Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 30.05.2011, 11:19   #1
Tuidsi
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Hallo,

ich habe mir gestern dummerweise Windows Vista Recovery eingefangen, konnte es aber dank eurer Anleitung entfernen. Ich führte einen Scan mit Malwarebytes Anti-Malware durch, die 8 gefunden infizierten Objekte entfernte. Bei meinen Daten, die infolgedessen versteckt waren, hab ich den Haken bei "versteckt" rausgenommen, sodass dabei wieder alles beim Alten zu sein scheint.
Dafür schonmal ein großes Dankeschön an euch.

Allerdings tritt beim Surfen über kurz oder lang immer wieder ein Problem auf, und zwar dass ich keine Seite mehr erreichen kann. Die Fehlermeldung sieht dann meist so (oder so ähnlich) aus: "Invalid URL
The requested URL "/", is invalid.

Reference #9.36447b5c.1306745311.23c5495b" oder "domain suspended" oder "404 Not Found".
Nach einem Neustart des Computers funktioniert das Ganze wieder für ein paar Minuten/Seiten.

Ich habe erfolgreich einen Scan mit OTL durchgeführt und wollte auch einen mit GMER machen. Dabei erschien aber kurze Zeit nach dem Starten des Scans die Meldung, dass das Programm nicht mehr funktioniert.

OTL.txt
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.05.2011 09:57:00 - Run 1
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Benni\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 59,73% Memory free
4,22 Gb Paging File | 3,29 Gb Available in Paging File | 77,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 216,41 Gb Total Space | 45,68 Gb Free Space | 21,11% Space Free | Partition Type: NTFS
Drive D: | 107,22 Gb Total Space | 53,33 Gb Free Space | 49,74% Space Free | Partition Type: NTFS
 
Computer Name: BENNI-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20656_none_463680b8218be5a3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AVKProxy) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG)
SRV - (AVKService) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG)
SRV - (AVKWCtl) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G DATA Software AG)
DRV - (GDTdiInterceptor) -- C:\Windows\System32\drivers\GDTdiIcpt.sys ()
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G DATA Software AG)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ViPrt) -- C:\Windows\system32\DRIVERS\ViPrt.sys (VIA Technologies, Inc.)
DRV - (ViBus) -- C:\Windows\system32\DRIVERS\ViBus.sys (VIA Technologies, Inc.)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.30 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.30 10:38:49 | 000,000,000 | ---D | M]
 
[2008.08.28 06:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions
[2011.05.30 09:12:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions
[2011.03.04 18:26:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.26 19:15:00 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.06 15:13:35 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.04 21:30:55 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.14 06:39:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.01.09 11:29:03 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.05.06 15:13:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\engine@conduit.com
[2009.11.15 19:14:18 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\moveplayer@movenetworks.com
[2009.12.15 08:07:32 | 000,000,881 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\conduit.xml
[2011.05.30 09:13:22 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-1.xml
[2009.07.23 12:55:55 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-2.xml
[2009.08.04 12:30:33 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-3.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin.xml
[2008.04.11 18:47:21 | 000,000,273 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\search.xml
[2011.05.30 09:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2009.06.07 12:48:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.21 09:44:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.01.05 09:22:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O4 - HKLM..\Run: [AVKTray] C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
O4 - HKLM..\Run: [recinfo294] c:\RecInfo\RecInfo.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core]  File not found
O4 - HKCU..\Run: [mmplayer.exe] C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Öffnen mit WordPerfect - c:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Benni\Pictures\schweiz.jpg
O24 - Desktop BackupWallPaper: C:\Users\Benni\Pictures\schweiz.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.30 09:36:50 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe
[2011.05.30 09:24:58 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr
[2011.05.29 18:37:17 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Malwarebytes
[2011.05.29 18:37:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.29 18:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.29 18:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.29 18:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.05.29 17:40:41 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
[2011.05.26 19:14:34 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\ICQ
[4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.30 09:49:45 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.05.30 09:47:38 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.30 09:47:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.30 09:47:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.30 09:47:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.30 09:47:20 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.30 09:36:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe
[2011.05.30 09:24:57 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr
[2011.05.30 09:15:49 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.30 08:47:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.29 19:16:17 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011.05.29 18:37:05 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.29 17:50:12 | 000,000,384 | ---- | M] () -- C:\ProgramData\21815056
[2011.05.29 17:47:36 | 000,000,136 | ---- | M] () -- C:\ProgramData\~21815056r
[2011.05.29 17:47:36 | 000,000,128 | ---- | M] () -- C:\ProgramData\~21815056
[2011.05.29 09:27:42 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
[2011.05.26 23:09:58 | 000,000,012 | ---- | M] () -- C:\Users\Benni\Desktop\prefs.dat
[2011.05.26 18:09:28 | 000,204,800 | ---- | M] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.08 20:48:34 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.08 20:48:34 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.08 20:48:34 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.08 20:48:34 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.01 20:23:35 | 000,000,852 | ---- | M] () -- C:\Users\Benni\.recently-used.xbel
[4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.30 09:15:49 | 000,000,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.05.30 09:15:49 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.29 19:16:16 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.05.29 18:37:05 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.29 17:40:54 | 000,000,136 | ---- | C] () -- C:\ProgramData\~21815056r
[2011.05.29 17:40:54 | 000,000,128 | ---- | C] () -- C:\ProgramData\~21815056
[2011.05.29 17:40:11 | 000,000,384 | ---- | C] () -- C:\ProgramData\21815056
[2011.05.01 20:23:35 | 000,000,852 | ---- | C] () -- C:\Users\Benni\.recently-used.xbel
[2010.04.26 10:32:22 | 000,000,680 | ---- | C] () -- C:\Users\Benni\AppData\Local\d3d9caps.dat
[2010.01.06 01:05:46 | 000,004,096 | ---- | C] () -- C:\Users\Benni\AppData\Local\keyfile3.drm
[2009.11.13 18:00:47 | 000,005,732 | ---- | C] () -- C:\Windows\unins000.dat
[2008.09.22 20:48:40 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.09.05 14:39:40 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008.03.15 13:18:57 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2008.02.20 19:27:09 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.01.07 19:29:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.01.04 23:58:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.12.30 14:26:56 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007.12.26 10:55:31 | 000,204,800 | ---- | C] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.16 04:23:40 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.11.16 04:23:39 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.11.16 04:19:21 | 000,039,120 | ---- | C] () -- C:\Windows\System32\drivers\GDTdiIcpt.sys
[2007.11.16 04:17:26 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2006.11.02 21:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.11.02 17:33:31 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,382,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,609,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.08.11 10:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.01.15 13:57:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Any Video Converter
[2011.04.05 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ChessBase
[2011.04.19 09:33:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.01 06:35:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\foobar2000
[2010.09.10 01:02:50 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\FreeFLVConverter
[2011.05.26 19:15:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ
[2008.01.03 17:16:18 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ Toolbar
[2009.11.17 21:08:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\JBF Software
[2009.10.27 17:28:54 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Leadertech
[2008.01.17 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\MAGIX
[2008.04.10 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Qlikworld
[2010.06.06 16:51:00 | 000,000,364 | -H-- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2011.05.30 09:46:24 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.05.29 09:27:42 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2009.01.06 22:49:34 | 000,024,064 | ---- | M] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc
[2009.01.06 22:49:33 | 000,024,064 | ---- | C] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc
 
< End of report >
         
--- --- ---


Extras.txt
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.05.2011 09:57:00 - Run 1
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Benni\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 59,73% Memory free
4,22 Gb Paging File | 3,29 Gb Available in Paging File | 77,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 216,41 Gb Total Space | 45,68 Gb Free Space | 21,11% Space Free | Partition Type: NTFS
Drive D: | 107,22 Gb Total Space | 53,33 Gb Free Space | 49,74% Space Free | Partition Type: NTFS
 
