.06 21:24:55 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANPD.SYS [2010.08.27 22:05:37 | 000,143,968 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2010.08.13 19:04:30 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2010.08.13 19:04:30 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2010.08.13 19:04:30 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2010.07.13 12:05:16 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2010.06.13 10:11:03 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\vuins32.dll [2010.05.25 22:33:25 | 000,000,012 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\vlsfdq.dat [2010.05.14 22:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll [2010.05.14 22:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll [2010.05.07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll [2010.05.07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2010.04.18 14:51:07 | 000,362,029 | ---- | C] () -- C:\WINDOWS\System32\SQLite3.dll [2010.03.02 21:57:27 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010.03.02 21:57:27 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2010.02.27 20:48:33 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\CBMVDD.DLL [2010.02.27 20:48:19 | 000,006,836 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI [2010.02.17 14:53:45 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\PnkBstrK.sys [2010.02.15 23:21:15 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010.02.15 00:00:00 | 000,004,177 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010.02.01 23:47:09 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2010.01.31 00:00:00 | 000,000,324 | ---- | C] () -- C:\WINDOWS\doom3.ini [2010.01.24 22:40:09 | 000,124,928 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.01.20 00:00:00 | 000,000,262 | ---- | C] () -- C:\WINDOWS\game.ini [2010.01.16 14:11:56 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009.12.23 00:00:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009.12.15 00:00:00 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009.12.14 00:00:00 | 000,004,362 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI < End of report > Gruß,Cola Geändert von Cola_ :) (21.12.2010 um 00:58 Uhr) |
|
21.12.2010, 09:49
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W-Lan und Lan finden internet, aber keine konnektivität zum Internet.Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.12.2010, 17:31
| #5 |
| | W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Malwarebytes' Anti-Malware 1.50 Malwarebytes Datenbank Version: 5366 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 21.12.2010 17:29:07 mbam-log-2010-12-21 (17-29-07).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 254501 Laufzeit: 41 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) das ist das log von Mbytes |
|
21.12.2010, 22:31
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ --> W-Lan und Lan finden internet, aber keine konnektivität zum Internet. |
|
23.12.2010, 19:54
| #7 |
| | W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Hey, Das ist die Combofix log datei: Combofix Logfile: Code:
ATTFilter ComboFix 10-12-23.01 - Administrator 23.12.2010 19:45:19.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2047.1533 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\Administrator\Eigene Dateien\Downloads\Cofi.exe.exe
AV: Kaspersky PURE *Disabled/Outdated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky PURE *Enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\crt.dat
c:\windows\system32\cryptnet32.dll
c:\windows\system32\Dll.dll
c:\windows\system32\ReadMe.txt
c:\windows\system32\shimg.dll
.
((((((((((((((((((((((( Dateien erstellt von 2010-11-23 bis 2010-12-23 ))))))))))))))))))))))))))))))
.
2010-12-22 21:59 . 2005-04-03 21:59 5632 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2010-12-19 22:19 . 2010-12-19 22:19 -------- d-----w- c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\http___wow-studio.net
2010-12-17 16:27 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-17 16:25 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-14 18:45 . 2010-12-14 18:45 -------- d-----w- c:\programme\Skype
2010-12-14 18:45 . 2010-12-14 18:45 -------- d-----w- c:\programme\Gemeinsame Dateien\Skype
2010-12-13 22:33 . 2010-12-13 22:33 -------- d-----w- c:\programme\Gemeinsame Dateien\DVDVideoSoft
2010-12-13 21:52 . 2010-12-13 21:52 -------- d-----w- c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Geckofx
2010-12-13 21:51 . 2010-12-13 21:51 -------- d-----w- c:\programme\AviSynth 2.5
2010-12-13 19:41 . 2008-05-13 16:23 417792 ----a-w- c:\programme\Windows Media Player\Plugins\wmp_scrobbler.dll
2010-12-13 18:54 . 2010-12-13 18:54 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Kaspersky Lab
2010-12-09 17:19 . 2010-12-09 17:19 -------- d-----w- c:\programme\tmp
2010-12-05 18:50 . 2010-12-22 22:08 -------- d-----w- c:\dokumente und einstellungen\Administrator\.gimp-2.6
2010-12-05 18:19 . 2010-12-05 18:19 -------- d-----w- c:\programme\ICQ6Toolbar
