| |
| |||||||
Log-Analyse und Auswertung: Windows Recovery entfernen und pc wiederherstellenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
01.05.2011, 20:54
| #16 |
 |  Windows Recovery entfernen und pc wiederherstellen hier die otl logsOTL Logfile: Code:
ATTFilter OTL logfile created on: 1.5.2011 21:42:59 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: d.M.yyyy 1.023,00 Mb Total Physical Memory | 669,00 Mb Available Physical Memory | 65,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 93,00% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 55,89 Gb Total Space | 12,73 Gb Free Space | 22,78% Space Free | Partition Type: NTFS Drive D: | 55,90 Gb Total Space | 13,95 Gb Free Space | 24,95% Space Free | Partition Type: NTFS Drive E: | 37,25 Gb Total Space | 28,10 Gb Free Space | 75,43% Space Free | Partition Type: FAT32 Drive I: | 232,88 Gb Total Space | 216,69 Gb Free Space | 93,05% Space Free | Partition Type: NTFS Computer Name: SUMMER | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\OTL.exe (OldTimer Tools) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- File not found SRV - (AppMgmt) -- File not found SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten) SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe () SRV - (Fabs) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (SavRoam) -- C:\Programme\Symantec AntiVirus\SavRoam.exe (symantec) SRV - (Symantec AntiVirus) -- C:\Programme\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation) SRV - (DefWatch) -- C:\Programme\Symantec AntiVirus\DefWatch.exe (Symantec Corporation) SRV - (ccSetMgr) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe (Symantec Corporation) SRV - (ccPwdSvc) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe (Symantec Corporation) SRV - (ccEvtMgr) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) SRV - (SNDSrvc) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe (Symantec Corporation) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (SPBBCSvc) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (NAVEX15) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20110422.003\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20110422.003\NAVENG.SYS (Symantec Corporation) DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd) DRV - (ssadmdm) -- C:\WINDOWS\system32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\WINDOWS\system32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys () DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys () DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation) DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation) DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation) DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation) DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation) DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation) DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (DiskSec) -- C:\WINDOWS\System32\drivers\disksec.sys (MAGIX) DRV - (DSI_SiUSBXp_3_1) -- C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys (Silicon Laboratories) DRV - (SE27obex) -- C:\WINDOWS\system32\drivers\SE27obex.sys (MCCI) DRV - (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\SE27mgmt.sys (MCCI) DRV - (SE27mdm) -- C:\WINDOWS\system32\drivers\SE27mdm.sys (MCCI) DRV - (SE27mdfl) -- C:\WINDOWS\system32\drivers\SE27mdfl.sys (MCCI) DRV - (SE27bus) Sony Ericsson Device 039 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\SE27bus.sys (MCCI) DRV - (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) -- C:\WINDOWS\system32\drivers\se27nd5.sys (MCCI) DRV - (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) -- C:\WINDOWS\system32\drivers\se27unic.sys (MCCI) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (PDNETCTL) -- C:\WINDOWS\system32\drivers\pdnetctl.sys (ProDyne) DRV - (phc700) USB PC Camera (phc710) -- C:\WINDOWS\system32\drivers\phc700.sys () DRV - (PDDSLHND) -- C:\WINDOWS\System32\drivers\PDDSLHND.SYS (ProDyne) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SymEvent) -- C:\Programme\Symantec\SYMEVENT.SYS (Symantec Corporation) DRV - (SPBBCDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.) DRV - (k750obex) -- C:\WINDOWS\system32\drivers\k750obex.sys (MCCI) DRV - (k750mgmt) -- C:\WINDOWS\system32\drivers\k750mgmt.sys (MCCI) DRV - (k750mdm) -- C:\WINDOWS\system32\drivers\k750mdm.sys (MCCI) DRV - (k750mdfl) -- C:\WINDOWS\system32\drivers\k750mdfl.sys (MCCI) DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\WINDOWS\system32\drivers\k750bus.sys (MCCI) DRV - (SAVRTPEL) -- C:\Programme\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation) DRV - (SAVRT) -- C:\Programme\Symantec AntiVirus\savrt.sys (Symantec Corporation) DRV - (ZDPSp50) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - (PhTVTune) -- C:\WINDOWS\system32\drivers\PhTVTune.sys (Philips Semiconductors) DRV - (Cap7134) MEDION (7134) -- C:\WINDOWS\system32\drivers\Cap7134.sys (Philips Semiconductors) DRV - (SISAGP) -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation) DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.) DRV - (SiSide) -- C:\WINDOWS\System32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.) DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation) DRV - (Intels51) -- C:\WINDOWS\system32\drivers\ctxs51.sys (Intel Corporation) DRV - (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0) -- C:\WINDOWS\system32\drivers\CamDrL21.sys (Philips Semiconductors) DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider) DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp. IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp. IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1960408961-630328440-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp. IE - HKU\S-1-5-21-1960408961-630328440-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2009.11.06 09:37:09 | 000,350,739 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 007guard.com - 007guard and Free Antivirus O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 Virus Removal Tool | Cash Advance | Debt Consolidation | Insurance | Free Credit Report at 0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf! O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 12022 more lines... O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Adobe PDF Reader Link Helper) - {C689C99E-3A8C-4c87-A79C-C80DC9C81632} - C:\WINDOWS\system32\AcroIEHelpe.dll (Adobe Systems, Incorporated) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKU\S-1-5-21-1960408961-630328440-839522115-500..\Run: [Nokia.PCSync] File not found O4 - HKU\S-1-5-21-1960408961-630328440-839522115-500..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1960408961-630328440-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225621146937 (MUWebControl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-445047540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/html - No CLSID value found O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\appconf32.exe) - C:\WINDOWS\system32\appconf32.exe () O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\System32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.04.14 13:17:58 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010.03.31 10:35:30 | 000,000,102 | -H-- | M] () - I:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Winter Fun Wallpaper Changer.lnk - C:\WINDOWS\Installer\{038A524F-58DB-438A-8391-8F7F0CA14B9E}\Icon038A524F.exe - () MsConfig - StartUpReg: ANT Agent - hkey= - key= - C:\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.) MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: msnmsgr - hkey= - key= - File not found MsConfig - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB) MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) MsConfig - StartUpReg: vKECjCxHfiQS - hkey= - key= - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 2 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error. ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {1325db73-d9f1-48f8-8895-6d814ec58889} - Sicherheitsupdate für Windows XP (KB913433) ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {2337076a-dd0c-43a6-8d85-54070578a42f} - KB912812 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.1.3 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.1.3 ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447) ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error. ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error. ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error. ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error. ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CB86EC62-CEA7-4C82-9EBA-B7A5E410E54C} - Reg Error: Value error. ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567 ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Error starting restore point: The function was called in safe mode. Error closing restore point: The sequence number is invalid. ========== Files/Folders - Created Within 30 Days ========== [2011.05.01 20:48:52 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\OTL.exe [2011.05.01 17:14:08 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\IECompatCache [2011.05.01 17:10:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com [2011.05.01 17:10:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SUPERAntiSpyware.com [2011.05.01 17:10:15 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2011.05.01 17:09:19 | 011,021,160 | ---- | C] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\SUPERAntiSpyware.exe [2011.05.01 17:08:27 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien [2011.04.29 14:59:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\UAs [2011.04.29 14:36:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xmldm [2011.04.29 14:36:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kock [2011.04.29 14:28:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia [2011.04.29 14:23:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes [2011.04.29 14:23:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe [2011.04.27 22:21:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip [2011.04.27 22:21:30 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2011.04.26 11:50:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.04.26 11:50:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2011.04.26 11:50:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2011.04.26 11:50:42 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.25 22:01:12 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\PrivacIE [2011.04.25 21:57:45 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft [2011.04.25 21:57:45 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör [2011.04.25 21:57:45 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü [2011.04.25 21:57:45 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo [2011.04.25 21:57:45 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart [2011.04.25 21:57:45 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten [2011.04.25 21:57:45 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache [2011.04.25 21:57:45 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies [2011.04.25 21:57:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen [2011.04.25 21:57:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent [2011.04.25 21:57:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung [2011.04.25 21:57:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft [2011.04.25 21:57:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen [2011.04.25 21:57:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten [2011.04.25 21:57:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung [2011.04.25 21:57:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop [2011.03.18 09:32:34 | 000,148,736 | -H-- | C] (Avanquest Software) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpe7.dll [2009.10.04 00:07:01 | 078,741,808 | -H-- | C] (MAGIX AG) -- C:\Programme\tutorials_pack01_d.exe [2008.06.11 22:45:08 | 012,814,336 | -H-- | C] (Microsoft Corporation) -- C:\Programme\mp10setup.exe [2008.06.11 22:40:52 | 025,842,760 | -H-- | C] (Microsoft Corporation) -- C:\Programme\wmp11-windowsxp-x86-DE-DE.exe [2007.12.01 16:16:08 | 000,061,440 | -H-- | C] ( ) -- C:\WINDOWS\System32\cphc700.dll [3 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ] [201 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.05.01 20:49:00 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\OTL.exe [2011.05.01 17:10:19 | 000,001,642 