Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Verschlüsselungs Trojaner - XP startet nicht im abgesicherten Modus (https://www.trojaner-board.de/116705-verschluesselungs-trojaner-xp-startet-abgesicherten-modus.html)

cosinus 10.06.2012 03:00
War das Wort Vollscan denn so leicht zu übersehen :wtf:
Du hast nur einen Quickscan gemacht!

fundf 10.06.2012 17:38
Hier die logs, diesmal mit komplettem Scan:

Malwarebytes:


Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.10.01

Windows XP Service Pack 2 x86 FAT32
Internet Explorer 6.0.2900.2180
miles davis :: VOODOO [Administrator]

Schutz: Aktiviert

10.06.2012 11:42:30
mbam-log-2012-06-10 (11-42-30).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 230091
Laufzeit: 1 Stunde(n), 41 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\_OTL\MovedFiles\06102012_032905\C_WINDOWS\system32\199D5B5DF8FAD812799C.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\06102012_032905\C_Dokumente und Einstellungen\miles davis\Anwendungsdaten\Wjuda\37DE7CF0F8FAD8126F4D.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Programme\StartupRun\strun.exe (PUP.StartUpManager) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


Und hier das von eset


Code:
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=0
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e9932b959ae74542aadcfc3c6ed57f28
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-10 12:50:51
# local_time=2012-06-10 02:50:51 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775125 100 93 625519 75869505 441486 0
# compatibility_mode=8192 67108863 100 0 575 575 0 0
# compatibility_mode=9217 16777214 0 9 162618781 162618789 0 0
# scanned=0
# found=0
# cleaned=0
# scan_time=0
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e9932b959ae74542aadcfc3c6ed57f28
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-10 02:34:56
# local_time=2012-06-10 04:34:56 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775125 100 93 626393 75870379 442360 0
# compatibility_mode=8192 67108863 100 0 1449 1449 0 0
# compatibility_mode=9217 16777214 0 9 162619655 162619663 0 0
# scanned=52509
# found=3
# cleaned=0
# scan_time=5376
C:\Dokumente und Einstellungen\miles davis\Desktop\Mitgliedschaft.zip        Win32/Trustezeb.B trojan (unable to clean)        00000000000000000000000000000000        I
C:\_OTL\MovedFiles.ace        Win32/Trustezeb.B trojan (unable to clean)        00000000000000000000000000000000        I
D:\Eigene Dateien\GABRIEL\ÄMTER\FINANZAM\2011\ynpXVVNNqqsettu        Win32/Trustezeb.B trojan (unable to clean)        00000000000000000000000000000000        I
Ich hoffe, das hilft weiter.
Gruß
Gabriel

cosinus 10.06.2012 18:44
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

fundf 10.06.2012 20:16
Hallo Arne,
was die Windows-Benutzung angeht, so sind mir keine Beschränkungen aufgefallen.
Allerdings funktioniert mein Mail Programm (Pegasus) nicht, welches auf D: unter Programme ist.
Ich hatte noch auf E: eine alte Version und die geht ohne Probleme. Aber die unter D: geht nicht. Die winpm-32.exe scheint verschlüsselt zu sein, ich kann sie jedenfalls nicht finden.

Ansonsten scheint alles normal zu laufen.

