Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Rechner startet nicht, weil er die dwlgina3.dll datei nicht findet (https://www.trojaner-board.de/107995-rechner-startet-weil-dwlgina3-dll-datei-findet.html)

Yuna_84 23.01.2012 12:43
das müsste das hier sein..

Code:
OTL logfile created on: 21.01.2012 13:43:50 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Dokumente und Einstellungen\Wuddelchen\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,75 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 85,59% Memory free
4,59 Gb Paging File | 4,27 Gb Available in Paging File | 93,08% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 53,71 Gb Total Space | 37,08 Gb Free Space | 69,02% Space Free | Partition Type: NTFS
Drive D: | 39,07 Gb Total Space | 38,13 Gb Free Space | 97,59% Space Free | Partition Type: NTFS
Drive E: | 126,96 Gb Total Space | 107,13 Gb Free Space | 84,38% Space Free | Partition Type: NTFS
Drive F: | 48,83 Gb Total Space | 47,18 Gb Free Space | 96,61% Space Free | Partition Type: NTFS
Drive G: | 14,65 Gb Total Space | 14,57 Gb Free Space | 99,41% Space Free | Partition Type: NTFS
Drive H: | 14,85 Gb Total Space | 5,52 Gb Free Space | 37,14% Space Free | Partition Type: NTFS
 
Computer Name: WUDDEL | User Name: Wuddelchen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.21 13:40:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL.exe
PRC - [2011.07.03 09:54:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.08 11:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.03.28 15:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.05 18:04:58 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.03.02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.06.17 14:27:02 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.04.14 03:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011.07.03 09:54:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.02.18 16:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.03 09:54:56 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.03 09:54:56 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.06.16 19:26:16 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011.06.16 19:26:16 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.05.13 09:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.01.16 15:55:22 | 000,687,232 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Bigpoint Games DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2843456&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Bigpoint Games DE Customized Web Search"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.3.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {0e3dbc69-a682-48da-84e1-82c63a5d678e}:3.8.0.8
FF - prefs.js..extensions.enabledItems: gencrawler@some.com:2.0
FF - prefs.js..extensions.enabledItems: rubyformatters@seleniumhq.org:1.4.1
FF - prefs.js..extensions.enabledItems: javaformatters@seleniumhq.org:1.4.1
FF - prefs.js..extensions.enabledItems: {a6fd85ed-e919-4a43-a5af-8da18bda539f}:1.4.1
FF - prefs.js..extensions.enabledItems: pythonformatters@seleniumhq.org:1.4.1
FF - prefs.js..extensions.enabledItems: csharpformatters@seleniumhq.org:1.4.1
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Bearbeitungprogramme\PDF\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: d:\Browser\Mozilla Firefox\components [2011.12.03 14:27:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: d:\Browser\Mozilla Firefox\plugins [2011.12.03 14:27:00 | 000,000,000 | ---D | M]
 
[2011.05.02 21:36:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Extensions
[2012.01.10 10:48:10 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions
[2012.01.10 10:48:10 | 000,000,000 | ---D | M] (Bigpoint Games DE Community Toolbar) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}
[2011.12.30 11:51:37 | 000,000,000 | ---D | M] (Selenium IDE) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}
[2011.07.27 11:17:48 | 000,000,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\searchplugins\conduit.xml
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WUDDELCHEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\N88QGLEF.DEFAULT\EXTENSIONS\CSHARPFORMATTERS@SELENIUMHQ.ORG.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WUDDELCHEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\N88QGLEF.DEFAULT\EXTENSIONS\JAVAFORMATTERS@SELENIUMHQ.ORG.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WUDDELCHEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\N88QGLEF.DEFAULT\EXTENSIONS\PYTHONFORMATTERS@SELENIUMHQ.ORG.XPI
[2011.05.09 20:26:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.16 09:45:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
 
O1 HOSTS File: ([2012.01.15 17:54:09 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [EA Core] C:\Programme\Electronic Arts\EADM\Core.exe (Electronic Arts)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download with &Media Finder - C:\Programme\Media Finder\hook.html File not found
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\ICQ_7.5\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\ICQ_7.5\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E96E120-CD1F-45D8-A090-1552CD95DD02}: NameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
 
SafeBootMin: AppMgmt -  File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt -  File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm -  File not found
SafeBootNet: nm.sys -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - i420vfw.dll File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - yv12vfw.dll File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.21 13:41:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL.exe
[2012.01.18 12:38:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\PixelPlanet
[2012.01.18 12:36:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Eigene Dateien\PdfGrabber
[2012.01.18 12:35:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PixelPlanet
[2012.01.18 12:35:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Startmenü\Programme\PixelPlanet
[2012.01.18 12:35:12 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\XpressUpdate
[2012.01.18 12:34:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\Downloaded Installations
[2012.01.18 12:12:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Free PDF to Word Doc Converter
[2012.01.15 20:02:44 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.01.15 19:21:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Malwarebytes
[2012.01.15 19:21:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.01.15 19:21:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.01.15 19:21:25 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.01.15 18:36:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2012.01.15 18:36:02 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2012.01.15 17:49:09 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012.01.15 17:49:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.12 11:13:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Eigene Dateien\Electronic Arts
[2012.01.11 12:29:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011.12.30 14:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData
[2011.12.30 14:05:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.12.30 13:56:46 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts
[2011.12.30 13:50:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft WSE
[2011.12.30 13:50:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011.12.30 13:50:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Electronic Arts
[2003.03.14 08:33:40 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.21 13:40:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL.exe
[2012.01.21 13:34:16 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.21 13:33:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.18 12:35:17 | 000,001,897 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\PdfGrabber 7.0.lnk
[2012.01.18 12:12:48 | 000,000,620 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\Free PDF to Word Doc Converter.lnk
[2012.01.15 19:21:29 | 000,000,694 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.15 17:54:09 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.01.11 17:22:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.01.11 17:20:13 | 000,448,824 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.01.11 17:20:13 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.11 17:20:13 | 000,080,520 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.01.11 17:20:13 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.30 14:48:55 | 000,001,829 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Lebensfreude.lnk
[2011.12.30 14:17:51 | 000,000,613 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2011.12.30 13:56:50 | 000,000,763 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EA Download Manager.lnk
[2011.12.30 13:50:02 | 000,000,449 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die*Sims™*3.lnk
[2011.12.30 13:23:27 | 000,165,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.18 12:35:17 | 000,001,897 | ---- | C] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\PdfGrabber 7.0.lnk
[2012.01.18 12:12:48 | 000,000,620 | ---- | C] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\Free PDF to Word Doc Converter.lnk
[2012.01.15 19:21:29 | 000,000,694 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011.12.30 14:48:55 | 000,001,829 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Lebensfreude.lnk
[2011.12.30 14:17:51 | 000,000,613 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2011.12.30 13:56:50 | 000,000,769 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EA Download Manager.lnk
[2011.12.30 13:56:50 | 000,000,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EA Download Manager.lnk
[2011.12.30 13:50:02 | 000,000,449 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die*Sims™*3.lnk
[2011.07.19 11:51:39 | 000,000,750 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2011.07.19 11:51:02 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2011.05.10 10:51:38 | 000,013,824 | ---- | C] () -- C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.02 21:36:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.05.02 19:55:32 | 000,259,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.05.02 19:55:32 | 000,259,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.05.02 19:55:32 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.05.02 19:55:25 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011.05.02 09:35:00 | 000,045,359 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2011.05.02 09:35:00 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2011.05.02 09:24:56 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011.05.02 09:04:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.05.02 08:59:40 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.05.02 08:53:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.05.02 08:51:57 | 000,165,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.04.27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2004.08.04 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.04 13:00:00 | 000,448,824 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.08.04 13:00:00 | 000,432,784 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.04 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.08.04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.04 13:00:00 | 000,080,520 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.08.04 13:00:00 | 000,067,740 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.04 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.08.04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.04 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.04 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003.11.17 08:33:40 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2003.10.02 17:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2003.03.21 16:56:12 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
 
========== LOP Check ==========
 
[2011.07.30 21:12:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alawar
[2011.07.30 22:18:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2011.07.03 15:28:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011.12.30 14:05:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.05.03 09:06:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2011.10.24 08:25:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intenium
[2011.07.05 11:47:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2011.07.23 16:37:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Merscom
[2012.01.18 12:35:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PixelPlanet
[2011.07.23 22:52:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rumbic Studio
[2011.10.24 08:26:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sandlot Games
[2011.07.30 21:12:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Alawar
[2012.01.18 12:30:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Canon
[2011.07.22 14:21:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoft
[2011.07.22 14:21:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.10.04 21:43:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Friday's games
[2011.12.04 03:35:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\gtk-2.0
[2012.01.18 14:17:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\ICQ
[2011.07.05 11:47:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\MAGIX
[2011.07.23 16:37:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Merscom
[2011.05.09 20:28:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\OpenOffice.org
[2012.01.18 12:38:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\PixelPlanet
[2011.07.23 21:12:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\YoudaGames
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.05.04 10:31:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Adobe
[2011.07.30 21:12:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Alawar
[2011.05.02 09:34:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Avira
[2012.01.18 12:30:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Canon
[2011.07.22 14:21:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoft
[2011.07.22 14:21:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.10.04 21:43:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Friday's games
[2011.12.04 03:35:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\gtk-2.0
[2012.01.18 14:17:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\ICQ
[2011.05.02 09:08:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Identities
[2011.05.02 21:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Macromedia
[2011.07.05 11:47:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\MAGIX
[2012.01.15 19:21:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Malwarebytes
[2011.07.23 16:37:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Merscom
[2011.12.30 13:50:32 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft
[2011.05.02 21:36:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla
[2011.05.09 20:28:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\OpenOffice.org
[2012.01.18 12:38:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\PixelPlanet
[2011.05.23 11:21:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Real
[2011.05.09 20:26:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Sun
[2011.05.24 12:18:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\WinRAR
[2011.07.23 21:12:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\YoudaGames
 