Computer Name: BENNI-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B3D0503-A807-4ADF-8CD5-F2EE7ABE00FF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{623AFFD2-26F3-42E0-ADDB-B6F7B75D1259}" = lport=0 | protocol=6 | dir=in | name=magix upnp media server | 
"{6315AACB-EBD5-483D-BCBC-F6428A40D850}" = lport=1900 | protocol=17 | dir=in | name=microsoft upnp-port (udp) | 
"{9875426E-394D-4786-88F1-06A0C11DDF5A}" = lport=2869 | protocol=6 | dir=in | name=microsoft upnp-port (tcp) | 
"{F466CB2B-C01A-4D8F-B501-89ACB55C39DF}" = lport=9000 | protocol=6 | dir=in | name=magix upnp media server | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16F692D4-6FC2-4FC9-B968-A50664CFF9B2}" = protocol=6 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe | 
"{23D099FD-D69F-447C-A472-9859AB60CA6D}" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"{450CCA17-0E24-410C-BE56-298104A6702E}" = protocol=17 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe | 
"{EFDD1B3C-855B-4224-8FFE-C00FF1A9C048}" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{09F83561-971C-48E3-AD5B-6ED6EECA2FC8}C:\bluebyte\siedler3\s3.exe" = protocol=6 | dir=in | app=c:\bluebyte\siedler3\s3.exe | 
"TCP Query User{1A9A90E3-2A83-4B15-B5F9-FAD2284A2F04}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe | 
"TCP Query User{280DF8E3-64B1-44F1-B8B1-BC7807F09EE8}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | 
"TCP Query User{2EE6A014-F488-494B-BCEE-0FB31AA55C00}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{4D44949E-74F9-4825-B34C-4D4AFF9959F1}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{6C679089-D391-4A0C-BF58-45ABED1FDDAF}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{6FC509E2-7E2F-4393-8269-881494EF5929}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{7FEADA26-6CBE-4FFF-98EF-D06B853E55D2}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe | 
"TCP Query User{7FF4F91D-4651-48C7-A522-4BB0C92545F9}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{B1D7A58A-F625-4F75-BFCF-B32554D12910}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{B26D4A4B-AD32-4785-A395-631C478B76F7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{BEFE1D79-8B8F-4C1C-BDBC-6C86926776AF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{C260BB8B-BFCD-4B2E-A2ED-1A2A811D76CB}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"TCP Query User{C3FB0E17-DF17-4623-8310-AFE533A8E37B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{DCF30CB2-E64C-46E1-BA1C-920E835D4647}C:\program files\sopcast\sopvod.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopvod.exe | 
"TCP Query User{DE34F050-A652-41CB-A991-38453F7C7182}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{0A8AEAB7-C370-4A46-AA83-C8C7A37986AE}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe | 
"UDP Query User{23D22D3D-B8C1-4DF2-8128-E53C564BD128}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{241A3218-9EAC-4DA1-8B4A-A95F2FC539B2}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe | 
"UDP Query User{2CA08231-E2AA-43AE-A177-808CCEBA71BF}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{31D007D8-C561-40C2-8EE8-BC74F56FA5CB}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{56E88A37-4B22-4AFE-B9F9-3F45DAFD8C7F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{57CEBCC4-0CD2-48EA-8055-64FA1D5C2452}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{978FA28F-CED2-4A4B-8F99-FA8FCB5783B9}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{97FFEF9A-CFEB-419A-B514-FC578E86E571}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{B7860D3C-2C90-4CDC-AE8F-1B173151350E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{B8CD15AA-A8C4-4D7B-A542-7F7834DEA11A}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | 
"UDP Query User{BA205C2B-58DF-4664-9175-2C1CAA0F6802}C:\program files\sopcast\sopvod.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopvod.exe | 
"UDP Query User{BE06FD49-C71A-4AC9-94B7-D4592FCB7ABF}C:\bluebyte\siedler3\s3.exe" = protocol=17 | dir=in | app=c:\bluebyte\siedler3\s3.exe | 
"UDP Query User{D85EA8A0-AA22-4601-A6FE-EC6909197042}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{DDB5A942-1E69-480B-8BAB-008D990D89B1}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{DE3B5D5A-64D3-413A-942F-CF8D306BD603}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06238444-BD04-417E-859A-C2543A784272}" = Fritz7 Demo
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1A637513-CC46-4C3B-8114-1E4F1D71CF42}" = Fritz11 WM Edition
"{1AD2EC5E-9A73-452B-8C87-43D2E32C3831}" = Fritz11 WM Edition
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 23
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D0FEAB4-5D81-4461-A9CA-766B530FC6EA}" = G DATA AntiVirenKit
"{4DECFC9F-2310-4C02-009A-B6758306EF00}" = FIFA 06
"{52537172-CBB0-44C4-BBB4-CC992BAF81F4}" = Playchess
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{552C5B4A-595F-4FA6-B2AD-2F1B2A333CE5}" = Fritz7
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6803A6E6-48FF-48AB-B558-7B651BBE1031}" = Nero 8 Essentials
"{70D9854A-CEF5-4BCF-B37A-0AA1AB0A83CF}" = Playchess
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{84F7CAD9-2316-4701-B5CA-E90FD60029E9}" = ANNO 1602
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D794373D-4197-4F77-AB73-5404A005E043}" = Mathematik interaktiv
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Any Video Converter_is1" = Any Video Converter 2.7.2
"Arena 2.0.1_is1" = Arena 2.0.1
"Big Fish Games Center" = Big Fish Games Center (remove only)
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"BitComet FLV Converter" = BitComet FLV Converter 1.0
"Blue Byte Game Channel" = Blue Byte Game Channel
"bowili-Schach" = bowili-Schach
"Cradle of Rome" = Cradle of Rome (remove only)
"ÐÂÀËÖ±²¥" = ÐÂÀËÖ±²¥
"DivX Setup.divx.com" = DivX-Setup
"FarmingSimulator2009DemoDE_is1" = Landwirtschafts-Simulator 2009 Demo
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"foobar2000" = foobar2000 v1.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Converter_is1" = Free Audio Converter version 2.0
"Free FLV Converter_is1" = Free FLV Converter V 6.92.0
"Free YouTube Download_is1" = Free YouTube Download version 2.10.30
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Indeo® software" = Indeo® software
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 4.2.0.79 (D)
"MAGIX Media Suite D" = MAGIX Media Suite 1.12.0.89 (D)
"MAGIX Music Manager 2007 D" = MAGIX Music Manager 2007 8.2.0.144 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX Ringtone Maker SE D" = MAGIX Ringtone Maker SE 3.1.0.4 (D)
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"phase5" = phase5
"Poker Superstars II" = Poker Superstars II (remove only)
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"S2TNG" = Die Siedler II - Die nächste Generation
"S3" = Die Siedler III Gold Edition
"S4Uninst" = Die Siedler IV
"Sea3D_is1" = Sea3D 1.2.0a
"Sevilla" = Sevilla
"SopCast" = SopCast 2.0.4
"Trillian" = Trillian
"TVUPlayer" = TVUPlayer 2.3.4.1
"Uninstall_is1" = Uninstall 1.0.0.1
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Windows Media Encoder 9" = Codeur Windows Media Série 9
"WinGimp-2.0_is1" = GIMP 2.6.3
"WinRAR archiver" = WinRAR
"Worms Armageddon" = Worms Armageddon
"Zattoo" = Zattoo 3.2.4 Beta
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"Kellogg's Clip Studio" = Kellogg's Clip Studio
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.01.2010 08:39:28 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 12.01.2010 12:29:47 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 12.01.2010 15:48:31 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 13.01.2010 13:26:34 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 13.01.2010 13:27:14 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 13.01.2010 14:34:08 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 13.01.2010 15:29:45 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 14.01.2010 07:11:45 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 14.01.2010 09:53:32 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 14.01.2010 10:49:18 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description = 
 
[ System Events ]
Error - 14.05.2011 01:07:29 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 19.05.2011 00:29:51 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 19.05.2011 15:19:21 | Computer Name = Benni-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 19.05.2011 um 19:43:44 unerwartet heruntergefahren.
 
Error - 19.05.2011 15:24:33 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 26.05.2011 00:30:18 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 26.05.2011 13:15:15 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7030
Description = 
 
Error - 29.05.2011 11:44:57 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 29.05.2011 11:52:04 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 29.05.2011 12:02:49 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 29.05.2011 12:34:38 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description = 
 
 
< End of report >
         
--- --- ---

Alt 30.05.2011, 16:31   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Zitat:
Ich führte einen Scan mit Malwarebytes Anti-Malware durch, die 8 gefunden infizierten Objekte entfernte.
Bitte alle Logs von Malwarebytes posten
__________________

__________________

Alt 01.06.2011, 18:32   #3
Tuidsi
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Also, das Problem, dass ich nach einiger Zeit keine Seite mehr erreichen kann, besteht nicht mehr (was ich in keinerlei logischen Zusammenhang bringen kann).
Allerdings gibt es immer noch einige Dinge, die so vorher nicht waren: Browser sind allgemein ziemlich langsam (z.B. Zoomen bei Google Maps dauert gefühlt ne halbe Ewigkeit); die Fehlermeldung "COM Surrogate funktioniert nicht mehr" erscheint; vereinzelt treten Programmabstürze auf; einige Symbole im Infobereich in der Taskleiste funktionieren nicht oder Ähnliches.

Die Malware-Logs:


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6716

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

29.05.2011 18:52:20
mbam-log-2011-05-29 (18-52-20).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 154394
Laufzeit: 12 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 11
Infizierte Registrierungswerte: 4
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 2
Infizierte Dateien: 10

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DAED9266-8C28-4C1C-8B58-5C66EFF1D302} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E596DF5F-4239-4D40-8367-EBADF0165917} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoPl.chl (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UtYUtxpPbB (Trojan.FakeMS) -> Value: UtYUtxpPbB -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Value: *.securewebinfo.com -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Value: *.safetyincludes.com -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Value: *.securemanaging.com -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\winspykiller (Rogue.WinSpyKiller) -> Quarantined and deleted successfully.
c:\Windows\System32\215651 (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\programdata\utyutxppbb.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\tmp950B.tmp (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\tmpB37F.tmp (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\Users\Benni\favorites\online security test.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\d.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\zfe1.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
c:\programdata\21815056.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\winspykiller\uninstall.exe (Rogue.WinSpyKiller) -> Quarantined and deleted successfully.
c:\program files\winspykiller\winspykiller.lic (Rogue.WinSpyKiller) -> Quarantined and deleted successfully.
c:\program files\icqtoolbar\toolbaru.dll (Trojan.BHO) -> Delete on reboot.



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6716

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

29.05.2011 21:03:15
mbam-log-2011-05-29 (21-03-15).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 353661
Laufzeit: 1 Stunde(n), 43 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
__________________

Alt 01.06.2011, 21:50   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Zitat:
Datenbank Version: 6716
Die Datenbanken waren aber nicht wirklich aktuell. Bitte updaten und einen neuen Vollscan machen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.06.2011, 21:06   #5
Tuidsi
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6770

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

04.06.2011 20:57:43
mbam-log-2011-06-04 (20-57-43).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 389760
Laufzeit: 3 Stunde(n), 14 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 26

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
c:\Users\Benni\jload6D.dll (Heuristics.Shuriken) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvCplDaemonTool (Heuristics.Shuriken) -> Value: NvCplDaemonTool -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Benni\jload6D.dll (Heuristics.Shuriken) -> Delete on reboot.
c:\Users\Benni\lploadc30.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\mloadAD.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\nyload3A.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\0.2934952303762567.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\0.3094727627273879.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\0.458513860754307.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\0.7053708425996243.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\0.7229964146657314.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\0.7291026526857309.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\0.8045349063284447.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\0.8778943844370323.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\0.9866139895409552.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\14B7.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\1DFE.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\2A04.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\32FD.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\93D0.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\A8EE.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\AEC5.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Local\Temp\C3A5.tmp (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scanndiskur98.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scanpdiskb82.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scanudiskh68.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scanxdiskbk86.dll (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Users\Benni\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\scandisk.lnk (Trojan.Downloader) -> Quarantined and deleted successfully.