2010-12-05 18:13 . 2010-12-05 18:20 -------- d-----w- c:\programme\ICQ7.2
2010-12-05 16:42 . 2010-12-06 22:47 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\SPORE
2010-12-05 16:32 . 2010-12-05 16:32 -------- d--h--r- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\SecuROM
2010-12-02 23:29 . 2010-12-02 23:29 200836 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2010-12-02 23:29 . 2005-04-03 22:02 753664 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2010-12-02 23:29 . 2005-04-03 22:02 69714 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2010-12-02 23:29 . 2005-04-03 22:01 274432 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2010-12-02 23:29 . 2005-04-03 22:00 184320 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2010-12-02 23:29 . 2010-12-02 23:29 331908 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2010-12-02 05:38 . 2010-12-13 22:33 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\DVDVideoSoft
2010-11-29 21:45 . 2010-11-29 21:45 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Degener
2010-11-29 21:45 . 2010-11-29 21:45 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Degener
2010-11-26 14:37 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll
2010-11-26 14:37 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\system32\vorbis.acm
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-05 16:32 . 2010-02-17 13:58 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-11-29 16:42 . 2010-05-26 14:35 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 16:42 . 2010-05-26 14:35 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:12 . 2010-01-16 13:02 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-05 05:04 . 2004-08-03 22:57 672768 ----a-w- c:\windows\system32\wininet.dll
2010-11-05 05:04 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-11-05 05:04 . 2004-08-03 22:57 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-11-05 05:02 . 2004-08-03 22:42 371200 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2001-08-18 10:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:12 . 2004-08-03 22:54 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 14:05 . 2004-08-03 22:46 1853440 ----a-w- c:\windows\system32\win32k.sys
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2009-12-25 14:42 129552 ----a-w- c:\programme\Kaspersky Lab\Kaspersky PURE\shellex.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2010-01-06 55824]
"AVP"="c:\programme\Kaspersky Lab\Kaspersky PURE\avp.exe" [2009-12-25 340456]
"ATICustomerCare"="c:\programme\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"LWS"="c:\programme\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"D-Link D-Link DWA-125"="c:\programme\D-Link\DWA-125 revA\AirGCFG.exe" [2009-10-19 995328]
"WZCSLDR2"="c:\programme\D-Link\DWA-125 revA\WZCSLDR2.exe" [2009-10-19 122880]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-09-08 421888]
"Malwarebytes' Anti-Malware"="d:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-11-29 443728]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
Logitech SetPoint.lnk - d:\programme\Logitech\SetPoint\SetPoint.exe [2010-2-17 813584]
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
Source= c:\dokumente und einstellungen\Administrator\Desktop\Beißspiel.Daniel Schneider,30.11.2010.html
FriendlyName=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-11-29 16:42 443728 ----a-w- d:\programme\Malwarebytes' Anti-Malware\mbamgui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-04-28 16:14 570664 ----a-w- c:\programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PasswordManager]
2009-12-24 18:57 3037616 ----a-w- c:\progra~1\KASPER~1\KASPER~1\KASPER~1\MODULE~1\stpass.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"DAUpdaterSvc"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programme\\Java\\jre6\\bin\\javaw.exe"=
"d:\\Spiele\\TmNationsForever\\TmForever.exe"=
"c:\\Dokumente und Einstellungen\\Administrator\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"d:\\Spiele\\Warcraft III\\Warcraft III.exe"=
"c:\\WINDOWS\\Downloaded Program Files\\ijjiOptimizer.exe"=
"c:\\Dokumente und Einstellungen\\Administrator\\Lokale Einstellungen\\Apps\\2.0\\5D2C3BTB.9NB\\9CBKLOR5.6T1\\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\\CurseClient.exe"=
"d:\\Spiele\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\Spiele\\League of Legends\\League of Legends\\Air\\LolClient.exe"=
"d:\\Spiele\\League of Legends\\League of Legends\\Game\\League of Legends.exe"=
"d:\\Spiele\\Warcraft III\\war3.exe"=
"c:\\Dokumente und Einstellungen\\Administrator\\Desktop\\Cryptload\\RouterClient.exe"=
"d:\\Spiele\\Steamless Left4Dead2 Pack\\left4dead2.exe"=
"d:\\Spiele\\Valve\\Steam\\SteamApps\\killing_joke313\\counter-strike\\hl.exe"=
"c:\\Programme\\ICQ7.2\\ICQ.exe"=
"c:\\Programme\\ICQ7.2\\aolload.exe"=
"d:\\Programme\\Mozilla Firefox\\firefox.exe"=
"c:\\Programme\\Kaspersky Lab\\Kaspersky PURE\\avp.exe"=
"d:\\Spiele\\Rune\\System\\Rune.exe"=
"d:\\Spiele\\World of Warcraft\\World of Warcraft\\Launcher.exe"=
