|
PC extrem langsam, viele Denkpausen Hallo, seit einer Weile ist mein PC besonders langsam, braucht beim Hochfahren ewig bis ich anfangen kann zu arbeiten und braucht bei jedem Programmstart sehr lange. Auch generell ist alles sehr zäh und es dauert schonmal eine Sekunde bis ein Mausklick "ankommt". Es wurden häufiger Sachen installiert und deinstalliert. Vermutlich ist da einiges hängen geblieben. System ist WindowsXP 32bit. Hier die Log-files: OTL.txtOTL Logfile: Code: OTL logfile created on: 03.07.2011 18:08:48 - Run 1Extras.txtOTL Logfile: Code: OTL Extras logfile created on: 03.07.2011 18:08:48 - Run 1Gmer.txt GMER Logfile: Code: GMER 1.0.15.15640 - hxxp://www.gmer.netDanke schonmal im Voraus |
Hallo und :hallo: Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! |
Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 6253 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 03.04.2011 13:25:30 mbam-log-2011-04-03 (13-25-30).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 216887 Laufzeit: 3 Minute(n), 28 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 384 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 3 Infizierte Verzeichnisse: 0 Infizierte Dateien: 4 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\AppID\{0026A548-2A19-E8A0-B03E-B8692A75086E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0026A548-2A19-E8A0-B03E-B8692A75086E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{007196C5-0DD4-0764-F61E-200F74EEE57C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{007196C5-0DD4-0764-F61E-200F74EEE57C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{00A77F45-682B-8DE9-9E19-E2C9F51D8388} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{00A77F45-682B-8DE9-9E19-E2C9F51D8388} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{03F7EF8A-104D-1443-9F1B-069899745744} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{03F7EF8A-104D-1443-9F1B-069899745744} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{048BF78C-E618-0789-65EC-7B42EEBABDDC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{048BF78C-E618-0789-65EC-7B42EEBABDDC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{06F57557-AB6C-8A55-4922-73547511B8D2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{06F57557-AB6C-8A55-4922-73547511B8D2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{0737E842-2BBE-EE74-78D8-D848BDF721C1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0737E842-2BBE-EE74-78D8-D848BDF721C1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{0A0F1486-35D6-89D7-D882-CA1A59862B6E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0A0F1486-35D6-89D7-D882-CA1A59862B6E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{0A82E0CD-C707-C66F-56D8-BFEEEC72B3FF} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0A82E0CD-C707-C66F-56D8-BFEEEC72B3FF} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{0B44EB36-CB81-9FE3-EB6F-ED253BC824C5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0B44EB36-CB81-9FE3-EB6F-ED253BC824C5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{101E4C4F-A301-AD71-148E-584F7618A0AC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{101E4C4F-A301-AD71-148E-584F7618A0AC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{110F9774-FAAC-0A3E-8A58-182D5A948013} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{110F9774-FAAC-0A3E-8A58-182D5A948013} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{118AD934-6512-CF10-DF50-2B2755D07C2F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{118AD934-6512-CF10-DF50-2B2755D07C2F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{1329366B-3CA3-C056-4832-FDA8BAC1351F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1329366B-3CA3-C056-4832-FDA8BAC1351F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{18A58AED-3730-309F-8879-665F0274DEA3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{18A58AED-3730-309F-8879-665F0274DEA3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{1C64F2C7-C016-2C06-7A72-AED0431EDCD1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1C64F2C7-C016-2C06-7A72-AED0431EDCD1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{1FCB9023-A1D4-188C-5AE1-F34B8E87832B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1FCB9023-A1D4-188C-5AE1-F34B8E87832B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{20D10BF1-3113-E7B7-0A47-A5B469034DB2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{20D10BF1-3113-E7B7-0A47-A5B469034DB2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{2360DC15-1EEF-8DF9-7DB2-18C9E52FDBC3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2360DC15-1EEF-8DF9-7DB2-18C9E52FDBC3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{26A2097D-FE7E-31E3-EB0D-B476CC974DA8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{26A2097D-FE7E-31E3-EB0D-B476CC974DA8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{2B74AF48-6A85-7222-6651-EBBAE148C5B3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2B74AF48-6A85-7222-6651-EBBAE148C5B3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{2BBBB93E-C8E8-C1EE-093F-EA211A62B27B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2BBBB93E-C8E8-C1EE-093F-EA211A62B27B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{2C7A5774-0575-3C1C-1789-B8C3E1CD9DDE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2C7A5774-0575-3C1C-1789-B8C3E1CD9DDE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{2C8E43E7-2FBA-9397-CC7A-E85829069BC6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2C8E43E7-2FBA-9397-CC7A-E85829069BC6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{2EF89262-692C-51D0-CD84-C415D73F84EB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2EF89262-692C-51D0-CD84-C415D73F84EB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{308E81ED-7218-8209-0B65-409E8A527503} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{308E81ED-7218-8209-0B65-409E8A527503} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{3246BB5C-F56C-50CE-9DC1-4568A444BF1F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3246BB5C-F56C-50CE-9DC1-4568A444BF1F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{326CE86B-F468-EA85-5628-FD4D0FFDBB85} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{326CE86B-F468-EA85-5628-FD4D0FFDBB85} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{35400ED6-5CB6-5FB6-F0B9-AF184FD63763} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{35400ED6-5CB6-5FB6-F0B9-AF184FD63763} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{363304E6-ADDF-9355-8F4C-D71315751C40} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{363304E6-ADDF-9355-8F4C-D71315751C40} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{3676C97E-85F8-4FE1-4FF3-5761EBCB649D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3676C97E-85F8-4FE1-4FF3-5761EBCB649D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{37128C75-4B63-71FC-DD33-D9492FBB2EFB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37128C75-4B63-71FC-DD33-D9492FBB2EFB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{37201920-C149-2EC6-4F1B-17CA78F01B82} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37201920-C149-2EC6-4F1B-17CA78F01B82} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{37FA2744-03C3-5EAA-90C6-D685E5878DB2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37FA2744-03C3-5EAA-90C6-D685E5878DB2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{3A4B53AC-423A-E7CA-C4DA-B78A959F8C03} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3A4B53AC-423A-E7CA-C4DA-B78A959F8C03} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{3AE1D8CD-A6F7-40FE-B888-56FCBA8BCA46} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3AE1D8CD-A6F7-40FE-B888-56FCBA8BCA46} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{3B050B5F-44DD-D258-FAA3-6AD723DDE51D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3B050B5F-44DD-D258-FAA3-6AD723DDE51D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{3C0749DE-9D0D-1B9A-52E6-2C347FDD15A9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3C0749DE-9D0D-1B9A-52E6-2C347FDD15A9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{3C1D709C-0F4D-5DA4-2232-7AFD13C0C23F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3C1D709C-0F4D-5DA4-2232-7AFD13C0C23F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{4014C362-2DA7-40F3-1C21-53E8844CD087} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4014C362-2DA7-40F3-1C21-53E8844CD087} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{490CDDA9-7D56-3D09-CC3C-5136306CC8A0} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{490CDDA9-7D56-3D09-CC3C-5136306CC8A0} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{494FEB7F-6626-1241-41D8-59E22DB24FC2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{494FEB7F-6626-1241-41D8-59E22DB24FC2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{49BC4B7D-A77B-DCF4-C29B-8F5040D7C9A5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{49BC4B7D-A77B-DCF4-C29B-8F5040D7C9A5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{4A167404-9A8F-6684-EF47-19FB5BD943EF} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4A167404-9A8F-6684-EF47-19FB5BD943EF} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{4AA4DEB6-F141-B724-8BCF-4995A82419F6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4AA4DEB6-F141-B724