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.05.01 17:09:32 | 011,021,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\SUPERAntiSpyware.exe [2011.05.01 17:06:05 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.05.01 17:04:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.05.01 17:03:28 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\PCCT - MAGIX AG.job [2011.05.01 17:03:26 | 000,000,229 | RHS- | M] () -- C:\boot.ini [2011.04.30 23:53:03 | 000,000,276 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011.04.30 08:13:00 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011.04.29 07:50:23 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.04.27 11:07:38 | 000,000,046 | -H-- | M] () -- C:\WINDOWS\PCCT.INI [2011.04.26 11:50:49 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.25 14:35:59 | 000,000,152 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18472756r [2011.04.25 14:35:59 | 000,000,128 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18472756 [2011.04.25 14:34:49 | 000,000,336 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18472756 [2011.04.22 15:59:34 | 000,001,917 | -H-- | M] () -- C:\WINDOWS\imsins.BAK [2011.04.15 14:06:58 | 000,228,800 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.04.15 12:50:03 | 000,484,896 | -H-- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.04.15 12:50:03 | 000,463,372 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.04.15 12:50:03 | 000,091,962 | -H-- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.04.15 12:50:03 | 000,077,218 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.04.05 08:09:41 | 000,002,165 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [201 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.05.01 17:10:19 | 000,001,642 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.04.26 11:50:49 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.25 21:57:46 | 000,001,599 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk [2011.04.25 21:57:46 | 000,000,772 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Windows Media Player.lnk [2011.04.25 14:35:59 | 000,000,152 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18472756r [2011.04.25 14:35:59 | 000,000,128 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18472756 [2011.04.25 14:34:49 | 000,000,336 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18472756 [2011.03.09 08:31:57 | 000,209,544 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2011.03.08 23:00:14 | 000,110,592 | -H-- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2011.03.08 23:00:14 | 000,036,640 | -H-- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2011.01.29 18:00:24 | 000,030,568 | -H-- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2011.01.29 18:00:22 | 000,974,848 | -H-- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2011.01.29 18:00:22 | 000,081,920 | -H-- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2011.01.29 18:00:22 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2011.01.29 18:00:22 | 000,057,344 | -H-- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2010.06.06 13:53:00 | 000,048,208 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2010.02.11 16:34:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009.11.08 15:54:58 | 000,007,256 | -H-- | C] () -- C:\WINDOWS\mgxoschk.ini [2009.11.07 08:56:42 | 000,000,046 | -H-- | C] () -- C:\WINDOWS\PCCT.INI [2009.11.07 08:22:31 | 000,000,111 | -H-- | C] () -- C:\WINDOWS\installation.ini [2009.10.22 00:29:52 | 008,285,129 | -H-- | C] () -- C:\Programme\Photoshop_albumSE_de_de_320.zip [2009.10.21 23:03:23 | 000,012,288 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.10.03 19:25:16 | 000,120,200 | -H-- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll [2009.07.08 15:33:10 | 000,000,000 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt [2009.07.08 15:23:55 | 000,007,168 | -H-- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008.12.09 17:23:13 | 000,046,080 | RHS- | C] () -- C:\WINDOWS\System32\appconf32.exe [2008.11.02 12:38:10 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat [2008.06.09 23:37:35 | 001,427,520 | -H-- | C] () -- C:\Programme\Silverlight.exe [2007.12.01 16:16:30 | 000,363,520 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2007.12.01 16:16:28 | 000,013,312 | -H-- | C] () -- C:\WINDOWS\System32\msdmo(2).dll [2007.12.01 16:16:08 | 000,541,568 | -H-- | C] () -- C:\WINDOWS\System32\drivers\phc700.sys [2007.12.01 16:16:08 | 000,015,488 | -H-- | C] () -- C:\WINDOWS\phc700.ini [2007.10.31 12:24:39 | 000,000,071 | -H-- | C] () -- C:\WINDOWS\Pex.INI [2007.06.01 11:22:04 | 000,000,033 | -H-- | C] () -- C:\WINDOWS\LVMMail.INI [2007.06.01 11:16:31 | 000,000,241 | -H-- | C] () -- C:\WINDOWS\QSync.INI [2007.06.01 11:15:29 | 000,073,728 | -H-- | C] () -- C:\WINDOWS\System32\LVUI2RC.dll [2007.06.01 11:15:28 | 000,005,187 | -H-- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2007.06.01 11:15:26 | 000,000,756 | -H-- | C] () -- C:\WINDOWS\_delis32.ini [2007.04.23 02:15:29 | 003,596,288 | -H-- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2007.04.23 02:01:47 | 000,012,288 | -H-- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2007.03.18 19:17:43 | 000,001,763 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2007.03.18 18:57:45 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\mngui.INI [2007.03.14 09:44:38 | 000,042,982 | -H-- | C] () -- C:\WINDOWS\System32\PDDSLADP.DLL [2006.06.05 00:17:26 | 000,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2006.06.05 00:06:54 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\ODBC.INI [2006.06.05 00:03:30 | 000,000,032 | -H-- | C] () -- C:\WINDOWS\CD_Start.INI [2006.06.04 23:32:36 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\VPC32.INI [2006.06.04 23:31:58 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat [2006.04.14 14:09:39 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI [2006.04.14 14:08:28 | 000,228,800 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006.04.14 13:43:06 | 000,000,169 | -H-- | C] () -- C:\WINDOWS\RtlRack.ini [2006.04.14 13:32:03 | 000,139,264 | RH-- | C] () -- C:\WINDOWS\System32\IDEproperty.dll [2006.04.14 13:31:25 | 000,028,672 | RH-- | C] () -- C:\WINDOWS\htpatch.exe [2006.04.14 13:31:25 | 000,003,072 | RH-- | C] () -- C:\WINDOWS\winio.sys [2006.04.14 13:19:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006.04.14 13:15:22 | 000,023,504 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006.02.13 13:29:26 | 000,121,995 | -H-- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2005.07.12 15:44:42 | 000,015,872 | -H-- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL [2004.03.23 17:38:00 | 000,028,672 | -H-- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll [2003.03.14 13:24:00 | 000,024,576 | -H-- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe [2003.02.20 15:53:42 | 000,005,702 | -H-- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002.08.29 14:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat [2002.08.29 14:00:00 | 000,484,896 | -H-- | C] () -- C:\WINDOWS\System32\perfh007.dat [2002.08.29 14:00:00 | 000,463,372 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat [2002.08.29 14:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat [2002.08.29 14:00:00 | 000,269,480 | -H-- | C] () -- C:\WINDOWS\System32\perfi007.dat [2002.08.29 14:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat [2002.08.29 14:00:00 | 000,091,962 | -H-- | C] () -- C:\WINDOWS\System32\perfc007.dat [2002.08.29 14:00:00 | 000,077,218 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat [2002.08.29 14:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin [2002.08.29 14:00:00 | 000,034,478 | -H-- | C] () -- C:\WINDOWS\System32\perfd007.dat [2002.08.29 14:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat [2002.08.29 14:00:00 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin [2002.08.29 14:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat [2001.09.04 11:12:28 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin [2001.09.04 11:10:20 | 000,004,518 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat [1999.01.27 13:39:06 | 000,065,024 | -H-- | C] () -- C:\WINDOWS\System32\indounin.dll [1997.06.13 07:56:08 | 000,056,832 | -H-- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll ========== LOP Check ========== [2011.03.18 09:34:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software [2010.01.11 23:40:29 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited [2010.02.11 14:02:36 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2010.04.23 20:51:22 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan [2007.07.29 14:31:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations [2010.05.14 00:15:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FileCure [2008.06.09 08:21:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GARMIN [2007.07.29 14:28:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations [2009.11.07 08:21:09 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2009.06.30 08:34:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite [2011.03.08 22:54:02 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung [2006.12.03 19:11:28 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Teleca [2008.07.23 12:36:22 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom [2009.11.10 19:30:41 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems [2008.05.08 18:04:21 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint [2009.04.03 10:44:11 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WhiteCap (Holiday Edition) [2010.05.28 20:09:31 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009.12.20 16:51:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9} [2010.04.23 20:51:22 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Canon [2011.03.08 16:50:29 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Canon Easy-WebPrint EX [2006.06.13 16:42:59 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\FRITZ! [2008.12.28 23:14:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\GARMIN [2006.06.13 16:43:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\ICQLite [2006.06.13 16:43:01 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Leadertech [2010.05.30 14:01:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\MAGIX [2007.07.29 22:00:49 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Nokia Multimedia Player [2007.07.29 16:31:22 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\PC Suite [2011.03.08 22:50:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Samsung [2006.12.03 19:14:06 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Teleca [2007.11.11 12:28:34 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Ulead Systems [2008.10.15 06:23:26 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Viewpoint [2011.04.30 23:25:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Agzab [2011.02.24 09:35:55 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\AllDup [2011.01.06 19:08:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Canneverbe Limited [2010.09.20 22:19:20 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Canon [2011.03.03 02:54:07 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Canon Easy-WebPrint EX [2010.10.16 15:16:28 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\click [2011.04.30 23:25:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Ewdem [2008.12.29 14:35:52 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\GARMIN [2007.06.26 20:39:02 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Leadertech [2009.11.07 08:24:51 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\MAGIX [2011.03.20 13:17:48 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\MyPhoneExplorer [2009.07.09 08:44:15 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Nokia [2007.07.29 15:15:27 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\PC Suite [2009.07.08 15:34:59 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Samsung [2010.06.07 15:06:56 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\TeamViewer [2006.12.04 14:11:21 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Teleca [2008.07.23 12:36:17 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\TomTom [2007.10.31 12:21:47 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Ulead Systems [2008.12.10 15:58:29 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Vso [2011.04.30 16:23:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Winnew [2011.04.30 08:13:00 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2011.05.01 17:03:28 | 000,000,322 | ---- | M] () -- C:\WINDOWS\Tasks\PCCT - MAGIX AG.