< %APPDATA%\*.exe /s >
[2012.01.18 12:35:18 | 000,149,520 | R--- | M] (Flexera Software, Inc.) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{01517A48-9217-431B-821C-F89F53918E3D}\ARPPRODUCTICON.exe
[2012.01.18 12:35:18 | 000,149,520 | R--- | M] (Flexera Software, Inc.) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{01517A48-9217-431B-821C-F89F53918E3D}\NewShortcut11_1B47E40F0FE04A059EF1DDA8922D0BA2.exe
[2012.01.18 12:35:18 | 000,149,520 | R--- | M] (Flexera Software, Inc.) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{01517A48-9217-431B-821C-F89F53918E3D}\NewShortcut1_367DA4EF0C9243128CC33655B17DC263.exe
[2012.01.18 12:35:18 | 000,067,600 | R--- | M] (Flexera Software, Inc.) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{01517A48-9217-431B-821C-F89F53918E3D}\NewShortcut2_DD172C74541145868246ADE181F1051F.exe
[2011.12.30 13:50:32 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
[2011.07.13 03:55:05 | 002,237,440 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
 
 
< MD5 for: AGP440.SYS  >
[2004.08.04 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.05.05 12:21:48 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.05.05 12:21:48 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.05.05 12:21:48 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.05.05 12:21:48 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 13:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2004.08.04 13:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2011.05.02 09:50:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.05.02 09:50:12 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.05.02 09:50:12 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
<          >

< End of report >

cosinus 23.01.2012 13:27
Zitat:
"ZoneAlarm" = ZoneAlarm
Sry das Teil seh ich jetzt auch erst :o
ZoneAlarm ist kontraproduktiver Müll, bitte umgehend deinstallieren und die Windows-Firewall einschalten!
Mach danach bitte wieder ein neues OTL-Log (CustomScan)

Yuna_84 23.01.2012 13:42
hm.. ok.. dachte immer zonealarm wäre ok.. gibt es denn überhaupt vernünftige programme?

cosinus 23.01.2012 13:45
Windows-Firewall verwenden. Das im Zusammenhang mit einem Router ist die beste/sinnvollste Absicherung für Heimrechner. So ein Gedöns wie ZoneAlarm oder so ist Quatsch.

Yuna_84 23.01.2012 13:55
Code:
OTL logfile created on: 23.01.2012 13:49:42 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Dokumente und Einstellungen\Wuddelchen\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,75 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 84,57% Memory free
4,59 Gb Paging File | 4,29 Gb Available in Paging File | 93,39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 53,71 Gb Total Space | 39,18 Gb Free Space | 72,93% Space Free | Partition Type: NTFS
Drive D: | 39,07 Gb Total Space | 38,12 Gb Free Space | 97,58% Space Free | Partition Type: NTFS
Drive E: | 126,96 Gb Total Space | 107,07 Gb Free Space | 84,34% Space Free | Partition Type: NTFS
Drive F: | 48,83 Gb Total Space | 47,18 Gb Free Space | 96,61% Space Free | Partition Type: NTFS
Drive G: | 14,65 Gb Total Space | 14,57 Gb Free Space | 99,41% Space Free | Partition Type: NTFS
Drive H: | 14,85 Gb Total Space | 5,52 Gb Free Space | 37,14% Space Free | Partition Type: NTFS
 
Computer Name: WUDDEL | User Name: Wuddelchen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.21 13:40:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL.exe
PRC - [2011.07.03 09:54:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.08 11:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.03.28 15:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.03.02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.06.17 14:27:02 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011.07.03 09:54:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.03 09:54:56 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.03 09:54:56 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.06.16 19:26:16 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011.06.16 19:26:16 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.01.16 15:55:22 | 000,687,232 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Bigpoint Games DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2843456&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Bigpoint Games DE Customized Web Search"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.3.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {0e3dbc69-a682-48da-84e1-82c63a5d678e}:3.8.0.8
FF - prefs.js..extensions.enabledItems: gencrawler@some.com:2.0
FF - prefs.js..extensions.enabledItems: rubyformatters@seleniumhq.org:1.4.1
FF - prefs.js..extensions.enabledItems: javaformatters@seleniumhq.org:1.4.1
FF - prefs.js..extensions.enabledItems: {a6fd85ed-e919-4a43-a5af-8da18bda539f}:1.4.1
FF - prefs.js..extensions.enabledItems: pythonformatters@seleniumhq.org:1.4.1
FF - prefs.js..extensions.enabledItems: csharpformatters@seleniumhq.org:1.4.1
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Bearbeitungprogramme\PDF\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: d:\Browser\Mozilla Firefox\components [2011.12.03 14:27:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: d:\Browser\Mozilla Firefox\plugins [2011.12.03 14:27:00 | 000,000,000 | ---D | M]
 
[2011.05.02 21:36:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Extensions
[2012.01.10 10:48:10 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions
[2012.01.10 10:48:10 | 000,000,000 | ---D | M] (Bigpoint Games DE Community Toolbar) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}
[2011.12.30 11:51:37 | 000,000,000 | ---D | M] (Selenium IDE) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}
[2011.07.27 11:17:48 | 000,000,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\searchplugins\conduit.xml
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WUDDELCHEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\N88QGLEF.DEFAULT\EXTENSIONS\CSHARPFORMATTERS@SELENIUMHQ.ORG.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WUDDELCHEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\N88QGLEF.DEFAULT\EXTENSIONS\JAVAFORMATTERS@SELENIUMHQ.ORG.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WUDDELCHEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\N88QGLEF.DEFAULT\EXTENSIONS\PYTHONFORMATTERS@SELENIUMHQ.ORG.XPI
[2011.05.09 20:26:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.16 09:45:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
 
O1 HOSTS File: ([2012.01.15 17:54:09 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [EA Core] C:\Programme\Electronic Arts\EADM\Core.exe (Electronic Arts)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download with &Media Finder - C:\Programme\Media Finder\hook.html File not found
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\ICQ_7.5\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\ICQ_7.5\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E96E120-CD1F-45D8-A090-1552CD95DD02}: NameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.23 13:46:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2012.01.23 13:44:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Application Data
[2012.01.21 13:41:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL.exe
[2012.01.18 12:38:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\PixelPlanet
[2012.01.18 12:36:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Eigene Dateien\PdfGrabber
[2012.01.18 12:35:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PixelPlanet
[2012.01.18 12:35:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Startmenü\Programme\PixelPlanet
[2012.01.18 12:35:12 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\XpressUpdate
[2012.01.18 12:34:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\Downloaded Installations
[2012.01.18 12:12:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Free PDF to Word Doc Converter
[2012.01.15 20:02:44 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.01.15 19:21:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Malwarebytes
[2012.01.15 19:21:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.01.15 19:21:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.01.15 19:21:25 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.01.15 18:36:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2012.01.15 18:36:02 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2012.01.15 17:49:09 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012.01.15 17:49:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.12 11:13:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Eigene Dateien\Electronic Arts
[2012.01.11 12:29:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011.12.30 14:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData
[2011.12.30 14:05:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.12.30 13:56:46 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts
[2011.12.30 13:50:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft WSE
[2011.12.30 13:50:09 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2011.12.30 13:50:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011.12.30 13:50:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Electronic Arts
[2003.03.14 08:33:40 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.23 13:45:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.23 11:45:11 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.21 13:40:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL.exe
[2012.01.18 12:35:17 | 000,001,897 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\PdfGrabber 7.0.lnk
[2012.01.18 12:12:48 | 000,000,620 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\Free PDF to Word Doc Converter.lnk
[2012.01.15 19:21:29 | 000,000,694 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.15 17:54:09 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.01.11 17:22:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.01.11 17:20:13 | 000,448,824 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.01.11 17:20:13 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.11 17:20:13 | 000,080,520 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.01.11 17:20:13 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.30 14:48:55 | 000,001,829 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Lebensfreude.lnk
[2011.12.30 14:17:51 | 000,000,613 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2011.12.30 13:56:50 | 000,000,763 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EA Download Manager.lnk
[2011.12.30 13:50:02 | 000,000,449 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die*Sims™*3.lnk
[2011.12.30 13:23:27 | 000,165,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.18 12:35:17 | 000,001,897 | ---- | C] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\PdfGrabber 7.0.lnk
[2012.01.18 12:12:48 | 000,000,620 | ---- | C] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\Free PDF to Word Doc Converter.lnk
[2012.01.15 19:21:29 | 000,000,694 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011.12.30 14:48:55 | 000,001,829 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Lebensfreude.lnk
[2011.12.30 14:17:51 | 000,000,613 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2011.12.30 13:56:50 | 000,000,769 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EA Download Manager.lnk
[2011.12.30 13:56:50 | 000,000,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EA Download Manager.lnk
[2011.12.30 13:50:02 | 000,000,449 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die*Sims™*3.lnk
[2011.07.19 11:51:39 | 000,000,750 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2011.07.19 11:51:02 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2011.05.10 10:51:38 | 000,013,824 | ---- | C] () -- C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.02 21:36:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.05.02 19:55:32 | 000,259,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.05.02 19:55:32 | 000,259,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.05.02 19:55:32 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.05.02 19:55:25 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011.05.02 09:35:00 | 000,045,359 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2011.05.02 09:35:00 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2011.05.02 09:24:56 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011.05.02 09:04:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.05.02 08:59:40 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.05.02 08:53:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.05.02 08:51:57 | 000,165,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.04.27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2004.08.04 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.04 13:00:00 | 000,448,824 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.08.04 13:00:00 | 000,432,784 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.04 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.08.04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.04 13:00:00 | 000,080,520 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.08.04 13:00:00 | 000,067,740 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.04 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.08.04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.04 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.04 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003.11.17 08:33:40 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2003.10.02 17:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2003.03.21 16:56:12 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI

< End of report >

cosinus 23.01.2012 14:35
Wieso machst du das OTL-Log jetzt anders? Das war kein CustomScan :(

Yuna_84 23.01.2012 14:44
oooh.. sry.. seh ich auch gerade.. *kopfschüttel* ne ne ne..
ich machs heut abend nochmal und poste es dann.. sry nochmal..


wie is das eigendlich mit antivir? is das denn wenigstens ok oder gibt es da was besseres?

Yuna_84 24.01.2012 12:21
so wenn ich es nun endlich richtig gemacht habe.. *überleg* müsste dies nun so richtig sein..

Code:
OTL logfile created on: 24.01.2012 12:13:03 - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Dokumente und Einstellungen\Wuddelchen\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,75 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 86,52% Memory free
4,59 Gb Paging File | 4,29 Gb Available in Paging File | 93,47% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 53,71 Gb Total Space | 39,13 Gb Free Space | 72,85% Space Free | Partition Type: NTFS
Drive D: | 39,07 Gb Total Space | 38,12 Gb Free Space | 97,57% Space Free | Partition Type: NTFS
Drive E: | 126,96 Gb Total Space | 107,07 Gb Free Space | 84,34% Space Free | Partition Type: NTFS
Drive F: | 48,83 Gb Total Space | 47,18 Gb Free Space | 96,61% Space Free | Partition Type: NTFS
Drive G: | 14,65 Gb Total Space | 14,57 Gb Free Space | 99,41% Space Free | Partition Type: NTFS
Drive H: | 14,85 Gb Total Space | 5,52 Gb Free Space | 37,14% Space Free | Partition Type: NTFS
 
Computer Name: WUDDEL | User Name: Wuddelchen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.21 13:40:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL.exe
PRC - [2011.07.03 09:54:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.08 11:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.03.28 15:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.05 18:04:58 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2010.06.17 14:27:02 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011.07.03 09:54:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.03 09:54:56 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.03 09:54:56 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.06.16 19:26:16 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011.06.16 19:26:16 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.01.16 15:55:22 | 000,687,232 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Bigpoint Games DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2843456&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Bigpoint Games DE Customized Web Search"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.6
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.3.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {0e3dbc69-a682-48da-84e1-82c63a5d678e}:3.8.0.8
FF - prefs.js..extensions.enabledItems: gencrawler@some.com:2.0
FF - prefs.js..extensions.enabledItems: rubyformatters@seleniumhq.org:1.4.1
FF - prefs.js..extensions.enabledItems: javaformatters@seleniumhq.org:1.4.1
FF - prefs.js..extensions.enabledItems: {a6fd85ed-e919-4a43-a5af-8da18bda539f}:1.4.1
FF - prefs.js..extensions.enabledItems: pythonformatters@seleniumhq.org:1.4.1
FF - prefs.js..extensions.enabledItems: csharpformatters@seleniumhq.org:1.4.1
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Bearbeitungprogramme\PDF\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: d:\Browser\Mozilla Firefox\components [2011.12.03 14:27:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: d:\Browser\Mozilla Firefox\plugins [2011.12.03 14:27:00 | 000,000,000 | ---D | M]
 
[2011.05.02 21:36:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Extensions
[2012.01.10 10:48:10 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions
[2012.01.10 10:48:10 | 000,000,000 | ---D | M] (Bigpoint Games DE Community Toolbar) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}
[2011.12.30 11:51:37 | 000,000,000 | ---D | M] (Selenium IDE) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}
[2011.07.27 11:17:48 | 000,000,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\searchplugins\conduit.xml
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WUDDELCHEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\N88QGLEF.DEFAULT\EXTENSIONS\CSHARPFORMATTERS@SELENIUMHQ.ORG.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WUDDELCHEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\N88QGLEF.DEFAULT\EXTENSIONS\JAVAFORMATTERS@SELENIUMHQ.ORG.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\WUDDELCHEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\N88QGLEF.DEFAULT\EXTENSIONS\PYTHONFORMATTERS@SELENIUMHQ.ORG.XPI
[2011.05.09 20:26:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.16 09:45:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
 
O1 HOSTS File: ([2012.01.15 17:54:09 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [EA Core] C:\Programme\Electronic Arts\EADM\Core.exe (Electronic Arts)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download with &Media Finder - C:\Programme\Media Finder\hook.html File not found
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\ICQ_7.5\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\ICQ_7.5\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E96E120-CD1F-45D8-A090-1552CD95DD02}: NameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
 
SafeBootMin: AppMgmt -  File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt -  File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm -  File not found
SafeBootNet: nm.sys -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - i420vfw.dll File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - yv12vfw.dll File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.24 12:14:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL_Logs
[2012.01.23 13:46:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2012.01.23 13:44:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Application Data
[2012.01.21 13:41:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL.exe
[2012.01.18 12:38:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\PixelPlanet
[2012.01.18 12:36:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Eigene Dateien\PdfGrabber
[2012.01.18 12:35:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PixelPlanet
[2012.01.18 12:35:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Startmenü\Programme\PixelPlanet
[2012.01.18 12:35:12 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\XpressUpdate
[2012.01.18 12:34:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\Downloaded Installations
[2012.01.18 12:12:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Free PDF to Word Doc Converter
[2012.01.15 20:02:44 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.01.15 19:21:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Malwarebytes
[2012.01.15 19:21:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.01.15 19:21:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.01.15 19:21:25 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.01.15 18:36:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2012.01.15 18:36:02 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2012.01.15 17:49:09 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012.01.15 17:49:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.12 11:13:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wuddelchen\Eigene Dateien\Electronic Arts
[2012.01.11 12:29:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011.12.30 14:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData
[2011.12.30 14:05:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.12.30 13:56:46 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts
[2011.12.30 13:50:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft WSE
[2011.12.30 13:50:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2011.12.30 13:50:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Electronic Arts
[2003.03.14 08:33:40 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.24 11:35:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.23 11:45:11 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.21 13:40:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\OTL.exe
[2012.01.18 12:35:17 | 000,001,897 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\PdfGrabber 7.0.lnk
[2012.01.18 12:12:48 | 000,000,620 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\Free PDF to Word Doc Converter.lnk
[2012.01.15 19:21:29 | 000,000,694 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.15 17:54:09 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.01.11 17:22:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.01.11 17:20:13 | 000,448,824 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.01.11 17:20:13 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.11 17:20:13 | 000,080,520 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.01.11 17:20:13 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.30 14:48:55 | 000,001,829 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Lebensfreude.lnk
[2011.12.30 14:17:51 | 000,000,613 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2011.12.30 13:56:50 | 000,000,763 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EA Download Manager.lnk
[2011.12.30 13:50:02 | 000,000,449 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die*Sims™*3.lnk
[2011.12.30 13:23:27 | 000,165,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.18 12:35:17 | 000,001,897 | ---- | C] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\PdfGrabber 7.0.lnk
[2012.01.18 12:12:48 | 000,000,620 | ---- | C] () -- C:\Dokumente und Einstellungen\Wuddelchen\Desktop\Free PDF to Word Doc Converter.lnk
[2012.01.15 19:21:29 | 000,000,694 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2011.12.30 14:48:55 | 000,001,829 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Lebensfreude.lnk
[2011.12.30 14:17:51 | 000,000,613 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2011.12.30 13:56:50 | 000,000,769 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EA Download Manager.lnk
[2011.12.30 13:56:50 | 000,000,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EA Download Manager.lnk
[2011.12.30 13:50:02 | 000,000,449 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die*Sims™*3.lnk
[2011.07.19 11:51:39 | 000,000,750 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2011.07.19 11:51:02 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2011.05.10 10:51:38 | 000,013,824 | ---- | C] () -- C:\Dokumente und Einstellungen\Wuddelchen\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.02 21:36:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.05.02 19:55:32 | 000,259,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.05.02 19:55:32 | 000,259,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.05.02 19:55:32 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.05.02 19:55:25 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011.05.02 09:35:00 | 000,045,359 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2011.05.02 09:35:00 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2011.05.02 09:24:56 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011.05.02 09:04:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.05.02 08:59:40 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.05.02 08:53:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.05.02 08:51:57 | 000,165,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.04.27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2004.08.04 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.04 13:00:00 | 000,448,824 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.08.04 13:00:00 | 000,432,784 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.04 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.08.04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.04 13:00:00 | 000,080,520 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.08.04 13:00:00 | 000,067,740 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.04 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.08.04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.04 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.04 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003.11.17 08:33:40 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2003.10.02 17:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2003.03.21 16:56:12 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
 