"d:\\Spiele\\World of Warcraft\\World of Warcraft\\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57259:TCP"= 57259:TCP:Pando Media Booster
"57259:UDP"= 57259:UDP:Pando Media Booster
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"8395:TCP"= 8395:TCP:League of Legends Launcher
"8395:UDP"= 8395:UDP:League of Legends Launcher
"11155:TCP"= 11155:TCP:Tunngle Port
"1044:TCP"= 1044:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\drivers\CSCrySec.sys [19.06.2010 20:17 88632]
R0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14.10.2009 19:18 36880]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [01.02.2010 23:47 691696]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\drivers\CSVirtualDiskDrv.sys [19.06.2010 20:17 39352]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [03.08.2004 23:58 14336]
R2 ANPD;ANPD Service;c:\windows\system32\ANPD.SYS [06.09.2010 21:24 29411]
R2 CbmDev1;CbmDev1;c:\windows\system32\drivers\cbmdev1.sys [27.02.2010 20:48 12704]
R2 CbmDev2;CbmDev2;c:\windows\system32\drivers\cbmdev2.sys [27.02.2010 20:48 12704]
R2 CbmDev3;CbmDev3;c:\windows\system32\drivers\cbmdev3.sys [27.02.2010 20:48 12704]
R2 CSObjectsSrv;Verwaltungsservice vom CryproStorage-System;c:\programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [21.12.2009 16:34 743992]
R2 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:\programme\D-Link\DWA-125 revA\ANIWConnService.exe [09.09.2010 19:00 40960]
R2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe [05.12.2010 19:19 247096]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [17.02.2010 08:10 10384]
R2 MBAMService;MBAMService;d:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [26.05.2010 15:35 363344]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14.09.2009 12:42 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02.10.2009 17:39 19472]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [26.05.2010 15:35 20952]
S0 ywtxvxgn;ywtxvxgn; [x]
S2 D_Link_DWA-125;D_Link_DWA-125 Service;c:\programme\D-Link\DWA-125 revA\ANIWZCSdS.exe [09.09.2010 19:00 126976]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [01.10.2010 16:52 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [25.01.2010 20:22 1691480]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Inhalt des "geplante Tasks" Ordners
2010-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-10-01 15:51]
2010-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-10-01 15:51]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = <local>
IE: Hinzufügen zu Anti-Banner - c:\programme\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {7DFFD3B1-AA94-4287-A88C-1993FCA9504C} = 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\2hjkntn0.KEv\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://google.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - d:\programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: NASA Night Launch: nasanightlaunch@example.com - %profile%\extensions\nasanightlaunch@example.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Password Manager Autofill Engine: {72CA2996-F580-47DF-98FF-0B853D09CEC8} - c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Kaspersky Lab\Password Manager\kpmAutofill
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
MSConfigStartUp-iTunesHelper - d:\programme\iTunes\iTunesHelper.exe
AddRemove-EADM - d:\programme\Electronic Arts\EADM\Uninstall.exe
AddRemove-Final Fantasy VII - d:\spiele\Final Fantasy VII\Uninst.isu
AddRemove-Free YouTube to MP3 Converter_is1 - d:\programme\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe
AddRemove-Hamachi - d:\programme\Hamachi\uninstall.exe
AddRemove-ICQ-Tools Statusmanager 1.1 - c:\programme\ICQ6.5\Packages\Uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-12-23 19:49
Windows 5.1.2600 Service Pack 3 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_USERS\S-1-5-21-1275210071-507921405-839522115-500\Software\SecuROM\License information*]
"datasecu"=hex:2a,41,21,0f,d9,cf,dc,a4,29,39,79,b2,3d,c3,69,a6,b9,ca,e6,d4,81,
9b,3b,f9,cc,fb,ea,19,6c,a0,87,23,67,a9,90,2b,97,27,d4,3d,43,0f,1c,dc,bf,8f,\
"rkeysecu"=hex:cf,c5,30,f7,be,87,84,73,21,12,01,e6,50,37,c3,49
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
- - - - - - - > 'winlogon.exe'(844)
c:\windows\system32\Ati2evxx.dll
c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll
c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTServ.dll
- - - - - - - > 'explorer.exe'(4820)
c:\windows\system32\logishrd\LVPrcInj01.dll
d:\programme\Logitech\SetPoint\GameHook.dll
d:\programme\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe
d:\programme\Nero 8\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
c:\programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-12-23 19:52:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2010-12-23 18:52
Vor Suchlauf: 13 Verzeichnis(se), 25.273.532.416 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 25.838.817.280 Bytes frei
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 93AB3B81454BE2856565B5D12DDE4AA0
|
|
23.12.2010, 21:10
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.01.2011, 23:12
| #9 |