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.04.29 14:23:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe [2011.04.29 14:28:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia [2011.04.29 14:23:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes [2006.04.14 13:17:38 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft [2011.05.01 17:10:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SUPERAntiSpyware.com < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.06.10 08:11:35 | 022,286,026 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008.12.18 09:52:23 | 023,898,261 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2008.06.10 08:11:35 | 022,286,026 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2008.12.18 09:52:23 | 023,898,261 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.13 20:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.13 20:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004.08.04 08:07:41 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys < MD5 for: ATAPI.SYS > [2002.08.29 14:00:00 | 010,180,476 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys [2008.06.10 08:11:35 | 022,286,026 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008.12.18 09:52:23 | 023,898,261 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008.06.10 08:11:35 | 022,286,026 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2008.12.18 09:52:23 | 023,898,261 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.13 20:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.13 20:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004.08.04 07:59:42 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 04:22:10 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 04:22:10 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll [2004.08.04 09:57:18 | 000,055,808 | -H-- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2002.08.29 14:00:00 | 000,049,152 | -H-- | M] (Microsoft Corporation) MD5=B9358A1FB66CF656328FD8B792B2CCC4 -- C:\WINDOWS\LastGood(3)\system32\eventlog.dll < MD5 for: NETLOGON.DLL > [2008.04.14 04:22:19 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 04:22:19 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll [2002.08.29 14:00:00 | 000,399,360 | -H-- | M] (Microsoft Corporation) MD5=BCA549B21E651111CE7BAD0FC8C45F4B -- C:\WINDOWS\LastGood(3)\system32\netlogon.dll [2004.08.04 09:57:30 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2008.04.14 04:22:23 | 000,187,904 | -H-- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 04:22:23 | 000,187,904 | -H-- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll [2004.08.04 09:57:33 | 000,186,880 | -H-- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2002.08.29 14:00:00 | 000,181,248 | -H-- | M] (Microsoft Corporation) MD5=ADD49C10F5DADFA81912D124FE1C9A99 -- C:\WINDOWS\LastGood(4)\System32(2)\scecli.dll < MD5 for: USER32.DLL > [2005.03.02 20:09:46 | 000,578,560 | -H-- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$hf_mig$\KB890859\SP2GDR\user32.dll [2005.03.02 20:09:46 | 000,578,560 | -H-- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll [2007.03.08 17:36:30 | 000,579,072 | -H-- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\SoftwareDistribution\Download\e3b9e8cd6239a53ea3486ac0e70fdfac\sp2gdr\user32.dll [2005.03.02 20:19:56 | 000,578,560 | -H-- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll [2007.03.08 17:48:39 | 000,579,584 | -H-- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\SoftwareDistribution\Download\e3b9e8cd6239a53ea3486ac0e70fdfac\sp2qfe\user32.dll [2008.04.14 04:22:31 | 000,580,096 | -H-- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 04:22:31 | 000,580,096 | -H-- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 04:23:03 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 04:23:03 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.04 09:58:16 | 000,025,088 | -H-- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: WINLOGON.EXE > [2004.08.04 09:58:19 | 000,507,392 | -H-- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2002.08.29 14:00:00 | 000,521,728 | -H-- | M] (Microsoft Corporation) MD5=616896B708286DA98D6A099293F181D7 -- C:\WINDOWS\LastGood(4)\System32(2)\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | -H-- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | -H-- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2002.08.29 14:00:00 | 000,012,032 | -H-- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2002.08.29 14:00:00 | 000,012,032 | -H-- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.06.11 23:50:43 | 000,266,240 | -H-- | M] () -- C:\WINDOWS\system32\config\default.sav [2008.06.11 21:36:24 | 000,040,960 | -H-- | M] () -- C:\WINDOWS\system32\config\security.sav [2008.06.11 23:50:43 | 022,208,512 | -H-- | M] () -- C:\WINDOWS\system32\config\software.sav [2008.06.11 23:50:43 | 005,242,880 | -H-- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [201 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < > < Schliesse bitte nun alle Programme. (Wichtig) > < Klicke nun bitte auf den Quick Scan Button. > < End of report > |
|
02.05.2011, 11:21
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows Recovery entfernen und pc wiederherstellen Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)
__________________Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.04.14 13:17:58 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.03.31 10:35:30 | 000,000,102 | -H-- | M] () - I:\autorun.inf -- [ NTFS ]
[2011.04.25 14:35:59 | 000,000,152 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18472756r
[2011.04.25 14:35:59 | 000,000,128 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18472756
[2011.04.25 14:34:49 | 000,000,336 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18472756
[2011.04.30 23:25:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Agzab
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ |
|
02.05.2011, 23:58
| #18 |
| | Windows Recovery entfernen und pc wiederherstellen hallo Arne,
__________________hier das OTL Log vom fix: All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\AUTOEXEC.BAT moved successfully. I:\autorun.inf moved successfully. C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18472756r moved successfully. C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18472756 moved successfully. C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18472756 moved successfully. C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Agzab folder moved successfully. ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 4894214 bytes ->Flash cache emptied: 798 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 49554 bytes User: Melli ->Temp folder emptied: 4365592 bytes ->Temporary Internet Files folder emptied: 101653228 bytes ->Java cache emptied: 596507 bytes ->Flash cache emptied: 70294 bytes User: NetworkService ->Temp folder emptied: 388 bytes ->Temporary Internet Files folder emptied: 1425057 bytes User: XXX ->Temp folder emptied: 43022482 bytes ->Temporary Internet Files folder emptied: 51960817 bytes ->Java cache emptied: 3988174 bytes ->Flash cache emptied: 93618 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 3704269 bytes %systemroot%\System32 .tmp files removed: 36960507 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6457786 bytes RecycleBin emptied: 3195415479 bytes Total Files Cleaned = 3.295,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 05032011_004743 Files\Folders moved on Reboot... C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Temporary Internet Files\Content.IE5\Z5UDRXI8\ads[1].htm moved successfully. C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YCDR3S9J\82164_CatQ211DE_Catq211DE_Mobile_728x90[1].html moved successfully. C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YCDR3S9J\load_v7_intl[1].htm moved successfully. C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Temporary Internet Files\Content.IE5\YCDR3S9J\st[1] moved successfully. C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XA7ZE3K1\ads[1].htm moved successfully. C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Temporary Internet Files\Content.IE5\V2GC01V7\ads[2].htm moved successfully. C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Temporary Internet Files\Content.IE5\MQKS9OYI\clk[1].htm moved successfully. C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Temporary Internet Files\Content.IE5\MQKS9OYI\ht[1].htm moved successfully. C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Temporary Internet Files\Content.IE5\MQKS9OYI\iframe3[1].htm moved successfully. Registry entries deleted on Reboot... vielen dank schonmal für Deine Hilfe |
|
03.05.2011, 08:39
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery entfernen und pc wiederherstellen Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
03.05.2011, 11:06
| #20 |
| | Windows Recovery entfernen und pc wiederherstellen Kaspersky log 2011/05/03 12:05:10.0203 0180 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16 2011/05/03 12:05:10.0406 0180 ================================================================================ 2011/05/03 12:05:10.0406 0180 SystemInfo: 2011/05/03 12:05:10.0406 0180 2011/05/03 12:05:10.0406 0180 OS Version: 5.1.2600 ServicePack: 3.0 2011/05/03 12:05:10.0406 0180 Product type: Workstation 2011/05/03 12:05:10.0406 0180 ComputerName: SUMMER 2011/05/03 12:05:10.0406 0180 UserName: XXX 2011/05/03 12:05:10.0406 0180 Windows directory: C:\WINDOWS 2011/05/03 12:05:10.0406 0180 System windows directory: C:\WINDOWS 2011/05/03 12:05:10.0406 0180 Processor architecture: Intel x86 2011/05/03 12:05:10.0406 0180 Number of processors: 1 2011/05/03 12:05:10.0406 0180 Page size: 0x1000 2011/05/03 12:05:10.0421 0180 Boot type: Normal boot 2011/05/03 12:05:10.0421 0180 ================================================================================ 2011/05/03 12:05:10.0984 0180 Initialize success |
|
03.05.2011, 11:30
| #21 |
| | Windows Recovery entfernen und pc wiederherstellen hallo Arne, meine daten und programme sind wieder nutzbar, vielen Dank dafür. Ist der Virus runter oder muß ich noch was tun? Gruß Maxxl |
|
03.05.2011, 13:00
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery entfernen und pc wiederherstellen Offensichtlich hast du den tdsskiller falsch ausgeführt! Halte dich bitte an die Anleitung! Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.05.2011, 15:51
| #23 |
| | Windows Recovery entfernen und pc wiederherstellen hier der log, 2011/05/03 16:46:05.0890 2916 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16 2011/05/03 16:46:06.0156 2916 ================================================================================ 2011/05/03 16:46:06.0156 2916 SystemInfo: 2011/05/03 16:46:06.0156 2916 2011/05/03 16:46:06.0156 2916 OS Version: 5.1.2600 ServicePack: 3.0 2011/05/03 16:46:06.0156 2916 Product type: Workstation 2011/05/03 16:46:06.0156 2916 ComputerName: SUMMER 2011/05/03 16:46:06.0156 2916 UserName: XXX 2011/05/03 16:46:06.0156 2916 Windows directory: C:\WINDOWS 2011/05/03 16:46:06.0156 2916 System windows directory: C:\WINDOWS 2011/05/03 16:46:06.0156 2916 Processor architecture: Intel x86 2011/05/03 16:46:06.0156 2916 Number of processors: 1 2011/05/03 16:46:06.0156 2916 Page size: 0x1000 2011/05/03 16:46:06.0156 2916 Boot type: Normal boot 2011/05/03 16:46:06.0156 2916 ================================================================================ 2011/05/03 16:46:06.0937 2916 Initialize success 2011/05/03 16:47:09.0125 3032 ================================================================================ 2011/05/03 16:47:09.0125 3032 Scan started 2011/05/03 16:47:09.0125 3032 Mode: Manual; 2011/05/03 16:47:09.0125 3032 ================================================================================ 2011/05/03 16:47:09.0765 3032 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/05/03 16:47:09.0890 3032 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/05/03 16:47:10.0109 3032 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/05/03 16:47:10.0265 3032 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys 2011/05/03 16:47:10.0406 3032 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys 2011/05/03 16:47:10.0765 3032 ALCXWDM (697e8b697b58756e5e053387d0033b5e) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2011/05/03 16:47:11.0140 3032 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/05/03 16:47:11.0625 3032 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/05/03 16:47:11.0781 3032 