========== LOP Check ==========
 
[2011.07.30 21:12:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alawar
[2011.07.30 22:18:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Big Fish Games
[2011.07.03 15:28:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011.12.30 14:05:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2011.05.03 09:06:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2011.10.24 08:25:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intenium
[2011.07.05 11:47:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2011.07.23 16:37:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Merscom
[2012.01.18 12:35:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PixelPlanet
[2011.07.23 22:52:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rumbic Studio
[2011.10.24 08:26:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sandlot Games
[2011.07.30 21:12:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Alawar
[2012.01.18 12:30:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Canon
[2011.07.22 14:21:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoft
[2011.07.22 14:21:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.10.04 21:43:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Friday's games
[2011.12.04 03:35:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\gtk-2.0
[2012.01.18 14:17:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\ICQ
[2011.07.05 11:47:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\MAGIX
[2011.07.23 16:37:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Merscom
[2011.05.09 20:28:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\OpenOffice.org
[2012.01.18 12:38:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\PixelPlanet
[2011.07.23 21:12:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\YoudaGames
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.05.04 10:31:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Adobe
[2011.07.30 21:12:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Alawar
[2011.05.02 09:34:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Avira
[2012.01.18 12:30:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Canon
[2011.07.22 14:21:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoft
[2011.07.22 14:21:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.10.04 21:43:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Friday's games
[2011.12.04 03:35:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\gtk-2.0
[2012.01.18 14:17:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\ICQ
[2011.05.02 09:08:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Identities
[2011.05.02 21:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Macromedia
[2011.07.05 11:47:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\MAGIX
[2012.01.15 19:21:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Malwarebytes
[2011.07.23 16:37:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Merscom
[2011.12.30 13:50:32 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft
[2011.05.02 21:36:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla
[2011.05.09 20:28:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\OpenOffice.org
[2012.01.18 12:38:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\PixelPlanet
[2011.05.23 11:21:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Real
[2011.05.09 20:26:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Sun
[2011.05.24 12:18:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\WinRAR
[2011.07.23 21:12:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\YoudaGames
 
< %APPDATA%\*.exe /s >
[2012.01.18 12:35:18 | 000,149,520 | R--- | M] (Flexera Software, Inc.) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{01517A48-9217-431B-821C-F89F53918E3D}\ARPPRODUCTICON.exe
[2012.01.18 12:35:18 | 000,149,520 | R--- | M] (Flexera Software, Inc.) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{01517A48-9217-431B-821C-F89F53918E3D}\NewShortcut11_1B47E40F0FE04A059EF1DDA8922D0BA2.exe
[2012.01.18 12:35:18 | 000,149,520 | R--- | M] (Flexera Software, Inc.) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{01517A48-9217-431B-821C-F89F53918E3D}\NewShortcut1_367DA4EF0C9243128CC33655B17DC263.exe
[2012.01.18 12:35:18 | 000,067,600 | R--- | M] (Flexera Software, Inc.) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{01517A48-9217-431B-821C-F89F53918E3D}\NewShortcut2_DD172C74541145868246ADE181F1051F.exe
[2011.12.30 13:50:32 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
[2011.07.13 03:55:05 | 002,237,440 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
 
 
< MD5 for: AGP440.SYS  >
[2004.08.04 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.05.05 12:21:48 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.05.05 12:21:48 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.05.05 12:21:48 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.05.05 12:21:48 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 13:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2004.08.04 13:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2011.05.02 09:50:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.05.02 09:50:12 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.05.02 09:50:12 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

cosinus 24.01.2012 13:36
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
FF - prefs.js..browser.search.defaultthis.engineName: "Bigpoint Games DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2843456&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Bigpoint Games DE Customized Web Search"
FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties"
[2012.01.10 10:48:10 | 000,000,000 | ---D | M] (Bigpoint Games DE Community Toolbar) -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}
[2011.07.27 11:17:48 | 000,000,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\searchplugins\conduit.xml
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Yuna_84 24.01.2012 13:48
Code:
All processes killed
========== OTL ==========
Prefs.js: "Bigpoint Games DE Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2843456&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Bigpoint Games DE Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "resource:/browserconfig.properties" removed from browser.startup.homepage
C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}\searchplugin folder moved successfully.
C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}\modules folder moved successfully.
C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}\META-INF folder moved successfully.
C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}\components folder moved successfully.
C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e}\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\extensions\{0e3dbc69-a682-48da-84e1-82c63a5d678e} folder moved successfully.
C:\Dokumente und Einstellungen\Wuddelchen\Anwendungsdaten\Mozilla\Firefox\Profiles\n88qglef.default\searchplugins\conduit.xml moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 69783 bytes
 
User: Administrator.WUDDEL
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 69783 bytes
 
User: Administrator.WUDDEL.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 69783 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Wuddelchen
->Temp folder emptied: 1202517125 bytes
->Temporary Internet Files folder emptied: 6430850 bytes
->Java cache emptied: 54191405 bytes
->FireFox cache emptied: 44049885 bytes
->Flash cache emptied: 2929 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134333 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5683645 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1.254,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01242012_134515

