Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Fehlermeldung Catalyst Control Center

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.05.2011, 17:16   #1
even
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



Hallo,

angefangen hat das Problem mit der Fehlermeldung Catalyst Control Center. Dazu kam noch das keine Dateien am Desktop oder im Explorer sichtbar waren.
Ich habe die Fehlermeldung bei Google eingegeben und bin direkt auf dieses Forum gestoßen. Dabei ist mir ein Thema aufgefallen und habe das Program unhide.exe ausgeführt.
Die Fehlermeldung ist jetzt weg und es werden auch wieder alle Dateien angezeigt.

Ich kann mir aber nicht vorstellen das es mit dieser einen Aktion schon gewesen ist. Deswegen habe ich OTL drüber lassen und hoffe ihr könnt mir helfen.

Vielen Dank schon mal im Voraus.

Even

Und Hier die Log-Dateien von OTL:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 29.05.2011 16:42:59 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\user\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 73,16% Memory free
7,50 Gb Paging File | 6,44 Gb Available in Paging File | 85,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 234,28 Gb Total Space | 204,13 Gb Free Space | 87,13% Space Free | Partition Type: NTFS
Drive D: | 108,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive X: | 231,18 Gb Total Space | 219,88 Gb Free Space | 95,11% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.05.29 16:41:09 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe
PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.05.29 16:41:09 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe
MOD - [2010.11.21 05:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.11.08 22:10:00 | 000,949,760 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.04.01 17:07:25 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.04.01 17:07:25 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.12.02 02:57:57 | 000,221,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009.11.08 22:11:00 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.11.08 22:10:00 | 005,352,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.09.30 13:58:28 | 001,304,576 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C ED 52 D4 B3 17 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FD DC 3D 02 D1 94 CB 4D 8E 58 34 17 76 93 29 B1 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.05.21 16:10:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.24 17:28:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.05.21 16:34:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2011.05.21 16:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\nrsrmvds.default\extensions
[2011.05.21 16:14:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- 
() (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NRSRMVDS.DEFAULT\EXTENSIONS\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [iTunesHelper] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.28 12:41:46 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ElevatedDiagnostics
[2011.05.28 11:59:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes
[2011.05.28 11:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.28 11:59:35 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.28 09:30:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011.05.27 21:20:36 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\MP3s
[2011.05.27 19:48:29 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\USB kingston
[2011.05.27 15:28:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\SysWoW32
[2011.05.27 15:27:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\BAF2C0597B6D0AC1B8A317E4EAD56753
[2011.05.25 09:37:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\HP
[2011.05.24 17:29:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Apple Computer
[2011.05.24 17:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.05.24 17:29:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.05.24 17:29:24 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.05.24 17:29:24 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.05.24 17:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.05.24 17:29:11 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple Computer
[2011.05.24 17:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.05.24 17:28:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.05.24 17:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.05.24 17:28:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple
[2011.05.24 17:28:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.05.24 17:28:06 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011.05.24 17:27:57 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.05.24 17:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.05.24 17:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.05.24 17:27:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.05.23 16:26:31 | 000,000,000 | R--D | C] -- C:\Users\user\Documents\Scanned Documents
[2011.05.23 16:26:31 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Fax
[2011.05.21 21:40:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft Games
[2011.05.21 16:59:25 | 000,000,000 | ---D | C] -- C:\pdf
[2011.05.21 16:55:50 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\syska-Anwendungen
[2011.05.21 16:55:47 | 000,000,000 | ---D | C] -- C:\EUROFIBU
[2011.05.21 16:14:08 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Mozilla
[2011.05.21 16:14:08 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Mozilla
[2011.05.21 16:14:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.05.21 16:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2011.05.21 16:11:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\HP
[2011.05.21 16:10:05 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2011.05.21 16:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2011.05.21 16:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2011.05.21 16:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2011.05.21 16:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2011.05.21 16:08:30 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011.05.21 16:04:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Diagnostics
[2011.05.21 15:45:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Macromedia
[2011.05.21 15:45:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.05.21 15:44:44 | 000,000,000 | ---D | C] -- C:\Windows\AxInstSV
[2011.05.21 15:24:59 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Adobe
[2011.05.21 15:24:59 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Adobe
[2011.05.21 15:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.05.21 15:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.05.21 15:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.05.21 15:02:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\OpenOffice.org
[2011.05.21 15:01:18 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2011.05.21 15:00:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2011.05.21 15:00:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.05.21 15:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.05.21 15:00:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.05.21 14:57:28 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\OpenOffice.org 3.3 (de) Installation Files
[2011.05.21 14:52:02 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.05.21 14:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2011.05.21 14:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011.05.21 14:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.05.21 14:24:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011.05.21 14:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011.05.21 14:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.05.21 14:23:46 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.05.21 14:21:16 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011.05.21 14:21:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.05.21 14:20:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft Help
[2011.05.21 14:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011.05.21 14:20:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.05.21 14:20:02 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011.05.21 14:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.21 14:17:20 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.05.21 14:17:20 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.05.21 14:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.05.21 14:17:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.05.10 09:52:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\ATI
[2011.05.10 09:52:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ATI
[2011.05.10 09:51:57 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.05.10 09:51:57 | 000,000,000 | R--D | C] -- C:\Users\user\Searches
[2011.05.10 09:51:57 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.05.10 09:51:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Identities
[2011.05.10 09:51:46 | 000,000,000 | R--D | C] -- C:\Users\user\Contacts
[2011.05.10 09:51:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\VirtualStore
[2011.05.10 09:49:49 | 000,000,000 | --SD | C] -- C:\Users\user\AppData\Roaming\Microsoft
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Videos
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Saved Games
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Pictures
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Music
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Links
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Favorites
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Downloads
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Documents
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Desktop
[2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Vorlagen
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Verlauf
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Temporary Internet Files
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Startmenü
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\SendTo
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Recent
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Netzwerkumgebung
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Lokale Einstellungen
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\Eigene Videos
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\Eigene Musik
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Eigene Dateien
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\Eigene Bilder
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Druckumgebung
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Cookies
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Anwendungsdaten
[2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Anwendungsdaten
[2011.05.10 09:49:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Temp
[2011.05.10 09:49:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft
[2011.05.10 09:49:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Media Center Programs
[2011.05.10 09:49:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.29 16:33:54 | 000,021,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.29 16:33:54 | 000,021,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.29 16:30:54 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.29 16:30:54 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.29 16:30:54 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.29 16:30:54 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.29 16:30:54 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.29 16:26:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.29 16:26:25 | 3019,251,712 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.28 12:15:57 | 000,001,265 | ---- | M] () -- C:\ProgramData\1547321422
[2011.05.28 11:50:16 | 000,000,036 | ---- | M] () -- C:\ProgramData\7cc03c35
[2011.05.28 11:46:58 | 000,000,144 | -HS- | M] () -- C:\ProgramData\2081450850
[2011.05.28 09:31:40 | 000,000,136 | ---- | M] () -- C:\ProgramData\~51174532
[2011.05.28 09:31:39 | 000,000,160 | ---- | M] () -- C:\ProgramData\~51174532r
[2011.05.28 09:30:11 | 000,000,344 | ---- | M] () -- C:\ProgramData\51174532
[2011.05.27 15:27:46 | 000,203,776 | -HS- | M] () -- C:\ProgramData\unrar.exe
[2011.05.27 15:27:20 | 000,000,127 | ---- | M] () -- C:\Windows\SysWow64\1458449477
[2011.05.27 15:18:27 | 000,003,584 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.24 17:28:28 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.05.21 17:01:43 | 000,445,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.05.21 16:55:53 | 000,001,560 | ---- | M] () -- C:\Windows\EFIBU.INI
[2011.05.21 16:54:09 | 000,000,042 | ---- | M] () -- C:\Windows\wininit.ini
[2011.05.21 16:52:27 | 000,000,000 | ---- | M] () -- C:\Windows\MKDEWE.TRN
[2011.05.21 16:14:06 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.21 16:11:36 | 000,181,704 | ---- | M] () -- C:\Windows\hpoins28.dat
[2011.05.21 16:10:03 | 000,001,358 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011.05.21 16:06:30 | 000,002,703 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office Excel 2007.lnk
[2011.05.21 16:06:23 | 000,002,697 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office Word 2007.lnk
[2011.05.21 16:06:18 | 000,002,795 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office Outlook 2007.lnk
[2011.05.21 15:24:23 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.05.21 15:02:49 | 000,001,246 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011.05.21 15:01:18 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2011.05.21 14:31:27 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.21 14:31:26 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.21 14:17:27 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.21 14:15:48 | 000,000,355 | ---- | M] () -- C:\Users\user\Desktop\Computer - Verknüpfung.lnk
[2011.05.10 09:52:02 | 000,000,858 | ---- | M] () -- C:\Users\user\Desktop\Downloads.lnk
[2011.05.10 09:49:24 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.05.10 09:49:24 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2011.05.29 16:33:24 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.29 16:33:24 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.05.29 16:33:24 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.05.29 16:33:24 | 000,001,358 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011.05.29 16:33:24 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.29 16:33:24 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2011.05.28 09:31:39 | 000,000,160 | ---- | C] () -- C:\ProgramData\~51174532r
[2011.05.28 09:31:39 | 000,000,136 | ---- | C] () -- C:\ProgramData\~51174532
[2011.05.28 09:30:11 | 000,000,344 | ---- | C] () -- C:\ProgramData\51174532
[2011.05.27 15:28:07 | 000,000,036 | ---- | C] () -- C:\ProgramData\7cc03c35
[2011.05.27 15:28:00 | 000,001,265 | ---- | C] () -- C:\ProgramData\1547321422
[2011.05.27 15:27:46 | 000,203,776 | -HS- | C] () -- C:\ProgramData\unrar.exe
[2011.05.27 15:27:46 | 000,000,144 | -HS- | C] () -- C:\ProgramData\2081450850
[2011.05.27 15:27:19 | 000,000,127 | ---- | C] () -- C:\Windows\SysWow64\1458449477
[2011.05.27 15:18:27 | 000,003,584 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.21 16:54:09 | 000,000,042 | ---- | C] () -- C:\Windows\wininit.ini
[2011.05.21 16:52:27 | 000,000,000 | ---- | C] () -- C:\Windows\MKDEWE.TRN
[2011.05.21 16:08:06 | 000,181,704 | ---- | C] () -- C:\Windows\hpoins28.dat
[2011.05.21 16:08:06 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2011.05.21 16:06:30 | 000,002,703 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Office Excel 2007.lnk
[2011.05.21 16:06:23 | 000,002,697 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Office Word 2007.lnk
[2011.05.21 16:06:18 | 000,002,795 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Office Outlook 2007.lnk
[2011.05.21 15:02:49 | 000,001,246 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011.05.21 14:31:27 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.21 14:31:26 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.21 14:15:48 | 000,000,355 | ---- | C] () -- C:\Users\user\Desktop\Computer - Verknüpfung.lnk
[2011.05.10 09:52:03 | 000,001,416 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.05.10 09:51:59 | 000,001,450 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.05.10 09:51:58 | 000,000,858 | ---- | C] () -- C:\Users\user\Desktop\Downloads.lnk
[2011.04.08 08:20:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.05.17 11:30:12 | 000,001,560 | ---- | C] () -- C:\Windows\EFIBU.INI
 