Alt 05.06.2011, 13:59   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Bitte ein frisches OTL-Log erstellen:

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
--> Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen

Alt 05.06.2011, 18:32   #7
Tuidsi
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 05.06.2011 18:11:22 - Run 2
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Benni\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 62,02% Memory free
4,22 Gb Paging File | 3,21 Gb Available in Paging File | 76,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 216,41 Gb Total Space | 43,98 Gb Free Space | 20,32% Space Free | Partition Type: NTFS
Drive D: | 107,22 Gb Total Space | 53,33 Gb Free Space | 49,74% Space Free | Partition Type: NTFS
Drive E: | 65,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: BENNI-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Benni\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Benni\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20656_none_463680b8218be5a3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AVKProxy) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG)
SRV - (AVKService) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG)
SRV - (AVKWCtl) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G DATA Software AG)
DRV - (GDTdiInterceptor) -- C:\Windows\System32\drivers\GDTdiIcpt.sys ()
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G DATA Software AG)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ViPrt) -- C:\Windows\system32\DRIVERS\ViPrt.sys (VIA Technologies, Inc.)
DRV - (ViBus) -- C:\Windows\system32\DRIVERS\ViBus.sys (VIA Technologies, Inc.)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.30 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.30 10:38:49 | 000,000,000 | ---D | M]
 
[2008.08.28 06:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions
[2011.06.02 12:14:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions
[2011.03.04 18:26:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.26 19:15:00 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.06 15:13:35 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.04 21:30:55 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.14 06:39:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.01.09 11:29:03 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.05.06 15:13:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\engine@conduit.com
[2009.11.15 19:14:18 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\moveplayer@movenetworks.com
[2009.12.15 08:07:32 | 000,000,881 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\conduit.xml
[2011.06.02 08:20:28 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-1.xml
[2009.07.23 12:55:55 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-2.xml
[2009.08.04 12:30:33 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-3.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin.xml
[2008.04.11 18:47:21 | 000,000,273 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\search.xml
[2011.05.30 09:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2009.06.07 12:48:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.21 09:44:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.01.05 09:22:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O4 - HKLM..\Run: [AVKTray] C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
O4 - HKLM..\Run: [recinfo294] c:\RecInfo\RecInfo.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core]  File not found
O4 - HKCU..\Run: [mmplayer.exe] C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Öffnen mit WordPerfect - c:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Benni\Pictures\schweiz.jpg
O24 - Desktop BackupWallPaper: C:\Users\Benni\Pictures\schweiz.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.08.24 03:46:54 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LGInstaller.exe -- [2009.08.24 06:53:34 | 000,307,200 | R--- | M] ()
O33 - MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\Shell - "" = AutoRun
O33 - MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\Shell\AutoRun\command - "" = L:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\Windows\System32\Iyvu9_32.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.30 19:43:00 | 000,000,000 | ---D | C] -- C:\Users\Benni\Documents\LG PC Suite IV
[2011.05.30 19:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite IV
[2011.05.30 19:43:00 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Local\LG Electronics
[2011.05.30 19:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\LG Electronics
[2011.05.30 19:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2011.05.30 11:56:46 | 000,000,000 | ---D | C] -- C:\Users\Benni\Desktop\Microsoft Word
[2011.05.30 09:36:50 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe
[2011.05.30 09:24:58 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr
[2011.05.29 18:37:17 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Malwarebytes
[2011.05.29 18:37:04 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.29 18:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.29 18:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.29 18:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.05.29 18:35:24 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Benni\Desktop\mbam-setup.exe
[2011.05.29 17:40:41 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
[2011.05.26 19:14:34 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\ICQ
[4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.05 17:34:42 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.05 17:34:42 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.05 17:24:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.05 16:09:22 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
[2011.06.05 15:23:20 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.06.05 12:01:19 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.05 12:01:19 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.05 12:01:19 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.05 12:01:19 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.05 08:34:54 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.05 08:34:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.05 08:34:36 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.01 15:50:34 | 000,210,432 | ---- | M] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.30 19:43:00 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\LG PC Suite IV.lnk
[2011.05.30 10:08:29 | 000,302,592 | ---- | M] () -- C:\Users\Benni\Desktop\glg10gfb.exe
[2011.05.30 09:36:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe
[2011.05.30 09:24:57 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr
[2011.05.30 09:15:49 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.29 19:16:17 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011.05.29 18:37:05 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.29 18:35:33 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Benni\Desktop\mbam-setup.exe
[2011.05.29 17:50:12 | 000,000,384 | ---- | M] () -- C:\ProgramData\21815056
[2011.05.29 17:47:36 | 000,000,136 | ---- | M] () -- C:\ProgramData\~21815056r
[2011.05.29 17:47:36 | 000,000,128 | ---- | M] () -- C:\ProgramData\~21815056
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.26 23:09:58 | 000,000,012 | ---- | M] () -- C:\Users\Benni\Desktop\prefs.dat
[4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.30 19:43:00 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\LG PC Suite IV.lnk
[2011.05.30 10:08:30 | 000,302,592 | ---- | C] () -- C:\Users\Benni\Desktop\glg10gfb.exe
[2011.05.30 09:15:49 | 000,000,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.05.30 09:15:49 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.29 19:16:16 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.05.29 18:37:05 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.29 17:40:54 | 000,000,136 | ---- | C] () -- C:\ProgramData\~21815056r
[2011.05.29 17:40:54 | 000,000,128 | ---- | C] () -- C:\ProgramData\~21815056
[2011.05.29 17:40:11 | 000,000,384 | ---- | C] () -- C:\ProgramData\21815056
[2010.04.26 10:32:22 | 000,000,680 | ---- | C] () -- C:\Users\Benni\AppData\Local\d3d9caps.dat
[2010.01.06 01:05:46 | 000,004,096 | ---- | C] () -- C:\Users\Benni\AppData\Local\keyfile3.drm
[2009.11.13 18:00:47 | 000,005,732 | ---- | C] () -- C:\Windows\unins000.dat
[2009.08.19 09:26:48 | 000,005,632 | ---- | C] () -- C:\Windows\System32\StarOpen.sys
[2008.09.22 20:48:40 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.09.05 14:39:40 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008.03.15 13:18:57 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2008.02.20 19:27:09 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.01.07 19:29:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.01.04 23:58:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.12.30 14:26:56 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007.12.26 10:55:31 | 000,210,432 | ---- | C] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.16 04:23:40 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.11.16 04:23:39 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.11.16 04:19:21 | 000,039,120 | ---- | C] () -- C:\Windows\System32\drivers\GDTdiIcpt.sys
[2007.11.16 04:17:26 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2006.11.02 21:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.11.02 17:33:31 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,382,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,609,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.08.11 10:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2011.01.15 13:57:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Any Video Converter
[2011.04.05 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ChessBase
[2011.04.19 09:33:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.01 06:35:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\foobar2000
[2010.09.10 01:02:50 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\FreeFLVConverter
[2011.05.26 19:15:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ
[2008.01.03 17:16:18 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ Toolbar
[2009.11.17 21:08:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\JBF Software
[2009.10.27 17:28:54 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Leadertech
[2008.01.17 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\MAGIX
[2008.04.10 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Qlikworld
[2010.06.06 16:51:00 | 000,000,364 | -H-- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2011.06.05 02:24:11 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.06.05 16:09:22 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2009.08.23 13:53:27 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Adobe
[2011.01.15 13:57:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Any Video Converter
[2008.06.20 21:56:11 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Apple Computer
[2011.04.05 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ChessBase
[2008.10.26 19:34:41 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\COREL
[2010.09.30 15:03:24 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\DivX
[2011.06.01 15:55:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\dvdcss
[2011.04.19 09:33:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.01 06:35:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\foobar2000
[2010.09.10 01:02:50 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\FreeFLVConverter
[2008.10.08 22:56:38 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Google
[2011.05.26 19:15:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ
[2008.01.03 17:16:18 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ Toolbar
[2007.12.24 19:05:09 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Identities
[2007.12.25 15:48:36 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\InstallShield
[2008.02.26 17:41:21 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\InstallShield Installation Information
[2009.11.17 21:08:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\JBF Software
[2009.10.27 17:28:54 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Leadertech
[2007.12.25 15:44:39 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Macromedia
[2008.01.17 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\MAGIX
[2011.05.29 18:37:17 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Media Center Programs
[2010.01.16 03:44:19 | 000,000,000 | --SD | M] -- C:\Users\Benni\AppData\Roaming\Microsoft
[2009.05.07 16:13:17 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\mIRC
[2008.08.28 06:59:02 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Mozilla
[2008.01.24 21:05:52 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Nero
[2008.04.10 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Qlikworld
[2008.09.11 16:51:47 | 000,000,000 | R--D | M] -- C:\Users\Benni\AppData\Roaming\SecuROM
[2008.01.07 16:22:21 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\TVU Networks
[2008.11.11 15:36:24 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\vlc
[2007.12.28 11:41:22 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2009.08.23 13:53:27 | 000,032,768 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe
[2006.06.21 16:10:16 | 000,107,512 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Benni\AppData\Roaming\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\setup.exe
[2011.04.30 10:36:39 | 000,188,152 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\FlashGot.exe
[2008.08.22 20:19:47 | 005,244,440 | ---- | M] (TVU networks) -- C:\Users\Benni\AppData\Roaming\TVU Networks\TVU AutoUpgrade\TVUPlayer2.3.7.1.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2007.11.03 01:26:51 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\drivers\AGP440.sys
[2007.11.03 01:26:51 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_cb7c81c7\AGP440.sys
[2007.11.03 01:26:51 | 000,056,504 | ---- | M] (Microsoft Corporation) MD5=198636E76971EBC96404547EC0FD5E75 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20598_none_b85cfa98dae9b436\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2007.11.03 01:53:24 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\System32\drivers\atapi.sys
[2007.11.03 01:53:24 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_44b6b0d0\atapi.sys
[2007.11.03 01:53:24 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=0B77F93AB73798F97E8E0A0AA4CCBEEF -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20694_none_db7e36353dc64123\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2007.07.12 16:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\drivers\iaStor.sys
[2007.07.12 16:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_ec8a8d1b\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=703E3A7093B0FAC0EEBADBB8E931ECAF -- C:\Windows\System32\drivers\nvstor32.sys
[2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=703E3A7093B0FAC0EEBADBB8E931ECAF -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_bbf77119\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2007.11.03 01:17:10 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2007.11.03 01:17:10 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20587_none_cb8c4940898e24a6\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: VIAMRAID.SYS  >
[2006.11.08 15:23:52 | 000,102,912 | ---- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Windows\System32\drivers\viamraid.sys
[2006.11.08 15:23:52 | 000,102,912 | ---- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Windows\System32\DriverStore\FileRepository\viamraid.inf_74a36694\viamraid.sys
 