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/05/03 16:47:12.0031 3032 ati2mtag (07ac9a98ea70b5a6655a5797174bd282) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2011/05/03 16:47:12.0187 3032 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/05/03 16:47:12.0328 3032 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/05/03 16:47:12.0484 3032 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/05/03 16:47:12.0640 3032 Cap7134 (df5926971cf1f9d8da936d40cc506773) C:\WINDOWS\system32\DRIVERS\Cap7134.sys 2011/05/03 16:47:12.0796 3032 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/05/03 16:47:12.0937 3032 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2011/05/03 16:47:13.0156 3032 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/05/03 16:47:13.0296 3032 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/05/03 16:47:13.0453 3032 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/05/03 16:47:14.0203 3032 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys 2011/05/03 16:47:14.0343 3032 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/05/03 16:47:14.0453 3032 DiskSec (f6010162368d9bef934f1647f2430446) C:\WINDOWS\system32\drivers\DiskSec.sys 2011/05/03 16:47:14.0640 3032 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 2011/05/03 16:47:14.0828 3032 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 2011/05/03 16:47:14.0968 3032 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/05/03 16:47:15.0125 3032 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/05/03 16:47:15.0359 3032 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/05/03 16:47:15.0500 3032 DSI_SiUSBXp_3_1 (bc9c2ef22ee0320c079e3ff9b4d29951) C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys 2011/05/03 16:47:15.0656 3032 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys 2011/05/03 16:47:15.0734 3032 EraserUtilDrvI10 (850259334652d392e33ee3412562e583) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrvI10.sys 2011/05/03 16:47:15.0906 3032 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/05/03 16:47:16.0062 3032 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/05/03 16:47:16.0218 3032 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 2011/05/03 16:47:16.0359 3032 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2011/05/03 16:47:16.0515 3032 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/05/03 16:47:16.0671 3032 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS 2011/05/03 16:47:16.0875 3032 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/05/03 16:47:16.0984 3032 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/05/03 16:47:17.0093 3032 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys 2011/05/03 16:47:17.0234 3032 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 2011/05/03 16:47:17.0390 3032 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/05/03 16:47:17.0546 3032 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/05/03 16:47:17.0765 3032 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/05/03 16:47:18.0062 3032 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/05/03 16:47:18.0218 3032 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/05/03 16:47:18.0500 3032 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/05/03 16:47:18.0687 3032 Intels51 (bb801eb1898a22dfd412064e5c952ea5) C:\WINDOWS\system32\DRIVERS\ctxs51.sys 2011/05/03 16:47:18.0859 3032 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/05/03 16:47:19.0000 3032 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/05/03 16:47:19.0156 3032 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/05/03 16:47:19.0312 3032 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/05/03 16:47:19.0437 3032 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/05/03 16:47:19.0593 3032 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/05/03 16:47:19.0750 3032 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\WINDOWS\system32\DRIVERS\k750bus.sys 2011/05/03 16:47:19.0906 3032 k750mdfl (f44521f63c0c00364fa3d59db980de6a) C:\WINDOWS\system32\DRIVERS\k750mdfl.sys 2011/05/03 16:47:20.0046 3032 k750mdm (e93323c3ed5e8923a177740a973c27b2) C:\WINDOWS\system32\DRIVERS\k750mdm.sys 2011/05/03 16:47:20.0203 3032 k750mgmt (9d5f5a70ca0b7c428efcd73db50e6ac7) C:\WINDOWS\system32\DRIVERS\k750mgmt.sys 2011/05/03 16:47:20.0359 3032 k750obex (81ca2d57b2c14f76f4ba80846784bb3d) C:\WINDOWS\system32\DRIVERS\k750obex.sys 2011/05/03 16:47:20.0500 3032 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/05/03 16:47:20.0718 3032 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/05/03 16:47:20.0875 3032 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/05/03 16:47:21.0140 3032 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/05/03 16:47:21.0296 3032 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 2011/05/03 16:47:21.0437 3032 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/05/03 16:47:21.0578 3032 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/05/03 16:47:21.0734 3032 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/05/03 16:47:22.0109 3032 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/05/03 16:47:22.0265 3032 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/05/03 16:47:22.0437 3032 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/05/03 16:47:22.0578 3032 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/05/03 16:47:22.0718 3032 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/05/03 16:47:22.0843 3032 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/05/03 16:47:22.0984 3032 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/05/03 16:47:23.0093 3032 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2011/05/03 16:47:23.0234 3032 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys 2011/05/03 16:47:23.0375 3032 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2011/05/03 16:47:23.0515 3032 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2011/05/03 16:47:23.0718 3032 NAVENG (c34e2a884ccca8b5567d0c2752527073) C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20110422.003\naveng.sys 2011/05/03 16:47:23.0937 3032 NAVEX15 (b3916eeec738dd4178f4fd6a44a32e36) C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20110422.003\navex15.sys 2011/05/03 16:47:24.0078 3032 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/05/03 16:47:24.0234 3032 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2011/05/03 16:47:24.0359 3032 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/05/03 16:47:24.0515 3032 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/05/03 16:47:24.0656 3032 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/05/03 16:47:24.0828 3032 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/05/03 16:47:24.0968 3032 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/05/03 16:47:25.0125 3032 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/05/03 16:47:25.0312 3032 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/05/03 16:47:25.0468 3032 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/05/03 16:47:25.0625 3032 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/05/03 16:47:25.0812 3032 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/05/03 16:47:25.0937 3032 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/05/03 16:47:26.0078 3032 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/05/03 16:47:26.0218 3032 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/05/03 16:47:26.0390 3032 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/05/03 16:47:26.0531 3032 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/05/03 16:47:26.0656 3032 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/05/03 16:47:26.0781 3032 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/05/03 16:47:27.0015 3032 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys 2011/05/03 16:47:27.0187 3032 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/05/03 16:47:27.0343 3032 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys 2011/05/03 16:47:27.0578 3032 PDDSLHND (49e3fa74798f192d4a6b299ee0b8e5f3) C:\WINDOWS\system32\drivers\PDDSLHND.sys 2011/05/03 16:47:27.0812 3032 PDNETCTL (f13567e632258053cea72eeb33890a2a) C:\WINDOWS\system32\DRIVERS\pdnetctl.sys 2011/05/03 16:47:28.0343 3032 phc700 (8a3a05186cc4a9198581a0a09d38e959) C:\WINDOWS\system32\DRIVERS\phc700.sys 2011/05/03 16:47:28.0578 3032 PhilCam8116 (a3a4d50051ddbcf390e5918c43c167ef) C:\WINDOWS\system32\DRIVERS\CamDrL21.sys 2011/05/03 16:47:28.0718 3032 PhTVTune (86a49a1083a2ca4c49901b2cad17152e) C:\WINDOWS\system32\DRIVERS\PhTVTune.sys 2011/05/03 16:47:28.0890 3032 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/05/03 16:47:29.0031 3032 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys 2011/05/03 16:47:29.0234 3032 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/05/03 16:47:29.0359 3032 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/05/03 16:47:29.0921 3032 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/05/03 16:47:30.0046 3032 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/05/03 16:47:30.0218 3032 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/05/03 16:47:30.0359 3032 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/05/03 16:47:30.0484 3032 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/05/03 16:47:30.0640 3032 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/05/03 16:47:30.0781 3032 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/05/03 16:47:30.0921 3032 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/05/03 16:47:31.0093 3032 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\WINDOWS\system32\DRIVERS\s0016bus.sys 2011/05/03 16:47:31.0250 3032 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys 2011/05/03 16:47:31.0390 3032 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\WINDOWS\system32\DRIVERS\s0016mdm.sys 2011/05/03 16:47:31.0546 3032 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys 2011/05/03 16:47:31.0703 3032 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\WINDOWS\system32\DRIVERS\s0016nd5.sys 2011/05/03 16:47:31.0828 3032 s0016obex (36792935847143e4a3cda0dc87248487) C:\WINDOWS\system32\DRIVERS\s0016obex.sys 2011/05/03 16:47:31.0984 3032 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\WINDOWS\system32\DRIVERS\s0016unic.sys 2011/05/03 16:47:32.0109 3032 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS 2011/05/03 16:47:32.0156 3032 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS 2011/05/03 16:47:32.0296 3032 SAVRT (a00d5aa4748a1002590f08aa00fc660d) C:\Programme\Symantec AntiVirus\savrt.sys 2011/05/03 16:47:32.0437 3032 SAVRTPEL (1e805005583be1c1568a3fce259c81e3) C:\Programme\Symantec AntiVirus\Savrtpel.sys 2011/05/03 16:47:32.0609 3032 SE27bus (59a9eb4073a39895af314780d0a032fa) C:\WINDOWS\system32\DRIVERS\SE27bus.sys 2011/05/03 16:47:32.0734 3032 SE27mdfl (d53e7e53107d1796825540129f8fe89f) C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys 2011/05/03 16:47:32.0875 3032 SE27mdm (2afa2f65a6e91da5b5070e734769827e) C:\WINDOWS\system32\DRIVERS\SE27mdm.sys 2011/05/03 16:47:33.0015 3032 SE27mgmt (5a33a8d7b44c7bd8abe248b4dcd1ff3c) C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys 2011/05/03 16:47:33.0171 3032 se27nd5 (bb30139683bbf3ee89ec931393d9335c) C:\WINDOWS\system32\DRIVERS\se27nd5.sys 2011/05/03 16:47:33.0312 3032 SE27obex (5da6ff71e94b9134ddd094ebb09f05e6) C:\WINDOWS\system32\DRIVERS\SE27obex.sys 2011/05/03 16:47:33.0453 3032 se27unic (4d54a9d7c22157ab3d2442e8bcf5ecd2) C:\WINDOWS\system32\DRIVERS\se27unic.sys 2011/05/03 16:47:33.0593 3032 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/05/03 16:47:33.0750 3032 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 2011/05/03 16:47:33.0890 3032 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 2011/05/03 16:47:34.0046 3032 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/05/03 16:47:34.0281 3032 SISAGP (1630fbdbcb0cf3a60c02b6f140bab98b) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys 2011/05/03 16:47:34.0437 3032 SiSide (982fd755516012bfd582ef20c6a123ff) C:\WINDOWS\system32\DRIVERS\siside.sys 2011/05/03 16:47:34.0593 3032 sisidex (5aed8bf3bf7df795d70146d4af4a2580) C:\WINDOWS\system32\drivers\sisidex.sys 2011/05/03 16:47:34.0734 3032 SISNIC (8204c49cde112f7b9c2f15707fe2cc5a) C:\WINDOWS\system32\DRIVERS\sisnic.sys 2011/05/03 16:47:34.0859 3032 sisperf (596d4a7052002d2bd344d8937da6f66d) C:\WINDOWS\system32\drivers\sisperf.sys 2011/05/03 16:47:35.0000 3032 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2011/05/03 16:47:35.0250 3032 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 