========== LOP Check ==========
 
[2011.05.21 15:02:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OpenOffice.org
[2009.07.14 07:08:49 | 000,020,034 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:8C35AEA7[/QUOTE]
 
[QUOTE]OTL Extras logfile created on: 29.05.2011 16:42:59 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\user\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 73,16% Memory free
7,50 Gb Paging File | 6,44 Gb Available in Paging File | 85,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 234,28 Gb Total Space | 204,13 Gb Free Space | 87,13% Space Free | Partition Type: NTFS
Drive D: | 108,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive X: | 231,18 Gb Total Space | 219,88 Gb Free Space | 95,11% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{39FE4416-BCD3-5CE9-E5D9-9E46B1948DED}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{7385C8E4-66A7-91C3-FC45-5640D309F897}" = ATI Catalyst Install Manager
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{A00C9114-40E6-4C70-A619-7DF264B23485}" = HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}" = DJ_AIO_03_F4200_Software_Min
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B54AC57-9FCE-C8FB-ED64-78255F7799AC}" = Catalyst Control Center Graphics Light
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D7CA0B8-32F3-6050-4B5C-73BFDBBAD0D1}" = Catalyst Control Center Graphics Full New
"{5F2DFE11-8EB7-18B1-91A8-439F3C4A33C9}" = Catalyst Control Center InstallProxy
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{72A61E3B-A04A-5242-20A9-A728C8AFD036}" = CCC Help English
"{7A6173DA-867A-956A-532E-AEFFB01CC708}" = Catalyst Control Center Core Implementation
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3BBD8AC-2B6B-F097-77E9-CDD147E667B0}" = Catalyst Control Center Graphics Previews Vista
"{A5B7F0AE-657D-B653-177B-17E57BFC9BDB}" = Catalyst Control Center Graphics Full Existing
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B764714F-D647-C7A7-E0AB-3BE54CD83E83}" = Skins
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2524280-A5CF-4458-B809-167F13FAB56D}" = F4200
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5A08ABF-3595-FE4B-7471-5469FC0E8A8B}" = ccc-core-static
"{C98940D2-AB1E-0A97-6C49-B69081C8AE13}" = Catalyst Control Center Localization All
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"EFIBU.EXE" = EURO FIBU
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 27.05.2011 08:31:18 | Computer Name = user-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.05.2011 09:03:25 | Computer Name = user-PC | Source = MsiInstaller | ID = 11327
Description = 
 
Error - 27.05.2011 09:15:39 | Computer Name = user-PC | Source = MsiInstaller | ID = 11327
Description = 
 
Error - 27.05.2011 09:19:51 | Computer Name = user-PC | Source = MsiInstaller | ID = 11327
Description = 
 