< MD5 for: VIPRT.SYS  >
[2007.03.26 15:26:00 | 000,052,224 | -H-- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\DRIVER\SATA\VIA\ViPrt.sys
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\Windows\System32\drivers\ViPrt.sys
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\Windows\System32\DriverStore\FileRepository\viprt.inf_86543378\ViPrt.sys
 
< MD5 for: WININIT.EXE  >
[2007.11.03 01:17:50 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=39D959CD9F3BC44F78DB3C6588AAC3FE -- C:\Windows\System32\wininit.exe
[2007.11.03 01:17:50 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=39D959CD9F3BC44F78DB3C6588AAC3FE -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.20593_none_2f37c4ba208e02ab\wininit.exe
[2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2007.11.03 01:17:50 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\System32\winlogon.exe
[2007.11.03 01:17:50 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.20593_none_6e080d01f12ed7fe\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\System32\drivers\ws2ifsl.sys
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2007.11.16 13:05:03 | 008,011,776 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007.11.16 13:05:00 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007.11.16 13:05:03 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007.11.16 13:05:12 | 016,478,208 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007.11.16 13:05:14 | 006,029,312 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Files - Unicode (All) ==========
[2009.01.06 22:49:34 | 000,024,064 | ---- | M] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc
[2009.01.06 22:49:33 | 000,024,064 | ---- | C] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc

< End of report >
         
--- --- ---

Alt 05.06.2011, 19:18   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [EA Core]  File not found
O4 - HKCU..\Run: [mmplayer.exe] C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.08.24 03:46:54 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LGInstaller.exe -- [2009.08.24 06:53:34 | 000,307,200 | R--- | M] ()
O33 - MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\Shell - "" = AutoRun
O33 - MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\Shell\AutoRun\command - "" = L:\LGAutoRun.exe
[2011.05.29 17:50:12 | 000,000,384 | ---- | M] () -- C:\ProgramData\21815056
[2011.05.29 17:47:36 | 000,000,136 | ---- | M] () -- C:\ProgramData\~21815056r
[2011.05.29 17:47:36 | 000,000,128 | ---- | M] () -- C:\ProgramData\~21815056
:Commands
[purity]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.06.2011, 00:04   #9
Tuidsi
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Also, die von mir o.g. Probleme treten nicht mehr auf. Was mir noch häufiger passiert ist, dass, wenn ich etwas google und einen Treffer anklicke, nicht bei der entsprechenden Adresse lande, sondern zu einer anderen Seite weitergeleitet (lt. Chronik über clickbattery.org) werde, z.B. gomeo.de mit der entsprechenden Suchanfrage. - Nur zur Info; ob sich noch schadhafte Dateien aufm Rechner befinden vermag ich natürlich nicht zu beurteilen.
Ich bitte zu entschuldigen, dass meine Antworten z.T. etwas länger dauern, habe nicht immer Zeit.
Der OTL-Log:

========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mmplayer.exe deleted successfully.
C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61b15f61-b240-11dc-b9d9-806e6f6e6963}\ not found.
File move failed. E:\LGInstaller.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82e4ace9-8acf-11e0-af6a-0019dbf9ed6e}\ not found.
File L:\LGAutoRun.exe not found.
C:\ProgramData\21815056 moved successfully.
C:\ProgramData\~21815056r moved successfully.
C:\ProgramData\~21815056 moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.23.0 log created on 06102011_233601

Files\Folders moved on Reboot...
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File move failed. E:\LGInstaller.exe scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Alt 11.06.2011, 00:09   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.06.2011, 08:42   #11
Tuidsi
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Der tdsskiller startet leider nicht (öffnen, "Ausführen", "Zulassen" -> es passiert aber nichts; egal ob als Administrator ausgeführt oder nicht).
Unhide.exe habe ich durchgeführt.

Alt 15.06.2011, 10:25   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Dann erstmal CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.06.2011, 11:51   #13
Tuidsi
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



log.txt:

Combofix Logfile:
Code:
ATTFilter
ComboFix 11-06-14.03 - Benni 15.06.2011  11:26:46.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.49.1031.18.2046.1380 [GMT 2:00]
ausgeführt von:: c:\users\Benni\Desktop\cofi.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\firststeps\FirstSteps.exe
c:\users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
c:\users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Uninstall Windows Vista Recovery.lnk
c:\users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Windows Vista Recovery.lnk
c:\vlcportable\VLCPortable.exe
c:\windows\IsUn0407.exe
.
Infizierte Kopie von c:\windows\system32\drivers\volsnap.sys wurde gefunden und desinfiziert 
Kopie von - Kitty had a snack :p wurde wiederhergestellt 
.
(((((((((((((((((((((((   Dateien erstellt von 2011-05-15 bis 2011-06-15  ))))))))))))))))))))))))))))))
.
.
2011-06-15 09:39 . 2011-06-15 09:39	--------	d-----w-	c:\users\Benni\AppData\Local\temp
2011-06-14 08:13 . 2011-05-09 20:46	6962000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{334B8D97-A823-4200-87FD-2D3A6DDCC38B}\mpengine.dll
2011-06-10 21:36 . 2011-06-10 21:36	--------	d-----w-	C:\_OTL
2011-06-07 20:19 . 2011-06-07 20:19	--------	d-----w-	c:\program files\ICQ7.5
2011-06-06 06:18 . 2011-06-06 06:18	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-30 17:43 . 2011-05-30 17:43	--------	d-----w-	c:\users\Benni\AppData\Local\LG Electronics
2011-05-30 17:42 . 2011-05-30 17:42	--------	d-----w-	c:\programdata\LG Electronics
2011-05-30 17:36 . 2011-05-30 17:42	--------	d-----w-	c:\program files\LG Electronics
2011-05-29 17:16 . 2011-05-29 17:16	2560	----a-w-	c:\windows\_MSRSTRT.EXE
2011-05-29 16:37 . 2011-05-29 16:37	--------	d-----w-	c:\users\Benni\AppData\Roaming\Malwarebytes
2011-05-29 16:37 . 2011-05-29 07:11	39984	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 16:37 . 2011-05-29 16:37	--------	d-----w-	c:\programdata\Malwarebytes
2011-05-29 16:36 . 2011-06-04 15:40	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-05-26 17:14 . 2011-06-13 22:01	--------	d-----w-	c:\users\Benni\AppData\Roaming\ICQ
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-14 16:40 . 2011-05-30 07:15	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-09 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-06-01 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-01 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-01 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"AVKTray"="c:\programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe" [2007-04-02 1042256]
"QuickFinder Scheduler"="c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2007-01-02 83568]
"recinfo294"="c:\recinfo\RecInfo.exe" [2007-10-23 2764800]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R2 gupdate1ca232a51e4fcef;Google Update Service (gupdate1ca232a51e4fcef);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 133104]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 133104]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S0 ViBus;ViBus;c:\windows\system32\DRIVERS\ViBus.sys [2007-03-26 16896]
S0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\DRIVERS\ViPrt.sys [2007-03-26 52224]
S2 AVKProxy;AVKProxy;c:\program files\Common Files\G DATA\AVKProxy\AVKProxy.exe [2007-05-03 649040]
S2 AVKService;AVK Service;c:\programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe [2007-04-02 407376]
S2 AVKWCtl;AVK Wächter;c:\programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe [2007-04-02 1103696]
S2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [2007-11-16 39120]
S3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2007-11-16 47312]
S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2007-11-16 32464]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2011-06-15 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-25 07:02]
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 13:12]
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 13:12]
.
2011-06-14 c:\windows\Tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Free YouTube Download - c:\users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Öffnen mit WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Arena 2.0.1_is1 - c:\program files\Arena\unins000.exe
AddRemove-Free Audio CD Burner_is1 - c:\program files\DVDVideoSoft\Free Audio CD Burner\unins000.exe
AddRemove-Free Audio Converter_is1 - c:\program files\DVDVideoSoft\Free Audio Converter\unins000.exe
AddRemove-Free YouTube Download_is1 - c:\program files\DVDVideoSoft\Free YouTube Download\unins000.exe
AddRemove-Free YouTube to MP3 Converter_is1 - c:\program files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe
AddRemove-Indeo® software - c:\windows\IsUn0407.exe
AddRemove-S3 - c:\windows\IsUn0407.exe
AddRemove-S4Uninst - c:\windows\IsUn0407.exe
AddRemove-Worms Armageddon - c:\windows\IsUn0407.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-{B13A7C41581B411290FBC0395694E2A9} - c:\program files\DivX\DivXConverterUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-06-15 11:39
Windows 6.0.6000  NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2633572158-1646373292-2735752979-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:50,0a,50,08,29,5d,c2,b1,b5,bd,c7,dd,57,b5,02,78,db,84,3d,89,71,6b,27,
   48,a2,dc,08,0c,80,4e,7b,8f,7d,33,f6,a3,6f,1b,d3,91,05,f6,a7,81,41,c2,e4,ee,\
"??"=hex:5c,28,08,0f,b3,90,cc,0d,18,7c,f1,23,8f,38,a5,94
.
[HKEY_USERS\S-1-5-21-2633572158-1646373292-2735752979-1000\Software\SecuROM\License information*]
"datasecu"=hex:3e,c6,97,b4,3e,41,8c,50,ae,62,bd,7c,72,b2,ff,d3,03,52,98,6a,b2,
   22,f6,94,8d,6c,a0,1d,cc,cf,40,ac,65,6c,1d,5f,04,b4,1c,e5,86,b9,c7,ff,f5,01,\
"rkeysecu"=hex:1f,6b,1f,a7,d3,fa,b6,5b,8f,80,32,f9,c0,08,88,70
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-06-15  11:45:00
ComboFix-quarantined-files.txt  2011-06-15 09:44
.
Vor Suchlauf: 22 Verzeichnis(se), 46.015.336.448 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 51.804.418.048 Bytes frei
.
- - End Of File - - A6B24A6323DB42BA67D41AF7B32D3D92
         
--- --- ---

Alt 15.06.2011, 13:07   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



Ok. Dann probier jetzt nochmal den TDSS-Killer, der sollte jetzt laufen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.06.2011, 17:01   #15
Tuidsi
 
Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Standard

Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen



In der Tat.