Gruß
Gabriel

cosinus 10.06.2012 20:49
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

fundf 10.06.2012 21:30
Hier das Log von OTL


OTL Logfile:
Code:
OTL logfile created on: 10.06.2012 22:00:18 - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = C:\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
767,00 Mb Total Physical Memory | 379,00 Mb Available Physical Memory | 49,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): D:\pagefile.sys 0 0J:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 6,99 Gb Total Space | 0,58 Gb Free Space | 8,36% Space Free | Partition Type: FAT32
Drive D: | 5,30 Gb Total Space | 0,41 Gb Free Space | 7,68% Space Free | Partition Type: FAT32
Drive E: | 1,31 Gb Total Space | 0,09 Gb Free Space | 6,98% Space Free | Partition Type: FAT
Drive F: | 1,31 Gb Total Space | 0,12 Gb Free Space | 9,37% Space Free | Partition Type: FAT
Drive G: | 3,98 Gb Total Space | 0,11 Gb Free Space | 2,82% Space Free | Partition Type: FAT32
Drive H: | 5,83 Gb Total Space | 0,10 Gb Free Space | 1,79% Space Free | Partition Type: FAT32
Drive I: | 3,30 Gb Total Space | 0,09 Gb Free Space | 2,86% Space Free | Partition Type: FAT32
Drive J: | 6,34 Gb Total Space | 0,27 Gb Free Space | 4,31% Space Free | Partition Type: FAT32
Drive K: | 3,90 Gb Total Space | 0,91 Gb Free Space | 23,33% Space Free | Partition Type: FAT32
Drive M: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: VOODOO | User Name: miles davis
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (gupdate) Google Update Service (gupdate)
SRV - [2012.06.10 21:05:56 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.08 22:50:42 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.11 08:07:18 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.14 18:49:38 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto] -- D:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005.11.21 11:34:24 | 000,081,920 | ---- | M] (AVM Berlin) [Auto] -- D:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (AVM IGD CTRL Service)
SRV - [2005.11.21 10:48:06 | 000,315,392 | ---- | M] (AVM Berlin) [On_Demand] -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe -- (de_serv)
SRV - [2005.11.14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (Ser2pl)
DRV - File not found [Kernel | On_Demand] --  -- (RTCore32)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.11 08:07:20 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.11 08:07:20 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.05.11 12:49:20 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 10:12:50 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007.02.22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.04.06 01:00:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2006.03.26 14:22:16 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.03.13 11:38:24 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.11.03 16:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2004.08.03 23:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004.07.20 00:41:48 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI32)
DRV - [2001.09.27 00:32:38 | 000,285,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [2001.09.26 18:19:34 | 000,364,800 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sis7018.sys -- (SiS7018) Service for SiS7018 Driver (WDM)
DRV - [2001.08.18 04:19:46 | 000,281,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mpaa.sys -- (ati2mpaa)
DRV - [2001.08.17 14:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.10 07:00:00 | 000,003,252 | ---- | M] () [Kernel | System] -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS -- (PQNTDrv)
DRV - [2001.04.27 06:08:32 | 000,038,946 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sis7012.sys -- (SiS7012) Service for AC'97 Sample Driver (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\URLSearchHook: {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMul1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: D:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: D:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: D:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: D:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: D:\Programme\Real\RealPlayer\browserrecord [2008.11.21 09:58:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.22 19:47:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: D:\Programme\components [2006.08.19 15:21:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: D:\Programme\plugins [2006.08.19 15:21:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.08.25 18:22:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2012.01.22 19:47:00 | 000,000,000 | ---D | M]
 
[2008.08.26 15:05:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Mozilla\Extensions
[2006.08.19 15:21:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Mozilla\Firefox\Profiles\vqzqwz3s.default\extensions
[2011.08.12 00:32:34 | 000,005,508 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Mozilla\Firefox\Profiles\vqzqwz3s.default\searchplugins\ogOtsesooQQfVpXqyNrxG
[2011.11.03 15:08:50 | 000,002,457 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Mozilla\Firefox\Profiles\vqzqwz3s.default\searchplugins\yEuNVfpsyyrvGxDp
[2011.11.03 15:08:50 | 000,002,419 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Mozilla\Firefox\Profiles\vqzqwz3s.default\searchplugins\fssnLJvfVXpjAgOxx
[2011.11.03 15:08:50 | 000,010,525 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Mozilla\Firefox\Profiles\vqzqwz3s.default\searchplugins\DXnjOgUGlDAEuQtUaT
[2011.11.03 15:08:50 | 000,000,933 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Mozilla\Firefox\Profiles\vqzqwz3s.default\searchplugins\ajAQustaaEorNfVseyq
[2006.11.25 15:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) --
[2006.10.22 19:06:28 | 000,000,983 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\webde-websuche.xml
 