2011/05/03 16:47:35.0484 3032 SPBBCDrv (c30fa11923892a4dbd1c747db8492e8f) C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys 2011/05/03 16:47:36.0750 3032 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/05/03 16:47:37.0359 3032 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/05/03 16:47:37.0906 3032 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/05/03 16:47:38.0062 3032 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys 2011/05/03 16:47:38.0203 3032 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys 2011/05/03 16:47:38.0359 3032 ssadmdm (9afaa23421622c392b55508fa9613949) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys 2011/05/03 16:47:38.0531 3032 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys 2011/05/03 16:47:38.0703 3032 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2011/05/03 16:47:38.0843 3032 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/05/03 16:47:39.0000 3032 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/05/03 16:47:39.0328 3032 SymEvent (b3f8b9eab2ebe205c0fe053fba951d8c) C:\Programme\Symantec\SYMEVENT.SYS 2011/05/03 16:47:39.0468 3032 SYMREDRV (7c73b65f1bdfab9052a5076c0ca622de) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS 2011/05/03 16:47:39.0656 3032 SYMTDI (b4562798891dca27ed67ca07acbadbd9) C:\WINDOWS\System32\Drivers\SYMTDI.SYS 2011/05/03 16:47:39.0921 3032 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/05/03 16:47:40.0062 3032 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/05/03 16:47:40.0218 3032 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/05/03 16:47:40.0343 3032 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/05/03 16:47:40.0484 3032 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/05/03 16:47:40.0734 3032 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/05/03 16:47:40.0984 3032 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/05/03 16:47:41.0156 3032 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\WINDOWS\system32\Drivers\usbaapl.sys 2011/05/03 16:47:41.0312 3032 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2011/05/03 16:47:41.0453 3032 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/05/03 16:47:41.0593 3032 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/05/03 16:47:41.0750 3032 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/05/03 16:47:41.0890 3032 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2011/05/03 16:47:42.0046 3032 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/05/03 16:47:42.0203 3032 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/05/03 16:47:42.0359 3032 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/05/03 16:47:42.0500 3032 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/05/03 16:47:42.0703 3032 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/05/03 16:47:42.0875 3032 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/05/03 16:47:43.0125 3032 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/05/03 16:47:43.0375 3032 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys 2011/05/03 16:47:43.0546 3032 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2011/05/03 16:47:43.0703 3032 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/05/03 16:47:43.0859 3032 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/05/03 16:47:44.0031 3032 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys 2011/05/03 16:47:44.0671 3032 ================================================================================ 2011/05/03 16:47:44.0671 3032 Scan finished 2011/05/03 16:47:44.0671 3032 ================================================================================ 2011/05/03 16:48:28.0156 2948 ================================================================================ 2011/05/03 16:48:28.0156 2948 Scan started 2011/05/03 16:48:28.0156 2948 Mode: Manual; 2011/05/03 16:48:28.0156 2948 ================================================================================ 2011/05/03 16:48:28.0609 2948 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/05/03 16:48:28.0750 2948 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/05/03 16:48:28.0968 2948 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/05/03 16:48:29.0125 2948 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys 2011/05/03 16:48:29.0250 2948 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys 2011/05/03 16:48:29.0671 2948 ALCXWDM (697e8b697b58756e5e053387d0033b5e) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2011/05/03 16:48:30.0000 2948 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/05/03 16:48:30.0312 2948 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/05/03 16:48:30.0453 2948 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/05/03 16:48:30.0703 2948 ati2mtag (07ac9a98ea70b5a6655a5797174bd282) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2011/05/03 16:48:30.0859 2948 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/05/03 16:48:31.0000 2948 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/05/03 16:48:31.0140 2948 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/05/03 16:48:31.0296 2948 Cap7134 (df5926971cf1f9d8da936d40cc506773) C:\WINDOWS\system32\DRIVERS\Cap7134.sys 2011/05/03 16:48:31.0421 2948 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/05/03 16:48:31.0562 2948 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2011/05/03 16:48:31.0812 2948 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/05/03 16:48:31.0921 2948 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/05/03 16:48:32.0062 2948 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/05/03 16:48:32.0750 2948 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\WINDOWS\system32\drivers\dgderdrv.sys 2011/05/03 16:48:32.0906 2948 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/05/03 16:48:33.0046 2948 DiskSec (f6010162368d9bef934f1647f2430446) C:\WINDOWS\system32\drivers\DiskSec.sys 2011/05/03 16:48:33.0234 2948 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 2011/05/03 16:48:33.0375 2948 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 2011/05/03 16:48:33.0531 2948 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/05/03 16:48:33.0671 2948 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/05/03 16:48:33.0890 2948 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/05/03 16:48:34.0031 2948 DSI_SiUSBXp_3_1 (bc9c2ef22ee0320c079e3ff9b4d29951) C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys 2011/05/03 16:48:34.0156 2948 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys 2011/05/03 16:48:34.0218 2948 EraserUtilDrvI10 (850259334652d392e33ee3412562e583) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrvI10.sys 2011/05/03 16:48:34.0390 2948 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/05/03 16:48:34.0531 2948 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/05/03 16:48:34.0671 2948 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 2011/05/03 16:48:34.0812 2948 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2011/05/03 16:48:34.0968 2948 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/05/03 16:48:35.0093 2948 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS 2011/05/03 16:48:35.0250 2948 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/05/03 16:48:35.0359 2948 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/05/03 16:48:35.0484 2948 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys 2011/05/03 16:48:35.0609 2948 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 2011/05/03 16:48:35.0750 2948 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/05/03 16:48:35.0890 2948 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/05/03 16:48:36.0109 2948 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/05/03 16:48:36.0328 2948 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/05/03 16:48:36.0484 2948 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/05/03 16:48:36.0781 2948 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/05/03 16:48:36.0953 2948 Intels51 (bb801eb1898a22dfd412064e5c952ea5) C:\WINDOWS\system32\DRIVERS\ctxs51.sys 2011/05/03 16:48:37.0109 2948 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/05/03 16:48:37.0234 2948 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/05/03 16:48:37.0359 2948 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/05/03 16:48:37.0515 2948 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/05/03 16:48:37.0640 2948 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/05/03 16:48:37.0781 2948 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/05/03 16:48:37.0921 2948 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\WINDOWS\system32\DRIVERS\k750bus.sys 2011/05/03 16:48:38.0031 2948 k750mdfl (f44521f63c0c00364fa3d59db980de6a) C:\WINDOWS\system32\DRIVERS\k750mdfl.sys 2011/05/03 16:48:38.0171 2948 k750mdm (e93323c3ed5e8923a177740a973c27b2) C:\WINDOWS\system32\DRIVERS\k750mdm.sys 2011/05/03 16:48:38.0312 2948 k750mgmt (9d5f5a70ca0b7c428efcd73db50e6ac7) C:\WINDOWS\system32\DRIVERS\k750mgmt.sys 2011/05/03 16:48:38.0437 2948 k750obex (81ca2d57b2c14f76f4ba80846784bb3d) C:\WINDOWS\system32\DRIVERS\k750obex.sys 2011/05/03 16:48:38.0562 2948 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/05/03 16:48:38.0718 2948 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/05/03 16:48:38.0859 2948 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/05/03 16:48:39.0093 2948 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/05/03 16:48:39.0234 2948 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 2011/05/03 16:48:39.0343 2948 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/05/03 16:48:39.0484 2948 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/05/03 16:48:39.0625 2948 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/05/03 16:48:39.0828 2948 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/05/03 16:48:39.0984 2948 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/05/03 16:48:40.0156 2948 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/05/03 16:48:40.0281 2948 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/05/03 16:48:40.0406 2948 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/05/03 16:48:40.0546 2948 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/05/03 16:48:40.0671 2948 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/05/03 16:48:40.0781 2948 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2011/05/03 16:48:40.0921 2948 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys 2011/05/03 16:48:41.0046 2948 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2011/05/03 16:48:41.0171 2948 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2011/05/03 16:48:41.0359 2948 NAVENG (c34e2a884ccca8b5567d0c2752527073) C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20110422.003\naveng.sys 2011/05/03 16:48:41.0593 2948 NAVEX15 (b3916eeec738dd4178f4fd6a44a32e36) C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20110422.003\navex15.sys 2011/05/03 16:48:41.0750 2948 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/05/03 16:48:41.0890 2948 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2011/05/03 16:48:42.0015 2948 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/05/03 16:48:42.0140 2948 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/05/03 16:48:42.0281 2948 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/05/03 16:48:42.0375 2948 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/05/03 16:48:42.0515 2948 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/05/03 16:48:42.0656 2948 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/05/03 16:48:42.0796 2948 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/05/03 16:48:42.0953 2948 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/05/03 16:48:43.0078 2948 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/05/03 16:48:43.0234 2948 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/05/03 16:48:43.0343 2948 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/05/03 16:48:43.0484 2948 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/05/03 16:48:43.0625 2948 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/05/03 16:48:43.0781 2948 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/05/03 16:48:43.0921 2948 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/05/03 16:48:44.0062 2948 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/05/03 16:48:44.0203 2948 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/05/03 16:48:44.0421 2948 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys 2011/05/03 16:48:44.0562 2948 