2011/06/15 16:57:45.0738 5780 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48
2011/06/15 16:57:45.0957 5780 ================================================================================
2011/06/15 16:57:45.0957 5780 SystemInfo:
2011/06/15 16:57:45.0957 5780
2011/06/15 16:57:45.0957 5780 OS Version: 6.0.6000 ServicePack: 0.0
2011/06/15 16:57:45.0957 5780 Product type: Workstation
2011/06/15 16:57:45.0957 5780 ComputerName: BENNI-PC
2011/06/15 16:57:45.0973 5780 UserName: Benni
2011/06/15 16:57:45.0973 5780 Windows directory: C:\Windows
2011/06/15 16:57:45.0973 5780 System windows directory: C:\Windows
2011/06/15 16:57:45.0973 5780 Processor architecture: Intel x86
2011/06/15 16:57:45.0973 5780 Number of processors: 2
2011/06/15 16:57:45.0973 5780 Page size: 0x1000
2011/06/15 16:57:45.0973 5780 Boot type: Normal boot
2011/06/15 16:57:45.0973 5780 ================================================================================
2011/06/15 16:57:51.0285 5780 !crdlk
2011/06/15 16:57:51.0691 5780 Initialize success
2011/06/15 16:57:56.0160 5576 ================================================================================
2011/06/15 16:57:56.0160 5576 Scan started
2011/06/15 16:57:56.0160 5576 Mode: Manual;
2011/06/15 16:57:56.0160 5576 ================================================================================
2011/06/15 16:57:57.0191 5576 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/06/15 16:57:57.0285 5576 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/06/15 16:57:57.0379 5576 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/06/15 16:57:57.0535 5576 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/06/15 16:57:57.0582 5576 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/06/15 16:57:57.0754 5576 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/06/15 16:57:57.0832 5576 agp440 (198636e76971ebc96404547ec0fd5e75) C:\Windows\system32\drivers\agp440.sys
2011/06/15 16:57:57.0926 5576 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/06/15 16:57:58.0113 5576 aliide (0b3b337a68d9a75cc8d787dc98b53d79) C:\Windows\system32\drivers\aliide.sys
2011/06/15 16:57:58.0176 5576 amdagp (2363abc8989a14fd7247ca6f4e89d397) C:\Windows\system32\drivers\amdagp.sys
2011/06/15 16:57:58.0301 5576 amdide (468a204966d09f327a662c35f4b15dd3) C:\Windows\system32\drivers\amdide.sys
2011/06/15 16:57:58.0379 5576 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/06/15 16:57:58.0426 5576 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/06/15 16:57:58.0582 5576 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/06/15 16:57:58.0645 5576 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/06/15 16:57:58.0738 5576 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/15 16:57:58.0801 5576 atapi (0b77f93ab73798f97e8e0a0aa4ccbeef) C:\Windows\system32\drivers\atapi.sys
2011/06/15 16:57:59.0004 5576 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/06/15 16:57:59.0098 5576 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/15 16:57:59.0145 5576 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/06/15 16:57:59.0223 5576 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/06/15 16:57:59.0285 5576 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/06/15 16:57:59.0395 5576 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/06/15 16:57:59.0441 5576 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/06/15 16:57:59.0535 5576 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/06/15 16:57:59.0582 5576 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/06/15 16:57:59.0832 5576 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/15 16:57:59.0879 5576 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/15 16:58:00.0004 5576 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/06/15 16:58:00.0051 5576 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/06/15 16:58:00.0207 5576 cmdide (2ac0c92b29ec21838f4cb46adb26bcc0) C:\Windows\system32\drivers\cmdide.sys
2011/06/15 16:58:00.0301 5576 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys
2011/06/15 16:58:00.0363 5576 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/06/15 16:58:00.0426 5576 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/06/15 16:58:00.0629 5576 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/06/15 16:58:00.0785 5576 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/06/15 16:58:00.0863 5576 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/06/15 16:58:00.0926 5576 DXGKrnl (2d13d9e98caf6321f219b28921af214c) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/15 16:58:01.0004 5576 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/06/15 16:58:01.0176 5576 Ecache (38573398f734b71b06cd2411494f234a) C:\Windows\system32\drivers\ecache.sys
2011/06/15 16:58:01.0379 5576 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/06/15 16:58:01.0551 5576 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/06/15 16:58:01.0598 5576 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/15 16:58:01.0738 5576 FET5X86V (8787449f8ef116db0e8e06c3555746a7) C:\Windows\system32\DRIVERS\fetnd5bv.sys
2011/06/15 16:58:01.0832 5576 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
2011/06/15 16:58:01.0895 5576 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/06/15 16:58:01.0941 5576 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/06/15 16:58:02.0004 5576 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/15 16:58:02.0051 5576 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/06/15 16:58:02.0145 5576 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/15 16:58:02.0191 5576 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/06/15 16:58:02.0238 5576 GDMnIcpt (e07bb6d958dc2a000065c9e696050fae) C:\Windows\system32\drivers\MiniIcpt.sys
2011/06/15 16:58:02.0270 5576 GDTdiInterceptor (11ac049160d70280aa6e3f77c07f8909) C:\Windows\system32\drivers\GDTdiIcpt.sys
2011/06/15 16:58:02.0457 5576 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/06/15 16:58:02.0520 5576 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/15 16:58:02.0676 5576 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/06/15 16:58:02.0723 5576 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/06/15 16:58:02.0801 5576 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/15 16:58:02.0848 5576 HookCentre (4d7b09a5dbd7d711d82b3c7385405229) C:\Windows\system32\drivers\HookCentre.sys
2011/06/15 16:58:02.0973 5576 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/06/15 16:58:03.0066 5576 HTTP (481b86e8939289f77fbcea1b24cec687) C:\Windows\system32\drivers\HTTP.sys
2011/06/15 16:58:03.0191 5576 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/06/15 16:58:03.0270 5576 i8042prt (bea9838cd25d36beba3f94386a761d60) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/15 16:58:03.0348 5576 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\drivers\iastor.sys
2011/06/15 16:58:03.0520 5576 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/06/15 16:58:03.0598 5576 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/06/15 16:58:03.0707 5576 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/15 16:58:04.0020 5576 intelide (4a6b4c4fab7716c869fa9d19ac8ca5a5) C:\Windows\system32\drivers\intelide.sys
2011/06/15 16:58:04.0082 5576 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/15 16:58:04.0270 5576 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/06/15 16:58:04.0301 5576 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/06/15 16:58:04.0426 5576 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/06/15 16:58:04.0473 5576 isapnp (ce2997a0c3b0049a3188c4f0c7a04bc9) C:\Windows\system32\drivers\isapnp.sys
2011/06/15 16:58:04.0535 5576 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/15 16:58:04.0629 5576 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/06/15 16:58:04.0691 5576 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/06/15 16:58:04.0754 5576 JRAID (c1632fe31d1824a43dea29725312e3fa) C:\Windows\system32\drivers\jraid.sys
2011/06/15 16:58:04.0832 5576 kbdclass (c9b0cf786d5f151a43c7be8e243f2819) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/15 16:58:04.0895 5576 kbdhid (97ab2fb84e8e77d93cee85550f4cf7f9) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/15 16:58:04.0957 5576 KSecDD (b6fac1ff7d4a05c06da9e53dbf5e9e7a) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/15 16:58:05.0160 5576 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/15 16:58:05.0223 5576 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/06/15 16:58:05.0363 5576 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/06/15 16:58:05.0441 5576 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/06/15 16:58:05.0488 5576 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/06/15 16:58:05.0598 5576 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/06/15 16:58:05.0660 5576 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/06/15 16:58:05.0801 5576 monitor (ee05f7a5e2cefb275b08f3e3fcc2a8eb) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/15 16:58:05.0863 5576 mouclass (4a00b3cf90ad075193ca5aeece71154c) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/15 16:58:05.0910 5576 mouhid (8d9b701d716843c39e93b3432cb721fc) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/15 16:58:05.0957 5576 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/06/15 16:58:06.0004 5576 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/06/15 16:58:06.0066 5576 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/15 16:58:06.0129 5576 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/06/15 16:58:06.0191 5576 MRxDAV (08f0c494a69cf3106ee7ffc48d8e5ac7) C:\Windows\system32\drivers\mrxdav.sys
2011/06/15 16:58:06.0270 5576 mrxsmb (bbb0d31b477cff3b4f737ed0367f635f) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/15 16:58:06.0410 5576 mrxsmb10 (a6130566ac4178473b5dac8f8f74407d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/15 16:58:06.0473 5576 mrxsmb20 (3d475e770d3ab2d0c5e3e1386871f9da) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/15 16:58:06.0535 5576 msahci (13fa01d10c95762e3e191bb023dfa8cc) C:\Windows\system32\drivers\msahci.sys
2011/06/15 16:58:06.0613 5576 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/06/15 16:58:06.0770 5576 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/06/15 16:58:06.0816 5576 msisadrv (0a64168b63535520adfd6b959695404a) C:\Windows\system32\drivers\msisadrv.sys
2011/06/15 16:58:06.0926 5576 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/15 16:58:07.0051 5576 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/15 16:58:07.0113 5576 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/06/15 16:58:07.0160 5576 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/06/15 16:58:07.0348 5576 mssmbios (e09cedb1bca303b7f6ae22f512e56969) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/15 16:58:07.0410 5576 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/06/15 16:58:07.0457 5576 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/06/15 16:58:07.0598 5576 NativeWifiP (be8c26e61be5c5a49a6babd17aeed1b7) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/15 16:58:07.0707 5576 NDIS (6e8dfface597629cef5df7d69217628f) C:\Windows\system32\drivers\ndis.sys
2011/06/15 16:58:07.0785 5576 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/15 16:58:07.0910 5576 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/15 16:58:07.0973 5576 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/15 16:58:08.0098 5576 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2011/06/15 16:58:08.0254 5576 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/15 16:58:08.0316 5576 netbt (231f6ccfdb7a604221f18fb0852c8560) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/15 16:58:08.0473 5576 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/06/15 16:58:08.0551 5576 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/06/15 16:58:08.0645 5576 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/15 16:58:08.0801 5576 Ntfs (f08824715ca6076f5e73e005ab83b9c8) C:\Windows\system32\drivers\Ntfs.sys
2011/06/15 16:58:09.0035 5576 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/06/15 16:58:09.0082 5576 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/06/15 16:58:09.0285 5576 nvlddmkm (0ad2e0a3933aac2a392f0c6a68e2d2f8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/15 16:58:09.0691 5576 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/06/15 16:58:09.0801 5576 nvrd32 (ed399014a8029de02ba5ae01da8cc9ee) C:\Windows\system32\drivers\nvrd32.sys
2011/06/15 16:58:09.0879 5576 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/06/15 16:58:09.0941 5576 nvstor32 (703e3a7093b0fac0eebadbb8e931ecaf) C:\Windows\system32\drivers\nvstor32.sys
2011/06/15 16:58:10.0113 5576 nv_agp (925eb9e53eca4473a2d156a02b7418e3) C:\Windows\system32\drivers\nv_agp.sys
2011/06/15 16:58:10.0254 5576 ohci1394 (8994cbfc215a9ef4495e6ae7992954fc) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/15 16:58:10.0441 5576 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/06/15 16:58:10.0488 5576 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/06/15 16:58:10.0629 5576 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/06/15 16:58:10.0676 5576 pci (a48c4d0acc933f7a37e52ab0761811ad) C:\Windows\system32\drivers\pci.sys
2011/06/15 16:58:10.0816 5576 pciide (353968946bcb766f6c5c01717686b382) C:\Windows\system32\drivers\pciide.sys
2011/06/15 16:58:10.0895 5576 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/06/15 16:58:11.0035 5576 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/06/15 16:58:11.0223 5576 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/15 16:58:11.0285 5576 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/06/15 16:58:11.0441 5576 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/15 16:58:11.0535 5576 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/06/15 16:58:11.0723 5576 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/06/15 16:58:11.0785 5576 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/15 16:58:11.0957 5576 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/15 16:58:12.0004 5576 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/15 16:58:12.0160 5576 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/15 16:58:12.0207 5576 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/15 16:58:12.0348 5576 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/15 16:58:12.0441 5576 rdpdr (87ee019fe9fbff071d76ccf9ec794646) C:\Windows\system32\drivers\rdpdr.sys