-8BCF-4995A82419F6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{4D9B3AD6-F9C1-0739-3A6E-3D55D45A69E3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4D9B3AD6-F9C1-0739-3A6E-3D55D45A69E3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{4F2D630B-CD4C-1206-EDF4-4ED3900B1398} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4F2D630B-CD4C-1206-EDF4-4ED3900B1398} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{4F82FDE5-2426-891D-5E88-22E06725D2A6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{4F82FDE5-2426-891D-5E88-22E06725D2A6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{5064A943-EF53-7ACA-9C6F-789E5941E345} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5064A943-EF53-7ACA-9C6F-789E5941E345} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{52287B95-3257-CCF7-3B86-B73978B045A2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{52287B95-3257-CCF7-3B86-B73978B045A2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{54E27EDA-9B99-0E27-7246-DB3CDD577165} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{54E27EDA-9B99-0E27-7246-DB3CDD577165} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{555B79E9-DA80-976E-4918-FE9C20D88A6F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{555B79E9-DA80-976E-4918-FE9C20D88A6F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{56F8EF1A-30C4-77DB-B4A1-F7FB92D83438} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{56F8EF1A-30C4-77DB-B4A1-F7FB92D83438} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{575E02AB-D638-2559-43AB-60DF97B0D256} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{575E02AB-D638-2559-43AB-60DF97B0D256} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{5820F447-EF2B-74E0-E561-3A3CA71075CB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5820F447-EF2B-74E0-E561-3A3CA71075CB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{5B228E8B-E361-D45F-80A9-90E145C6C2D7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5B228E8B-E361-D45F-80A9-90E145C6C2D7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{5B974BBE-61BD-D89A-783C-6F06BBE18E40} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5B974BBE-61BD-D89A-783C-6F06BBE18E40} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{5BE00A73-5A3E-77A2-C459-9289E7FFBB15} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5BE00A73-5A3E-77A2-C459-9289E7FFBB15} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{5CED4913-56FE-6E51-1317-1E58D66E1241} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5CED4913-56FE-6E51-1317-1E58D66E1241} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{5D55721C-CEE0-48E2-FD94-8BDF511364B1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5D55721C-CEE0-48E2-FD94-8BDF511364B1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{5DF14F9D-6ED4-DA4A-49A4-40F085A9BB86} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5DF14F9D-6ED4-DA4A-49A4-40F085A9BB86} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{60F07540-55BC-AC34-166A-67B6FA4DD197} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{60F07540-55BC-AC34-166A-67B6FA4DD197} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{616F8160-B381-7FEA-D13A-58E0EF4C12E8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{616F8160-B381-7FEA-D13A-58E0EF4C12E8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{62E182EE-072E-85DF-552C-319B98B64E6C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{62E182EE-072E-85DF-552C-319B98B64E6C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{6756A72C-5FD9-3E32-6951-6704AEF8DD60} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6756A72C-5FD9-3E32-6951-6704AEF8DD60} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{68342826-C702-235F-DF6B-EDBD264885AB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{68342826-C702-235F-DF6B-EDBD264885AB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{68905909-F475-DD43-8FE8-914E341AEFD6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{68905909-F475-DD43-8FE8-914E341AEFD6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{68B4E7F8-6512-EF00-DF46-2E62C2F0A63F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{68B4E7F8-6512-EF00-DF46-2E62C2F0A63F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{6A546779-BFD6-74A9-CB09-CF82CD486F69} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6A546779-BFD6-74A9-CB09-CF82CD486F69} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{6B4FB954-58B2-E021-8CE4-02B6166FF436} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6B4FB954-58B2-E021-8CE4-02B6166FF436} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{6C3EC276-E5AB-B2F5-9FF2-DC2EA9780271} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6C3EC276-E5AB-B2F5-9FF2-DC2EA9780271} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{6CC6DDD2-220B-8F89-077A-058CE7A629E7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6CC6DDD2-220B-8F89-077A-058CE7A629E7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{6D6EC02C-6636-9DF9-B412-C5BEF8504F38} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6D6EC02C-6636-9DF9-B412-C5BEF8504F38} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{6EAF3580-B150-6D5F-D7BB-CC0EC951A6CF} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6EAF3580-B150-6D5F-D7BB-CC0EC951A6CF} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{717B6B22-F136-7AEB-2A9C-C75BEAAEAF04} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{717B6B22-F136-7AEB-2A9C-C75BEAAEAF04} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{71AD80F1-0996-B6AC-8140-3E7EE8B8E5DD} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{71AD80F1-0996-B6AC-8140-3E7EE8B8E5DD} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{7364E5E6-0AF3-C425-05B1-95E8C0EAA106} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7364E5E6-0AF3-C425-05B1-95E8C0EAA106} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{73BC1C09-7B64-BF93-CCAA-03C17312CD1A} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{73BC1C09-7B64-BF93-CCAA-03C17312CD1A} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{75175DF7-EF56-52A0-8766-55465E7173E2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{75175DF7-EF56-52A0-8766-55465E7173E2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{75DD56AD-165B-691C-92C1-76E7DFE84602} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{75DD56AD-165B-691C-92C1-76E7DFE84602} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{78138571-F4A5-1948-2DF6-7E7EB47A2658} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{78138571-F4A5-1948-2DF6-7E7EB47A2658} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{796977ED-D431-7FF4-F3CB-2ABEBC687630} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{796977ED-D431-7FF4-F3CB-2ABEBC687630} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{79910627-6A00-CDCE-579B-2C3D5BA84B34} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{79910627-6A00-CDCE-579B-2C3D5BA84B34} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{7A353246-74DA-B2BB-F2FB-06498428684C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7A353246-74DA-B2BB-F2FB-06498428684C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{7D2FAF53-4ADD-C43A-4E61-1B61075FC924} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7D2FAF53-4ADD-C43A-4E61-1B61075FC924} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{7D4B8C8E-CD51-F9C0-4E76-69F5FA0CE599} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7D4B8C8E-CD51-F9C0-4E76-69F5FA0CE599} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{7D708FBB-FDAD-D4ED-7B5A-FE8D0FFA7493} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7D708FBB-FDAD-D4ED-7B5A-FE8D0FFA7493} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{80314ACA-04E4-B2F8-6BB3-7D4A764F3C5F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{80314ACA-04E4-B2F8-6BB3-7D4A764F3C5F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{82FC74DE-CCA4-17F1-FA1E-760DC404A317} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{82FC74DE-CCA4-17F1-FA1E-760DC404A317} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{83E68555-BBFE-A215-0174-977FF8FD732A} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{83E68555-BBFE-A215-0174-977FF8FD732A} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{83EA0F26-E3A8-F644-2E66-1BEC818FD94B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{83EA0F26-E3A8-F644-2E66-1BEC818FD94B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{83F033B6-3E4F-B858-069E-1DEA757A732D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{83F033B6-3E4F-B858-069E-1DEA757A732D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{84485E16-B0EE-B618-6D56-157A7AFC754C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{84485E16-B0EE-B618-6D56-157A7AFC754C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8472F7AB-E15F-6E7A-D99B-11C50742533C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8472F7AB-E15F-6E7A-D99B-11C50742533C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{882762E8-7BC2-4999-5905-7973DF8F5974} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{882762E8-7BC2-4999-5905-7973DF8F5974} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8A96C138-FA33-D993-8688-97EC8A607557} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8A96C138-FA33-D993-8688-97EC8A607557} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8