Error - 27.05.2011 09:27:21 | Computer Name = user-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: QuickTime_Update_KB172101.exe, Version:
0.0.0.0, Zeitstempel: 0x4ddde52a Name des fehlerhaften Moduls: QuickTime_Update_KB172101.exe,
Version: 0.0.0.0, Zeitstempel: 0x4ddde52a Ausnahmecode: 0xc0000005 Fehleroffset: 
0x0000314f ID des fehlerhaften Prozesses: 0xc18 Startzeit der fehlerhaften Anwendung:
0x01cc1c71cd4c930f Pfad der fehlerhaften Anwendung: C:\Users\user\Downloads\QuickTime_Update_KB172101.exe
Pfad
des fehlerhaften Moduls: C:\Users\user\Downloads\QuickTime_Update_KB172101.exe Berichtskennung:
0cd23a45-8865-11e0-a95e-d027883d050f
 
Error - 27.05.2011 09:53:51 | Computer Name = user-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.05.2011 11:23:57 | Computer Name = user-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.05.2011 13:49:17 | Computer Name = user-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.05.2011 14:06:32 | Computer Name = user-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.05.2011 14:38:18 | Computer Name = user-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 29.05.2011 09:58:16 | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = 15:58:16 - Fehler beim Herstellen der Internetverbindung. 15:58:16 
- Serververbindung konnte nicht hergestellt werden.. 
 
Error - 29.05.2011 09:58:29 | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = 15:58:21 - Fehler beim Herstellen der Internetverbindung. 15:58:21 
- Serververbindung konnte nicht hergestellt werden.. 
 
[ System Events ]
Error - 10.05.2011 03:50:59 | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "kl2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
 
Error - 21.05.2011 07:49:18 | Computer Name = user-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kl2
 
Error - 21.05.2011 07:51:29 | Computer Name = user-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kl2
 
Error - 21.05.2011 08:08:09 | Computer Name = user-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?05.?2011 um 14:06:14 unerwartet heruntergefahren.
 
Error - 21.05.2011 08:08:19 | Computer Name = user-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
kl2
 
Error - 21.05.2011 08:08:40 | Computer Name = user-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler 
beendet: %%16405
 
Error - 24.05.2011 01:57:47 | Computer Name = user-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?23.?05.?2011 um 21:31:32 unerwartet heruntergefahren.
 
 
< End of report >
         
--- --- ---

Alt 30.05.2011, 15:59   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________

__________________

Alt 30.05.2011, 19:46   #3
even
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



Hi,

hier der Log:

Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 6724

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

30.05.2011 19:41:40
mbam-log-2011-05-30 (19-41-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|X:\|)
Durchsuchte Objekte: 273787
Laufzeit: 23 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\user\AppData\LocalLow\Sun\Java\deployment\cache\6.0\6\137f4d06-7b383eb0 (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\user\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully
even
__________________

Alt 30.05.2011, 20:33   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
[2011.05.28 09:30:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011.05.27 15:28:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\SysWoW32
[2011.05.27 15:27:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\BAF2C0597B6D0AC1B8A317E4EAD56753
[2011.05.28 12:15:57 | 000,001,265 | ---- | M] () -- C:\ProgramData\1547321422
[2011.05.28 11:50:16 | 000,000,036 | ---- | M] () -- C:\ProgramData\7cc03c35
[2011.05.28 11:46:58 | 000,000,144 | -HS- | M] () -- C:\ProgramData\2081450850
[2011.05.28 09:31:40 | 000,000,136 | ---- | M] () -- C:\ProgramData\~51174532
[2011.05.28 09:31:39 | 000,000,160 | ---- | M] () -- C:\ProgramData\~51174532r
[2011.05.28 09:30:11 | 000,000,344 | ---- | M] () -- C:\ProgramData\51174532
[2011.05.27 15:27:46 | 000,203,776 | -HS- | M] () -- C:\ProgramData\unrar.exe
[2011.05.27 15:27:20 | 000,000,127 | ---- | M] () -- C:\Windows\SysWow64\1458449477
[2011.05.28 09:31:39 | 000,000,160 | ---- | C] () -- C:\ProgramData\~51174532r
[2011.05.28 09:31:39 | 000,000,136 | ---- | C] () -- C:\ProgramData\~51174532
[2011.05.28 09:30:11 | 000,000,344 | ---- | C] () -- C:\ProgramData\51174532
[2011.05.27 15:28:07 | 000,000,036 | ---- | C] () -- C:\ProgramData\7cc03c35
[2011.05.27 15:28:00 | 000,001,265 | ---- | C] () -- C:\ProgramData\1547321422
[2011.05.27 15:27:46 | 000,203,776 | -HS- | C] () -- C:\ProgramData\unrar.exe
[2011.05.27 15:27:46 | 000,000,144 | -HS- | C] () -- C:\ProgramData\2081450850
[2011.05.27 15:27:19 | 000,000,127 | ---- | C] () -- C:\Windows\SysWow64\1458449477
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:8C35AEA7
:Commands
[purity]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.05.2011, 20:50   #5
even
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



hi,
so hier das Logfile
Zitat:
======== OTL ==========
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery folder moved successfully.
C:\ProgramData\SysWoW32 folder moved successfully.
C:\ProgramData\BAF2C0597B6D0AC1B8A317E4EAD56753\h folder moved successfully.
C:\ProgramData\BAF2C0597B6D0AC1B8A317E4EAD56753\b folder moved successfully.
C:\ProgramData\BAF2C0597B6D0AC1B8A317E4EAD56753 folder moved successfully.
C:\ProgramData\1547321422 moved successfully.
C:\ProgramData\7cc03c35 moved successfully.
C:\ProgramData\2081450850 moved successfully.
C:\ProgramData\~51174532 moved successfully.
C:\ProgramData\~51174532r moved successfully.
C:\ProgramData\51174532 moved successfully.
C:\ProgramData\unrar.exe moved successfully.
C:\Windows\SysWOW64\1458449477 moved successfully.
File C:\ProgramData\~51174532r not found.
File C:\ProgramData\~51174532 not found.
File C:\ProgramData\51174532 not found.
File C:\ProgramData\7cc03c35 not found.
File C:\ProgramData\1547321422 not found.
File C:\ProgramData\unrar.exe not found.
File C:\ProgramData\2081450850 not found.
File C:\Windows\SysWow64\1458449477 not found.
ADS C:\ProgramData\TEMP:8C35AEA7 deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.23.0 log created on 05302011_204640


Alt 30.05.2011, 20:58   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
--> Fehlermeldung Catalyst Control Center