O1 HOSTS File: ([2012.06.10 03:29:10 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (Multi_Media_Germany toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMul1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Multi_Media_Germany toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMul1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\Toolbar\WebBrowser: (Multi_Media_Germany toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMul1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WinampAgent] E:\Programme\Winamp\Winampa.exe ()
O4 - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003..\Run: [SpybotSD TeaTimer] D:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\miles davis\Startmenü\Programme\Autostart\FRITZ!DSL Startcenter.lnk = D:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin)
O4 - Startup: C:\Dokumente und Einstellungen\miles davis\Startmenü\Programme\Autostart\FRITZ!DSL Protect.lnk = D:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - D:\Programme\FRITZ!DSL\SARAH.DLL (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - D:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.03.24 13:06:41 | 000,000,053 | R--- | M] () - M:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{9df99721-2f86-11db-a00e-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9df99721-2f86-11db-a00e-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9df99721-2f86-11db-a00e-806d6172696f}\Shell\AutoRun\command - "" = M:\reatogoMenu.exe -- [2005.07.16 23:36:50 | 000,240,128 | R--- | M] ()
O33 - MountPoints2\{a432b440-bd4d-11dd-811b-00e04df78eb6}\Shell - "" = AutoRun
O33 - MountPoints2\{a432b440-bd4d-11dd-811b-00e04df78eb6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a432b440-bd4d-11dd-811b-00e04df78eb6}\Shell\AutoRun\command - "" = N:\start.exe
O33 - MountPoints2\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\Shell - "" = AutoRun
O33 - MountPoints2\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\Shell\AutoRun\command - "" = N:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^miles davis^Startmenü^Programme^Autostart^OpenOffice.org 3.3.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg: 1&1 EasyLogin - hkey= - key= -  File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Photo Downloader - hkey= - key= -  File not found
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AtiPTA - hkey= - key= -  File not found
MsConfig - StartUpReg: BluetoothAuthenticationAgent - hkey= - key= -  File not found
MsConfig - StartUpReg: C: - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: FlashPlayerUpdate - hkey= - key= -  File not found
MsConfig - StartUpReg: ICQ Lite - hkey= - key= -  File not found
MsConfig - StartUpReg: KEMailKb - hkey= - key= -  File not found
MsConfig - StartUpReg: Launcher - hkey= - key= - C:\Programme\Kyocera\FS-720 Utilities\KMGLNC.exe (KYOCERA MITA Corporation)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: PCSuiteTrayApplication - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - D:\Programme\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RegistryBooster - hkey= - key= -  File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: swg - hkey= - key= -  File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Reg Error: Value error.
SafeBootMin: Boot Bus Extender - Reg Error: Value error.
SafeBootMin: Boot file system - Reg Error: Value error.
SafeBootMin: File system - Reg Error: Value error.
SafeBootMin: Filter - Reg Error: Value error.
SafeBootMin: PCI Configuration - Reg Error: Value error.
SafeBootMin: PNP Filter - Reg Error: Value error.
SafeBootMin: Primary disk - Reg Error: Value error.
SafeBootMin: SCSI Class - Reg Error: Value error.
SafeBootMin: System Bus Extender - Reg Error: Value error.
SafeBootMin: vds - Reg Error: Value error.
SafeBootMin: vga.sys - Reg Error: Value error.
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Reg Error: Value error.
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Reg Error: Value error.
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Reg Error: Value error.
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Reg Error: Value error.
 
SafeBootNet: Base - Reg Error: Value error.
SafeBootNet: Boot Bus Extender - Reg Error: Value error.
SafeBootNet: Boot file system - Reg Error: Value error.
SafeBootNet: File system - Reg Error: Value error.
SafeBootNet: Filter - Reg Error: Value error.
SafeBootNet: NDIS Wrapper - Reg Error: Value error.
SafeBootNet: NetBIOSGroup - Reg Error: Value error.
SafeBootNet: NetDDEGroup - Reg Error: Value error.
SafeBootNet: Network - Reg Error: Value error.
SafeBootNet: NetworkProvider - Reg Error: Value error.
SafeBootNet: PCI Configuration - Reg Error: Value error.
SafeBootNet: PNP Filter - Reg Error: Value error.
SafeBootNet: PNP_TDI - Reg Error: Value error.
SafeBootNet: Primary disk - Reg Error: Value error.
SafeBootNet: SCSI Class - Reg Error: Value error.
SafeBootNet: Streams Drivers - Reg Error: Value error.
SafeBootNet: System Bus Extender - Reg Error: Value error.
SafeBootNet: TDI - Reg Error: Value error.
SafeBootNet: UploadMgr - Reg Error: Value error.
SafeBootNet: vga.sys - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Reg Error: Value error.
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Reg Error: Value error.
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Reg Error: Value error.
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Reg Error: Value error.
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1325db73-d9f1-48f8-8895-6d814ec58889} - Sicherheitsupdate für Windows XP (KB913433)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
 