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus 24.01.2012 14:15
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Yuna_84 24.01.2012 14:32
Code:
14:29:25.0343 3780        TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
14:29:25.0437 3780        ============================================================
14:29:25.0437 3780        Current date / time: 2012/01/24 14:29:25.0437
14:29:25.0437 3780        SystemInfo:
14:29:25.0437 3780       
14:29:25.0437 3780        OS Version: 5.1.2600 ServicePack: 3.0
14:29:25.0437 3780        Product type: Workstation
14:29:25.0437 3780        ComputerName: WUDDEL
14:29:25.0437 3780        UserName: Wuddelchen
14:29:25.0437 3780        Windows directory: C:\WINDOWS
14:29:25.0437 3780        System windows directory: C:\WINDOWS
14:29:25.0437 3780        Processor architecture: Intel x86
14:29:25.0437 3780        Number of processors: 2
14:29:25.0437 3780        Page size: 0x1000
14:29:25.0437 3780        Boot type: Normal boot
14:29:25.0437 3780        ============================================================
14:29:27.0125 3780        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:29:27.0484 3780        Initialize success
14:30:13.0078 0188        ============================================================
14:30:13.0078 0188        Scan started
14:30:13.0078 0188        Mode: Manual; SigCheck; TDLFS;
14:30:13.0078 0188        ============================================================
14:30:13.0453 0188        Abiosdsk - ok
14:30:13.0468 0188        abp480n5 - ok
14:30:13.0515 0188        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:30:13.0890 0188        ACPI - ok
14:30:13.0984 0188        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:30:14.0109 0188        ACPIEC - ok
14:30:14.0140 0188        adpu160m - ok
14:30:14.0203 0188        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:30:14.0343 0188        aec - ok
14:30:14.0390 0188        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:30:14.0421 0188        AFD - ok
14:30:14.0453 0188        Aha154x - ok
14:30:14.0468 0188        aic78u2 - ok
14:30:14.0500 0188        aic78xx - ok
14:30:14.0531 0188        AliIde - ok
14:30:14.0578 0188        amsint - ok
14:30:14.0609 0188        asc - ok
14:30:14.0640 0188        asc3350p - ok
14:30:14.0671 0188        asc3550 - ok
14:30:14.0703 0188        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:30:14.0843 0188        AsyncMac - ok
14:30:14.0875 0188        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:30:15.0015 0188        atapi - ok
14:30:15.0046 0188        Atdisk - ok
14:30:15.0078 0188        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:30:15.0203 0188        Atmarpc - ok
14:30:15.0265 0188        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:30:15.0406 0188        audstub - ok
14:30:15.0468 0188        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
14:30:15.0484 0188        avgio - ok
14:30:15.0515 0188        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:30:15.0578 0188        avgntflt - ok
14:30:15.0609 0188        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:30:15.0625 0188        avipbb - ok
14:30:15.0671 0188        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:30:15.0812 0188        Beep - ok
14:30:15.0875 0188        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:30:16.0031 0188        cbidf2k - ok
14:30:16.0062 0188        cd20xrnt - ok
14:30:16.0109 0188        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:30:16.0250 0188        Cdaudio - ok
14:30:16.0296 0188        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:30:16.0421 0188        Cdfs - ok
14:30:16.0468 0188        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:30:16.0593 0188        Cdrom - ok
14:30:16.0609 0188        Changer - ok
14:30:16.0640 0188        CmdIde - ok
14:30:16.0671 0188        Cpqarray - ok
14:30:16.0718 0188        dac2w2k - ok
14:30:16.0734 0188        dac960nt - ok
14:30:16.0781 0188        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:30:16.0906 0188        Disk - ok
14:30:16.0937 0188        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:30:17.0109 0188        dmboot - ok
14:30:17.0140 0188        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
14:30:17.0281 0188        dmio - ok
14:30:17.0312 0188        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:30:17.0453 0188        dmload - ok
14:30:17.0484 0188        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:30:17.0609 0188        DMusic - ok
14:30:17.0640 0188        dpti2o - ok
14:30:17.0656 0188        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:30:17.0781 0188        drmkaud - ok
14:30:17.0812 0188        E100B          (5c940a174dfb2c42b9f6ba6edc2baa0b) C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:30:17.0828 0188        E100B - ok
14:30:17.0906 0188        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:30:18.0031 0188        Fastfat - ok
14:30:18.0093 0188        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:30:18.0218 0188        Fdc - ok
14:30:18.0265 0188        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:30:18.0390 0188        Fips - ok
14:30:18.0437 0188        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:30:18.0562 0188        Flpydisk - ok
14:30:18.0609 0188        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:30:18.0718 0188        FltMgr - ok
14:30:18.0765 0188        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:30:18.0906 0188        Fs_Rec - ok
14:30:18.0968 0188        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:30:19.0109 0188        Ftdisk - ok
14:30:19.0156 0188        gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
14:30:19.0281 0188        gameenum - ok
14:30:19.0343 0188        ggflt          (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
14:30:19.0359 0188        ggflt - ok
14:30:19.0375 0188        ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
14:30:19.0406 0188        ggsemc - ok
14:30:19.0437 0188        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:30:19.0562 0188        Gpc - ok
14:30:19.0609 0188        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:30:19.0734 0188        HDAudBus - ok
14:30:19.0765 0188        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:30:19.0890 0188        hidusb - ok
14:30:19.0906 0188        hpn - ok
14:30:19.0937 0188        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:30:19.0984 0188        HTTP - ok
14:30:20.0000 0188        i2omgmt - ok
14:30:20.0000 0188        i2omp - ok
14:30:20.0062 0188        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:30:20.0187 0188        i8042prt - ok
14:30:20.0234 0188        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:30:20.0359 0188        Imapi - ok
14:30:20.0375 0188        ini910u - ok
14:30:20.0406 0188        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:30:20.0531 0188        IntelIde - ok
14:30:20.0578 0188        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:30:20.0703 0188        intelppm - ok
14:30:20.0718 0188        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:30:20.0843 0188        Ip6Fw - ok
14:30:20.0859 0188        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:30:21.0000 0188        IpFilterDriver - ok
14:30:21.0031 0188        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:30:21.0156 0188        IpInIp - ok
14:30:21.0187 0188        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:30:21.0296 0188        IpNat - ok
14:30:21.0328 0188        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:30:21.0453 0188        IPSec - ok
14:30:21.0500 0188        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:30:21.0640 0188        IRENUM - ok
14:30:21.0671 0188        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:30:21.0781 0188        isapnp - ok
14:30:21.0828 0188        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:30:21.0953 0188        Kbdclass - ok
14:30:22.0000 0188        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:30:22.0125 0188        kbdhid - ok
14:30:22.0171 0188        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:30:22.0296 0188        kmixer - ok
14:30:22.0359 0188        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:30:22.0406 0188        KSecDD - ok
14:30:22.0421 0188        lbrtfdc - ok
14:30:22.0500 0188        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:30:22.0640 0188        mnmdd - ok
14:30:22.0687 0188        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:30:22.0812 0188        Modem - ok
14:30:22.0859 0188        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:30:22.0984 0188        Mouclass - ok
14:30:23.0046 0188        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:30:23.0171 0188        mouhid - ok
14:30:23.0218 0188        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:30:23.0343 0188        MountMgr - ok
14:30:23.0375 0188        mraid35x - ok
14:30:23.0406 0188        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:30:23.0531 0188        MRxDAV - ok
14:30:23.0593 0188        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:30:23.0625 0188        MRxSmb - ok
14:30:23.0687 0188        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:30:23.0796 0188        Msfs - ok
14:30:23.0859 0188        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:30:23.0968 0188        MSKSSRV - ok
14:30:24.0015 0188        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:30:24.0125 0188        MSPCLOCK - ok
14:30:24.0171 0188        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:30:24.0296 0188        MSPQM - ok
14:30:24.0359 0188        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:30:24.0484 0188        mssmbios - ok
14:30:24.0531 0188        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:30:24.0578 0188        Mup - ok