Alt 30.05.2011, 21:05   #7
even
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



hi,
unhide.exe hab ich nicht ausgeführt, da alle dateien sichtbar sind

Zitat:
2011/05/30 21:02:24.0515 2500 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/30 21:02:24.0874 2500 ================================================================================
2011/05/30 21:02:24.0874 2500 SystemInfo:
2011/05/30 21:02:24.0874 2500
2011/05/30 21:02:24.0874 2500 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/30 21:02:24.0874 2500 Product type: Workstation
2011/05/30 21:02:24.0874 2500 ComputerName: USER-PC
2011/05/30 21:02:24.0874 2500 UserName: user
2011/05/30 21:02:24.0874 2500 Windows directory: C:\Windows
2011/05/30 21:02:24.0874 2500 System windows directory: C:\Windows
2011/05/30 21:02:24.0874 2500 Running under WOW64
2011/05/30 21:02:24.0874 2500 Processor architecture: Intel x64
2011/05/30 21:02:24.0874 2500 Number of processors: 2
2011/05/30 21:02:24.0874 2500 Page size: 0x1000
2011/05/30 21:02:24.0874 2500 Boot type: Normal boot
2011/05/30 21:02:24.0874 2500 ================================================================================
2011/05/30 21:02:25.0717 2500 Initialize success
2011/05/30 21:02:57.0073 2120 ================================================================================
2011/05/30 21:02:57.0073 2120 Scan started
2011/05/30 21:02:57.0073 2120 Mode: Manual;
2011/05/30 21:02:57.0073 2120 ================================================================================
2011/05/30 21:02:57.0509 2120 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/05/30 21:02:57.0572 2120 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/05/30 21:02:57.0587 2120 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/05/30 21:02:57.0634 2120 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
2011/05/30 21:02:57.0665 2120 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
2011/05/30 21:02:57.0681 2120 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
2011/05/30 21:02:57.0743 2120 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/05/30 21:02:57.0759 2120 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/05/30 21:02:57.0775 2120 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/05/30 21:02:57.0806 2120 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/05/30 21:02:57.0821 2120 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
2011/05/30 21:02:57.0853 2120 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/30 21:02:57.0884 2120 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
2011/05/30 21:02:57.0931 2120 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
2011/05/30 21:02:57.0962 2120 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
2011/05/30 21:02:58.0009 2120 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/05/30 21:02:58.0040 2120 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
2011/05/30 21:02:58.0055 2120 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
2011/05/30 21:02:58.0071 2120 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/30 21:02:58.0102 2120 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/05/30 21:02:58.0227 2120 atikmdag (d491f749b487d7cb5aee12436802ad88) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/30 21:02:58.0367 2120 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\drivers\AtiPcie.sys
2011/05/30 21:02:58.0430 2120 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/05/30 21:02:58.0445 2120 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
2011/05/30 21:02:58.0508 2120 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
2011/05/30 21:02:58.0539 2120 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/30 21:02:58.0586 2120 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/30 21:02:58.0633 2120 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/30 21:02:58.0664 2120 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/30 21:02:58.0695 2120 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
2011/05/30 21:02:58.0711 2120 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
2011/05/30 21:02:58.0742 2120 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/30 21:02:58.0757 2120 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/30 21:02:58.0773 2120 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/30 21:02:58.0789 2120 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/30 21:02:58.0835 2120 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
2011/05/30 21:02:58.0851 2120 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/30 21:02:58.0898 2120 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/30 21:02:58.0945 2120 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
2011/05/30 21:02:58.0976 2120 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/30 21:02:59.0038 2120 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
2011/05/30 21:02:59.0054 2120 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/05/30 21:02:59.0069 2120 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/05/30 21:02:59.0101 2120 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
2011/05/30 21:02:59.0116 2120 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/05/30 21:02:59.0132 2120 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
2011/05/30 21:02:59.0179 2120 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/05/30 21:02:59.0210 2120 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/30 21:02:59.0241 2120 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
2011/05/30 21:02:59.0288 2120 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/05/30 21:02:59.0335 2120 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/05/30 21:02:59.0381 2120 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/05/30 21:02:59.0491 2120 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/30 21:02:59.0553 2120 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/30 21:02:59.0678 2120 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
2011/05/30 21:02:59.0803 2120 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
2011/05/30 21:02:59.0818 2120 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/05/30 21:02:59.0849 2120 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/30 21:02:59.0865 2120 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/30 21:02:59.0896 2120 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
2011/05/30 21:02:59.0943 2120 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/30 21:02:59.0959 2120 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/30 21:02:59.0974 2120 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
2011/05/30 21:03:00.0021 2120 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/05/30 21:03:00.0037 2120 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/30 21:03:00.0068 2120 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/30 21:03:00.0083 2120 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/30 21:03:00.0115 2120 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/30 21:03:00.0177 2120 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/30 21:03:00.0224 2120 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/30 21:03:00.0286 2120 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/30 21:03:00.0302 2120 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
2011/05/30 21:03:00.0317 2120 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
2011/05/30 21:03:00.0333 2120 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
2011/05/30 21:03:00.0364 2120 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/30 21:03:00.0427 2120 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/30 21:03:00.0458 2120 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/05/30 21:03:00.0489 2120 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/30 21:03:00.0520 2120 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/30 21:03:00.0551 2120 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
2011/05/30 21:03:00.0583 2120 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
2011/05/30 21:03:00.0614 2120 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/05/30 21:03:00.0645 2120 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
2011/05/30 21:03:00.0676 2120 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/30 21:03:00.0692 2120 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/30 21:03:00.0723 2120 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/30 21:03:00.0754 2120 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/30 21:03:00.0770 2120 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/05/30 21:03:00.0801 2120 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/05/30 21:03:00.0817 2120 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/30 21:03:00.0863 2120 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/30 21:03:00.0879 2120 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/30 21:03:00.0895 2120 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/30 21:03:00.0926 2120 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/30 21:03:00.0973 2120 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/30 21:03:01.0019 2120 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/30 21:03:01.0035 2120 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/30 21:03:01.0051 2120 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
2011/05/30 21:03:01.0082 2120 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/30 21:03:01.0097 2120 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/30 21:03:01.0113 2120 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
2011/05/30 21:03:01.0144 2120 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