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.10 14:41:14 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.06.10 14:40:58 | 002,322,184 | ---- | C] (ESET) -- C:\Dokumente und Einstellungen\miles davis\Desktop\esetsmartinstaller_enu.exe
[2012.06.10 04:19:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Malwarebytes
[2012.06.10 04:19:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.06.10 04:19:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.06.10 04:19:02 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.06.10 04:02:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2012.06.10 03:29:07 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012.06.10 03:29:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.06.02 10:16:23 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\miles davis\Recent
[2012.05.27 10:00:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Free M4a to MP3 Converter
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.10 21:55:02 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.10 21:49:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.06.10 20:53:44 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.10 20:53:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.10 20:53:34 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.10 19:10:22 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012.06.10 18:33:56 | 000,000,658 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Startmenü\Programme\Autostart\FRITZ!DSL Protect.lnk
[2012.06.10 14:41:08 | 002,322,184 | ---- | M] (ESET) -- C:\Dokumente und Einstellungen\miles davis\Desktop\esetsmartinstaller_enu.exe
[2012.06.10 04:19:10 | 000,000,543 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.10 04:19:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.06.10 04:08:42 | 000,034,261 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Desktop\Mitgliedschaft.zip
[2012.06.10 04:02:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2012.06.10 03:37:20 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.02 10:24:12 | 000,019,456 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Desktop\yLXDGGJryysXVVN
[2012.05.27 10:00:14 | 000,000,491 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Desktop\Free M4a to MP3 Converter.lnk
[2012.05.27 10:00:14 | 000,000,491 | ---- | M] () -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Free M4a to MP3 Converter.lnk
[2012.05.27 10:00:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Free M4a to MP3 Converter
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.10 18:33:53 | 000,000,658 | ---- | C] () -- C:\Dokumente und Einstellungen\miles davis\Startmenü\Programme\Autostart\FRITZ!DSL Protect.lnk
[2012.06.10 04:19:09 | 000,000,543 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.10 04:08:41 | 000,034,261 | ---- | C] () -- C:\Dokumente und Einstellungen\miles davis\Desktop\Mitgliedschaft.zip
[2012.06.02 10:24:10 | 000,019,456 | ---- | C] () -- C:\Dokumente und Einstellungen\miles davis\Desktop\yLXDGGJryysXVVN
[2012.05.27 10:00:13 | 000,000,491 | ---- | C] () -- C:\Dokumente und Einstellungen\miles davis\Desktop\Free M4a to MP3 Converter.lnk
[2012.05.27 10:00:13 | 000,000,491 | ---- | C] () -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Free M4a to MP3 Converter.lnk
[2011.09.25 12:31:45 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2011.09.25 12:28:17 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\TAKDSDecoder.dll
[2011.05.13 10:18:44 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.04.08 09:46:54 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2010.03.28 01:25:07 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\miles davis\Lokale Einstellungen\Anwendungsdaten\vTUjlOjGJlxLXvnVrpfye
[2010.03.01 11:09:08 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2009.04.24 08:07:19 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\kbdro098m.dll
[2008.11.20 21:04:44 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2008.10.01 08:21:17 | 000,000,010 | ---- | C] () -- C:\Dokumente und Einstellungen\miles davis\qaptxuvAqDsUfgrLo
[2008.02.25 11:07:45 | 000,399,360 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008.02.25 11:07:38 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2008.02.25 11:07:36 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008.02.25 11:07:35 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2008.02.25 11:07:33 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2008.02.25 11:06:40 | 000,151,040 | -HS- | C] () -- C:\WINDOWS\System32\VistaUltm.dll
[2008.02.25 11:06:40 | 000,027,648 | -HS- | C] () -- C:\WINDOWS\System32\Smab0.dll
[2008.01.17 22:59:49 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2007.12.18 15:32:09 | 000,000,073 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2007.10.20 01:56:16 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.07.07 08:25:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SelSet.INI
[2007.06.07 09:55:20 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.06.05 21:36:33 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2007.05.09 08:05:24 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007.05.09 08:05:23 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007.04.06 13:16:33 | 000,000,041 | ---- | C] () -- C:\WINDOWS\DexCompress.ini
[2007.03.15 07:47:15 | 000,097,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin
[2007.01.14 14:13:47 | 000,000,095 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2006.10.11 21:45:26 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006.10.09 23:33:30 | 000,001,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.09.27 08:56:50 | 000,002,992 | ---- | C] () -- C:\WINDOWS\tm.ini
[2006.09.23 22:11:30 | 001,262,956 | ---- | C] () -- C:\WINDOWS\System32\XMNT2001.EXE
[2006.09.23 22:11:30 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\drivers\PQNTDRV.SYS
[2006.09.16 21:25:20 | 000,007,582 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.08.22 14:43:16 | 000,005,363 | ---- | C] () -- C:\WINDOWS\Imagine.INI
[2006.08.20 15:45:55 | 000,000,154 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006.08.20 13:50:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\URLPROXY.INI
[2006.08.19 15:48:57 | 000,044,032 | ---- | C] () -- C:\Dokumente und Einstellungen\miles davis\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.08.19 15:21:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006.08.19 15:21:10 | 000,004,325 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006.08.19 14:17:32 | 000,065,104 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2006.08.19 14:17:32 | 000,060,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2006.08.19 14:17:32 | 000,032,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2006.08.19 14:17:32 | 000,032,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2006.08.19 14:17:32 | 000,032,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2006.08.19 14:17:32 | 000,020,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2006.08.19 14:17:32 | 000,011,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2006.08.19 14:17:32 | 000,011,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2006.08.19 14:17:26 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006.08.19 13:55:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.08.19 13:48:07 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.08.19 13:39:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.08.19 13:38:52 | 000,160,344 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.08.09 12:33:42 | 000,002,120 | ---- | C] () -- C:\WINDOWS\System32\SETUP.INI
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.08.23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.18 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.18 12:00:00 | 000,411,266 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001.08.18 12:00:00 | 000,397,560 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.18 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.18 12:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001.08.18 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.18 12:00:00 | 000,072,684 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001.08.18 12:00:00 | 000,059,780 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.18 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.18 12:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001.08.18 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.18 12:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001.08.18 12:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2001.08.18 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2000.04.05 17:03:20 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\Ati2evxx.exe
[1996.12.09 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1996.12.09 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
 