14:30:24.0625 0188        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:30:24.0750 0188        NDIS - ok
14:30:24.0812 0188        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:30:24.0828 0188        NdisTapi - ok
14:30:24.0859 0188        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:30:24.0984 0188        Ndisuio - ok
14:30:25.0015 0188        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:30:25.0156 0188        NdisWan - ok
14:30:25.0203 0188        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:30:25.0234 0188        NDProxy - ok
14:30:25.0265 0188        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:30:25.0390 0188        NetBIOS - ok
14:30:25.0437 0188        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:30:25.0562 0188        NetBT - ok
14:30:25.0625 0188        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:30:25.0734 0188        Npfs - ok
14:30:25.0781 0188        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:30:25.0921 0188        Ntfs - ok
14:30:25.0984 0188        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:30:26.0125 0188        Null - ok
14:30:26.0453 0188        nv              (f1de35c89d98a883d1b4030dc9896855) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:30:26.0968 0188        nv - ok
14:30:27.0015 0188        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:30:27.0171 0188        NwlnkFlt - ok
14:30:27.0203 0188        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:30:27.0343 0188        NwlnkFwd - ok
14:30:27.0406 0188        P17            (53196adddab86fc4d235370c14eb9a70) C:\WINDOWS\system32\drivers\P17.sys
14:30:27.0484 0188        P17 - ok
14:30:27.0562 0188        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:30:27.0687 0188        Parport - ok
14:30:27.0718 0188        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:30:27.0843 0188        PartMgr - ok
14:30:27.0906 0188        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:30:28.0031 0188        ParVdm - ok
14:30:28.0078 0188        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:30:28.0203 0188        PCI - ok
14:30:28.0234 0188        PCIDump - ok
14:30:28.0281 0188        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys
14:30:28.0421 0188        PCIIde - ok
14:30:28.0484 0188        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:30:28.0609 0188        Pcmcia - ok
14:30:28.0640 0188        PDCOMP - ok
14:30:28.0656 0188        PDFRAME - ok
14:30:28.0687 0188        PDRELI - ok
14:30:28.0703 0188        PDRFRAME - ok
14:30:28.0734 0188        perc2 - ok
14:30:28.0765 0188        perc2hib - ok
14:30:28.0843 0188        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:30:28.0968 0188        PptpMiniport - ok
14:30:29.0015 0188        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:30:29.0140 0188        PSched - ok
14:30:29.0187 0188        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:30:29.0312 0188        Ptilink - ok
14:30:29.0343 0188        ql1080 - ok
14:30:29.0359 0188        Ql10wnt - ok
14:30:29.0390 0188        ql12160 - ok
14:30:29.0390 0188        ql1240 - ok
14:30:29.0421 0188        ql1280 - ok
14:30:29.0453 0188        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:30:29.0578 0188        RasAcd - ok
14:30:29.0640 0188        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:30:29.0765 0188        Rasl2tp - ok
14:30:29.0812 0188        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:30:29.0937 0188        RasPppoe - ok
14:30:29.0984 0188        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:30:30.0109 0188        Raspti - ok
14:30:30.0187 0188        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:30:30.0296 0188        Rdbss - ok
14:30:30.0343 0188        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:30:30.0468 0188        RDPCDD - ok
14:30:30.0531 0188        RDPWD          (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:30:30.0578 0188        RDPWD - ok
14:30:30.0625 0188        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:30:30.0750 0188        redbook - ok
14:30:30.0828 0188        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:30:30.0953 0188        Secdrv - ok
14:30:31.0000 0188        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:30:31.0125 0188        serenum - ok
14:30:31.0171 0188        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:30:31.0296 0188        Serial - ok
14:30:31.0343 0188        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:30:31.0468 0188        Sfloppy - ok
14:30:31.0500 0188        Simbad - ok
14:30:31.0531 0188        Sparrow - ok
14:30:31.0578 0188        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:30:31.0687 0188        splitter - ok
14:30:31.0750 0188        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:30:31.0859 0188        sr - ok
14:30:31.0921 0188        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:30:31.0953 0188        Srv - ok
14:30:32.0015 0188        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:30:32.0031 0188        ssmdrv - ok
14:30:32.0062 0188        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:30:32.0203 0188        swenum - ok
14:30:32.0218 0188        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:30:32.0359 0188        swmidi - ok
14:30:32.0375 0188        symc810 - ok
14:30:32.0390 0188        symc8xx - ok
14:30:32.0421 0188        sym_hi - ok
14:30:32.0437 0188        sym_u3 - ok
14:30:32.0484 0188        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:30:32.0609 0188        sysaudio - ok
14:30:32.0671 0188        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:30:32.0750 0188        Tcpip - ok
14:30:32.0781 0188        Tcpip6          (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
14:30:32.0812 0188        Tcpip6 - ok
14:30:32.0843 0188        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:30:32.0984 0188        TDPIPE - ok
14:30:33.0000 0188        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:30:33.0125 0188        TDTCP - ok
14:30:33.0156 0188        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:30:33.0281 0188        TermDD - ok
14:30:33.0296 0188        TosIde - ok
14:30:33.0375 0188        tunmp          (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
14:30:33.0500 0188        tunmp - ok
14:30:33.0531 0188        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:30:33.0671 0188        Udfs - ok
14:30:33.0671 0188        ultra - ok
14:30:33.0718 0188        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:30:33.0875 0188        Update - ok
14:30:33.0906 0188        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:30:34.0031 0188        usbccgp - ok
14:30:34.0046 0188        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:30:34.0171 0188        usbehci - ok
14:30:34.0203 0188        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:30:34.0312 0188        usbhub - ok
14:30:34.0343 0188        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:30:34.0468 0188        usbprint - ok
14:30:34.0500 0188        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:30:34.0640 0188        usbscan - ok
14:30:34.0671 0188        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:30:34.0781 0188        USBSTOR - ok
14:30:34.0812 0188        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:30:34.0937 0188        usbuhci - ok
14:30:34.0968 0188        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:30:35.0093 0188        VgaSave - ok
14:30:35.0093 0188        ViaIde - ok
14:30:35.0125 0188        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:30:35.0250 0188        VolSnap - ok
14:30:35.0296 0188        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:30:35.0421 0188        Wanarp - ok
14:30:35.0484 0188        Wdf01000        (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
14:30:35.0546 0188        Wdf01000 - ok
14:30:35.0578 0188        WDICA - ok
14:30:35.0609 0188        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:30:35.0750 0188        wdmaud - ok
14:30:35.0812 0188        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
14:30:35.0843 0188        \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - infected
14:30:35.0843 0188        \Device\Harddisk0\DR0 - detected Backdoor.Win32.Sinowal.knf (0)
14:30:35.0953 0188        Boot (0x1200)  (2ba39f84a8b7f2f331300a7c327e3642) \Device\Harddisk0\DR0\Partition0
14:30:35.0953 0188        \Device\Harddisk0\DR0\Partition0 - ok
14:30:35.0984 0188        Boot (0x1200)  (bacd29407236c5bd602e5d8d71307d47) \Device\Harddisk0\DR0\Partition1
14:30:35.0984 0188        \Device\Harddisk0\DR0\Partition1 - ok
14:30:36.0000 0188        Boot (0x1200)  (47b7ab0db1f4859e36569fbe3da6cf5c) \Device\Harddisk0\DR0\Partition2
14:30:36.0000 0188        \Device\Harddisk0\DR0\Partition2 - ok
14:30:36.0015 0188        Boot (0x1200)  (124cd068a2764e172543bbba01759756) \Device\Harddisk0\DR0\Partition3
14:30:36.0015 0188        \Device\Harddisk0\DR0\Partition3 - ok
14:30:36.0031 0188        Boot (0x1200)  (76e3d332279834269988db856f3628c9) \Device\Harddisk0\DR0\Partition4
14:30:36.0031 0188        \Device\Harddisk0\DR0\Partition4 - ok
14:30:36.0046 0188        Boot (0x1200)  (90cb10ed2a0fc057bc84aef8f50e4b49) \Device\Harddisk0\DR0\Partition5
14:30:36.0046 0188        \Device\Harddisk0\DR0\Partition5 - ok
14:30:36.0046 0188        ============================================================
14:30:36.0046 0188        Scan finished
14:30:36.0046 0188        ============================================================
14:30:36.0156 0292        Detected object count: 1
14:30:36.0156 0292        Actual detected object count: 1
14:32:23.0078 0292        \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - will be cured on reboot
14:32:23.0093 0292        \Device\Harddisk0\DR0 - ok
14:32:23.0093 0292        \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - User select action: Cure