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/05/03 16:48:44.0703 2948 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys 2011/05/03 16:48:44.0937 2948 PDDSLHND (49e3fa74798f192d4a6b299ee0b8e5f3) C:\WINDOWS\system32\drivers\PDDSLHND.sys 2011/05/03 16:48:45.0156 2948 PDNETCTL (f13567e632258053cea72eeb33890a2a) C:\WINDOWS\system32\DRIVERS\pdnetctl.sys 2011/05/03 16:48:45.0671 2948 phc700 (8a3a05186cc4a9198581a0a09d38e959) C:\WINDOWS\system32\DRIVERS\phc700.sys 2011/05/03 16:48:45.0828 2948 PhilCam8116 (a3a4d50051ddbcf390e5918c43c167ef) C:\WINDOWS\system32\DRIVERS\CamDrL21.sys 2011/05/03 16:48:45.0968 2948 PhTVTune (86a49a1083a2ca4c49901b2cad17152e) C:\WINDOWS\system32\DRIVERS\PhTVTune.sys 2011/05/03 16:48:46.0125 2948 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/05/03 16:48:46.0250 2948 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys 2011/05/03 16:48:46.0421 2948 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/05/03 16:48:46.0562 2948 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/05/03 16:48:47.0078 2948 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/05/03 16:48:47.0203 2948 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/05/03 16:48:47.0343 2948 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/05/03 16:48:47.0515 2948 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/05/03 16:48:47.0656 2948 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/05/03 16:48:47.0781 2948 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/05/03 16:48:47.0906 2948 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/05/03 16:48:48.0046 2948 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/05/03 16:48:48.0203 2948 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\WINDOWS\system32\DRIVERS\s0016bus.sys 2011/05/03 16:48:48.0328 2948 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys 2011/05/03 16:48:48.0453 2948 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\WINDOWS\system32\DRIVERS\s0016mdm.sys 2011/05/03 16:48:48.0609 2948 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys 2011/05/03 16:48:48.0734 2948 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\WINDOWS\system32\DRIVERS\s0016nd5.sys 2011/05/03 16:48:48.0875 2948 s0016obex (36792935847143e4a3cda0dc87248487) C:\WINDOWS\system32\DRIVERS\s0016obex.sys 2011/05/03 16:48:49.0015 2948 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\WINDOWS\system32\DRIVERS\s0016unic.sys 2011/05/03 16:48:49.0125 2948 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS 2011/05/03 16:48:49.0156 2948 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS 2011/05/03 16:48:49.0296 2948 SAVRT (a00d5aa4748a1002590f08aa00fc660d) C:\Programme\Symantec AntiVirus\savrt.sys 2011/05/03 16:48:49.0328 2948 SAVRTPEL (1e805005583be1c1568a3fce259c81e3) C:\Programme\Symantec AntiVirus\Savrtpel.sys 2011/05/03 16:48:49.0484 2948 SE27bus (59a9eb4073a39895af314780d0a032fa) C:\WINDOWS\system32\DRIVERS\SE27bus.sys 2011/05/03 16:48:49.0609 2948 SE27mdfl (d53e7e53107d1796825540129f8fe89f) C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys 2011/05/03 16:48:49.0734 2948 SE27mdm (2afa2f65a6e91da5b5070e734769827e) C:\WINDOWS\system32\DRIVERS\SE27mdm.sys 2011/05/03 16:48:49.0875 2948 SE27mgmt (5a33a8d7b44c7bd8abe248b4dcd1ff3c) C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys 2011/05/03 16:48:50.0000 2948 se27nd5 (bb30139683bbf3ee89ec931393d9335c) C:\WINDOWS\system32\DRIVERS\se27nd5.sys 2011/05/03 16:48:50.0125 2948 SE27obex (5da6ff71e94b9134ddd094ebb09f05e6) C:\WINDOWS\system32\DRIVERS\SE27obex.sys 2011/05/03 16:48:50.0265 2948 se27unic (4d54a9d7c22157ab3d2442e8bcf5ecd2) C:\WINDOWS\system32\DRIVERS\se27unic.sys 2011/05/03 16:48:50.0390 2948 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/05/03 16:48:50.0546 2948 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 2011/05/03 16:48:50.0671 2948 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 2011/05/03 16:48:50.0843 2948 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/05/03 16:48:51.0062 2948 SISAGP (1630fbdbcb0cf3a60c02b6f140bab98b) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys 2011/05/03 16:48:51.0203 2948 SiSide (982fd755516012bfd582ef20c6a123ff) C:\WINDOWS\system32\DRIVERS\siside.sys 2011/05/03 16:48:51.0343 2948 sisidex (5aed8bf3bf7df795d70146d4af4a2580) C:\WINDOWS\system32\drivers\sisidex.sys 2011/05/03 16:48:51.0484 2948 SISNIC (8204c49cde112f7b9c2f15707fe2cc5a) C:\WINDOWS\system32\DRIVERS\sisnic.sys 2011/05/03 16:48:51.0625 2948 sisperf (596d4a7052002d2bd344d8937da6f66d) C:\WINDOWS\system32\drivers\sisperf.sys 2011/05/03 16:48:51.0750 2948 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2011/05/03 16:48:51.0968 2948 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 2011/05/03 16:48:52.0203 2948 SPBBCDrv (c30fa11923892a4dbd1c747db8492e8f) C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys 2011/05/03 16:48:52.0343 2948 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/05/03 16:48:52.0484 2948 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/05/03 16:48:52.0640 2948 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/05/03 16:48:52.0781 2948 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys 2011/05/03 16:48:52.0906 2948 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys 2011/05/03 16:48:53.0046 2948 ssadmdm (9afaa23421622c392b55508fa9613949) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys 2011/05/03 16:48:53.0187 2948 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys 2011/05/03 16:48:53.0328 2948 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2011/05/03 16:48:53.0468 2948 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/05/03 16:48:53.0593 2948 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/05/03 16:48:53.0937 2948 SymEvent (b3f8b9eab2ebe205c0fe053fba951d8c) C:\Programme\Symantec\SYMEVENT.SYS 2011/05/03 16:48:54.0078 2948 SYMREDRV (7c73b65f1bdfab9052a5076c0ca622de) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS 2011/05/03 16:48:54.0218 2948 SYMTDI (b4562798891dca27ed67ca07acbadbd9) C:\WINDOWS\System32\Drivers\SYMTDI.SYS 2011/05/03 16:48:54.0546 2948 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/05/03 16:48:54.0703 2948 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/05/03 16:48:54.0843 2948 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/05/03 16:48:54.0953 2948 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/05/03 16:48:55.0078 2948 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/05/03 16:48:55.0328 2948 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/05/03 16:48:55.0578 2948 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/05/03 16:48:55.0750 2948 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\WINDOWS\system32\Drivers\usbaapl.sys 2011/05/03 16:48:55.0890 2948 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2011/05/03 16:48:56.0046 2948 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/05/03 16:48:56.0187 2948 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/05/03 16:48:56.0328 2948 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/05/03 16:48:56.0468 2948 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2011/05/03 16:48:56.0593 2948 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/05/03 16:48:56.0734 2948 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/05/03 16:48:56.0875 2948 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/05/03 16:48:57.0015 2948 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/05/03 16:48:57.0218 2948 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/05/03 16:48:57.0390 2948 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/05/03 16:48:57.0609 2948 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/05/03 16:48:57.0843 2948 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys 2011/05/03 16:48:58.0000 2948 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2011/05/03 16:48:58.0140 2948 WudfPf (50eb9e21963b4f06fd010d007d54351b) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/05/03 16:48:58.0281 2948 WudfRd (6e209664bdea8a15b5e8e480d6c607c2) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/05/03 16:48:58.0437 2948 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys 2011/05/03 16:48:59.0093 2948 ================================================================================ 2011/05/03 16:48:59.0093 2948 Scan finished 2011/05/03 16:48:59.0093 2948 ================================================================================ gruß Maxxl |
|
04.05.2011, 08:13
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery entfernen und pc wiederherstellen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.05.2011, 21:41
| #25 |
| | Windows Recovery entfernen und pc wiederherstellen hallo Arne, ich bekomme den Hinweis wenn ich cofi starten will: you appear to have a corrupt download... kann ComboFix nicht starten. Was nun? Gruß Maxxl |
|
05.05.2011, 01:27
| #26 |
| | Windows Recovery entfernen und pc wiederherstellen log von malwarebytes: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6507 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 05.05.2011 02:14:14 mbam-log-2011-05-05 (02-14-14).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|) Durchsuchte Objekte: 321848 Laufzeit: 2 Stunde(n), 48 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 8 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 1 Infizierte Dateien: 4 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{C689C99E-3A8C-4c87-A79C-C80DC9C81632} (Trojan.Banker) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\linkrdr.AIEbho.1 (Trojan.Banker) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\linkrdr.AIEbho (Trojan.Banker) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\appconf32.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: c:\WINDOWS\system32\xmldm (Stolen.Data) -> Quarantined and deleted successfully. Infizierte Dateien: c:\_OTL\movedfiles\05032011_004743\c_dokumente und einstellungen\XXX\anwendungsdaten\Agzab\kogai.exe (Trojan.FakeMS.MGen) -> Quarantined and deleted successfully. c:\WINDOWS\system32\acroiehelpe.dll (Trojan.Banker) -> Quarantined and deleted successfully. c:\WINDOWS\system32\srvblck2.tmp (Malware.Trace) -> Quarantined and deleted successfully. c:\WINDOWS\system32\acroiehelpe.txt (Malware.Trace) -> Quarantined and deleted successfully. |
|
05.05.2011, 09:57
| #27 |
| | Windows Recovery entfernen und pc wiederherstellen hier die OTL LogOTL Logfile: Code:
ATTFilter OTL logfile created on: 05.05.2011 10:41:18 - Run 3 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Dokumente und Einstellungen\XXX\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.023,00 Mb Total Physical Memory | 444,00 Mb Available Physical Memory | 43,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 55,89 Gb Total Space | 12,34 Gb Free Space | 22,08% Space Free | Partition Type: NTFS Drive D: | 55,90 Gb Total Space | 13,95 Gb Free Space | 24,95% Space Free | Partition Type: NTFS Drive E: | 37,25 Gb Total Space | 28,10 Gb Free Space | 75,43% Space Free | Partition Type: FAT32 Drive I: | 232,88 Gb Total Space | 216,69 Gb Free Space | 93,05% Space Free | Partition Type: NTFS Computer Name: SUMMER | User Name: XXX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\XXX\Desktop\OTL.exe (OldTimer Tools) PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten) PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\MAGIX\PC_Check_Tuning_2010\MxTray.exe () PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe () PRC - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation) PRC - C:\Programme\Symantec AntiVirus\DefWatch.exe (Symantec Corporation) PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe (Symantec Corporation) PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\XXX\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll (Microsoft Corporation) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\shfolder.