2011/06/15 16:58:12.0598 5576 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/15 16:58:12.0660 5576 RDPWD (e2afac98fc6ca2ad2d09f2de1bc71ad9) C:\Windows\system32\drivers\RDPWD.sys
2011/06/15 16:58:12.0832 5576 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/15 16:58:12.0879 5576 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/06/15 16:58:13.0004 5576 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/15 16:58:13.0051 5576 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/15 16:58:13.0176 5576 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys
2011/06/15 16:58:13.0270 5576 sermouse (2baf2abc0da0d50ebe8289c720977052) C:\Windows\system32\drivers\sermouse.sys
2011/06/15 16:58:13.0441 5576 sffdisk (55b145d4248012d306da8e92fa9fdc20) C:\Windows\system32\drivers\sffdisk.sys
2011/06/15 16:58:13.0473 5576 sffp_mmc (b86dfcd55294a0495571a27b861e6ef3) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/15 16:58:13.0566 5576 sffp_sd (5b327b59fae2b01c34690d91ed03786e) C:\Windows\system32\drivers\sffp_sd.sys
2011/06/15 16:58:13.0660 5576 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/06/15 16:58:13.0754 5576 sisagp (e5773c4cff310d00a59db01ef4074135) C:\Windows\system32\drivers\sisagp.sys
2011/06/15 16:58:13.0910 5576 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/06/15 16:58:13.0941 5576 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/06/15 16:58:14.0113 5576 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys
2011/06/15 16:58:14.0191 5576 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/06/15 16:58:14.0254 5576 srv (081be0d7a95af38d2aa238afcfc103aa) C:\Windows\system32\DRIVERS\srv.sys
2011/06/15 16:58:14.0332 5576 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/15 16:58:14.0395 5576 srvnet (3d2ca9f958fb6e28447da61f65b9deba) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/15 16:58:14.0535 5576 swenum (9c539aaffb0b6d7bce984c74317ff29f) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/15 16:58:14.0598 5576 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/06/15 16:58:14.0707 5576 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/06/15 16:58:14.0754 5576 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/06/15 16:58:14.0941 5576 Tcpip (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\drivers\tcpip.sys
2011/06/15 16:58:15.0160 5576 Tcpip6 (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/15 16:58:15.0191 5576 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/15 16:58:15.0332 5576 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/06/15 16:58:15.0379 5576 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/06/15 16:58:15.0441 5576 tdx (7973f7239486800cd79e4fdbab6a07df) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/15 16:58:15.0488 5576 TermDD (cfe870506361bac80a549749116ad870) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/15 16:58:15.0707 5576 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/15 16:58:15.0785 5576 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/06/15 16:58:15.0832 5576 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/15 16:58:15.0879 5576 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/06/15 16:58:15.0941 5576 udfs (deea398a92952ccc421ba5b39662cabe) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/15 16:58:16.0051 5576 uliagpkx (5895ef4d0f1424392ee6439250e25677) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/15 16:58:16.0113 5576 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/06/15 16:58:16.0301 5576 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/06/15 16:58:16.0348 5576 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/06/15 16:58:16.0473 5576 umbus (dc8828971d997de009647fce59e0ce8f) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/15 16:58:16.0660 5576 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
2011/06/15 16:58:16.0707 5576 usbccgp (3f795d59734259a00d385fbd65191bf4) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/15 16:58:16.0754 5576 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/06/15 16:58:16.0895 5576 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2011/06/15 16:58:16.0973 5576 usbehci (5555f6df13a1a1c327d67e9da7b99aee) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/15 16:58:17.0004 5576 usbhub (8dabb8cb47e0736930cf6492aed361a6) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/15 16:58:17.0160 5576 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2011/06/15 16:58:17.0223 5576 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/06/15 16:58:17.0332 5576 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/15 16:58:17.0395 5576 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/15 16:58:17.0473 5576 usbuhci (718fdf0b0f16e1d3b992f95eadf1af75) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/15 16:58:17.0645 5576 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/15 16:58:17.0691 5576 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/06/15 16:58:17.0738 5576 viaagp (66e64d5cbeb047c90e65f0962483a5b2) C:\Windows\system32\drivers\viaagp.sys
2011/06/15 16:58:17.0863 5576 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/06/15 16:58:17.0926 5576 viaide (7100b56688c5d6d7695d18fd001f0cd6) C:\Windows\system32\drivers\viaide.sys
2011/06/15 16:58:17.0973 5576 viamraid (7dc3e1dc6e4f8be381c31bfea578412a) C:\Windows\system32\drivers\viamraid.sys
2011/06/15 16:58:18.0082 5576 ViBus (aa3e6722843540b9c8ec5257e3d4b675) C:\Windows\system32\DRIVERS\ViBus.sys
2011/06/15 16:58:18.0129 5576 ViPrt (a1b7cffe5f09b825fba506c4de9fdac7) C:\Windows\system32\DRIVERS\ViPrt.sys
2011/06/15 16:58:18.0176 5576 volmgr (cc8a64a532fd2844ee68f4061ed8a7fd) C:\Windows\system32\drivers\volmgr.sys
2011/06/15 16:58:18.0332 5576 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/06/15 16:58:18.0457 5576 volsnap (11ef6c1caef76b685233450a126125d6) C:\Windows\system32\drivers\volsnap.sys
2011/06/15 16:58:18.0613 5576 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/06/15 16:58:18.0801 5576 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/06/15 16:58:18.0863 5576 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/15 16:58:18.0910 5576 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/15 16:58:19.0051 5576 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/06/15 16:58:19.0113 5576 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/15 16:58:19.0410 5576 winusb (086d2e78eecd6195667282adc6ca109f) C:\Windows\system32\DRIVERS\winusb.sys
2011/06/15 16:58:19.0457 5576 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys
2011/06/15 16:58:19.0660 5576 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/06/15 16:58:19.0707 5576 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/15 16:58:19.0879 5576 WUDFRd (ee0974d4042da9cf4c569ac4eca8c9c0) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/15 16:58:19.0941 5576 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/06/15 16:58:19.0988 5576 ================================================================================
2011/06/15 16:58:19.0988 5576 Scan finished
2011/06/15 16:58:19.0988 5576 ================================================================================
2011/06/15 16:58:20.0004 2996 Detected object count: 0
2011/06/15 16:58:20.0004 2996 Actual detected object count: 0
2011/06/15 16:59:02.0629 2160 ================================================================================
2011/06/15 16:59:02.0629 2160 Scan started
2011/06/15 16:59:02.0629 2160 Mode: Manual;
2011/06/15 16:59:02.0629 2160 ================================================================================
2011/06/15 16:59:03.0145 2160 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/06/15 16:59:03.0191 2160 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/06/15 16:59:03.0238 2160 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/06/15 16:59:03.0270 2160 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/06/15 16:59:03.0301 2160 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/06/15 16:59:03.0363 2160 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/06/15 16:59:03.0410 2160 agp440 (198636e76971ebc96404547ec0fd5e75) C:\Windows\system32\drivers\agp440.sys
2011/06/15 16:59:03.0441 2160 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/06/15 16:59:03.0504 2160 aliide (0b3b337a68d9a75cc8d787dc98b53d79) C:\Windows\system32\drivers\aliide.sys
2011/06/15 16:59:03.0598 2160 amdagp (2363abc8989a14fd7247ca6f4e89d397) C:\Windows\system32\drivers\amdagp.sys
2011/06/15 16:59:03.0660 2160 amdide (468a204966d09f327a662c35f4b15dd3) C:\Windows\system32\drivers\amdide.sys
2011/06/15 16:59:03.0707 2160 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/06/15 16:59:03.0738 2160 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/06/15 16:59:03.0801 2160 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/06/15 16:59:03.0895 2160 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/06/15 16:59:03.0910 2160 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/15 16:59:04.0020 2160 atapi (0b77f93ab73798f97e8e0a0aa4ccbeef) C:\Windows\system32\drivers\atapi.sys
2011/06/15 16:59:04.0098 2160 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/06/15 16:59:04.0191 2160 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/15 16:59:04.0223 2160 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/06/15 16:59:04.0254 2160 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/06/15 16:59:04.0301 2160 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/06/15 16:59:04.0348 2160 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/06/15 16:59:04.0395 2160 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/06/15 16:59:04.0410 2160 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/06/15 16:59:04.0441 2160 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/06/15 16:59:04.0645 2160 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/15 16:59:04.0691 2160 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/15 16:59:04.0738 2160 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/06/15 16:59:04.0785 2160 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/06/15 16:59:04.0863 2160 cmdide (2ac0c92b29ec21838f4cb46adb26bcc0) C:\Windows\system32\drivers\cmdide.sys
2011/06/15 16:59:04.0926 2160 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys
2011/06/15 16:59:04.0988 2160 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/06/15 16:59:05.0035 2160 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/06/15 16:59:05.0113 2160 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/06/15 16:59:05.0191 2160 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/06/15 16:59:05.0254 2160 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/06/15 16:59:05.0301 2160 DXGKrnl (2d13d9e98caf6321f219b28921af214c) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/15 16:59:05.0348 2160 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/06/15 16:59:05.0395 2160 Ecache (38573398f734b71b06cd2411494f234a) C:\Windows\system32\drivers\ecache.sys
2011/06/15 16:59:05.0504 2160 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/06/15 16:59:05.0566 2160 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/06/15 16:59:05.0613 2160 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/15 16:59:05.0676 2160 FET5X86V (8787449f8ef116db0e8e06c3555746a7) C:\Windows\system32\DRIVERS\fetnd5bv.sys
2011/06/15 16:59:05.0785 2160 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
2011/06/15 16:59:05.0816 2160 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/06/15 16:59:05.0848 2160 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/06/15 16:59:05.0910 2160 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/15 16:59:05.0926 2160 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/06/15 16:59:05.0988 2160 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/15 16:59:06.0035 2160 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/06/15 16:59:06.0098 2160 GDMnIcpt (e07bb6d958dc2a000065c9e696050fae) C:\Windows\system32\drivers\MiniIcpt.sys
2011/06/15 16:59:06.0113 2160 GDTdiInterceptor (11ac049160d70280aa6e3f77c07f8909) C:\Windows\system32\drivers\GDTdiIcpt.sys
2011/06/15 16:59:06.0270 2160 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/06/15 16:59:06.0316 2160 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/15 16:59:06.0410 2160 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/06/15 16:59:06.0441 2160 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/06/15 16:59:06.0504 2160 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/15 16:59:06.0598 2160 HookCentre (4d7b09a5dbd7d711d82b3c7385405229) C:\Windows\system32\drivers\HookCentre.sys
2011/06/15 16:59:06.0645 2160 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/06/15 16:59:06.0707 2160 HTTP (481b86e8939289f77fbcea1b24cec687) C:\Windows\system32\drivers\HTTP.sys
2011/06/15 16:59:06.0754 2160 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/06/15 16:59:06.0801 2160 i8042prt (bea9838cd25d36beba3f94386a761d60) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/15 16:59:06.0863 2160 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\drivers\iastor.sys
2011/06/15 16:59:06.0926 2160 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/06/15 16:59:06.0957 2160 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/06/15 16:59:07.0129 2160 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys
2011/06/15 16:59:07.0207 2160 intelide (4a6b4c4fab7716c869fa9d19ac8ca5a5) C:\Windows\system32\drivers\intelide.sys
2011/06/15 16:59:07.0254 2160 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/15 16:59:07.0348 2160 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/06/15 16:59:07.0410 2160 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/06/15 16:59:07.0441 2160 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/06/15 16:59:07.0488 2160 isapnp (ce2997a0c3b0049a3188c4f0c7a04bc9) C:\Windows\system32\drivers\isapnp.sys