cosinus 24.01.2012 15:00
Zitat:
14:32:23.0093 0292 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - User select action: Cure
In diesem Fall zwar richtig aber dennoch bitte mal die Anleitungen in Zukunft besser beachten und umsetzen!!

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!


Starte Windows bitte neu und mach ein neues Log mit TDSS-Killer

Yuna_84 24.01.2012 15:24
Code:
15:21:48.0609 3664        TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
15:21:48.0765 3664        ============================================================
15:21:48.0765 3664        Current date / time: 2012/01/24 15:21:48.0765
15:21:48.0765 3664        SystemInfo:
15:21:48.0765 3664       
15:21:48.0765 3664        OS Version: 5.1.2600 ServicePack: 3.0
15:21:48.0765 3664        Product type: Workstation
15:21:48.0765 3664        ComputerName: WUDDEL
15:21:48.0781 3664        UserName: Wuddelchen
15:21:48.0781 3664        Windows directory: C:\WINDOWS
15:21:48.0781 3664        System windows directory: C:\WINDOWS
15:21:48.0781 3664        Processor architecture: Intel x86
15:21:48.0781 3664        Number of processors: 2
15:21:48.0781 3664        Page size: 0x1000
15:21:48.0781 3664        Boot type: Normal boot
15:21:48.0781 3664        ============================================================
15:21:49.0875 3664        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:21:50.0171 3664        Initialize success
15:21:55.0406 3756        ============================================================
15:21:55.0406 3756        Scan started
15:21:55.0406 3756        Mode: Manual; SigCheck; TDLFS;
15:21:55.0406 3756        ============================================================
15:21:55.0750 3756        Abiosdsk - ok
15:21:55.0765 3756        abp480n5 - ok
15:21:55.0796 3756        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:21:56.0031 3756        ACPI - ok
15:21:56.0078 3756        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:21:56.0218 3756        ACPIEC - ok
15:21:56.0250 3756        adpu160m - ok
15:21:56.0281 3756        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:21:56.0406 3756        aec - ok
15:21:56.0484 3756        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:21:56.0500 3756        AFD - ok
15:21:56.0515 3756        Aha154x - ok
15:21:56.0546 3756        aic78u2 - ok
15:21:56.0578 3756        aic78xx - ok
15:21:56.0609 3756        AliIde - ok
15:21:56.0625 3756        amsint - ok
15:21:56.0671 3756        asc - ok
15:21:56.0687 3756        asc3350p - ok
15:21:56.0703 3756        asc3550 - ok
15:21:56.0750 3756        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:21:56.0890 3756        AsyncMac - ok
15:21:56.0921 3756        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:21:57.0046 3756        atapi - ok
15:21:57.0078 3756        Atdisk - ok
15:21:57.0109 3756        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:21:57.0234 3756        Atmarpc - ok
15:21:57.0281 3756        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:21:57.0421 3756        audstub - ok
15:21:57.0500 3756        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
15:21:57.0515 3756        avgio - ok
15:21:57.0531 3756        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:21:57.0593 3756        avgntflt - ok
15:21:57.0640 3756        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:21:57.0656 3756        avipbb - ok
15:21:57.0703 3756        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:21:57.0828 3756        Beep - ok
15:21:57.0859 3756        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:21:58.0000 3756        cbidf2k - ok
15:21:58.0015 3756        cd20xrnt - ok
15:21:58.0031 3756        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:21:58.0171 3756        Cdaudio - ok
15:21:58.0218 3756        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:21:58.0343 3756        Cdfs - ok
15:21:58.0359 3756        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:21:58.0484 3756        Cdrom - ok
15:21:58.0500 3756        Changer - ok
15:21:58.0515 3756        CmdIde - ok
15:21:58.0562 3756        Cpqarray - ok
15:21:58.0593 3756        dac2w2k - ok
15:21:58.0609 3756        dac960nt - ok
15:21:58.0671 3756        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:21:58.0796 3756        Disk - ok
15:21:58.0859 3756        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:21:59.0015 3756        dmboot - ok
15:21:59.0062 3756        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:21:59.0203 3756        dmio - ok
15:21:59.0218 3756        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:21:59.0343 3756        dmload - ok
15:21:59.0359 3756        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:21:59.0484 3756        DMusic - ok
15:21:59.0500 3756        dpti2o - ok
15:21:59.0531 3756        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:21:59.0656 3756        drmkaud - ok
15:21:59.0703 3756        E100B          (5c940a174dfb2c42b9f6ba6edc2baa0b) C:\WINDOWS\system32\DRIVERS\e100b325.sys
15:21:59.0718 3756        E100B - ok
15:21:59.0765 3756        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:21:59.0890 3756        Fastfat - ok
15:21:59.0921 3756        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:22:00.0062 3756        Fdc - ok
15:22:00.0093 3756        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:22:00.0218 3756        Fips - ok
15:22:00.0265 3756        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:22:00.0390 3756        Flpydisk - ok
15:22:00.0437 3756        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:22:00.0562 3756        FltMgr - ok
15:22:00.0609 3756        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:22:00.0734 3756        Fs_Rec - ok
15:22:00.0796 3756        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:22:00.0937 3756        Ftdisk - ok
15:22:01.0000 3756        gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
15:22:01.0109 3756        gameenum - ok
15:22:01.0156 3756        ggflt          (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
15:22:01.0156 3756        ggflt - ok
15:22:01.0187 3756        ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
15:22:01.0203 3756        ggsemc - ok
15:22:01.0234 3756        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:22:01.0359 3756        Gpc - ok
15:22:01.0406 3756        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:22:01.0531 3756        HDAudBus - ok
15:22:01.0578 3756        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:22:01.0718 3756        hidusb - ok
15:22:01.0750 3756        hpn - ok
15:22:01.0796 3756        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:22:01.0828 3756        HTTP - ok
15:22:01.0859 3756        i2omgmt - ok
15:22:01.0875 3756        i2omp - ok
15:22:01.0921 3756        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:22:02.0046 3756        i8042prt - ok
15:22:02.0093 3756        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:22:02.0203 3756        Imapi - ok
15:22:02.0265 3756        ini910u - ok
15:22:02.0296 3756        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:22:02.0406 3756        IntelIde - ok
15:22:02.0453 3756        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:22:02.0562 3756        intelppm - ok
15:22:02.0609 3756        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:22:02.0734 3756        Ip6Fw - ok
15:22:02.0781 3756        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:22:02.0921 3756        IpFilterDriver - ok
15:22:02.0968 3756        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:22:03.0093 3756        IpInIp - ok
15:22:03.0140 3756        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:22:03.0250 3756        IpNat - ok
15:22:03.0296 3756        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:22:03.0406 3756        IPSec - ok
15:22:03.0453 3756        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:22:03.0593 3756        IRENUM - ok
15:22:03.0625 3756        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:22:03.0750 3756        isapnp - ok
15:22:03.0796 3756        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:22:03.0921 3756        Kbdclass - ok
15:22:03.0953 3756        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:22:04.0078 3756        kbdhid - ok
15:22:04.0125 3756        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:22:04.0250 3756        kmixer - ok
15:22:04.0312 3756        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:22:04.0343 3756        KSecDD - ok
15:22:04.0375 3756        lbrtfdc - ok
15:22:04.0437 3756        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:22:04.0562 3756        mnmdd - ok
15:22:04.0625 3756        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:22:04.0765 3756        Modem - ok
15:22:04.0796 3756        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:22:04.0953 3756        Mouclass - ok
15:22:05.0015 3756        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:22:05.0140 3756        mouhid - ok
15:22:05.0187 3756        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:22:05.0312 3756        MountMgr - ok
15:22:05.0343 3756        mraid35x - ok
15:22:05.0375 3756        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:22:05.0500 3756        MRxDAV - ok
15:22:05.0562 3756        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:22:05.0593 3756        MRxSmb - ok
15:22:05.0656 3756        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:22:05.0781 3756        Msfs - ok
15:22:05.0828 3756        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:22:05.0953 3756        MSKSSRV - ok
15:22:05.0968 3756        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:22:06.0093 3756        MSPCLOCK - ok
15:22:06.0093 3756        Scan interrupted by user!
15:22:06.0093 3756        Scan interrupted by user!
15:22:06.0093 3756        Scan interrupted by user!
15:22:06.0093 3756        ============================================================
15:22:06.0093 3756        Scan finished
15:22:06.0093 3756        ============================================================
15:22:06.0203 3748        Detected object count: 0
15:22:06.0203 3748        Actual detected object count: 0
15:22:17.0078 4012        ============================================================
15:22:17.0078 4012        Scan started
15:22:17.0078 4012        Mode: Manual; SigCheck; TDLFS;
15:22:17.0078 4012        ============================================================
15:22:17.0343 4012        Abiosdsk - ok
15:22:17.0359 4012        abp480n5 - ok
15:22:17.0421 4012        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:22:17.0546 4012        ACPI - ok
15:22:17.0593 4012        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:22:17.0718 4012        ACPIEC - ok
15:22:17.0750 4012        adpu160m - ok
15:22:17.0781 4012        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:22:17.0906 4012        aec - ok
15:22:17.0953 4012        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:22:17.0968 4012        AFD - ok
15:22:18.0000 4012        Aha154x - ok
15:22:18.0015 4012        aic78u2 - ok
15:22:18.0046 4012        aic78xx - ok
15:22:18.0078 4012        AliIde - ok
15:22:18.0109 4012        amsint - ok
15:22:18.0140 4012        asc - ok
15:22:18.0171 4012        asc3350p - ok
15:22:18.0171 4012        asc3550 - ok
15:22:18.0218 4012        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:22:18.0328 4012        AsyncMac - ok
15:22:18.0375 4012        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:22:18.0484 4012        atapi - ok
15:22:18.0515 4012        Atdisk - ok
15:22:18.0546 4012        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:22:18.0671 4012        Atmarpc - ok
15:22:18.0718 4012        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:22:18.0843 4012        audstub - ok
15:22:18.0906 4012        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programme\Avira\AntiVir Desktop\avgio.sys
15:22:18.0921 4012        avgio - ok
15:22:18.0953 4012        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:22:18.0968 4012        avgntflt - ok
15:22:19.0000 4012        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:22:19.0015 4012        avipbb - ok
15:22:19.0046 4012        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:22:19.0187 4012        Beep - ok
15:22:19.0234 4012        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:22:19.0375 4012        cbidf2k - ok
15:22:19.0406 4012        cd20xrnt - ok
15:22:19.0453 4012        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:22:19.0578 4012        Cdaudio - ok
15:22:19.0625 4012        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:22:19.0734 4012        Cdfs - ok
15:22:19.0781 4012        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:22:19.0890 4012        Cdrom - ok
15:22:19.0921 4012        Changer - ok
15:22:19.0953 4012        CmdIde - ok
15:22:19.0984 4012        Cpqarray - ok
15:22:20.0015 4012        dac2w2k - ok
15:22:20.0031 4012        dac960nt - ok
15:22:20.0078 4012        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:22:20.0187 4012        Disk - ok
15:22:20.0250 4012        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:22:20.0390 4012        dmboot - ok
15:22:20.0421 4012        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:22:20.0546 4012        dmio - ok
15:22:20.0562 4012        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:22:20.0703 4012        dmload - ok
15:22:20.0734 4012        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:22:20.0859 4012        DMusic - ok
15:22:20.0890 4012        dpti2o - ok
15:22:20.0906 4012        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:22:21.0015 4012        drmkaud - ok
15:22:21.0078 4012        E100B          (5c940a174dfb2c42b9f6ba6edc2baa0b) C:\WINDOWS\system32\DRIVERS\e100b325.sys
15:22:21.0093 4012        E100B - ok
15:22:21.0140 4012        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:22:21.0250 4012        Fastfat - ok
15:22:21.0296 4012        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:22:21.0406 4012        Fdc - ok
15:22:21.0453 4012        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:22:21.0562 4012        Fips - ok
15:22:21.0609 4012        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:22:21.0718 4012        Flpydisk - ok