B661C54-1876-647A-AFA9-232DA309CCC1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8B661C54-1876-647A-AFA9-232DA309CCC1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8B6B6AF7-467C-32F0-1C1F-CF0AB649D65E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8B6B6AF7-467C-32F0-1C1F-CF0AB649D65E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8BF6F24D-2C3C-D83A-E9AE-EC1C4F01DAEE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8BF6F24D-2C3C-D83A-E9AE-EC1C4F01DAEE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8CE16525-B646-EEE9-9681-39D46032B080} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8CE16525-B646-EEE9-9681-39D46032B080} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{8FBE6833-4B81-D3D0-BD98-7B192C046CC5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8FBE6833-4B81-D3D0-BD98-7B192C046CC5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{917C9DB7-A28B-CB00-ADAF-6908C65B70AD} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{917C9DB7-A28B-CB00-ADAF-6908C65B70AD} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{91FB423F-5099-7870-A17C-A31006B70863} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{91FB423F-5099-7870-A17C-A31006B70863} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{920D60B8-BB03-71F7-3EDF-E3410301F4E0} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{920D60B8-BB03-71F7-3EDF-E3410301F4E0} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{9238D60C-A78B-0639-7E0D-921AA5100090} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9238D60C-A78B-0639-7E0D-921AA5100090} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{924E3D0D-2679-EF9B-71B4-113A38F4B786} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{924E3D0D-2679-EF9B-71B4-113A38F4B786} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{92C756DF-E46F-0CE9-9FC2-B05BCAC48D54} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{92C756DF-E46F-0CE9-9FC2-B05BCAC48D54} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{947195ED-FE5B-E80B-BBD1-00FBDB017F03} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{947195ED-FE5B-E80B-BBD1-00FBDB017F03} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{9615EF71-014F-8973-B235-6BB870093E0E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9615EF71-014F-8973-B235-6BB870093E0E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{96186C85-0E8A-D7D6-B8CE-58925A368A34} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{96186C85-0E8A-D7D6-B8CE-58925A368A34} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{9639A854-6A08-A929-EA74-6658559553E1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9639A854-6A08-A929-EA74-6658559553E1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{96B5C05D-0A64-92D1-38DC-46A95C6A77B6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{96B5C05D-0A64-92D1-38DC-46A95C6A77B6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{99E96E31-813C-416A-B501-37DCD14C1253} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{99E96E31-813C-416A-B501-37DCD14C1253} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{9A3AE452-10C1-86E3-ED60-2306FC7C0BAD} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9A3AE452-10C1-86E3-ED60-2306FC7C0BAD} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{9C8C2A58-0FAD-AF7C-CDB7-4CDC59E8E5A3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9C8C2A58-0FAD-AF7C-CDB7-4CDC59E8E5A3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{9D1D618E-EFC0-EC73-4721-1F0A6BCD4F10} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9D1D618E-EFC0-EC73-4721-1F0A6BCD4F10} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{9E929E0C-FD56-322E-BE5E-49024FC954A7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9E929E0C-FD56-322E-BE5E-49024FC954A7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{9EEBBEDB-D9B2-5CEA-1B37-C835EE0CA7F2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9EEBBEDB-D9B2-5CEA-1B37-C835EE0CA7F2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A1C155BC-81B7-7E44-B517-235D34BD11E6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A1C155BC-81B7-7E44-B517-235D34BD11E6} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A1EB21B0-93CB-6A56-C7F3-D8BAC1C6D9E4} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A1EB21B0-93CB-6A56-C7F3-D8BAC1C6D9E4} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A2900343-2DAD-D1AA-70C2-563448A32C69} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A2900343-2DAD-D1AA-70C2-563448A32C69} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A2F6940D-2E6A-C73B-077D-01A6FDD1A521} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A2F6940D-2E6A-C73B-077D-01A6FDD1A521} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A414EBBB-BF4E-FFC8-F54B-C8C3F10A23DF} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A414EBBB-BF4E-FFC8-F54B-C8C3F10A23DF} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A444DA5E-8020-74A6-F83A-E1D4431F9C12} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A444DA5E-8020-74A6-F83A-E1D4431F9C12} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A56129F2-22A9-26DE-9D0F-9FFE9585F22B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A56129F2-22A9-26DE-9D0F-9FFE9585F22B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A783A33D-30B6-C96D-115C-30BFA0B79CBC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A783A33D-30B6-C96D-115C-30BFA0B79CBC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A84B4FB5-E327-043D-C252-040844411FAB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A84B4FB5-E327-043D-C252-040844411FAB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{A931E274-C4C7-A4AA-5AF9-3071CADA2775} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A931E274-C4C7-A4AA-5AF9-3071CADA2775} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{AC753B34-2C88-B44A-21A8-ED22C9AD09AC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{AC753B34-2C88-B44A-21A8-ED22C9AD09AC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{ADDF57D7-6C02-B77D-9604-A850006B4601} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ADDF57D7-6C02-B77D-9604-A850006B4601} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{AEBD7F25-6306-F72A-2D9A-E5B8AD4399F1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{AEBD7F25-6306-F72A-2D9A-E5B8AD4399F1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{AFA58B0D-4C3D-E90B-CF64-00CE780BA5BA} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{AFA58B0D-4C3D-E90B-CF64-00CE780BA5BA} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{B2C11550-352D-2588-2B00-55B92A5AE1A2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{B2C11550-352D-2588-2B00-55B92A5AE1A2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{B467C6CB-1F46-9988-CCDE-83FD25DE8439} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{B467C6CB-1F46-9988-CCDE-83FD25DE8439} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{B4A25A27-47A8-FD48-FCE0-12DBCD6AEBF3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{B4A25A27-47A8-FD48-FCE0-12DBCD6AEBF3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{B4E87BDA-9197-7A4A-3DCC-9D820B2648B1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{B4E87BDA-9197-7A4A-3DCC-9D820B2648B1} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{BBAE1B4C-9650-8503-F248-B9783434FFE9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{BBAE1B4C-9650-8503-F248-B9783434FFE9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{BC0A87F3-9CD1-9F24-FE1E-B5A1F17CDCB9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{BC0A87F3-9CD1-9F24-FE1E-B5A1F17CDCB9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{BE85B5D4-67B1-3948-CA69-C91BD476994B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{BE85B5D4-67B1-3948-CA69-C91BD476994B} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{C039A8AE-771A-2609-ABE9-6FF57A8E39B3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C039A8AE-771A-2609-ABE9-6FF57A8E39B3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{C1C97595-B998-B9A8-EEBA-A15A7B78460F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C1C97595-B998-B9A8-EEBA-A15A7B78460F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{C4C08C4B-AD9B-37B1-8F3F-AD38323512C3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C4C08C4B-AD9B-37B1-8F3F-AD38323512C3} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{C57C74A9-ABB0-E9F3-8C85-DDD33CAD0CC8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C57C74A9-ABB0-E9F3-8C85-DDD33CAD0CC8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{C63463B7-3E71-3E14-49FB-17C35C7DFE07} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C63463B7-3E71-3E14-49FB-17C35C7DFE07} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{C7E60805-E539-09E9-CB93-CD66115CA697} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C7E60805-E539-09E9-CB93-CD66115CA697} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{C90C53C1-6E23-3684-A3D6-61B8F8DAF4E4} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C90C53C1-6E23-3684-A3D6-61B8F8DAF4E4} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{C94D7379-F270-70B2-1635-CEF70473F7AC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C94D7379-F270-70B2-1635-CEF70473F7AC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{C951E857-742D-BCE1-6758-8E4B76563BB9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{C951E857-742