2011/06/15 16:59:07.0535 2160 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/15 16:59:07.0582 2160 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/06/15 16:59:07.0645 2160 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/06/15 16:59:07.0707 2160 JRAID (c1632fe31d1824a43dea29725312e3fa) C:\Windows\system32\drivers\jraid.sys
2011/06/15 16:59:07.0754 2160 kbdclass (c9b0cf786d5f151a43c7be8e243f2819) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/15 16:59:07.0785 2160 kbdhid (97ab2fb84e8e77d93cee85550f4cf7f9) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/15 16:59:07.0848 2160 KSecDD (b6fac1ff7d4a05c06da9e53dbf5e9e7a) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/15 16:59:07.0926 2160 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/15 16:59:07.0988 2160 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/06/15 16:59:08.0129 2160 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/06/15 16:59:08.0176 2160 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/06/15 16:59:08.0223 2160 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/06/15 16:59:08.0270 2160 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/06/15 16:59:08.0332 2160 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/06/15 16:59:08.0410 2160 monitor (ee05f7a5e2cefb275b08f3e3fcc2a8eb) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/15 16:59:08.0441 2160 mouclass (4a00b3cf90ad075193ca5aeece71154c) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/15 16:59:08.0535 2160 mouhid (8d9b701d716843c39e93b3432cb721fc) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/15 16:59:08.0566 2160 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/06/15 16:59:08.0629 2160 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/06/15 16:59:08.0676 2160 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/15 16:59:08.0801 2160 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/06/15 16:59:08.0848 2160 MRxDAV (08f0c494a69cf3106ee7ffc48d8e5ac7) C:\Windows\system32\drivers\mrxdav.sys
2011/06/15 16:59:08.0910 2160 mrxsmb (bbb0d31b477cff3b4f737ed0367f635f) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/15 16:59:08.0926 2160 mrxsmb10 (a6130566ac4178473b5dac8f8f74407d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/15 16:59:08.0973 2160 mrxsmb20 (3d475e770d3ab2d0c5e3e1386871f9da) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/15 16:59:09.0020 2160 msahci (13fa01d10c95762e3e191bb023dfa8cc) C:\Windows\system32\drivers\msahci.sys
2011/06/15 16:59:09.0082 2160 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/06/15 16:59:09.0176 2160 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/06/15 16:59:09.0223 2160 msisadrv (0a64168b63535520adfd6b959695404a) C:\Windows\system32\drivers\msisadrv.sys
2011/06/15 16:59:09.0270 2160 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/15 16:59:09.0301 2160 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/15 16:59:09.0316 2160 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/06/15 16:59:09.0363 2160 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/06/15 16:59:09.0395 2160 mssmbios (e09cedb1bca303b7f6ae22f512e56969) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/15 16:59:09.0504 2160 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/06/15 16:59:09.0535 2160 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/06/15 16:59:09.0598 2160 NativeWifiP (be8c26e61be5c5a49a6babd17aeed1b7) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/15 16:59:09.0660 2160 NDIS (6e8dfface597629cef5df7d69217628f) C:\Windows\system32\drivers\ndis.sys
2011/06/15 16:59:09.0691 2160 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/15 16:59:09.0738 2160 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/15 16:59:09.0770 2160 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/15 16:59:09.0801 2160 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2011/06/15 16:59:09.0832 2160 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/15 16:59:09.0863 2160 netbt (231f6ccfdb7a604221f18fb0852c8560) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/15 16:59:09.0988 2160 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/06/15 16:59:10.0035 2160 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/06/15 16:59:10.0113 2160 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/15 16:59:10.0191 2160 Ntfs (f08824715ca6076f5e73e005ab83b9c8) C:\Windows\system32\drivers\Ntfs.sys
2011/06/15 16:59:10.0332 2160 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/06/15 16:59:10.0363 2160 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/06/15 16:59:10.0566 2160 nvlddmkm (0ad2e0a3933aac2a392f0c6a68e2d2f8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/15 16:59:10.0754 2160 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/06/15 16:59:10.0801 2160 nvrd32 (ed399014a8029de02ba5ae01da8cc9ee) C:\Windows\system32\drivers\nvrd32.sys
2011/06/15 16:59:10.0816 2160 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/06/15 16:59:10.0879 2160 nvstor32 (703e3a7093b0fac0eebadbb8e931ecaf) C:\Windows\system32\drivers\nvstor32.sys
2011/06/15 16:59:10.0926 2160 nv_agp (925eb9e53eca4473a2d156a02b7418e3) C:\Windows\system32\drivers\nv_agp.sys
2011/06/15 16:59:11.0004 2160 ohci1394 (8994cbfc215a9ef4495e6ae7992954fc) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/15 16:59:11.0145 2160 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/06/15 16:59:11.0176 2160 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/06/15 16:59:11.0207 2160 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/06/15 16:59:11.0238 2160 pci (a48c4d0acc933f7a37e52ab0761811ad) C:\Windows\system32\drivers\pci.sys
2011/06/15 16:59:11.0363 2160 pciide (353968946bcb766f6c5c01717686b382) C:\Windows\system32\drivers\pciide.sys
2011/06/15 16:59:11.0426 2160 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/06/15 16:59:11.0473 2160 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/06/15 16:59:11.0598 2160 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/15 16:59:11.0645 2160 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/06/15 16:59:11.0723 2160 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/15 16:59:11.0785 2160 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/06/15 16:59:11.0832 2160 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/06/15 16:59:11.0926 2160 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/15 16:59:11.0973 2160 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/15 16:59:12.0098 2160 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/15 16:59:12.0145 2160 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/15 16:59:12.0270 2160 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/15 16:59:12.0285 2160 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/15 16:59:12.0363 2160 rdpdr (87ee019fe9fbff071d76ccf9ec794646) C:\Windows\system32\drivers\rdpdr.sys
2011/06/15 16:59:12.0473 2160 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/15 16:59:12.0535 2160 RDPWD (e2afac98fc6ca2ad2d09f2de1bc71ad9) C:\Windows\system32\drivers\RDPWD.sys
2011/06/15 16:59:12.0691 2160 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/15 16:59:12.0754 2160 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/06/15 16:59:12.0910 2160 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/15 16:59:12.0957 2160 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/15 16:59:13.0051 2160 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys
2011/06/15 16:59:13.0098 2160 sermouse (2baf2abc0da0d50ebe8289c720977052) C:\Windows\system32\drivers\sermouse.sys
2011/06/15 16:59:13.0270 2160 sffdisk (55b145d4248012d306da8e92fa9fdc20) C:\Windows\system32\drivers\sffdisk.sys
2011/06/15 16:59:13.0316 2160 sffp_mmc (b86dfcd55294a0495571a27b861e6ef3) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/15 16:59:13.0348 2160 sffp_sd (5b327b59fae2b01c34690d91ed03786e) C:\Windows\system32\drivers\sffp_sd.sys
2011/06/15 16:59:13.0395 2160 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/06/15 16:59:13.0551 2160 sisagp (e5773c4cff310d00a59db01ef4074135) C:\Windows\system32\drivers\sisagp.sys
2011/06/15 16:59:13.0582 2160 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/06/15 16:59:13.0613 2160 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/06/15 16:59:13.0676 2160 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys
2011/06/15 16:59:13.0738 2160 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/06/15 16:59:13.0816 2160 srv (081be0d7a95af38d2aa238afcfc103aa) C:\Windows\system32\DRIVERS\srv.sys
2011/06/15 16:59:13.0863 2160 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/15 16:59:13.0926 2160 srvnet (3d2ca9f958fb6e28447da61f65b9deba) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/15 16:59:14.0051 2160 swenum (9c539aaffb0b6d7bce984c74317ff29f) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/15 16:59:14.0113 2160 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/06/15 16:59:14.0145 2160 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/06/15 16:59:14.0191 2160 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/06/15 16:59:14.0285 2160 Tcpip (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\drivers\tcpip.sys
2011/06/15 16:59:14.0348 2160 Tcpip6 (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/15 16:59:14.0410 2160 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/15 16:59:14.0520 2160 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/06/15 16:59:14.0551 2160 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/06/15 16:59:14.0613 2160 tdx (7973f7239486800cd79e4fdbab6a07df) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/15 16:59:14.0645 2160 TermDD (cfe870506361bac80a549749116ad870) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/15 16:59:14.0832 2160 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/15 16:59:14.0879 2160 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/06/15 16:59:14.0941 2160 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/15 16:59:14.0988 2160 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/06/15 16:59:15.0051 2160 udfs (deea398a92952ccc421ba5b39662cabe) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/15 16:59:15.0191 2160 uliagpkx (5895ef4d0f1424392ee6439250e25677) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/15 16:59:15.0254 2160 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/06/15 16:59:15.0285 2160 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/06/15 16:59:15.0332 2160 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/06/15 16:59:15.0363 2160 umbus (dc8828971d997de009647fce59e0ce8f) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/15 16:59:15.0441 2160 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
2011/06/15 16:59:15.0473 2160 usbccgp (3f795d59734259a00d385fbd65191bf4) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/15 16:59:15.0520 2160 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/06/15 16:59:15.0566 2160 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2011/06/15 16:59:15.0613 2160 usbehci (5555f6df13a1a1c327d67e9da7b99aee) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/15 16:59:15.0660 2160 usbhub (8dabb8cb47e0736930cf6492aed361a6) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/15 16:59:15.0707 2160 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2011/06/15 16:59:15.0754 2160 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/06/15 16:59:15.0785 2160 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/15 16:59:15.0848 2160 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/15 16:59:15.0879 2160 usbuhci (718fdf0b0f16e1d3b992f95eadf1af75) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/15 16:59:16.0035 2160 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/15 16:59:16.0066 2160 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/06/15 16:59:16.0113 2160 viaagp (66e64d5cbeb047c90e65f0962483a5b2) C:\Windows\system32\drivers\viaagp.sys
2011/06/15 16:59:16.0145 2160 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/06/15 16:59:16.0191 2160 viaide (7100b56688c5d6d7695d18fd001f0cd6) C:\Windows\system32\drivers\viaide.sys
2011/06/15 16:59:16.0254 2160 viamraid (7dc3e1dc6e4f8be381c31bfea578412a) C:\Windows\system32\drivers\viamraid.sys
2011/06/15 16:59:16.0301 2160 ViBus (aa3e6722843540b9c8ec5257e3d4b675) C:\Windows\system32\DRIVERS\ViBus.sys
2011/06/15 16:59:16.0332 2160 ViPrt (a1b7cffe5f09b825fba506c4de9fdac7) C:\Windows\system32\DRIVERS\ViPrt.sys
2011/06/15 16:59:16.0363 2160 volmgr (cc8a64a532fd2844ee68f4061ed8a7fd) C:\Windows\system32\drivers\volmgr.sys
2011/06/15 16:59:16.0410 2160 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/06/15 16:59:16.0520 2160 volsnap (11ef6c1caef76b685233450a126125d6) C:\Windows\system32\drivers\volsnap.sys
2011/06/15 16:59:16.0566 2160 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/06/15 16:59:16.0707 2160 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/06/15 16:59:16.0738 2160 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/15 16:59:16.0754 2160 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/15 16:59:16.0832 2160 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/06/15 16:59:16.0895 2160 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/15 16:59:17.0004 2160 winusb (086d2e78eecd6195667282adc6ca109f) C:\Windows\system32\DRIVERS\winusb.sys
2011/06/15 16:59:17.0066 2160 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys
2011/06/15 16:59:17.0223 2160 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/06/15 16:59:17.0285 2160 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/15 16:59:17.0363 2160 WUDFRd (ee0974d4042da9cf4c569ac4eca8c9c0) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/15 16:59:17.0410 2160 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/06/15 16:59:17.0441 2160 ================================================================================
2011/06/15 16:59:17.0441 2160 Scan finished
2011/06/15 16:59:17.0441 2160 ================================================================================
2011/06/15 16:59:17.0457 5908 Detected object count: 0
2011/06/15 16:59:17.0457 5908 Actual detected object count: 0