| | W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Hallöchen, Ich Habe in der Zeit wo ich nichts gepostet habe kein internet im Hause gehabt , entschuldigung deswegen. Jetzt weiß ich was mein pc hat. Das Programm RelevantKnowLedge hatt sich in meinem system breit gemacht. Gruß, Cola |
|
11.01.2011, 20:41
| #11 |
| | W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Hallo, Habe nurn Folgende Files: Gmer: Ich musste es Hochladen weil es zu viele Zeichen besitzt: hxxp://www.materialordner.de/irTTBcwlv1WDszYCu0E8WwJz5OE7bYCj.html Osam: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 17:35:12 on 11.01.2011 OS: Windows XP Professional Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.13 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "ISUSPM.cpl" - "Macrovision Corporation" - C:\WINDOWS\system32\ISUSPM.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "PhysX.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\PhysX.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal - Free Antivirus " - ? - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl (File not found) "Nero BurnRights" - "Nero AG" - D:\Programme\Nero 8\Nero\Nero8\Nero Toolkit\NeroBurnRights.cpl "Pando" - "Pando Networks" - C:\Programme\Pando Networks\Media Booster\PMB.cpl "QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "a4e055ee" (a4e055ee) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\a4e055ee.sys (Hidden registry entry, rootkit activity | File signed by Microsoft) "adfs" (adfs) - ? - C:\WINDOWS\system32\drivers\adfs.sys (File not found) "ANPD Service" (ANPD) - ? - C:\WINDOWS\system32\ANPD.sys "aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswFsBlk.sys "aswRdr" (aswRdr) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswRdr.sys "aswSP" (aswSP) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswSP.sys "ati2mtag" (ati2mtag) - "ATI Technologies Inc." - C:\WINDOWS\System32\DRIVERS\ati2mtag.sys "atksgt" (atksgt) - ? - C:\WINDOWS\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avast! Asynchronous Virus Monitor" (Aavmker4) - "AVAST Software" - C:\WINDOWS\system32\drivers\Aavmker4.sys "avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswTdi.sys "avast! Standard Shield Support" (aswMon2) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswMon2.sys "catchme" (catchme) - ? - C:\Cofi.exe\catchme.sys (File not found) "CbmDev1" (CbmDev1) - "MARX Datentechnik GmbH" - C:\WINDOWS\system32\drivers\CbmDev1.sys "CbmDev2" (CbmDev2) - "MARX Datentechnik GmbH" - C:\WINDOWS\system32\drivers\CbmDev2.sys "CbmDev3" (CbmDev3) - "MARX Datentechnik GmbH" - C:\WINDOWS\system32\drivers\CbmDev3.sys "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\WINDOWS\System32\DRIVERS\hamachi.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "LBeepKE" (LBeepKE) - "Logitech, Inc." - C:\WINDOWS\System32\Drivers\LBeepKE.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "lirsgt" (lirsgt) - ? - C:\WINDOWS\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\WINDOWS\system32\drivers\mbam.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys "sptd" (sptd) - "Duplex Secure Ltd." - C:\WINDOWS\System32\Drivers\sptd.sys (File is exclusively opened, access blocked) "TAP-Win32 Adapter V9 (Tunngle)" (tap0901t) - "Tunngle.net" - C:\WINDOWS\System32\DRIVERS\tap0901t.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) "XDva379" (XDva379) - ? - C:\WINDOWS\system32\XDva379.sys (File not found) "ywtxvxgn" (ywtxvxgn) - ? - C:\WINDOWS\system32\drivers\ywtxvxgn.sys (File not found) [Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Desktop\Components )----- "(1) Source" - ? - C:\Dokumente und Einstellungen\Administrator\Desktop\Beißspiel.Daniel Schneider,30.11.2010.html -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroDigitalExt.dll {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - D:\Programme\Alwil Software\Avast5\ashShell.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - D:\Programme\Logitech\SetPoint\kbcplext.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {792F0537-F929-4eb7-AC1D-FB6334C71550} "LG Phone" - ? - (File not found | COM-object registry key not found) {B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech, Inc." - D:\Programme\Logitech\SetPoint\mcplext.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - D:\Programme\Nero 8\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll {B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroDigitalExt.dll {7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroDigitalExt.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Programme\ICQ6Toolbar\ICQToolBar.dll "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx / hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "ICQ7.2" - "ICQ, LLC." - C:\Programme\ICQ7.2\ICQ.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {855F3B16-6D32-4FE6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Programme\ICQ6Toolbar\ICQToolBar.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini "Logitech SetPoint.lnk" - "Logitech, Inc." - D:\Programme\Logitech\SetPoint\SetPoint.exe (Shortcut exists | File exists) -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 "SpybotSD TeaTimer" - "Safer-Networking Ltd." - D:\Programme\Spybot - Search & Destroy\TeaTimer.