D-BCE1-6758-8E4B76563BB9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{CA776317-17BB-7877-01FA-D15CFEE0C200} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{CA776317-17BB-7877-01FA-D15CFEE0C200} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{CC64B45D-D6FC-76B2-D06F-CEF1AD314B4D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{CC64B45D-D6FC-76B2-D06F-CEF1AD314B4D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{CD201855-6C54-FCC8-84E8-F1B657D49D38} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{CD201855-6C54-FCC8-84E8-F1B657D49D38} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{D6189896-AD1C-E3B2-AFE6-4B692E91B20F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{D6189896-AD1C-E3B2-AFE6-4B692E91B20F} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{D72366D6-CA69-61DD-540C-ACA7B20FA09A} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{D72366D6-CA69-61DD-540C-ACA7B20FA09A} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{D8583457-F929-F1B1-F466-B04B4DE7B055} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{D8583457-F929-F1B1-F466-B04B4DE7B055} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{DD6D709D-20CF-A598-269A-404587CC94A9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{DD6D709D-20CF-A598-269A-404587CC94A9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{DEDA84E9-967E-0E2E-ADE2-FDBFBD314AAB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{DEDA84E9-967E-0E2E-ADE2-FDBFBD314AAB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{DF03105A-30A9-3197-36B8-BD0941DFE414} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{DF03105A-30A9-3197-36B8-BD0941DFE414} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{DFE578BA-0D6B-E1F5-CFAA-CBAE2CEEFA62} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{DFE578BA-0D6B-E1F5-CFAA-CBAE2CEEFA62} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E07DD403-A919-FBD0-EF84-734B257407BB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E07DD403-A919-FBD0-EF84-734B257407BB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E24DD253-11FF-70CB-86AC-3B55BDC76F9C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E24DD253-11FF-70CB-86AC-3B55BDC76F9C} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E3A921E8-E1F6-B9BE-6302-BAE80924FCE7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E3A921E8-E1F6-B9BE-6302-BAE80924FCE7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E3F90F3D-DE26-194B-80C0-216D5D35B848} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E3F90F3D-DE26-194B-80C0-216D5D35B848} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E3FB3D9B-A958-33C1-23B9-C8414EC3D98D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E3FB3D9B-A958-33C1-23B9-C8414EC3D98D} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E52FA195-5A6F-2177-F3BD-B37D3644ACC2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E52FA195-5A6F-2177-F3BD-B37D3644ACC2} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E6C4D142-ADFB-1690-E3B7-17999EBDA1FA} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E6C4D142-ADFB-1690-E3B7-17999EBDA1FA} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E6DFE252-C79A-1A39-A41E-56906D3E84AA} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E6DFE252-C79A-1A39-A41E-56906D3E84AA} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E81E3309-BDD5-BC2F-852A-715DB42797F9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E81E3309-BDD5-BC2F-852A-715DB42797F9} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{E995A142-7914-3FE8-D60B-AD05B1EE5EFC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E995A142-7914-3FE8-D60B-AD05B1EE5EFC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{EA871865-08D6-D09D-46FD-1F353EB479FC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{EA871865-08D6-D09D-46FD-1F353EB479FC} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{EB14F04F-488B-81F4-9203-A1A7C1EAE661} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{EB14F04F-488B-81F4-9203-A1A7C1EAE661} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{EB7935A8-CBBC-2CC9-1FFE-716534693637} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{EB7935A8-CBBC-2CC9-1FFE-716534693637} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{EC7E5912-D564-0AAC-21C5-A12A9CB288C8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{EC7E5912-D564-0AAC-21C5-A12A9CB288C8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{EDE6231F-AAA4-FF23-82A0-3D3059CE3D55} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{EDE6231F-AAA4-FF23-82A0-3D3059CE3D55} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{EE289F35-7DEB-B0AF-20F2-690232F44615} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{EE289F35-7DEB-B0AF-20F2-690232F44615} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{EF92C14A-BD41-692A-E27C-367A8FDC52A5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{EF92C14A-BD41-692A-E27C-367A8FDC52A5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{EFFB84CB-2818-00BA-CEF5-914848B920AE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{EFFB84CB-2818-00BA-CEF5-914848B920AE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F059511F-ED8F-4E6D-1CA0-71D619AFB174} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F059511F-ED8F-4E6D-1CA0-71D619AFB174} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F06E222D-826A-DEBB-DB42-EAFB0908234E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F06E222D-826A-DEBB-DB42-EAFB0908234E} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F148A717-4004-F18A-39BF-324236EA4566} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F148A717-4004-F18A-39BF-324236EA4566} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F33C7334-AADE-9EF5-6DAC-7026EF6CCC05} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F33C7334-AADE-9EF5-6DAC-7026EF6CCC05} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F47CF54F-845E-6CA5-3C6B-EE10C17D4AD5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F47CF54F-845E-6CA5-3C6B-EE10C17D4AD5} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F59B9001-7B62-FC18-C39A-959985D05ED7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F59B9001-7B62-FC18-C39A-959985D05ED7} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F699592F-1B83-75DA-AFEF-3F2E360FBE28} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F699592F-1B83-75DA-AFEF-3F2E360FBE28} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F6E2CBA6-BEB3-0707-4082-DBDCD6B25DCE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F6E2CBA6-BEB3-0707-4082-DBDCD6B25DCE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F78FD0B0-9278-DAC5-18A8-ABCD9B80B615} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F78FD0B0-9278-DAC5-18A8-ABCD9B80B615} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F81FAB34-F8B8-BD27-049C-5FBB17C7926A} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F81FAB34-F8B8-BD27-049C-5FBB17C7926A} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F83557ED-5FD1-739A-99EC-11BA129BF0CE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F83557ED-5FD1-739A-99EC-11BA129BF0CE} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{F9C5784C-C3B6-DD55-1C3F-F4AE48481FE8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F9C5784C-C3B6-DD55-1C3F-F4AE48481FE8} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{FA0A69DC-4FD1-49D3-0E33-64A2A116FC63} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{FA0A69DC-4FD1-49D3-0E33-64A2A116FC63} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{FB1C0137-43E6-D54E-816F-E7A416DFACDB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{FB1C0137-43E6-D54E-816F-E7A416DFACDB} (Worm.Allaple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\FunWebProductsInstaller.Start (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\FunWebProductsInstaller.Start.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\programme\js.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\WINDOWS\system32\g.bat (Malware.Trace) -> Quarantined and deleted successfully. c:\WINDOWS\system32\g.ftp (Malware.Trace) -> Quarantined and deleted successfully. c:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 6253 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 03.04.2011 15:21:55 mbam-log-2011-04-03 (15-21-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|J:\|K:\|N:\|O:\|P:\|) Durchsuchte Objekte: 352424 Laufzeit: 43 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\system volume information\_restore{63377ddd-8537-4e33-b2fe-6762098d32b2}\RP313\A0078121.sys (Trojan.Agent) -> Quarantined and deleted successfully. n:\Progs\totalcopy11.exe (Trojan.FlashKiller) -> Quarantined and deleted successfully. n:\Progs\internet\proxyi.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.51.0.1200 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 7021 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 04.07.2011 22:24:26 mbam-log-2011-07-04 (22-24-26).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|J:\|K:\|N:\|O:\|P:\|) Durchsuchte Objekte: 369358 Laufzeit: 31 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) MFG e.m. |
Zitat:
Deinstalliere bei der Gelegenheit auch alle anderen unnötigen Programme über die Systemsteuerung. |