2011/05/30 21:03:01.0191 2120 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/30 21:03:01.0222 2120 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/30 21:03:01.0238 2120 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/30 21:03:01.0269 2120 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/30 21:03:01.0300 2120 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/05/30 21:03:01.0331 2120 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/05/30 21:03:01.0347 2120 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/30 21:03:01.0378 2120 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/05/30 21:03:01.0425 2120 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/30 21:03:01.0456 2120 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/30 21:03:01.0487 2120 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/30 21:03:01.0503 2120 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/05/30 21:03:01.0519 2120 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/05/30 21:03:01.0550 2120 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/30 21:03:01.0597 2120 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/30 21:03:01.0612 2120 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/05/30 21:03:01.0675 2120 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/30 21:03:01.0690 2120 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/30 21:03:01.0721 2120 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/30 21:03:01.0753 2120 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/05/30 21:03:01.0784 2120 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/30 21:03:01.0799 2120 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/30 21:03:01.0815 2120 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
2011/05/30 21:03:01.0846 2120 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/30 21:03:01.0893 2120 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/30 21:03:01.0924 2120 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/05/30 21:03:01.0955 2120 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/30 21:03:01.0971 2120 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/30 21:03:02.0002 2120 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/30 21:03:02.0033 2120 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/30 21:03:02.0049 2120 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/05/30 21:03:02.0080 2120 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/30 21:03:02.0096 2120 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/30 21:03:02.0158 2120 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
2011/05/30 21:03:02.0189 2120 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/30 21:03:02.0221 2120 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/30 21:03:02.0267 2120 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
2011/05/30 21:03:02.0314 2120 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/30 21:03:02.0345 2120 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
2011/05/30 21:03:02.0361 2120 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
2011/05/30 21:03:02.0408 2120 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/05/30 21:03:02.0439 2120 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/05/30 21:03:02.0470 2120 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
2011/05/30 21:03:02.0517 2120 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/05/30 21:03:02.0533 2120 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/05/30 21:03:02.0564 2120 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/05/30 21:03:02.0595 2120 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
2011/05/30 21:03:02.0611 2120 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/30 21:03:02.0642 2120 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/30 21:03:02.0735 2120 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/30 21:03:02.0767 2120 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
2011/05/30 21:03:02.0798 2120 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/30 21:03:02.0860 2120 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
2011/05/30 21:03:02.0907 2120 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
2011/05/30 21:03:02.0938 2120 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/30 21:03:02.0954 2120 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/30 21:03:02.0985 2120 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/30 21:03:03.0016 2120 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/30 21:03:03.0047 2120 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/30 21:03:03.0063 2120 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/30 21:03:03.0079 2120 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/30 21:03:03.0110 2120 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
2011/05/30 21:03:03.0125 2120 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/30 21:03:03.0157 2120 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/30 21:03:03.0188 2120 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/30 21:03:03.0219 2120 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/05/30 21:03:03.0266 2120 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/05/30 21:03:03.0344 2120 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/30 21:03:03.0391 2120 RTL8169 (170a66dfaaa22358e08d6f4b38c8f3df) C:\Windows\system32\DRIVERS\Rtlh64.sys
2011/05/30 21:03:03.0422 2120 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/30 21:03:03.0453 2120 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/30 21:03:03.0515 2120 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/30 21:03:03.0562 2120 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/30 21:03:03.0578 2120 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/30 21:03:03.0625 2120 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
2011/05/30 21:03:03.0656 2120 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/05/30 21:03:03.0687 2120 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/30 21:03:03.0703 2120 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/30 21:03:03.0718 2120 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
2011/05/30 21:03:03.0765 2120 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
2011/05/30 21:03:03.0781 2120 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
2011/05/30 21:03:03.0796 2120 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/30 21:03:03.0827 2120 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/30 21:03:03.0890 2120 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/30 21:03:03.0905 2120 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/30 21:03:03.0937 2120 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/30 21:03:03.0983 2120 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
2011/05/30 21:03:04.0015 2120 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/30 21:03:04.0093 2120 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/05/30 21:03:04.0155 2120 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/30 21:03:04.0186 2120 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/30 21:03:04.0217 2120 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/30 21:03:04.0233 2120 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/30 21:03:04.0249 2120 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/30 21:03:04.0280 2120 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/30 21:03:04.0311 2120 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/30 21:03:04.0342 2120 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/30 21:03:04.0373 2120 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
2011/05/30 21:03:04.0389 2120 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/30 21:03:04.0420 2120 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
2011/05/30 21:03:04.0436 2120 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/30 21:03:04.0483 2120 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/30 21:03:04.0498 2120 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/30 21:03:04.0529 2120 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
2011/05/30 21:03:04.0592 2120 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
2011/05/30 21:03:04.0639 2120 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/30 21:03:04.0670 2120 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/05/30 21:03:04.0685 2120 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/30 21:03:04.0717 2120 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/30 21:03:04.0748 2120 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/30 21:03:04.0763 2120 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/30 21:03:04.0795 2120 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/30 21:03:04.0826 2120 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/30 21:03:04.0841 2120 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
2011/05/30 21:03:04.0857 2120 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/30 21:03:04.0904 2120 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/30 21:03:04.0919 2120 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/30 21:03:04.0951 2120 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/05/30 21:03:05.0029 2120 VIAHdAudAddService (04d440462ed3898a0c7d6c5b97397a6d) C:\Windows\system32\drivers\viahduaa.sys
2011/05/30 21:03:05.0075 2120 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/05/30 21:03:05.0107 2120 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/05/30 21:03:05.0122 2120 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/05/30 21:03:05.0153 2120 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/05/30 21:03:05.0169 2120 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
2011/05/30 21:03:05.0216 2120 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/05/30 21:03:05.0231 2120 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
2011/05/30 21:03:05.0263 2120 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/30 21:03:05.0278 2120 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/30 21:03:05.0325 2120 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
2011/05/30 21:03:05.0341 2120 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/30 21:03:05.0387 2120 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/30 21:03:05.0434 2120 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/30 21:03:05.0481 2120 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/30 21:03:05.0528 2120 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/30 21:03:05.0575 2120 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/05/30 21:03:05.0606 2120 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/30 21:03:05.0637 2120 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/05/30 21:03:05.0653 2120 ================================================================================
2011/05/30 21:03:05.0653 2120 Scan finished
2011/05/30 21:03:05.0653 2120 ================================================================================
2011/05/30 21:03:05.0668 2672 Detected object count: 0
2011/05/30 21:03:05.0668 2672 Actual detected object count: 0
gruß even