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- File not found SRV - (AppMgmt) -- File not found SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten) SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe () SRV - (Fabs) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (SavRoam) -- C:\Programme\Symantec AntiVirus\SavRoam.exe (symantec) SRV - (Symantec AntiVirus) -- C:\Programme\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation) SRV - (DefWatch) -- C:\Programme\Symantec AntiVirus\DefWatch.exe (Symantec Corporation) SRV - (ccSetMgr) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe (Symantec Corporation) SRV - (ccPwdSvc) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe (Symantec Corporation) SRV - (ccEvtMgr) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) SRV - (SNDSrvc) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe (Symantec Corporation) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (SPBBCSvc) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (cpuz132) -- File not found DRV - (NAVEX15) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20110422.003\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20110422.003\NAVENG.SYS (Symantec Corporation) DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd) DRV - (ssadmdm) -- C:\WINDOWS\system32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\WINDOWS\system32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys () DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys () DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation) DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation) DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation) DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation) DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation) DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation) DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (DiskSec) -- C:\WINDOWS\System32\drivers\disksec.sys (MAGIX) DRV - (DSI_SiUSBXp_3_1) -- C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys (Silicon Laboratories) DRV - (SE27obex) -- C:\WINDOWS\system32\drivers\SE27obex.sys (MCCI) DRV - (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\SE27mgmt.sys (MCCI) DRV - (SE27mdm) -- C:\WINDOWS\system32\drivers\SE27mdm.sys (MCCI) DRV - (SE27mdfl) -- C:\WINDOWS\system32\drivers\SE27mdfl.sys (MCCI) DRV - (SE27bus) Sony Ericsson Device 039 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\SE27bus.sys (MCCI) DRV - (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS) -- C:\WINDOWS\system32\drivers\se27nd5.sys (MCCI) DRV - (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM) -- C:\WINDOWS\system32\drivers\se27unic.sys (MCCI) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (phc700) USB PC Camera (phc710) -- C:\WINDOWS\system32\drivers\phc700.sys () DRV - (PDDSLHND) -- C:\WINDOWS\System32\drivers\PDDSLHND.SYS (ProDyne) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SymEvent) -- C:\Programme\Symantec\SYMEVENT.SYS (Symantec Corporation) DRV - (SPBBCDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.) DRV - (k750obex) -- C:\WINDOWS\system32\drivers\k750obex.sys (MCCI) DRV - (k750mgmt) -- C:\WINDOWS\system32\drivers\k750mgmt.sys (MCCI) DRV - (k750mdm) -- C:\WINDOWS\system32\drivers\k750mdm.sys (MCCI) DRV - (k750mdfl) -- C:\WINDOWS\system32\drivers\k750mdfl.sys (MCCI) DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\WINDOWS\system32\drivers\k750bus.sys (MCCI) DRV - (SAVRTPEL) -- C:\Programme\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation) DRV - (SAVRT) -- C:\Programme\Symantec AntiVirus\savrt.sys (Symantec Corporation) DRV - (ZDPSp50) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - (PhTVTune) -- C:\WINDOWS\system32\drivers\PhTVTune.sys (Philips Semiconductors) DRV - (Cap7134) MEDION (7134) -- C:\WINDOWS\system32\drivers\Cap7134.sys (Philips Semiconductors) DRV - (SISAGP) -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation) DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.) DRV - (SiSide) -- C:\WINDOWS\System32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.) DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation) DRV - (Intels51) -- C:\WINDOWS\system32\drivers\ctxs51.sys (Intel Corporation) DRV - (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0) -- C:\WINDOWS\system32\drivers\CamDrL21.sys (Philips Semiconductors) DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider) DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp. IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp. IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1960408961-630328440-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKU\S-1-5-21-1960408961-630328440-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKU\S-1-5-21-1960408961-630328440-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-1960408961-630328440-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Alice - Willkommen IE - HKU\S-1-5-21-1960408961-630328440-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar IE - HKU\S-1-5-21-1960408961-630328440-839522115-1004\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) IE - HKU\S-1-5-21-1960408961-630328440-839522115-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-1960408961-630328440-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1960408961-630328440-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost ========== FireFox ========== FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7 FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 [2008.07.23 12:36:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Mozilla\Extensions [2008.07.23 12:36:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2010.06.21 12:19:20 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAMME\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM O1 HOSTS File: ([2011.05.03 00:47:45 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-1960408961-630328440-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1960408961-630328440-839522115-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1960408961-630328440-839522115-1004\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKU\S-1-5-21-1960408961-630328440-839522115-1004\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O3 - HKU\S-1-5-21-1960408961-630328440-839522115-1004\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O4 - HKU\S-1-5-21-1960408961-630328440-839522115-1004..\Run: [Faxnew] C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Winnew\msserv.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1960408961-630328440-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1960408961-630328440-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8 - Extra context menu item: &AOL Toolbar-Suche - c:\Programme\AOL\AOL Toolbar 5.0\resources\de-AT\local\search.html () O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225621146937 (MUWebControl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-445047540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/html - No CLSID value found O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\System32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{51191126-80d0-11de-b05e-0010dce59121}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe O33 - MountPoints2\{cb73ef48-e418-11df-b26e-0010dce59121}\Shell - "" = AutoRun O33 - MountPoints2\{cb73ef48-e418-11df-b26e-0010dce59121}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{cb73ef48-e418-11df-b26e-0010dce59121}\Shell\AutoRun\command - "" = I:\iStudio.exe O33 - MountPoints2\{eb5c83f6-2956-11e0-b2e2-0010dce59121}\Shell\AutoRun\command - "" = M:\Toshiba\Launcher\start.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.05.04 21:57:28 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW [2011.05.04 21:56:29 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\XXX\Recent [2011.05.04 21:34:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner [2011.05.04 21:32:58 | 003,063,136 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\XXX\Desktop\ccsetup306.exe [2011.05.04 21:24:48 | 000,000,000 | ---D | C] -- C:\Qoobox [2011.05.03 14:32:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Eigene Dateien\MAGIX [2011.05.03 14:31:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Anwendungsdaten\MAGIX [2011.05.03 14:14:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MAGIX-Online-Druck-Service [2011.05.03 14:13:54 | 000,000,000 | ---D | C] -- C:\Programme\MAGIX-Online-Druck-Service [2011.05.03 14:13:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe AIR [2011.05.03 12:02:56 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\XXX\Desktop\tdsskiller.exe [2011.05.03 00:47:43 | 000,000,000 | ---D | C] -- C:\_OTL [2011.05.01 17:10:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com [2011.05.01 17:10:15 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2011.04.30 23:25:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Ewdem [2011.04.30 16:23:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Winnew [2011.04.29 14:59:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\UAs [2011.04.29 14:36:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kock [2011.04.27 22:21:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip [2011.04.27 22:21:30 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2011.04.27 21:38:35 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\XXX\Desktop\OTL.exe [2011.04.27 11:01:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Eigene Dateien\MAGIX Backup [2011.04.26 23:42:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Desktop\Neuer Ordner [2011.04.26 11:50:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Malwarebytes [2011.04.26 11:50:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.04.26 11:50:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2011.04.26 11:50:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2011.04.26 11:50:42 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.03.18 09:32:34 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpe7.dll [2009.10.04 00:07:01 | 078,741,808 | ---- | C] (MAGIX AG) -- C:\Programme\tutorials_pack01_d.exe [2008.12.10 15:55:34 | 000,047,360 | ---- | C] (VSO Software) -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\pcouffin.sys [2008.06.11 22:45:08 | 012,814,336 | ---- | C] (Microsoft Corporation) -- C:\Programme\mp10setup.exe [2008.06.11 22:40:52 | 025,842,760 | ---- | C] (Microsoft Corporation) -- C:\Programme\wmp11-windowsxp-x86-DE-DE.exe [2007.12.01 16:16:08 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\cphc700.dll [3 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.05.05 10:28:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.05.05 10:28:10 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\PCCT - MAGIX AG.job [2011.05.05 10:26:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.05.04 22:40:19 | 004,337,362 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Eigene Dateien\cofi.exe [2011.05.04 21:34:41 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2011.05.04 21:33:01 | 003,063,136 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\XXX\Desktop\ccsetup306.exe [2011.05.04 21:23:52 | 004,337,362 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\cofi.exe [2011.05.03 14:59:49 | 000,282,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.05.03 14:30:00 | 000,000,792 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition).lnk [2011.05.03 14:15:29 | 000,000,752 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX Foto Manager 10.lnk [2011.05.03 14:14:07 | 000,000,790 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX-Online-Druck-Service.lnk [2011.05.03 12:06:24 | 000,504,657 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\unhide.exe [2011.05.03 12:02:58 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\XXX\Desktop\tdsskiller.exe [2011.05.03 00:47:45 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2011.05.02 08:13:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011.05.01 21:56:04 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2011.05.01 17:10:19 | 000,001,642 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.04.30 23:53:03 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011.04.29 07:50:23 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.04.27 22:21:20 | 001,110,476 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\7z920.exe [2011.04.27 21:37:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\XXX\Desktop\OTL.exe [2011.04.27 11:07:38 | 000,000,046 | ---- | M] () -- C:\WINDOWS\PCCT.INI [2011.04.26 12:14:15 | 000,059,904 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.26 11:50:49 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.15 12:50:03 | 000,484,896 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.04.15 12:50:03 | 000,463,372 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.04.15 12:50:03 | 000,091,962 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.04.15 12:50:03 | 000,077,218 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat ========== Files Created - No Company Name ========== [2011.05.04 22:36:31 | 004,337,362 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Eigene Dateien\cofi.exe [2011.05.04 21:34:41 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2011.05.04 