Hallo, Entschuldigung, dass ich mich erst jetzt wieder melde. Hatte persönliche Gründe. Bis auf die Ask-Toolbar konnte ich alle anderen über Systemsteuerung -> Software entfernen. Das ging jedoch nicht bei der Ask-Toolbar (WiseCleaner Toolbar), da mir immer gemeldet wird, dass InternetExplorer noch läuft, obwohl im Taskmanager unter Prozesse nichts von iexplore.exe oder Firefox zu finden ist. Der abgesicherte Modus half auch nicht, da hier der Windows-Uninstaller scheinbar nicht läuft. Mir ist aber auch noch etwas anderes aufgefallen: Windows versucht immer zwei Updates zu installieren. Dieser Vorgang wird mir der Meldung quittiert, dass die folgenden Updates nicht installiert werden konnten: Microsoft .NET Framework 1.1 Service Pack 1 Microsoft .NET Framework*2.0 Service Pack*1, Sicherheitsupdate für Windows*2000, Windows Server*2003 und Windows*XP (KB953300) Außerdem trat während der Installation dieser Updates öfters die folgende Meldung auf: SL9.tmp hat ein Problem festgestellt und muss beendet werden. Damit kann ich garnichts anfangen. Beim Herunterfahren wird natürlich immer gesagt, dass Updates installiert werden, aber passieren tut da scheinbar nichts. Beim nächsten Systemstart fängt das Spiel von vorne an. |
Mach bitte ein neues CustomLog: CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code: netsvcs
|
OTL Logfile: Code: OTL logfile created on: 11.07.2011 20:10:18 - Run 2 |
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code: :OTLDas Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. |
========== OTL ========== Service MSDisk stopped successfully! Service MSDisk deleted successfully! Service Crypkey License stopped successfully! Service Crypkey License deleted successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "iMesh Web Search" removed from browser.search.defaultenginename Prefs.js: "Search" removed from browser.search.defaultthis.engineName Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "iMesh Web Search" removed from browser.search.order.1 Prefs.js: "iMesh Web Search" removed from browser.search.selectedEngine Prefs.js: true removed from browser.search.useDBForOrder Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Resume copy deleted successfully. C:\WINDOWS\copyfstq.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removedatamngr deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removetoolbar deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\AUTOEXEC.BAT moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68a8971f-c2fd-11dd-af76-00038a000015}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68a8971f-c2fd-11dd-af76-00038a000015}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68a8971f-c2fd-11dd-af76-00038a000015}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68a8971f-c2fd-11dd-af76-00038a000015}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68a8971f-c2fd-11dd-af76-00038a000015}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68a8971f-c2fd-11dd-af76-00038a000015}\ not found. File J:\LaunchU3.exe -a not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df112565-9f91-11dd-af58-00038a000015}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df112565-9f91-11dd-af58-00038a000015}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df112565-9f91-11dd-af58-00038a000015}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df112565-9f91-11dd-af58-00038a000015}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df112565-9f91-11dd-af58-00038a000015}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{df112565-9f91-11dd-af58-00038a000015}\ not found. File L:\LaunchU3.exe -a not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ not found. File D:\autorun.exe not found. C:\Dokumente und Einstellungen\ebi\Lokale Einstellungen\Anwendungsdaten\AskToolbar folder moved successfully. C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\251A5 folder moved successfully. C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\D39B folder moved successfully. C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\E109 folder moved successfully. ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.25.0 log created on 07142011_085002 |
Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen: 1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen! 2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen 3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html 4.) Wenns erfolgreich war Bescheid sagen 5.) Erst dann wieder den Virenscanner einschalten |
Datei wurde erfolgreich hochgeladen. |
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. http://www.trojaner-board.de/attachm...rnen-start.png Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern ) http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif |
2011/07/15 14:46:06.0390 4012 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56 2011/07/15 14:46:06.0765 4012 ================================================================================ 2011/07/15 14:46:06.0765 4012 SystemInfo: 2011/07/15 14:46:06.0765 4012 2011/07/15 14:46:06.0765 4012 OS Version: 5.1.2600 ServicePack: 3.0 2011/07/15 14:46:06.0765 4012 Product type: Workstation 2011/07/15 14:46:06.0765 4012 ComputerName: LOTTE 2011/07/15 14:46:06.0765 4012 UserName: ebi 2011/07/15 14:46:06.0765 4012 Windows directory: C:\WINDOWS 2011/07/15 14:46:06.0765 4012 System windows directory: C:\WINDOWS 2011/07/15 14:46:06.0765 4012 Processor architecture: Intel x86 2011/07/15 14:46:06.0765 4012 Number of processors: 1 2011/07/15 14:46:06.0765 4012 Page size: 0x1000 2011/07/15 14:46:06.0765 4012 Boot type: Normal boot 2011/07/15 14:46:06.0765 4012 ================================================================================ 2011/07/15 14:46:08.0109 4012 Initialize success 2011/07/15 14:46:38.0828 3752 ================================================================================ 2011/07/15 14:46:38.0828 3752 Scan started 2011/07/15 14:46:38.0828 3752 Mode: Manual; 2011/07/15 14:46:38.0828 3752 ================================================================================ 2011/07/15 14:46:39.0328 3752 3dfxvs (b6bbe5503e6460bdfa2aecb972a07c1a) C:\WINDOWS\system32\DRIVERS\3dfxvsm.sys 2011/07/15 14:46:39.0500 3752 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/07/15 14:46:39.0593 3752 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/07/15 14:46:39.0750 3752 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/07/15 14:46:39.0843 3752 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys 2011/07/15 14:46:39.0953 3752 AFD (8d499b1276012eb907e7a9e0f4d8fda4) C:\WINDOWS\System32\drivers\afd.sys 2011/07/15 14:46:40.0296 3752 ALCXWDM (9a0a8e525c50b732ea0f8f0b597a95f9) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2011/07/15 14:46:40.0562 3752 AmdK7 (3a0dafac778236559c14c7203fb550eb) C:\WINDOWS\system32\DRIVERS\amdk7.sys 2011/07/15 14:46:40.0671 3752 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 2011/07/15 14:46:41.0093 3752 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/07/15 14:46:41.0171 3752 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/07/15 14:46:41.0437 3752 ati2mtag (1db0e5f78a67307f9c68d777873c1164) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2011/07/15 14:46:41.0640 3752 atksgt (72bc628af75c4c3250f2a3bac260265a) C:\WINDOWS\system32\DRIVERS\atksgt.sys 2011/07/15 14:46:41.0734 3752 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/07/15 14:46:41.0843 3752 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/07/15 14:46:41.0953 3752 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys 2011/07/15 14:46:42.0062 3752 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 2011/07/15 14:46:42.0125 3752 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys 2011/07/15 14:46:42.0203 3752 AVMWAN (c997af59c54d69232fb7bbea4dad86e2) C:\WINDOWS\system32\DRIVERS\avmwan.sys 2011/07/15 14:46:42.0312 3752 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/07/15 14:46:42.0421 3752 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/07/15 14:46:42.0515 3752 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2011/07/15 14:46:42.0656 3752 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/07/15 14:46:42.0781 3752 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/07/15 14:46:42.0859 3752 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/07/15 14:46:43.0125 3752 cmuda2 (7bf58fa324cfecbdfff8150281eeb998) C:\WINDOWS\system32\drivers\cmuda2.sys 2011/07/15 14:46:43.0484 3752 d347bus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys 2011/07/15 14:46:43.0546 3752 d347prt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\System32\Drivers\d347prt.sys 2011/07/15 14:46:43.0875 3752 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/07/15 14:46:43.0984 3752 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 2011/07/15 14:46:44.0078 3752 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\DRIVERS\dmio.sys 2011/07/15 14:46:44.0140 3752 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/07/15 14:46:44.0250 3752 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/07/15 14:46:44.0421 3752 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/07/15 14:46:44.0546 3752 EAPPkt (c47e7c5e7410c7de98f7219e3008c23d) C:\WINDOWS\system32\DRIVERS\EAPPkt.sys 2011/07/15 14:46:44.0640 3752 es1969 (b9f03760af557348e17a5bb5ffeb73c0) C:\WINDOWS\system32\drivers\es1969.sys 2011/07/15 14:46:44.0781 3752 