15:22:21.0765 4012        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:22:21.0875 4012        FltMgr - ok
15:22:21.0921 4012        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:22:22.0046 4012        Fs_Rec - ok
15:22:22.0093 4012        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:22:22.0218 4012        Ftdisk - ok
15:22:22.0265 4012        gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
15:22:22.0375 4012        gameenum - ok
15:22:22.0421 4012        ggflt          (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
15:22:22.0421 4012        ggflt - ok
15:22:22.0453 4012        ggsemc          (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
15:22:22.0468 4012        ggsemc - ok
15:22:22.0500 4012        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:22:22.0609 4012        Gpc - ok
15:22:22.0656 4012        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:22:22.0765 4012        HDAudBus - ok
15:22:22.0812 4012        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:22:22.0921 4012        hidusb - ok
15:22:22.0953 4012        hpn - ok
15:22:23.0000 4012        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:22:23.0015 4012        HTTP - ok
15:22:23.0046 4012        i2omgmt - ok
15:22:23.0078 4012        i2omp - ok
15:22:23.0093 4012        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:22:23.0203 4012        i8042prt - ok
15:22:23.0250 4012        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:22:23.0359 4012        Imapi - ok
15:22:23.0406 4012        ini910u - ok
15:22:23.0437 4012        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:22:23.0546 4012        IntelIde - ok
15:22:23.0578 4012        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:22:23.0687 4012        intelppm - ok
15:22:23.0734 4012        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:22:23.0843 4012        Ip6Fw - ok
15:22:23.0906 4012        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:22:24.0031 4012        IpFilterDriver - ok
15:22:24.0078 4012        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:22:24.0187 4012        IpInIp - ok
15:22:24.0234 4012        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:22:24.0343 4012        IpNat - ok
15:22:24.0390 4012        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:22:24.0500 4012        IPSec - ok
15:22:24.0546 4012        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:22:24.0656 4012        IRENUM - ok
15:22:24.0687 4012        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:22:24.0796 4012        isapnp - ok
15:22:24.0843 4012        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:22:24.0968 4012        Kbdclass - ok
15:22:25.0000 4012        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:22:25.0109 4012        kbdhid - ok
15:22:25.0171 4012        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:22:25.0281 4012        kmixer - ok
15:22:25.0328 4012        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:22:25.0343 4012        KSecDD - ok
15:22:25.0375 4012        lbrtfdc - ok
15:22:25.0437 4012        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:22:25.0562 4012        mnmdd - ok
15:22:25.0609 4012        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:22:25.0718 4012        Modem - ok
15:22:25.0765 4012        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:22:25.0890 4012        Mouclass - ok
15:22:25.0953 4012        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:22:26.0078 4012        mouhid - ok
15:22:26.0109 4012        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:22:26.0218 4012        MountMgr - ok
15:22:26.0250 4012        mraid35x - ok
15:22:26.0265 4012        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:22:26.0390 4012        MRxDAV - ok
15:22:26.0437 4012        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:22:26.0453 4012        MRxSmb - ok
15:22:26.0531 4012        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:22:26.0640 4012        Msfs - ok
15:22:26.0687 4012        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:22:26.0796 4012        MSKSSRV - ok
15:22:26.0843 4012        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:22:26.0953 4012        MSPCLOCK - ok
15:22:27.0000 4012        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:22:27.0125 4012        MSPQM - ok
15:22:27.0203 4012        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:22:27.0312 4012        mssmbios - ok
15:22:27.0359 4012        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:22:27.0390 4012        Mup - ok
15:22:27.0421 4012        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:22:27.0546 4012        NDIS - ok
15:22:27.0593 4012        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:22:27.0609 4012        NdisTapi - ok
15:22:27.0640 4012        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:22:27.0765 4012        Ndisuio - ok
15:22:27.0796 4012        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:22:27.0906 4012        NdisWan - ok
15:22:27.0953 4012        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:22:27.0968 4012        NDProxy - ok
15:22:28.0000 4012        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:22:28.0125 4012        NetBIOS - ok
15:22:28.0171 4012        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:22:28.0281 4012        NetBT - ok
15:22:28.0359 4012        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:22:28.0468 4012        Npfs - ok
15:22:28.0515 4012        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:22:28.0656 4012        Ntfs - ok
15:22:28.0718 4012        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:22:28.0843 4012        Null - ok
15:22:29.0171 4012        nv              (f1de35c89d98a883d1b4030dc9896855) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:22:29.0515 4012        nv - ok
15:22:29.0578 4012        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:22:29.0703 4012        NwlnkFlt - ok
15:22:29.0750 4012        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:22:29.0890 4012        NwlnkFwd - ok
15:22:29.0953 4012        P17            (53196adddab86fc4d235370c14eb9a70) C:\WINDOWS\system32\drivers\P17.sys
15:22:30.0015 4012        P17 - ok
15:22:30.0062 4012        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
15:22:30.0171 4012        Parport - ok
15:22:30.0234 4012        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:22:30.0343 4012        PartMgr - ok
15:22:30.0390 4012        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:22:30.0531 4012        ParVdm - ok
15:22:30.0562 4012        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
15:22:30.0687 4012        PCI - ok
15:22:30.0718 4012        PCIDump - ok
15:22:30.0765 4012        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\drivers\PCIIde.sys
15:22:30.0890 4012        PCIIde - ok
15:22:30.0937 4012        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:22:31.0046 4012        Pcmcia - ok
15:22:31.0078 4012        PDCOMP - ok
15:22:31.0093 4012        PDFRAME - ok
15:22:31.0125 4012        PDRELI - ok
15:22:31.0140 4012        PDRFRAME - ok
15:22:31.0171 4012        perc2 - ok
15:22:31.0187 4012        perc2hib - ok
15:22:31.0234 4012        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:22:31.0359 4012        PptpMiniport - ok
15:22:31.0406 4012        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:22:31.0515 4012        PSched - ok
15:22:31.0578 4012        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:22:31.0703 4012        Ptilink - ok
15:22:31.0734 4012        ql1080 - ok
15:22:31.0765 4012        Ql10wnt - ok
15:22:31.0781 4012        ql12160 - ok
15:22:31.0812 4012        ql1240 - ok
15:22:31.0828 4012        ql1280 - ok
15:22:31.0859 4012        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:22:31.0984 4012        RasAcd - ok
15:22:32.0062 4012        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:22:32.0187 4012        Rasl2tp - ok
15:22:32.0218 4012        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:22:32.0343 4012        RasPppoe - ok
15:22:32.0375 4012        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:22:32.0500 4012        Raspti - ok
15:22:32.0531 4012        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:22:32.0656 4012        Rdbss - ok
15:22:32.0687 4012        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:22:32.0812 4012        RDPCDD - ok
15:22:32.0875 4012        RDPWD          (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
15:22:32.0906 4012        RDPWD - ok
15:22:32.0968 4012        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:22:33.0078 4012        redbook - ok
15:22:33.0156 4012        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:22:33.0265 4012        Secdrv - ok
15:22:33.0312 4012        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:22:33.0421 4012        serenum - ok
15:22:33.0468 4012        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
15:22:33.0593 4012        Serial - ok
15:22:33.0640 4012        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:22:33.0750 4012        Sfloppy - ok
15:22:33.0796 4012        Simbad - ok
15:22:33.0812 4012        Sparrow - ok
15:22:33.0843 4012        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:22:33.0953 4012        splitter - ok
15:22:34.0000 4012        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
15:22:34.0109 4012        sr - ok
15:22:34.0171 4012        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:22:34.0203 4012        Srv - ok
15:22:34.0250 4012        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:22:34.0265 4012        ssmdrv - ok
15:22:34.0312 4012        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:22:34.0421 4012        swenum - ok
15:22:34.0453 4012        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:22:34.0578 4012        swmidi - ok
15:22:34.0609 4012        symc810 - ok
15:22:34.0640 4012        symc8xx - ok
15:22:34.0671 4012        sym_hi - ok
15:22:34.0687 4012        sym_u3 - ok
15:22:34.0718 4012        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:22:34.0843 4012        sysaudio - ok
15:22:34.0906 4012        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:22:34.0953 4012        Tcpip - ok
15:22:35.0015 4012        Tcpip6          (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
15:22:35.0031 4012        Tcpip6 - ok
15:22:35.0078 4012        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:22:35.0187 4012        TDPIPE - ok
15:22:35.0234 4012        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:22:35.0343 4012        TDTCP - ok
15:22:35.0375 4012        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:22:35.0484 4012        TermDD - ok
15:22:35.0500 4012        TosIde - ok
15:22:35.0546 4012        tunmp          (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
15:22:35.0656 4012        tunmp - ok
15:22:35.0703 4012        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:22:35.0812 4012        Udfs - ok
15:22:35.0828 4012        ultra - ok
15:22:35.0859 4012        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:22:35.0968 4012        Update - ok
15:22:36.0031 4012        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:22:36.0140 4012        usbccgp - ok
15:22:36.0171 4012        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:22:36.0265 4012        usbehci - ok
15:22:36.0296 4012        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:22:36.0406 4012        usbhub - ok
15:22:36.0437 4012        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:22:36.0546 4012        usbprint - ok
15:22:36.0578 4012        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:22:36.0687 4012        usbscan - ok
15:22:36.0718 4012        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:22:36.0828 4012        USBSTOR - ok
15:22:36.0859 4012        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:22:36.0968 4012        usbuhci - ok
15:22:36.0984 4012        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:22:37.0093 4012        VgaSave - ok
15:22:37.0109 4012        ViaIde - ok
15:22:37.0140 4012        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
15:22:37.0250 4012        VolSnap - ok
15:22:37.0281 4012        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:22:37.0406 4012        Wanarp - ok
15:22:37.0468 4012        Wdf01000        (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
15:22:37.0484 4012        Wdf01000 - ok
15:22:37.0515 4012        WDICA - ok
15:22:37.0546 4012        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:22:37.0656 4012        wdmaud - ok
15:22:37.0734 4012        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:22:38.0015 4012        \Device\Harddisk0\DR0 - ok
15:22:38.0015 4012        Boot (0x1200)  (2ba39f84a8b7f2f331300a7c327e3642) \Device\Harddisk0\DR0\Partition0
15:22:38.0015 4012        \Device\Harddisk0\DR0\Partition0 - ok
15:22:38.0031 4012        Boot (0x1200)  (bacd29407236c5bd602e5d8d71307d47) \Device\Harddisk0\DR0\Partition1
15:22:38.0031 4012        \Device\Harddisk0\DR0\Partition1 - ok
15:22:38.0046 4012        Boot (0x1200)  (47b7ab0db1f4859e36569fbe3da6cf5c) \Device\Harddisk0\DR0\Partition2
15:22:38.0062 4012        \Device\Harddisk0\DR0\Partition2 - ok
15:22:38.0062 4012        Boot (0x1200)  (124cd068a2764e172543bbba01759756) \Device\Harddisk0\DR0\Partition3
15:22:38.0078 4012        \Device\Harddisk0\DR0\Partition3 - ok
15:22:38.0093 4012        Boot (0x1200)  (76e3d332279834269988db856f3628c9) \Device\Harddisk0\DR0\Partition4
15:22:38.0093 4012        \Device\Harddisk0\DR0\Partition4 - ok
15:22:38.0109 4012        Boot (0x1200)  (90cb10ed2a0fc057bc84aef8f50e4b49) \Device\Harddisk0\DR0\Partition5
15:22:38.0109 4012        \Device\Harddisk0\DR0\Partition5 - ok
15:22:38.0109 4012        ============================================================
15:22:38.0109 4012        Scan finished
15:22:38.0109 4012        ============================================================
15:22:38.0109 4004        Detected object count: 0
15:22:38.0109 4004        Actual detected object count: 0

cosinus 24.01.2012 15:37
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:50 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19