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avast5" - "AVAST Software" - "D:\Programme\Alwil Software\Avast5\avastUI.exe" /nogui "D-Link D-Link DWA-125" - "D-Link Corp." - C:\Programme\D-Link\DWA-125 revA\AirGCFG.exe "LWS" - "Logitech Inc." - C:\Programme\Logitech\LWS\Webcam Software\LWS.exe -hide "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask.exe" -atboottime "WZCSLDR2" - "Wireless Service" - C:\Programme\D-Link\DWA-125 revA\WZCSLDR2.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Akamai NetSession Interface" (Akamai) - ? - c:\programme\gemeinsame dateien\akamai\netsession_win_dbc0250.dll (File found, but it contains no detailed information) "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Ati HotKey Poller" (Ati HotKey Poller) - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.exe "avast! Antivirus" (avast! Antivirus) - "AVAST Software" - D:\Programme\Alwil Software\Avast5\AvastSvc.exe "D_Link_DWA-125 Service" (D_Link_DWA-125) - "Wireless Service" - C:\Programme\D-Link\DWA-125 revA\ANIWZCSdS.exe "D_Link_DWA-125_WPS Service" (D_Link_DWA-125_WPS) - ? - C:\Programme\D-Link\DWA-125 revA\ANIWConnService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "ICQ Service" (ICQ Service) - ? - C:\Programme\ICQ6Toolbar\ICQ Service.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe "Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - D:\Programme\Nero 8\Nero\Nero8\Nero BackItUp\NBService.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe "nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\WINDOWS\system32\GameMon.des "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\WINDOWS\system32\IoctlSvc.exe "PnkBstrA" (PnkBstrA) - ? - C:\WINDOWS\system32\PnkBstrA.exe (File found, but it contains no detailed information) "PnkBstrB" (PnkBstrB) - ? - C:\WINDOWS\system32\PnkBstrB.exe (File found, but it contains no detailed information) "Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe "TunngleService" (TunngleService) - "Tunngle.net GmbH" - D:\Programme\Tunngle\TnglCtrl.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "AtiExtEvent" - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.dll "LBTWlgn" - "Logitech, Inc." - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru MBRcheck: Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000081d
Kernel Drivers (total 154):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x80700000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF74E3000 spbw.sys
0xF7989000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xF74CB000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xF749C000 ACPI.sys
0xF748B000 pci.sys
0xF75F7000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF798B000 viaide.sys
0xF7607000 MountMgr.sys
0xF7868000 ftdisk.sys
0xF798D000 dmload.sys
0xF7842000 dmio.sys
0xF770F000 PartMgr.sys
0xF7717000 videX32.sys
0xF7617000 VolSnap.sys
0xF782A000 atapi.sys
0xF7627000 disk.sys
0xF7637000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7967000 fltmgr.sys
0xF7955000 sr.sys
0xF7647000 PxHelp20.sys
0xF7A38000 KSecDD.sys
0xF7A25000 WudfPf.sys
0xF7B52000 Ntfs.sys
0xF7B25000 NDIS.sys
0xF7657000 uagp35.sys
0xBA7E6000 Mup.sys
0xBA706000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB925B000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xB9247000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB921F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xBA6F6000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA6E6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA6D6000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB91FC000 \SystemRoot\system32\DRIVERS\ks.sys
0xF77F7000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF77FF000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB91D8000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7807000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF780F000 \SystemRoot\system32\DRIVERS\fdc.sys
0xB91C4000 \SystemRoot\system32\DRIVERS\parport.sys
0xBA7BE000 \SystemRoot\system32\DRIVERS\gameenum.sys
0xF7687000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xBA7BA000 \SystemRoot\system32\DRIVERS\L8042Kbd.sys
0xF7817000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7697000 \SystemRoot\system32\DRIVERS\serial.sys
0xBA7B6000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF76A7000 \SystemRoot\system32\DRIVERS\fetnd5bv.sys
0xB8F4A000 \SystemRoot\System32\Drivers\a4e055ee.SYS
0xF7A6B000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7797000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xF779F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB974F000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA78E000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB8F33000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB973F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB972F000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF77A7000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF77AF000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB971F000 \SystemRoot\system32\DRIVERS\tap0901t.sys