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/07/15 14:46:44.0875 3752 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/07/15 14:46:45.0062 3752 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 2011/07/15 14:46:45.0234 3752 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2011/07/15 14:46:45.0359 3752 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/07/15 14:46:45.0562 3752 fpcibase (45b5129aeae91ea096a9bbebff99e098) C:\WINDOWS\system32\DRIVERS\fpcibase.sys 2011/07/15 14:46:45.0703 3752 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/07/15 14:46:45.0765 3752 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/07/15 14:46:45.0859 3752 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys 2011/07/15 14:46:45.0968 3752 Gpc (bb75de8bd132137eff7b3a5570f731cd) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/07/15 14:46:46.0062 3752 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/07/15 14:46:46.0265 3752 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/07/15 14:46:46.0453 3752 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/07/15 14:46:46.0546 3752 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys 2011/07/15 14:46:46.0625 3752 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/07/15 14:46:46.0921 3752 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/07/15 14:46:46.0984 3752 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/07/15 14:46:47.0046 3752 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/07/15 14:46:47.0109 3752 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/07/15 14:46:47.0171 3752 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/07/15 14:46:47.0203 3752 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/07/15 14:46:47.0281 3752 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/07/15 14:46:47.0359 3752 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/07/15 14:46:47.0437 3752 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/07/15 14:46:47.0500 3752 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/07/15 14:46:47.0656 3752 lirsgt (4127e8b6ddb4090e815c1f8852c277d3) C:\WINDOWS\system32\DRIVERS\lirsgt.sys 2011/07/15 14:46:47.0750 3752 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\WINDOWS\system32\drivers\mbam.sys 2011/07/15 14:46:47.0843 3752 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/07/15 14:46:47.0906 3752 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 2011/07/15 14:46:47.0984 3752 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/07/15 14:46:48.0015 3752 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/07/15 14:46:48.0078 3752 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/07/15 14:46:48.0187 3752 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/07/15 14:46:48.0296 3752 MRxSmb (8dd801e28eb76fda2a38907882a0036f) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/07/15 14:46:48.0375 3752 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/07/15 14:46:48.0468 3752 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/07/15 14:46:48.0500 3752 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/07/15 14:46:48.0562 3752 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/07/15 14:46:48.0593 3752 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/07/15 14:46:48.0671 3752 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2011/07/15 14:46:48.0796 3752 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 2011/07/15 14:46:48.0859 3752 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2011/07/15 14:46:48.0953 3752 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/07/15 14:46:49.0015 3752 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2011/07/15 14:46:49.0062 3752 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/07/15 14:46:49.0093 3752 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/07/15 14:46:49.0156 3752 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/07/15 14:46:49.0234 3752 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/07/15 14:46:49.0296 3752 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/07/15 14:46:49.0359 3752 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/07/15 14:46:49.0515 3752 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/07/15 14:46:49.0593 3752 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/07/15 14:46:49.0703 3752 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/07/15 14:46:49.0953 3752 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 2011/07/15 14:46:50.0187 3752 nv4 (4d31783965b0b7ced7db3f4ee14cf260) C:\WINDOWS\system32\DRIVERS\nv4.sys 2011/07/15 14:46:50.0281 3752 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/07/15 14:46:50.0343 3752 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/07/15 14:46:50.0421 3752 OVT511Plus (18c330705fb0f02f18ac5eaee6fa5f2f) C:\WINDOWS\system32\Drivers\omcamvid.sys 2011/07/15 14:46:50.0484 3752 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/07/15 14:46:50.0562 3752 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/07/15 14:46:50.0625 3752 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/07/15 14:46:50.0671 3752 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/07/15 14:46:50.0765 3752 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys 2011/07/15 14:46:50.0828 3752 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/07/15 14:46:51.0234 3752 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/07/15 14:46:51.0281 3752 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys 2011/07/15 14:46:51.0359 3752 pssnap (228e43eed191a2816990b4362aae5726) C:\WINDOWS\system32\DRIVERS\pssnap.sys 2011/07/15 14:46:51.0421 3752 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/07/15 14:46:51.0484 3752 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys 2011/07/15 14:46:51.0765 3752 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/07/15 14:46:51.0828 3752 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/07/15 14:46:51.0875 3752 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/07/15 14:46:51.0921 3752 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/07/15 14:46:51.0984 3752 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/07/15 14:46:52.0046 3752 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/07/15 14:46:52.0109 3752 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2011/07/15 14:46:52.0171 3752 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/07/15 14:46:52.0250 3752 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/07/15 14:46:52.0453 3752 RTL8023xp (6dbd011d47ebd394a5ea7843b8afa7ea) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 2011/07/15 14:46:52.0531 3752 RTL8187B (60aecd4284317784111716bb88342f46) C:\WINDOWS\system32\DRIVERS\wg111v3.sys 2011/07/15 14:46:52.0625 3752 s115bus (e1ab463b36a7ef31d8a73a97a9b57afa) C:\WINDOWS\system32\DRIVERS\s115bus.sys 2011/07/15 14:46:52.0687 3752 s115mdfl (e24113fc13b8737c94cf4e3415488c76) C:\WINDOWS\system32\DRIVERS\s115mdfl.sys 2011/07/15 14:46:52.0750 3752 s115mdm (4029e49e7c673aa0670bd206b0af1b5b) C:\WINDOWS\system32\DRIVERS\s115mdm.sys 2011/07/15 14:46:52.0812 3752 s115mgmt (eb02ab4ca8bccecfde236cad8fc6e135) C:\WINDOWS\system32\DRIVERS\s115mgmt.sys 2011/07/15 14:46:52.0875 3752 s115obex (089869db9ffd2ac807fa87fe82ac7761) C:\WINDOWS\system32\DRIVERS\s115obex.sys 2011/07/15 14:46:52.0984 3752 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/07/15 14:46:53.0062 3752 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 2011/07/15 14:46:53.0109 3752 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 2011/07/15 14:46:53.0156 3752 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/07/15 14:46:53.0265 3752 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2011/07/15 14:46:53.0359 3752 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/07/15 14:46:53.0437 3752 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/07/15 14:46:53.0562 3752 Srv (9b390283569ea58d43d2586032b892f5) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/07/15 14:46:53.0687 3752 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 2011/07/15 14:46:53.0765 3752 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2011/07/15 14:46:53.0812 3752 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/07/15 14:46:53.0875 3752 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/07/15 14:46:54.0125 3752 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/07/15 14:46:54.0218 3752 Tcpip (ad978a1b783b5719720cff204b666c8e) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/07/15 14:46:54.0281 3752 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/07/15 14:46:54.0343 3752 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/07/15 14:46:54.0406 3752 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/07/15 14:46:54.0562 3752 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/07/15 14:46:54.0656 3752 UnlockerDriver5 (b2af2ba8a3205a8458b61f638fb431dd) C:\Programme\Unlocker\UnlockerDriver5.sys 2011/07/15 14:46:54.0718 3752 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/07/15 14:46:54.0843 3752 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2011/07/15 14:46:54.0906 3752 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/07/15 14:46:54.0984 3752 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/07/15 14:46:55.0031 