Alt 30.05.2011, 21:07   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.05.2011, 21:33   #9
even
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



hi,

habe combofix ausgeführt:
Combofix Logfile:
Code:
ATTFilter
ComboFix 11-05-30.04 - user 30.05.2011  21:22:55.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.3839.2565 [GMT 2:00]
ausgeführt von:: c:\users\user\Desktop\cofi.exe.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
c:\users\user\AppData\Roaming\Adobe\plugs
c:\users\user\AppData\Roaming\Adobe\shed
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-04-28 bis 2011-05-30  ))))))))))))))))))))))))))))))
.
.
2011-05-30 19:25 . 2011-05-30 19:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-05-30 18:46 . 2011-05-30 18:46	--------	d-----w-	C:\_OTL
2011-05-30 17:12 . 2010-12-20 16:09	38224	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-30 17:12 . 2011-05-30 17:12	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-29 17:13 . 2011-05-29 17:13	--------	d-----w-	c:\program files (x86)\Common Files\Java
2011-05-29 15:57 . 2011-01-17 11:09	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-05-29 15:57 . 2011-01-17 05:47	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-05-29 14:58 . 2011-05-29 14:58	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-28 09:59 . 2011-05-28 09:59	--------	d-----w-	c:\programdata\Malwarebytes
2011-05-28 09:59 . 2010-12-20 16:08	24152	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-05-28 05:31 . 2011-05-18 10:37	8718160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{841A471E-850A-466B-8ED6-C096D4F21C7E}\mpengine.dll
2011-05-26 17:44 . 2011-05-26 17:44	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-05-26 17:44 . 2011-05-26 17:44	845632	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-25 05:22 . 2011-04-22 22:15	27520	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-05-24 15:29 . 2011-05-24 15:29	--------	dc----w-	c:\windows\system32\DRVSTORE
2011-05-24 15:29 . 2009-05-18 11:17	34152	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2011-05-24 15:28 . 2011-05-24 15:28	--------	d-----w-	c:\program files (x86)\QuickTime
2011-05-24 15:28 . 2011-05-24 15:28	--------	d-----w-	c:\program files (x86)\Apple Software Update
2011-05-24 15:28 . 2011-05-24 15:28	--------	d-----w-	c:\program files\Common Files\Apple
2011-05-24 15:27 . 2011-05-24 15:29	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2011-05-24 15:27 . 2011-05-24 15:27	--------	d-----w-	c:\programdata\Apple
2011-05-21 14:59 . 2011-05-21 14:59	--------	d-----w-	C:\pdf
2011-05-21 14:55 . 2011-05-21 14:56	--------	d-----w-	C:\EUROFIBU
2011-05-21 14:11 . 2011-05-21 14:11	--------	d-----w-	c:\programdata\WEBREG
2011-05-21 14:10 . 2011-05-21 14:10	--------	d-----w-	c:\programdata\HP Product Assistant
2011-05-21 14:09 . 2011-05-21 14:09	--------	d-----w-	c:\program files (x86)\Common Files\HP
2011-05-21 14:08 . 2011-05-21 14:08	--------	d-----w-	c:\program files (x86)\Common Files\Hewlett-Packard
2011-05-21 14:08 . 2011-05-21 14:10	--------	d-----w-	c:\program files (x86)\HP
2011-05-21 14:07 . 2009-07-08 10:51	938496	----a-w-	c:\windows\system32\hpowiax7.dll
2011-05-21 14:07 . 2009-07-08 10:51	740864	----a-w-	c:\windows\system32\hpotscl6.dll
2011-05-21 14:07 . 2009-07-08 10:51	642360	----a-w-	c:\windows\system32\hpzids40.dll
2011-05-21 14:07 . 2009-07-08 10:51	551424	----a-w-	c:\windows\system32\hppldcoi.dll
2011-05-21 14:07 . 2009-07-08 10:51	505344	----a-w-	c:\windows\system32\hpovst15.dll
2011-05-21 13:45 . 2011-05-21 18:34	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-21 13:45 . 2011-05-21 13:45	--------	d-----w-	c:\windows\SysWow64\Macromed
2011-05-21 13:44 . 2011-05-21 13:45	--------	d-----w-	c:\windows\AxInstSV
2011-05-21 13:24 . 2011-05-21 13:24	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2011-05-21 13:05 . 2008-10-15 04:22	4379984	----a-w-	c:\windows\SysWow64\D3DX9_40.dll
2011-05-21 13:00 . 2011-05-21 13:00	--------	d-----w-	c:\program files (x86)\OpenOffice.org 3
2011-05-21 13:00 . 2011-05-29 17:13	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-05-21 13:00 . 2011-05-21 13:00	--------	d-----w-	c:\program files (x86)\Java
2011-05-21 12:52 . 2011-05-21 12:52	521448	----a-w-	c:\windows\system32\deployJava1.dll
2011-05-21 12:35 . 2011-05-21 14:11	--------	d-----w-	c:\programdata\HP
2011-05-21 12:34 . 2011-05-21 12:34	--------	d-----w-	c:\programdata\Hewlett-Packard
2011-05-21 12:34 . 2009-07-14 01:41	230400	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2011-05-21 12:25 . 2011-02-19 12:05	1139200	----a-w-	c:\windows\system32\FntCache.dll
2011-05-21 12:25 . 2011-02-19 12:04	902656	----a-w-	c:\windows\system32\d2d1.dll
2011-05-21 12:25 . 2011-02-19 06:30	1076736	----a-w-	c:\windows\SysWow64\DWrite.dll
2011-05-21 12:25 . 2011-02-19 12:04	1544192	----a-w-	c:\windows\system32\DWrite.dll
2011-05-21 12:25 . 2011-02-19 06:30	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2011-05-21 12:24 . 2011-05-21 12:24	--------	d-----w-	c:\program files (x86)\Microsoft Works
2011-05-21 12:23 . 2011-05-21 12:23	--------	d-----w-	c:\windows\PCHEALTH
2011-05-21 12:21 . 2011-05-21 12:21	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2011-05-21 12:20 . 2011-05-21 12:26	--------	d-----w-	c:\programdata\Microsoft Help
2011-05-21 12:20 . 2011-05-21 12:20	--------	d-----r-	C:\MSOCache
2011-05-21 12:17 . 2011-05-21 12:17	--------	d-----w-	c:\programdata\Avira
2011-05-21 12:17 . 2011-05-21 12:17	--------	d-----w-	c:\program files (x86)\Avira
2011-05-21 12:17 . 2011-04-01 15:07	83120	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-05-21 12:17 . 2011-04-01 15:07	116568	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-05-21 11:54 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-05-21 11:54 . 2011-04-09 05:56	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2011-05-21 11:54 . 2011-02-25 06:19	2871808	----a-w-	c:\windows\explorer.exe
2011-05-21 11:54 . 2011-02-25 05:30	2616320	----a-w-	c:\windows\SysWow64\explorer.exe
2011-05-21 11:54 . 2011-02-24 06:15	476160	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-05-21 11:54 . 2011-02-24 05:38	288256	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2011-05-21 11:54 . 2011-04-09 07:02	5562240	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-05-21 11:54 . 2011-04-09 06:02	3967872	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-05-21 11:54 . 2011-04-09 06:02	3912576	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-05-10 07:49 . 2011-05-30 17:20	--------	d-----w-	c:\users\user
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 06:19 . 2011-05-21 11:53	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-05-21 11:53	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
.
c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FXDrv32;FXDrv32;D:\FXDrv64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 10944739
*Deregistered* - 10944739
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.at/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nrsrmvds.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-iTunesHelper - j:\johannes\iTunesHelper.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-05-30  21:26:43
ComboFix-quarantined-files.txt  2011-05-30 19:26
.
Vor Suchlauf: 13 Verzeichnis(se), 217.339.572.224 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 217.803.595.776 Bytes frei
.
- - End Of File - - 7A79AD1219CA6AE6030FEE1A45B07D01
         
--- --- ---


danach waren die verküpfungen an der taskleiste nicht mehr vorhanden (Pfad??)

gruß
even

Alt 30.05.2011, 22:13   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



Bitte nun Logs mit GMER und mbrcheck erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg

Anleitung zu mbrcheck:
Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.05.2011, 22:42   #11
even
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



hallo,

hoffe ich habs richtig gemacht:
GMER hat nichts gefunden

und das andere log:
Zitat:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: FOXCONN
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: To Be Filled By O.E.M.
System Product Name: To Be Filled By O.E.M.
Logical Drives Mask: 0x008000fc