0xB8F03000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB970F000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF77B7000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF79D1000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB8EA5000 \SystemRoot\system32\DRIVERS\update.sys
0xBA77A000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB8A4D000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xB8A29000 \SystemRoot\system32\drivers\portcls.sys
0xB96FF000 \SystemRoot\system32\drivers\drmk.sys
0xB96EF000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF746B000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79E9000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF77D7000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF79F5000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB8F88000 \SystemRoot\System32\Drivers\Null.SYS
0xF79F7000 \SystemRoot\System32\Drivers\Beep.SYS
0xF77E7000 \SystemRoot\System32\drivers\vga.sys
0xF79F9000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79FF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF781F000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF7727000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB9EC9000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB8A01000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAC8BC000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF743B000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xAC863000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF742B000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xAC83D000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xAC815000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF741B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB9EB9000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xAC7F3000 \SystemRoot\System32\drivers\afd.sys
0xF740B000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAC7C8000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAC758000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF7887000 \SystemRoot\System32\Drivers\Fips.SYS
0xAC6C1000 \SystemRoot\System32\Drivers\aswSP.SYS
0xB9EA1000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xF776F000 \SystemRoot\System32\Drivers\LUsbFilt.Sys
0xBA726000 \SystemRoot\System32\Drivers\WDFLDR.SYS
0xAC61E000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xAC907000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xBA716000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7777000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF76B7000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF76C7000 \SystemRoot\system32\drivers\usbaudio.sys
0xF778F000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xAC903000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF77BF000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xABEF9000 \SystemRoot\system32\DRIVERS\lvuvc.sys
0xABEB7000 \SystemRoot\system32\DRIVERS\lvrs.sys
0xABE9F000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79DF000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB8A25000 \SystemRoot\System32\drivers\Dxapi.sys
0xF77C7000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7A8A000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF068000 \SystemRoot\System32\ati2cqag.dll
0xBF0FE000 \SystemRoot\System32\atikvmag.dll
0xBF197000 \SystemRoot\System32\atiok3x2.dll
0xBF1F7000 \SystemRoot\System32\ati3duag.dll
0xBF519000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA9C5E000 \??\C:\WINDOWS\system32\drivers\mbam.sys
0xA9C5A000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xA9AC0000 \SystemRoot\system32\DRIVERS\irda.sys
0xA9BE6000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA98A1000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xA93DC000 \SystemRoot\system32\drivers\wdmaud.sys
0xA95E9000 \SystemRoot\system32\drivers\sysaudio.sys
0xA916B000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF79EF000 \SystemRoot\System32\Drivers\CbmDev1.SYS
0xF79F1000 \SystemRoot\System32\Drivers\CbmDev2.SYS
0xF79FD000 \SystemRoot\System32\Drivers\CbmDev3.SYS
0xF7A03000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xF7757000 \??\C:\WINDOWS\system32\ANPD.sys
0xA9100000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xA8EC6000 \??\C:\WINDOWS\system32\drivers\hardlock.sys
0xA8EA2000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xB9F87000 \SystemRoot\System32\Drivers\LBeepKE.sys
0xF7767000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xA8D82000 \SystemRoot\system32\DRIVERS\srv.sys
0xB9EA9000 \SystemRoot\system32\Drivers\LVPr2Mon.sys
0xA8A49000 \SystemRoot\System32\Drivers\HTTP.sys
0xA648D000 \SystemRoot\system32\drivers\kmixer.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
0x10000000 \Programme\DAEMON Tools Lite\Engine.dll
Processes (total 48):
0 System Idle Process
4 System
528 C:\WINDOWS\system32\smss.exe
584 csrss.exe
616 C:\WINDOWS\system32\winlogon.exe
660 C:\WINDOWS\system32\services.exe