3752 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/07/15 14:46:55.0093 3752 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2011/07/15 14:46:55.0187 3752 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/07/15 14:46:55.0234 3752 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/07/15 14:46:55.0296 3752 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/07/15 14:46:55.0359 3752 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 2011/07/15 14:46:55.0437 3752 viaagp1 (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys 2011/07/15 14:46:55.0500 3752 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\drivers\ViaIde.sys 2011/07/15 14:46:55.0562 3752 viamraid (9f3f276c7300ed211129757a411b605f) C:\WINDOWS\system32\DRIVERS\viamraid.sys 2011/07/15 14:46:55.0656 3752 VIAudio (819bf44085104be6527b86a88acf856b) C:\WINDOWS\system32\drivers\ac97via.sys 2011/07/15 14:46:55.0750 3752 videX32 (f95c0fcfbcbda6d8f202d2df4052f88d) C:\WINDOWS\system32\DRIVERS\videX32.sys 2011/07/15 14:46:55.0812 3752 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/07/15 14:46:55.0937 3752 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/07/15 14:46:56.0000 3752 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys 2011/07/15 14:46:56.0078 3752 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys 2011/07/15 14:46:56.0203 3752 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/07/15 14:46:56.0437 3752 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2011/07/15 14:46:56.0515 3752 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/07/15 14:46:56.0578 3752 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/07/15 14:46:56.0687 3752 xfilt (fcbc27869092850cdb75139f3818653a) C:\WINDOWS\system32\DRIVERS\xfilt.sys 2011/07/15 14:46:56.0828 3752 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0 2011/07/15 14:46:56.0875 3752 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1 2011/07/15 14:46:57.0000 3752 Boot (0x1200) (8ecec9636ff24fa1f7ff3414241ebeae) \Device\Harddisk0\DR0\Partition0 2011/07/15 14:46:57.0031 3752 Boot (0x1200) (2ced898cf5f676a988104f0e5cc3494f) \Device\Harddisk0\DR0\Partition1 2011/07/15 14:46:57.0062 3752 Boot (0x1200) (c1790799ce7282f7923f9b5e87e012fc) \Device\Harddisk0\DR0\Partition2 2011/07/15 14:46:57.0109 3752 Boot (0x1200) (0ac08a95bd9e869996dc9866e8562003) \Device\Harddisk0\DR0\Partition3 2011/07/15 14:46:57.0140 3752 Boot (0x1200) (a977b2c9181743c69fdafce9a84869df) \Device\Harddisk0\DR0\Partition4 2011/07/15 14:46:57.0171 3752 Boot (0x1200) (50e0c809fc00234fd483c3ac52c61801) \Device\Harddisk1\DR1\Partition0 2011/07/15 14:46:57.0218 3752 Boot (0x1200) (f8444e4881c1fcbb6fb2ea4e2673a628) \Device\Harddisk1\DR1\Partition1 2011/07/15 14:46:57.0281 3752 Boot (0x1200) (3e46c1a89b22a42689022d9bfce8e88d) \Device\Harddisk1\DR1\Partition2 2011/07/15 14:46:57.0312 3752 ================================================================================ 2011/07/15 14:46:57.0312 3752 Scan finished 2011/07/15 14:46:57.0312 3752 ================================================================================ 2011/07/15 14:46:57.0359 0204 Detected object count: 0 2011/07/15 14:46:57.0359 0204 Actual detected object count: 0 |
Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! |
Hallo Antivir war doch noch aktiv.Soll ich Combofix wiederholen? Hier die TXT. Combofix Logfile: Code: ComboFix 11-07-15.01 - ebi 15.07.2011 16:10:03.1.1 - x86 |
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
|
GMER Logfile: Code: GMER 1.0.15.15641 - hxxp://www.gmer.netCode: Report of OSAM: Autorun Manager v5.0.11926.0If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows XP Professional Windows Information: Service Pack 3 (build 2600) Logical Drives Mask: 0x0000e6f5 Kernel Drivers (total 126): 0x804D7000 \WINDOWS\system32\ntkrnlpa.exe 0x806D1000 \WINDOWS\system32\hal.dll 0xF7B10000 \WINDOWS\system32\KDCOM.DLL 0xF7A20000 \WINDOWS\system32\BOOTVID.dll 0xF74E0000 ACPI.sys 0xF7B12000 \WINDOWS\system32\DRIVERS\WMILIB.SYS 0xF74CF000 pci.sys 0xF7610000 isapnp.sys 0xF7BD8000 PCIIde.sys 0xF7890000 \WINDOWS\System32\Drivers\PCIIDEX.SYS 0xF7B14000 ViaIde.sys 0xF7620000 MountMgr.sys 0xF74B0000 ftdisk.sys 0xF7B16000 dmload.sys 0xF748A000 dmio.sys 0xF7898000 videX32.sys 0xF78A0000 PartMgr.sys 0xF7630000 VolSnap.sys 0xF7472000 atapi.sys 0xF7459000 viamraid.sys 0xF7441000 \WINDOWS\System32\DRIVERS\SCSIPORT.SYS 0xF7640000 disk.sys 0xF7650000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS 0xF7421000 fltmgr.sys 0xF740F000 sr.sys 0xF78A8000 xfilt.sys 0xF7660000 PxHelp20.sys 0xF73F8000 KSecDD.sys 0xF736B000 Ntfs.sys 0xF733E000 NDIS.sys 0xF7670000 viaagp.sys 0xF78B0000 viaagp1.sys 0xF78B8000 pssnap.sys 0xF7324000 Mup.sys 0xF76A0000 \SystemRoot\System32\DRIVERS\AmdK8.sys 0xF6C9B000 \SystemRoot\system32\DRIVERS\nv4_mini.sys 0xF6C87000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS 0xF6C1A000 \SystemRoot\system32\DRIVERS\fpcibase.sys 0xF6C06000 \SystemRoot\System32\DRIVERS\Rtnicxp.sys 0xF76B0000 \SystemRoot\system32\DRIVERS\imapi.sys 0xF76C0000 \SystemRoot\system32\DRIVERS\cdrom.sys 0xF76D0000 \SystemRoot\system32\DRIVERS\redbook.sys 0xF6BE3000 \SystemRoot\system32\DRIVERS\ks.sys 0xF78F8000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0xF6BBF000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0xF7900000 \SystemRoot\system32\DRIVERS\usbehci.sys 0xF67E8000 \SystemRoot\system32\drivers\ALCXWDM.SYS 0xF67C4000 \SystemRoot\system32\drivers\portcls.sys 0xF76E0000 \SystemRoot\system32\drivers\drmk.sys 0xF7918000 \SystemRoot\system32\DRIVERS\fdc.sys 0xF67B0000 \SystemRoot\system32\DRIVERS\parport.sys 0xF76F0000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0xF7930000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0xF7700000 \SystemRoot\system32\DRIVERS\avmwan.sys 0xF7D44000 \SystemRoot\system32\DRIVERS\audstub.sys 0xF7710000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0xF7AC4000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0xF6799000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0xF7720000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0xF7730000 \SystemRoot\system32\DRIVERS\raspptp.sys 0xF7950000 \SystemRoot\system32\DRIVERS\TDI.SYS 0xF7960000 \SystemRoot\system32\DRIVERS\ptilink.sys 0xF7970000 \SystemRoot\system32\DRIVERS\raspti.sys 0xF6769000 \SystemRoot\system32\DRIVERS\rdpdr.sys 0xF7740000 \SystemRoot\system32\DRIVERS\termdd.sys 0xF7980000 \SystemRoot\system32\DRIVERS\mouclass.sys 0xF7B1E000 \SystemRoot\system32\DRIVERS\swenum.sys 0xF670B000 \SystemRoot\system32\DRIVERS\update.sys 0xF7AE4000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0xF7750000 \SystemRoot\System32\Drivers\NDProxy.SYS 0xF7760000 \SystemRoot\system32\DRIVERS\usbhub.sys 0xF7B22000 \SystemRoot\system32\DRIVERS\USBD.SYS 0xF79A0000 \SystemRoot\system32\DRIVERS\flpydisk.sys 0xF7B26000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0xF7C03000 \SystemRoot\System32\Drivers\Null.SYS 0xF7B2A000 \SystemRoot\System32\Drivers\Beep.SYS 0xF79B8000 \SystemRoot\System32\drivers\vga.sys 0xF7B2E000 \SystemRoot\System32\Drivers\mnmdd.SYS 0xF7B32000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0xF79C8000 \SystemRoot\System32\Drivers\Msfs.SYS 0xF79D8000 \SystemRoot\System32\Drivers\Npfs.SYS 0xF72DC000 \SystemRoot\system32\DRIVERS\rasacd.sys 0xF44E6000 \SystemRoot\system32\DRIVERS\ipsec.sys 0xF448D000 \SystemRoot\system32\DRIVERS\tcpip.sys 0xF4465000 \SystemRoot\system32\DRIVERS\netbt.sys 0xF443F000 \SystemRoot\system32\DRIVERS\ipnat.sys 0xF7780000 \SystemRoot\system32\DRIVERS\wanarp.sys 0xF43F5000 \SystemRoot\System32\drivers\afd.sys 0xF7790000 \SystemRoot\system32\DRIVERS\netbios.sys 0xF79F0000 \SystemRoot\system32\DRIVERS\ssmdrv.sys 0xF43CA000 \SystemRoot\system32\DRIVERS\rdbss.sys 0xF435A000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xF77D0000 \SystemRoot\System32\Drivers\Fips.SYS 0xF4333000 \SystemRoot\system32\DRIVERS\avipbb.sys 0xF66FF000 \SystemRoot\system32\DRIVERS\hidusb.sys 0xF77E0000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0xF7A10000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0xF7B3A000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys 0xF66F7000 \SystemRoot\System32\DRIVERS\mouhid.sys 0xF42E7000 \SystemRoot\System32\Drivers\Fastfat.SYS 0xF42CF000 \SystemRoot\System32\Drivers\dump_atapi.sys 0xF7B3E000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS 0xBF800000 \SystemRoot\System32\win32k.sys 0xF451D000 \SystemRoot\System32\drivers\Dxapi.sys 0xF7910000 \SystemRoot\System32\watchdog.sys 0xBF000000 \SystemRoot\System32\drivers\dxg.sys 0xF7C3C000 \SystemRoot\System32\drivers\dxgthk.sys 0xBF012000 \SystemRoot\System32\nv4_disp.dll 0xBA6D1000 \SystemRoot\system32\DRIVERS\avgntflt.sys 0xBA758000 \??\C:\WINDOWS\system32\drivers\mbam.sys 0xF7920000 \SystemRoot\system32\DRIVERS\AegisP.sys 0xF7860000 \SystemRoot\system32\DRIVERS\EAPPkt.sys 0xBA6F8000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0xBA3AC000 \SystemRoot\system32\DRIVERS\mrxdav.sys 0xBA36F000 \SystemRoot\system32\drivers\wdmaud.sys 0xBA7C0000 \SystemRoot\system32\drivers\sysaudio.sys 0xF7B48000 \SystemRoot\System32\Drivers\ParVdm.SYS 0xBA0BF000 \SystemRoot\System32\Drivers\Cdfs.SYS 0xB9F44000 \SystemRoot\System32\DRIVERS\atksgt.sys 0xF7988000 \SystemRoot\System32\DRIVERS\lirsgt.sys 0xB9E24000 \SystemRoot\System32\DRIVERS\srv.sys 0xB99D3000 \SystemRoot\System32\Drivers\HTTP.sys 0xF7B66000 \SystemRoot\System32\Drivers\hiber_WMILIB.SYS 0xB615D000 \??