Kernel Drivers (total 174):
0x02807000 \SystemRoot\system32\ntoskrnl.exe
0x02DF0000 \SystemRoot\system32\hal.dll
0x00BB7000 \SystemRoot\system32\kdcom.dll
0x00CC6000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x00CD3000 \SystemRoot\system32\PSHED.dll
0x00CE7000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00D45000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00DE9000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00E88000 \SystemRoot\system32\drivers\ACPI.sys
0x00EDF000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00EE8000 \SystemRoot\system32\drivers\msisadrv.sys
0x00EF2000 \SystemRoot\system32\drivers\pci.sys
0x00F25000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F32000 \SystemRoot\System32\drivers\partmgr.sys
0x00F47000 \SystemRoot\system32\drivers\volmgr.sys
0x00F5C000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FB8000 \SystemRoot\system32\drivers\pciide.sys
0x00FBF000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00FCF000 \SystemRoot\System32\drivers\mountmgr.sys
0x00FE9000 \SystemRoot\system32\drivers\atapi.sys
0x00E00000 \SystemRoot\system32\drivers\ataport.SYS
0x00E2A000 \SystemRoot\system32\drivers\amdxata.sys
0x00E35000 \SystemRoot\system32\drivers\fltmgr.sys
0x010D0000 \SystemRoot\system32\drivers\fileinfo.sys
0x01234000 \SystemRoot\System32\Drivers\Ntfs.sys
0x010E4000 \SystemRoot\System32\Drivers\msrpc.sys
0x013D7000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01142000 \SystemRoot\System32\Drivers\cng.sys
0x01200000 \SystemRoot\System32\drivers\pcw.sys
0x01211000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x014C5000 \SystemRoot\system32\drivers\ndis.sys
0x01400000 \SystemRoot\system32\drivers\NETIO.SYS
0x01460000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x016CF000 \SystemRoot\System32\drivers\tcpip.sys
0x018D3000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0191D000 \SystemRoot\system32\drivers\volsnap.sys
0x01969000 \SystemRoot\System32\Drivers\spldr.sys
0x01971000 \SystemRoot\System32\drivers\rdyboost.sys
0x019AB000 \SystemRoot\System32\Drivers\mup.sys
0x019BD000 \SystemRoot\System32\drivers\hwpolicy.sys
0x019C6000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01600000 \SystemRoot\system32\drivers\disk.sys
0x01616000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01646000 \SystemRoot\system32\drivers\AtiPcie.sys
0x01684000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x016AE000 \SystemRoot\System32\Drivers\Null.SYS
0x016B7000 \SystemRoot\System32\Drivers\Beep.SYS
0x016BE000 \SystemRoot\System32\drivers\vga.sys
0x0148B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x014B0000 \SystemRoot\System32\drivers\watchdog.sys
0x015B8000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x015C1000 \SystemRoot\system32\drivers\rdpencdd.sys
0x015CA000 \SystemRoot\system32\drivers\rdprefmp.sys
0x015D3000 \SystemRoot\System32\Drivers\Msfs.SYS
0x015DE000 \SystemRoot\System32\Drivers\Npfs.SYS
0x011B4000 \SystemRoot\system32\DRIVERS\tdx.sys
0x015EF000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01000000 \SystemRoot\system32\drivers\afd.sys
0x01089000 \SystemRoot\System32\DRIVERS\netbt.sys
0x0121B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x011D6000 \SystemRoot\system32\DRIVERS\pacer.sys
0x01224000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03A74000 \SystemRoot\system32\DRIVERS\serial.sys
0x03A91000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03AAC000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03AC0000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03B11000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03B1D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03B28000 \SystemRoot\System32\drivers\discache.sys
0x03B37000 \SystemRoot\System32\Drivers\dfsc.sys
0x03B55000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x03B66000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x03B88000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x03BAE000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x03E07000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x04412000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04506000 \SystemRoot\System32\drivers\dxgmms1.sys
0x0454C000 \SystemRoot\system32\DRIVERS\Rtlh64.sys
0x04586000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x04593000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x0459E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04400000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x04377000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x045F4000 \SystemRoot\system32\DRIVERS\serenum.sys
0x0439B000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x043AB000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x043C1000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x043E5000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x03BC3000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x03A00000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x03A1B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x03A3C000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x043F1000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x03A56000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x03E00000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04877000 \SystemRoot\system32\DRIVERS\ks.sys
0x048BA000 \SystemRoot\system32\DRIVERS\umbus.sys
0x048CC000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04926000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0562A000 \SystemRoot\system32\drivers\viahduaa.sys
0x057B8000 \SystemRoot\system32\drivers\portcls.sys
0x05600000 \SystemRoot\system32\drivers\drmk.sys
0x05622000 \SystemRoot\system32\drivers\ksthunk.sys
0x0493B000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x04958000 \SystemRoot\System32\Drivers\crashdmp.sys
0x04966000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x057F5000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x04972000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00050000 \SystemRoot\System32\win32k.sys
0x04985000 \SystemRoot\System32\drivers\Dxapi.sys
0x04991000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0499F000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x049B8000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x057FE000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x049C1000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x049DC000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x049E9000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x04800000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004A0000 \SystemRoot\System32\TSDDD.dll
0x00660000 \SystemRoot\System32\cdd.dll
0x0480E000 \SystemRoot\system32\drivers\luafv.sys
0x04831000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x0484E000 \SystemRoot\system32\drivers\WudfPf.sys
0x0164E000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x01663000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02816000 \SystemRoot\system32\drivers\HTTP.sys
0x028DF000 \SystemRoot\system32\DRIVERS\bowser.sys
0x028FD000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02915000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x02942000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0298F000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x054B8000 \SystemRoot\system32\drivers\peauth.sys
0x0555E000 \SystemRoot\System32\Drivers\secdrv.SYS
0x05569000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0559A000 \SystemRoot\System32\drivers\tcpipreg.sys
0x05400000 \SystemRoot\System32\DRIVERS\srv2.sys
0x058D9000 \SystemRoot\System32\DRIVERS\srv.sys
0x05971000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x775D0000 \Windows\System32\ntdll.dll
0x482F0000 \Windows\System32\smss.exe
0xFF8F0000 \Windows\System32\apisetschema.dll
0xFFD20000 \Windows\System32\autochk.exe
0xFF8C0000 \Windows\System32\sechost.dll
0xFF870000 \Windows\System32\ws2_32.dll
0xFF860000 \Windows\System32\nsi.dll
0xFF750000 \Windows\System32\msctf.dll
0xFF6B0000 \Windows\System32\msvcrt.dll
0x77480000 \Windows\System32\urlmon.dll
0x777A0000 \Windows\System32\psapi.dll
0xFF610000 \Windows\System32\clbcatq.dll
0x77790000 \Windows\System32\normaliz.dll
0xFF4E0000 \Windows\System32\rpcrt4.dll
0xFF470000 \Windows\System32\gdi32.dll
0x77380000 \Windows\System32\user32.dll
0xFE6E0000 \Windows\System32\shell32.dll
0xFE6C0000 \Windows\System32\imagehlp.dll
0xFE6B0000 \Windows\System32\lpk.dll
0xFE630000 \Windows\System32\shlwapi.dll
0xFE600000 \Windows\System32\imm32.dll
0xFE560000 \Windows\System32\comdlg32.dll
0xFE480000 \Windows\System32\oleaut32.dll
0xFE420000 \Windows\System32\Wldap32.dll
0xFE210000 \Windows\System32\ole32.dll
0x77220000 \Windows\System32\wininet.dll
0xFE190000 \Windows\System32\difxapi.dll
0x77010000 \Windows\System32\iertutil.dll
0xFDFB0000 \Windows\System32\setupapi.dll
0x76EF0000 \Windows\System32\kernel32.dll
0xFDED0000 \Windows\System32\advapi32.dll
0xFDE00000 \Windows\System32\usp10.dll
0xFDD90000 \Windows\System32\KernelBase.dll
0xFDD50000 \Windows\System32\cfgmgr32.dll
0xFDD10000 \Windows\System32\wintrust.dll