672 C:\WINDOWS\system32\lsass.exe
844 C:\WINDOWS\system32\ati2evxx.exe
864 C:\WINDOWS\system32\svchost.exe
912 svchost.exe
1012 C:\WINDOWS\system32\svchost.exe
1052 C:\WINDOWS\system32\svchost.exe
1096 svchost.exe
1192 svchost.exe
1240 C:\WINDOWS\system32\ati2evxx.exe
1520 D:\Programme\Alwil Software\Avast5\AvastSvc.exe
1772 C:\Programme\Logitech\LWS\Webcam Software\LWS.exe
1780 C:\Programme\D-Link\DWA-125 revA\AirGCFG.exe
1788 C:\Programme\D-Link\DWA-125 revA\WZCSLDR2.exe
1816 C:\WINDOWS\RTHDCPL.exe
1880 D:\Programme\Alwil Software\Avast5\AvastUI.exe
1888 C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe
1896 D:\Programme\Spybot - Search & Destroy\TeaTimer.exe
1956 D:\Programme\Logitech\SetPoint\SetPoint.exe
180 C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe
1272 C:\WINDOWS\system32\spoolsv.exe
2128 svchost.exe
2156 C:\WINDOWS\system32\svchost.exe
2172 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2204 C:\Programme\D-Link\DWA-125 revA\ANIWZCSdS.exe
2280 C:\Programme\D-Link\DWA-125 revA\ANIWConnService.exe
2448 C:\Programme\ICQ6Toolbar\ICQ Service.exe
2464 C:\Programme\Java\jre6\bin\jqs.exe
2540 C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe
2608 D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
2656 D:\Programme\Nero 8\Nero\Nero8\Nero BackItUp\NBService.exe
2688 C:\WINDOWS\system32\IoctlSvc.exe
2700 C:\WINDOWS\system32\PnkBstrA.exe
2712 C:\WINDOWS\system32\PnkBstrB.exe
2752 C:\WINDOWS\system32\svchost.exe
2832 D:\Programme\Tunngle\TnglCtrl.exe
3168 C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
3376 C:\WINDOWS\system32\wbem\wmiapsrv.exe
3588 alg.exe
2032 C:\WINDOWS\system32\svchost.exe
2676 C:\WINDOWS\system32\wuauclt.exe
3300 C:\WINDOWS\explorer.exe
1636 C:\Dokumente und Einstellungen\Administrator\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000c`34f2cc00 (NTFS)
PhysicalDrive0 Model Number: SAMSUNGHD502IJ, Rev: 1AA01110
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11
Done!
Gruß Cola |
|
11.01.2011, 21:38
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | W-Lan und Lan finden internet, aber keine konnektivität zum Internet.Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.01.2011, 18:08
| #13 |
| | W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Hallo erstmal ,Habe die einträge nun Gefixxt. |
|
13.01.2011, 19:43
| #15 |
| | W-Lan und Lan finden internet, aber keine konnektivität zum Internet. Moin, Habe die Logs, GMER : hxxp://www.materialordner.de/jiVy45BW7pFBSStzu2YZdUoGvYAyJ.html OSAM : Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:30:10 on 13.01.2011 OS: Windows XP Professional Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.13 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "ISUSPM.cpl" - "Macrovision Corporation" - C:\WINDOWS\system32\ISUSPM.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "PhysX.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\PhysX.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal - Free Antivirus " - ? - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl (File not found) "Nero BurnRights" - "Nero AG" - D:\Programme\Nero 8\Nero\Nero8\Nero Toolkit\NeroBurnRights.cpl "Pando" - "Pando Networks" - C:\Programme\Pando Networks\Media Booster\PMB.cpl "QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "a5oxp7hb" (a5oxp7hb) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\a5oxp7hb.sys (Hidden registry entry, rootkit activity | File signed by Microsoft) "adfs" (adfs) - ? - C:\WINDOWS\system32\drivers\adfs.sys (File not found) "ANPD Service" (ANPD) - ? - C:\WINDOWS\system32\ANPD.sys "aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswFsBlk.sys "aswRdr" (aswRdr) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswRdr.sys "aswSP" (aswSP) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswSP.sys "ati2mtag" (ati2mtag) - "ATI Technologies Inc." - C:\WINDOWS\System32\DRIVERS\ati2mtag.sys "atksgt" (atksgt) - ? - C:\WINDOWS\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avast! Asynchronous Virus Monitor" (Aavmker4) - "AVAST Software" - C:\WINDOWS\system32\drivers\Aavmker4.sys "avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswTdi.sys "avast! Standard Shield Support" (aswMon2) - "AVAST Software" - C:\WINDOWS\system32\drivers\aswMon2.sys "catchme" (catchme) - ? - C:\Cofi.exe\catchme.sys (File not found) "CbmDev1" (CbmDev1) - "MARX Datentechnik GmbH" - C:\WINDOWS\system32\drivers\CbmDev1.sys "CbmDev2" (CbmDev2) - "MARX Datentechnik GmbH" - C:\WINDOWS\system32\drivers\CbmDev2.sys "CbmDev3" (CbmDev3) - "MARX Datentechnik GmbH" - C:\WINDOWS\system32\drivers\CbmDev3.sys "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\WINDOWS\System32\DRIVERS\hamachi.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "LBeepKE" (LBeepKE) - "Logitech, Inc." - C:\WINDOWS\System32\Drivers\LBeepKE.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "lirsgt" (lirsgt) - ? - C:\WINDOWS\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\WINDOWS\system32\drivers\mbam.