Antwort

Themen zu Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen
com surrogate funktioniert nicht mehr, converter, desktop, error, firefox, flash player, google chrome, google earth, grand theft auto, iexplore.exe, install.exe, logfile, nvlddmkm.sys, oldtimer, programm, realtek, searchplugins, security, security scan, shell32.dll, shortcut, software, start menu, svchost.exe, vista recovery, windows



Ähnliche Themen: Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen


  1. Windows 7: Nach BKA Trojaner Fehlermeldung beim Starten, Windows Sicherheitscenter kann nicht gestartet werden
    Log-Analyse und Auswertung - 18.11.2014 (9)
  2. Windows 7 Run DLL Fehlermeldung nach Trojaner Entfernung
    Log-Analyse und Auswertung - 07.09.2014 (5)
  3. Nach GVU Trojaner Entfernung RUNDLL Fehlermeldung nach Systemstart ?
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (2)
  4. POP-Up beim Windows Bootvorgang nach Ukash Entfernung
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  5. Nach Entfernung von Windows Recovery Virus noch Reste in der Registry
    Plagegeister aller Art und deren Bekämpfung - 09.07.2011 (9)
  6. Windows Recovery Entfernung unvollständig
    Log-Analyse und Auswertung - 08.07.2011 (32)
  7. Windows Recovery: Desktopprobleme nach Entfernung mit Malwarebyte und OTL
    Plagegeister aller Art und deren Bekämpfung - 07.07.2011 (18)
  8. Nach Entfernung von Vista Recovery: Daten weg (?)
    Plagegeister aller Art und deren Bekämpfung - 14.06.2011 (3)
  9. Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop
    Plagegeister aller Art und deren Bekämpfung - 14.06.2011 (1)
  10. Problem nach entfernung des Windows Recovery Virus :(
    Plagegeister aller Art und deren Bekämpfung - 11.06.2011 (5)
  11. Leerer Desktop nach Entfernung von Windows Recovery durch Malewarebytes
    Log-Analyse und Auswertung - 01.05.2011 (7)
  12. Computer startet nicht nach Entfernung von Windows Recovery Virus
    Plagegeister aller Art und deren Bekämpfung - 27.04.2011 (38)
  13. Nach Entfernung von Windows Recovery sind Dateien unsichtbar
    Plagegeister aller Art und deren Bekämpfung - 23.03.2011 (1)
  14. Dropper.Gen / Fehlermeldung nach Entfernung
    Plagegeister aller Art und deren Bekämpfung - 24.02.2009 (1)
  15. Fehlermeldung beim Start des PCs trotz Entfernung (?) des Trojaners
    Log-Analyse und Auswertung - 22.02.2008 (6)
  16. Fehlermeldung nach trojaner entfernung!!!!
    Log-Analyse und Auswertung - 08.01.2006 (4)
  17. svchost.exe Fehlermeldung beim Surfen!
    Plagegeister aller Art und deren Bekämpfung - 20.10.2004 (2)

Zum Thema Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen - Hallo, ich habe mir gestern dummerweise Windows Vista Recovery eingefangen, konnte es aber dank eurer Anleitung entfernen. Ich führte einen Scan mit Malwarebytes Anti-Malware durch, die 8 gefunden infizierten Objekte - Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen...
Archiv
Du betrachtest: Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.