21:23:52 | 004,337,362 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\cofi.exe [2011.05.03 14:30:00 | 000,000,792 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition).lnk [2011.05.03 14:15:29 | 000,000,752 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX Foto Manager 10.lnk [2011.05.03 14:14:07 | 000,000,790 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MAGIX-Online-Druck-Service.lnk [2011.05.03 12:06:24 | 000,504,657 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\unhide.exe [2011.05.01 17:10:19 | 000,001,642 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.04.27 22:21:11 | 001,110,476 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\7z920.exe [2011.04.26 11:50:49 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.03.09 08:31:57 | 000,209,544 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2011.03.08 23:00:14 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2011.03.08 23:00:14 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2011.01.29 18:00:24 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2011.01.29 18:00:22 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2011.01.29 18:00:22 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2011.01.29 18:00:22 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2011.01.29 18:00:22 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2010.06.06 13:53:00 | 000,048,208 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2010.02.11 16:34:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009.11.08 15:54:58 | 000,007,256 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2009.11.07 08:56:42 | 000,000,046 | ---- | C] () -- C:\WINDOWS\PCCT.INI [2009.11.07 08:22:31 | 000,000,111 | ---- | C] () -- C:\WINDOWS\installation.ini [2009.10.22 00:29:52 | 008,285,129 | ---- | C] () -- C:\Programme\Photoshop_albumSE_de_de_320.zip [2009.10.21 23:03:23 | 000,012,288 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.10.03 19:25:16 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll [2009.07.08 15:33:10 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt [2009.07.08 15:23:55 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008.12.10 15:56:22 | 000,000,671 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\vso_ts_preview.xml [2008.12.10 15:55:34 | 000,087,608 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\inst.exe [2008.12.10 15:55:34 | 000,007,887 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\pcouffin.cat [2008.12.10 15:55:34 | 000,001,144 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\pcouffin.inf [2008.12.09 17:23:13 | 000,046,080 | RHS- | C] () -- C:\WINDOWS\System32\appconf32.exe [2008.11.02 12:38:10 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008.06.09 23:37:35 | 001,427,520 | ---- | C] () -- C:\Programme\Silverlight.exe [2007.12.01 16:16:30 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2007.12.01 16:16:28 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll [2007.12.01 16:16:08 | 000,541,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\phc700.sys [2007.12.01 16:16:08 | 000,015,488 | ---- | C] () -- C:\WINDOWS\phc700.ini [2007.10.31 12:24:39 | 000,000,071 | ---- | C] () -- C:\WINDOWS\Pex.INI [2007.07.29 18:17:27 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2007.06.01 11:22:04 | 000,000,033 | ---- | C] () -- C:\WINDOWS\LVMMail.INI [2007.06.01 11:16:31 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI [2007.06.01 11:15:29 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\LVUI2RC.dll [2007.06.01 11:15:28 | 000,005,187 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2007.06.01 11:15:26 | 000,000,756 | ---- | C] () -- C:\WINDOWS\_delis32.ini [2007.04.23 02:15:29 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2007.04.23 02:01:47 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2007.03.18 19:17:43 | 000,001,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2007.03.18 18:57:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI [2007.03.14 09:44:38 | 000,042,982 | ---- | C] () -- C:\WINDOWS\System32\PDDSLADP.DLL [2006.09.28 08:24:16 | 000,059,904 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.06.05 00:17:26 | 000,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2006.06.05 00:06:54 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006.06.05 00:03:30 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI [2006.06.04 23:32:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI [2006.06.04 23:31:58 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2006.04.14 14:09:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006.04.14 14:08:28 | 000,282,128 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006.04.14 13:43:06 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini [2006.04.14 13:32:03 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll [2006.04.14 13:31:25 | 000,028,672 | R--- | C] () -- C:\WINDOWS\htpatch.exe [2006.04.14 13:31:25 | 000,003,072 | R--- | C] () -- C:\WINDOWS\winio.sys [2006.04.14 13:19:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006.04.14 13:15:22 | 000,023,504 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006.02.13 13:29:26 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2005.07.12 15:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL [2004.03.23 17:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll [2003.03.14 13:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe [2003.02.20 15:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002.08.29 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2002.08.29 14:00:00 | 000,484,896 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2002.08.29 14:00:00 | 000,463,372 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2002.08.29 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2002.08.29 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2002.08.29 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2002.08.29 14:00:00 | 000,091,962 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2002.08.29 14:00:00 | 000,077,218 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2002.08.29 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2002.08.29 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2002.08.29 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2002.08.29 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2002.08.29 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2001.09.04 11:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001.09.04 11:10:20 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [1999.01.27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll [1997.06.13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll ========== LOP Check ========== [2011.03.18 09:34:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software [2010.01.11 23:40:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited [2010.02.11 14:02:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2010.04.23 20:51:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan [2007.07.29 14:31:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations [2010.05.14 00:15:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FileCure [2008.06.09 08:21:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GARMIN [2007.07.29 14:28:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations [2011.05.04 10:14:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2009.06.30 08:34:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite [2011.03.08 22:54:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung [2006.12.03 19:11:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Teleca [2008.07.23 12:36:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom [2009.11.10 19:30:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems [2008.05.08 18:04:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint [2009.04.03 10:44:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WhiteCap (Holiday Edition) [2010.05.28 20:09:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009.12.20 16:51:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9} [2010.04.23 20:51:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Canon [2011.03.08 16:50:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Canon Easy-WebPrint EX [2006.06.13 16:42:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\FRITZ! [2008.12.28 23:14:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\GARMIN [2006.06.13 16:43:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\ICQLite [2006.06.13 16:43:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Leadertech [2010.05.30 14:01:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\MAGIX [2007.07.29 22:00:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Nokia Multimedia Player [2007.07.29 16:31:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\PC Suite [2011.03.08 22:50:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Samsung [2006.12.03 19:14:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Teleca [2007.11.11 12:28:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Ulead Systems [2008.10.15 06:23:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melli\Anwendungsdaten\Viewpoint [2011.02.24 09:35:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\AllDup [2011.01.06 19:08:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Canneverbe Limited [2010.09.20 22:19:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Canon [2011.03.03 02:54:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Canon Easy-WebPrint EX [2010.10.16 15:16:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\click [2011.04.30 23:25:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Ewdem [2008.12.29 14:35:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\GARMIN [2007.06.26 20:39:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Leadertech [2011.05.04 10:14:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\MAGIX [2011.03.20 13:17:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\MyPhoneExplorer [2009.07.09 08:44:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Nokia [2007.07.29 15:15:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\PC Suite [2009.07.08 15:34:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Samsung [2010.06.07 15:06:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\TeamViewer [2006.12.04 14:11:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Teleca [2008.07.23 12:36:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\TomTom [2007.10.31 12:21:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Ulead Systems [2008.12.10 15:58:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Vso [2011.04.30 16:23:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Winnew [2011.05.02 08:13:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2011.05.05 10:28:10 | 000,000,322 | ---- | M] () -- C:\WINDOWS\Tasks\PCCT - MAGIX AG.job ========== Purity Check ========== < End of report > |
|
05.05.2011, 11:25
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Recovery entfernen und pc wiederherstellen Warum postest du jetzt irgendwelche Log, die ich nicht angefordert hab? Willst du deine Bereinigung jetzt allein machen?  Starte Windows neu, lösch die alte cofi.exe, lade CF neu als cofi.exe runter und probier es bitte nochmal.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.05.2011, 14:26
| #29 |
| | Windows Recovery entfernen und pc wiederherstellen runterladen hat jetzt geklappt. nach 3 versuchen den scan mit cofix zu machen weiß ich nicht was ich tun soll??? windows stürtzt jedesmal ab. es heißt schwerwiegendes problem. windows muß beendet werden. symantec antivirus hab ich abgeschalten, firewall ist aus magix pc check ist aus. was hab ich falsch gemacht? gruß Maxxl |
|
05.05.2011, 16:21
| #30 |
| | Windows Recovery entfernen und pc wiederherstellen wenn windows wieder hochfährt kommt die meldung das windows beendet werden musste... BCCode : 19 BCP1 : 00000020 BCP2 : 8516C618 BCP3 : 8516CA30 BCP4 : 1A830005 OSVer : 5_1_2600 SP : 3_0 Product : 768_1 |
|
| Themen zu Windows Recovery entfernen und pc wiederherstellen |
| 0x00000001, 7-zip, ad-aware, adobe, antivirus, benutzerregistrierung, bho, bonjour, canon, cdburnerxp, computer, desktop, device driver, druck, einstellungen, entfernen, error, explorer, firefox, fontcache, format, helper, home, keine programme, location, logfile, mozilla, object, oldtimer, otl scan, photoshop, plug-in, realtek, registry, safer networking, saver, scan, shell32.dll, skype.exe, staropen, symantec, usb 2.0, visual studio, windows, windows internet, windows recovery entfernen |
Linear-Darstellung