\C:\DOKUME~1\ebi\LOKALE~1\Temp\uxtdapow.sys 0xB6132000 \SystemRoot\system32\drivers\kmixer.sys 0x7C910000 \WINDOWS\system32\ntdll.dll Processes (total 39): 0 System Idle Process 4 System 392 C:\WINDOWS\system32\smss.exe 448 csrss.exe 472 C:\WINDOWS\system32\winlogon.exe 516 C:\WINDOWS\system32\services.exe 536 C:\WINDOWS\system32\lsass.exe 704 C:\WINDOWS\system32\ati2evxx.exe 724 C:\WINDOWS\system32\svchost.exe 780 svchost.exe 848 C:\WINDOWS\system32\svchost.exe 952 svchost.exe 972 C:\WINDOWS\system32\ati2evxx.exe 1060 svchost.exe 1188 C:\WINDOWS\system32\spoolsv.exe 1224 C:\Programme\Avira\AntiVir Desktop\sched.exe 1292 svchost.exe 1520 C:\WINDOWS\explorer.exe 1644 C:\WINDOWS\system32\netdde.exe 1700 C:\Programme\FreePDF_XP\fpassist.exe 1716 C:\WINDOWS\soundman.exe 1744 C:\WINDOWS\system32\rundll32.exe 1768 C:\Programme\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_monitor.exe 1764 C:\Programme\Avira\AntiVir Desktop\avguard.exe 1896 C:\Programme\Java\jre6\bin\jqs.exe 1912 C:\Programme\Avira\AntiVir Desktop\avgnt.exe 1952 C:\Programme\Avira\AntiVir Desktop\avshadow.exe 1980 C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe 132 C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe 232 C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe 408 C:\Programme\Microsoft SQL Server\MSSQL$EAZYSALES\Binn\sqlservr.exe 824 C:\WINDOWS\system32\nvsvc32.exe 876 C:\Programme\Macrium\Reflect\ReflectService.exe 940 C:\WINDOWS\system32\svchost.exe 2364 C:\WINDOWS\system32\wbem\wmiapsrv.exe 2644 alg.exe 776 C:\Programme\Mozilla Firefox\firefox.exe 3468 C:\WINDOWS\system32\wuauclt.exe 1908 C:\Dokumente und Einstellungen\ebi\Eigene Dateien\Downloads\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS) \\.\E: --> \\.\PhysicalDrive1 at offset 0x0000000e`8a955000 (FAT32) \\.\F: --> \\.\PhysicalDrive1 at offset 0x0000001d`018dd200 (FAT32) \\.\J: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS) \\.\K: --> \\.\PhysicalDrive0 at offset 0x00000008`8b9ea000 (NTFS) \\.\N: --> \\.\PhysicalDrive0 at offset 0x00000011`173d4000 (NTFS) \\.\O: --> \\.\PhysicalDrive0 at offset 0x00000039`5f2f3e00 (NTFS) \\.\P: --> \\.\PhysicalDrive0 at offset 0x00000065`5134de00 (NTFS) PhysicalDrive1 Model Number: Maxtor6Y160P0, Rev: YAR41BW0 PhysicalDrive0 Model Number: SAMSUNGHD642JJ, Rev: 1AA01113 Size Device Name MBR Status -------------------------------------------- 152 GB \\.\PhysicalDrive1 Windows XP MBR code detected SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11 596 GB \\.\PhysicalDrive0 Windows XP MBR code detected SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11 Done! |
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
|
Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Datenbank Version: 7190 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 18.07.2011 16:32:43 mbam-log-2011-07-18 (16-32-43).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|J:\|K:\|N:\|O:\|P:\|) Durchsuchte Objekte: 344420 Laufzeit: 25 Minute(n), 52 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) -------------------------------------------------------------------------- SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 07/18/2011 at 09:42 PM Application Version : 4.55.1000 Core Rules Database Version : 7421 Trace Rules Database Version: 5233 Scan type : Complete Scan Total Scan Time : 02:01:24 Memory items scanned : 524 Memory threats detected : 0 Registry items scanned : 9235 Registry threats detected : 0 File items scanned : 151347 File threats detected : 39 Adware.Tracking Cookie C:\Dokumente und Einstellungen\ebi\Cookies\ebi@ad.yieldmanager[2].txt C:\Dokumente und Einstellungen\ebi\Cookies\ebi@content.yieldmanager[1].txt C:\Dokumente und Einstellungen\ebi\Cookies\ebi@webmasterplan[2].txt C:\Dokumente und Einstellungen\ebi\Cookies\ebi@advertising[1].txt C:\Dokumente und Einstellungen\ebi\Cookies\ebi@atdmt[2].txt C:\Dokumente und Einstellungen\ebi\Cookies\ebi@doubleclick[2].txt C:\Dokumente und Einstellungen\ebi\Cookies\ebi@serving-sys[2].txt C:\Dokumente und Einstellungen\ebi\Cookies\ebi@de.at.atwola[1].txt C:\Dokumente und Einstellungen\ebi\Cookies\ebi@smartadserver[1].txt C:\Dokumente und Einstellungen\ebi\Cookies\ebi@adx.chip[1].txt adserver.new-directions.de [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] aka-cdn-ns.adtech.de [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] beta.naked.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] cdn1.eyewonder.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] cdn4.specificclick.net [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] cdn5.specificclick.net [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] content.oddcast.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] fuckedhard18.net [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] m.de.2mdn.net [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] media.mtvnservices.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] media.scanscout.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] media.y8.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] pornoprinzen.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] s0.2mdn.net [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] secure-us.imrworldwide.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] spe.atdmt.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] static.xxxmatch.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] track.webgains.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] vidii.hardsextube.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] www.3d-sexgames.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] www.alphaporno.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] www.euros4click.de [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] www.naiadsystems.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] www.porncor.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] www.pornerbros.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] www.pornhub.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] www.pornstarnetwork.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] www.sexkiste.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] xvideos.pornstarnetwork.com [ C:\Dokumente und Einstellungen\ebi\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\XQLYDZW5 ] |
Was ist mit ESET? |
ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=5c3d2d1c650b664db4db5fa0be569fe4 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-07-19 09:22:32 # local_time=2011-07-19 11:22:32 (+0100, Westeuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=crash # scanned=152505 # found=2 # cleaned=0 # scan_time=8186 N:\Progs\internet\CryptLoad_1.1.3.rar multiple threats (unable to clean) 00000000000000000000000000000000 I N:\Progs\text bild ton\audiograbbersetup183se.exe a variant of Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I |
SInd zwei "hysterische" Funde wenn ich das richtig seh. ESET meldet in vielen Setups sowas wie zB Adware, weil die Installer oft Toolbars mitbringen. Rechner ansonsten wieder im Lot? |
Soll ich nun den ganzen schrott den eset und SAS gefunden hat noch entfernen?? |
Ja kann ruhig weg. Ist der Rechner denn jetzt wieder ok oder nicht? |
Will noch mal AntiVir durch laufen lassen und den schrott beseitigen. Antivir ist nicht über 6% gekommen obwohl er Stundenlang gescannt hat. Ansonsten alles bestens. :applaus::applaus: |
Überleg dir gut, ob du in Zukunft weiterhin bei AntiVir bleiben willst. Die haben eine sehr fragwürdige Entscheidung getroffen, was nicht gerade seriös wirkt => http://www.trojaner-board.de/100374-...e-und-ask.html Dann wären wir durch! :abklatsch: Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink: Mozilla und andere Browser => http://filepony.de/?q=Flash+Player Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es. |
Danke nochmals für die Hilfe. Habe die angegebenen Schritte ausgeführt und auch von AntiVir zu Avast gewechselt. Etwas aufdringlich nach dem ersten Eindruck aber ok :) Was mir noch so aufgefallen ist: Re-Enable mit Defogger funktionierte nicht. Als Fehlermeldung kam, dass ein Schreibzugriff verweigert wurde. Habe einfach Daemon-Tools neu installiert - funktioniert soweit. Die WiseCleaner Toolbar ist immernoch in der Systemsteuerung unter Software zu finden. War das so geplant? Das System ist trotzdem merkbar schneller. Also, falls die beiden Anmerkungen nicht kritisch sind nochmals danke für die engagierte Hilfe. |
Zitat:
|
Nein ! Wisekleaner Toolbar lässt sich nicht entfernen. Beim deinstalieren erscheint die Ask Toolbar mit der Meldung: Schließen sie alle offenen Internetexplower Fenster. Beim klik auf OK erscheint das Fenster immer und immer wieder. Bei klick auf abbrechen erscheint ein Fenster Software und die Meldung: Schwerwiegender Fehler bei der Installation. ????? |
Probier es hiermit => http://filepony.de/download-revo_uninstaller/ |
Hat priema geklappt, ASK Toolbar endlich weg. Nochmals danke für die gute Arbeit und schönes WE. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 03:32 Uhr. |
Copyright ©2000-2025, Trojaner-Board