Processes (total 52):
0 System Idle Process
4 System
260 C:\Windows\System32\smss.exe
348 csrss.exe
412 C:\Windows\System32\wininit.exe
436 csrss.exe
480 C:\Windows\System32\winlogon.exe
524 C:\Windows\System32\services.exe
540 C:\Windows\System32\lsass.exe
548 C:\Windows\System32\lsm.exe
644 C:\Windows\System32\svchost.exe
748 C:\Windows\System32\svchost.exe
796 C:\Windows\System32\Ati2evxx.exe
860 C:\Windows\System32\svchost.exe
916 C:\Windows\System32\svchost.exe
964 C:\Windows\System32\svchost.exe
368 C:\Windows\System32\svchost.exe
236 C:\Windows\System32\svchost.exe
1128 C:\Windows\System32\spoolsv.exe
1200 C:\Windows\System32\dwm.exe
1232 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1248 C:\Windows\System32\taskhost.exe
1308 C:\Windows\System32\svchost.exe
1448 C:\Windows\explorer.exe
1500 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1540 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
1548 C:\Windows\System32\conhost.exe
1576 C:\Windows\System32\Ati2evxx.exe
1640 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1780 C:\Windows\SysWOW64\svchost.exe
1812 C:\Windows\System32\svchost.exe
1864 C:\Windows\System32\svchost.exe
1928 C:\Windows\System32\svchost.exe
2228 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
2236 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
2268 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
2276 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2564 C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
2584 C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
2608 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2692 C:\Windows\System32\SearchIndexer.exe
2700 WUDFHost.exe
1920 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2652 C:\Windows\System32\svchost.exe
2512 C:\Windows\System32\svchost.exe
3532 C:\Windows\System32\audiodg.exe
500 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
3840 C:\Windows\System32\SearchProtocolHost.exe
3996 C:\Windows\System32\SearchFilterHost.exe
3028 C:\Users\user\Downloads\MBRCheck.exe
2136 C:\Windows\System32\conhost.exe
3668 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`12d00000 (NTFS)
\\.\X: --> \\.\PhysicalDrive0 at offset 0x0000003a`a4f00000 (NTFS)

PhysicalDrive0 Model Number: WDCWD5000AAKX-001CA0, Rev: 15.01H15

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

Geändert von even (30.05.2011 um 23:03 Uhr)

Alt 31.05.2011, 11:00   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.05.2011, 18:27   #13
even
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



hallo,

also maleware hat nichts gefunden.

SUPERAntiSpyware Log:
Zitat:
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 05/31/2011 at 06:22 PM

Application Version : 4.53.1000

Core Rules Database Version : 7167
Trace Rules Database Version: 4979

Scan type : Complete Scan
Total Scan Time : 01:03:06

Memory items scanned : 614
Memory threats detected : 0
Registry items scanned : 13807
Registry threats detected : 0
File items scanned : 122340
File threats detected : 4

Adware.Tracking Cookie
Free Porn Videos & Sex Movies - Porno, XXX, Porn Tube and Pussy Porn [ C:\Users\user\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NSEFS8WA ]

Rogue.Agent/Gen
C:\USERS\USER\DOWNLOADS\1VJWRIV1.EXE
C:\USERS\USER\DOWNLOADS\FQC1YERM.EXE
C:\USERS\USER\DOWNLOADS\M86236VV.EXE
so und der ESET Scan läuft gerade
gruß even

Alt 31.05.2011, 19:24   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



Die Funde mit SUPERAntiSpyware bitte entfernen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.05.2011, 19:56   #15
even
 
Fehlermeldung Catalyst Control Center - Standard

Fehlermeldung Catalyst Control Center



hi,

so die Funde von SUPERAntiSpyware habe ich entfernt.
der ESET Scan hatte einen fund aber ich finde das Log leider nicht.

Gruß even

Antwort

Themen zu Fehlermeldung Catalyst Control Center
64-bit, alternate, antivir, autorun, avira, bho, bonjour, c:\windows\system32\rundll32.exe, desktop, error, excel, firefox, flash player, google, helper, home, install.exe, installation, keine dateien, langs, logfile, microsoft office word, mozilla, msiinstaller, object, oldtimer, problem, realtek, registry, scan, searchplugins, security, senden, shell32.dll, shortcut, software, start menu, syswow64, webcheck, windows



Ähnliche Themen: Fehlermeldung Catalyst Control Center


  1. Windows 7: Start/ Fehlermeldung RegSvr32 Fehler beim Laden des Moduls + Avira Control Center blockiert
    Log-Analyse und Auswertung - 25.10.2014 (11)
  2. Catalyst Control Center - Host Application funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 15.08.2014 (3)
  3. Windows 8.1 Catalyst Control Center funktioniert nicht mehr
    Log-Analyse und Auswertung - 04.05.2014 (5)
  4. Problem mit ATI Catalyst Control Center unter Windows 7
    Netzwerk und Hardware - 11.03.2013 (6)
  5. Sicherheitslücke in AMDs Catalyst-Control-Center
    Nachrichten - 20.12.2012 (0)
  6. Catalyst Control Centre: Host application funktioniert nicht mehr !
    Alles rund um Windows - 12.10.2011 (1)
  7. Catalyst Controll Center Applikation konnte nicht ausgeführt werden und Benutzerordner verschwunden
    Plagegeister aller Art und deren Bekämpfung - 24.07.2011 (1)
  8. Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh
    Plagegeister aller Art und deren Bekämpfung - 24.06.2011 (38)
  9. Catalyst Control Center - Host Application funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 20.06.2011 (17)
  10. Catalyst Control Center - Host Application funktioniert nicht mehr
    Log-Analyse und Auswertung - 06.06.2011 (17)
  11. Host application& WTR Loader funktioniert nicht mehr (Catalyst Control Centre),Daten "weg"
    Log-Analyse und Auswertung - 10.05.2011 (1)
  12. WTR Loader funktioniert nicht und Host capplication funktioniert nicht (Catalyst Control Center)
    Log-Analyse und Auswertung - 07.05.2011 (23)
  13. antivir free problem : control center öffnet nicht, scan nicht möglich
    Antiviren-, Firewall- und andere Schutzprogramme - 30.07.2010 (12)
  14. Control Center entfernen
    Anleitungen, FAQs & Links - 22.12.2009 (2)
  15. 1&1 schließt Lücke im Kunden-Control-Center
    Nachrichten - 19.06.2009 (0)
  16. Catalyst Control Center
    Alles rund um Windows - 05.01.2006 (8)
  17. KAV Personal-Wie Control Center entfernen? Aktuelle Version?
    Antiviren-, Firewall- und andere Schutzprogramme - 23.02.2003 (1)

Zum Thema Fehlermeldung Catalyst Control Center - Hallo, angefangen hat das Problem mit der Fehlermeldung Catalyst Control Center. Dazu kam noch das keine Dateien am Desktop oder im Explorer sichtbar waren. Ich habe die Fehlermeldung bei Google - Fehlermeldung Catalyst Control Center...
Archiv
Du betrachtest: Fehlermeldung Catalyst Control Center auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.