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys "sptd" (sptd) - "Duplex Secure Ltd." - C:\WINDOWS\System32\Drivers\sptd.sys (File is exclusively opened, access blocked) "TAP-Win32 Adapter V9 (Tunngle)" (tap0901t) - "Tunngle.net" - C:\WINDOWS\System32\DRIVERS\tap0901t.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) (Disabled) "XDva379" (XDva379) - ? - C:\WINDOWS\system32\XDva379.sys (File not found) (Disabled) "ywtxvxgn" (ywtxvxgn) - ? - C:\WINDOWS\system32\drivers\ywtxvxgn.sys (File not found) [Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Desktop\Components )----- "(1) Source" - ? - C:\Dokumente und Einstellungen\Administrator\Desktop\Beißspiel.Daniel Schneider,30.11.2010.html -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroDigitalExt.dll {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - D:\Programme\Alwil Software\Avast5\ashShell.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - D:\Programme\Logitech\SetPoint\kbcplext.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {792F0537-F929-4eb7-AC1D-FB6334C71550} "LG Phone" - ? - (File not found | COM-object registry key not found) {B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech, Inc." - D:\Programme\Logitech\SetPoint\mcplext.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - D:\Programme\Nero 8\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll {B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroDigitalExt.dll {7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroDigitalExt.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Programme\ICQ6Toolbar\ICQToolBar.dll "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_23" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_23.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} "Java Plug-in 1.6.0_23" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_23.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_23" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_23.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx / hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "ICQ7.2" - "ICQ, LLC." - C:\Programme\ICQ7.2\ICQ.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {855F3B16-6D32-4FE6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Programme\ICQ6Toolbar\ICQToolBar.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini "Logitech SetPoint.lnk" - "Logitech, Inc." - D:\Programme\Logitech\SetPoint\SetPoint.exe (Shortcut exists | File exists) -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 "SpybotSD TeaTimer" - "Safer-Networking Ltd." - D:\Programme\Spybot - Search & Destroy\TeaTimer.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avast5" - "AVAST Software" - "D:\Programme\Alwil Software\Avast5\avastUI.exe" /nogui "D-Link D-Link DWA-125" - "D-Link Corp." - C:\Programme\D-Link\DWA-125 revA\AirGCFG.exe "LWS" - "Logitech Inc." - C:\Programme\Logitech\LWS\Webcam Software\LWS.exe -hide "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" "WZCSLDR2" - "Wireless Service" - C:\Programme\D-Link\DWA-125 revA\WZCSLDR2.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Akamai NetSession Interface" (Akamai) - ? - c:\programme\gemeinsame dateien\akamai\netsession_win_dbc0250.dll (File found, but it contains no detailed information) "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Ati HotKey Poller" (Ati HotKey Poller) - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.exe "avast! Antivirus" (avast! Antivirus) - "AVAST Software" - D:\Programme\Alwil Software\Avast5\AvastSvc.exe "D_Link_DWA-125 Service" (D_Link_DWA-125) - "Wireless Service" - C:\Programme\D-Link\DWA-125 revA\ANIWZCSdS.exe "D_Link_DWA-125_WPS Service" (D_Link_DWA-125_WPS) - ? - C:\Programme\D-Link\DWA-125 revA\ANIWConnService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "ICQ Service" (ICQ Service) - ? - C:\Programme\ICQ6Toolbar\ICQ Service.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe "Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - D:\Programme\Nero 8\Nero\Nero8\Nero BackItUp\NBService.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe "nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\WINDOWS\system32\GameMon.des "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\WINDOWS\system32\IoctlSvc.exe "PnkBstrA" (PnkBstrA) - ? - C:\WINDOWS\system32\PnkBstrA.exe (File found, but it contains no detailed information) "PnkBstrB" (PnkBstrB) - ? - C:\WINDOWS\system32\PnkBstrB.exe (File found, but it contains no detailed information) "Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe "TunngleService" (TunngleService) - "Tunngle.net GmbH" - D:\Programme\Tunngle\TnglCtrl.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "AtiExtEvent" - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.dll "LBTWlgn" - "Logitech, Inc." - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
| Themen zu W-Lan und Lan finden internet, aber keine konnektivität zum Internet. |
| andere, anderen, autostart, blieb, browser, einträge, entfernt, folge, folgendes, google, guten, hängen, interne, internet, keine konnektivität, konnektivität, liste, nicht gefunden, nichts, problem, seite, seiten, server, skype, spiel, verbindung, w-lan |
Linear-Darstellung