========== LOP Check ==========
 
[2006.08.19 15:10:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\FRITZ!
[2010.03.25 00:06:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\LogoManager
[2009.12.01 15:31:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\DVD2AVI Ripper Professional
[2012.01.22 19:53:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\DDMSettings
[2011.05.13 10:19:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Canneverbe Limited
[2006.09.01 22:56:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\uTorrent
[2006.10.11 21:45:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\concept design
[2006.11.11 17:35:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\flightgear.org
[2006.11.20 11:50:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Ashampoo Photo Commander 4
[2011.08.25 18:22:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Thunderbird
[2007.04.12 11:03:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\PC Suite
[2011.11.24 22:51:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\OpenOffice.org
[2007.04.12 11:05:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Nokia
[2007.06.13 08:46:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\ICQ Toolbar
[2007.08.07 14:58:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\1&1
[2007.09.29 17:58:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\BitTorrent
[2007.11.15 21:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\NCH Swift Sound
[2008.01.17 23:00:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Anvil Studio
[2008.01.24 00:49:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Leadertech
[2008.05.05 20:36:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\foobar2000
[2008.12.17 10:37:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Uniblue
[2009.11.22 10:52:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\Megaupload
[2010.06.21 16:44:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\miles davis\Anwendungsdaten\MOVAVI
[2006.11.20 11:50:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2006.11.25 15:24:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Web.de Firefox
[2007.04.12 11:00:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2007.04.12 11:05:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2007.04.14 09:05:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2007.11.15 21:24:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2008.03.30 12:37:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Grisoft
[2008.12.17 10:37:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverScanner
[2011.05.13 10:19:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
 
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
 
Invalid Environment Variable: %APPDATA%\*.
 
Invalid Environment Variable: %APPDATA%\*.exe
 
< %SYSTEMDRIVE%\*.exe >
[2011.07.12 22:55:06 | 002,237,440 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe
 
 
< MD5 for: AGP440.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2001.08.18 12:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\system32\eventlog.dll
[2001.08.18 12:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=D9D9F2CC2AE17FDE1858F43CD93140C0 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2001.08.18 12:00:00 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=3DBBB866B1E7287E899DA9BC20E9F129 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\system32\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\system32\scecli.dll
[2001.08.18 12:00:00 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=8AF9B2782330AF8BD46B30239E455E77 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\system32\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2004.08.04 00:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2004.08.04 00:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2001.08.18 12:00:00 | 000,562,688 | ---- | M] (Microsoft Corporation) MD5=6873D38E021EAC4E0B508D1822157C1D -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2001.08.18 12:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=292F283D9E2D49A91DF039C1076ACD18 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2001.08.23 12:00:00 | 000,430,080 | ---- | M] (Microsoft Corporation) MD5=2B0E480E975EE51F2D5CE5F068FED6E2 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2001.08.18 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.18 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.08.19 13:38:08 | 000,393,216 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2006.08.19 13:38:08 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.08.19 13:38:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< CREATERESTOREPOINT >
 
< End of report >
--- --- ---


Gruß
Gabriel

cosinus 11.06.2012 09:26
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\URLSearchHook: {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMul1.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O2 - BHO: (Multi_Media_Germany toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMul1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Multi_Media_Germany toolbar) - {dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} - C:\Programme\Multi_Media_Germany\tbMul1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003\..\Toolbar\WebBrowser: (Multi_Media_Germany toolbar) - {DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} - C:\Programme\Multi_Media_Germany\tbMul1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [WinampAgent] E:\Programme\Winamp\Winampa.exe ()
O4 - HKU\S-1-5-21-1844237615-1383384898-1060284298-1003..\Run: [SpybotSD TeaTimer] D:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.03.24 13:06:41 | 000,000,053 | R--- | M] () - M:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{9df99721-2f86-11db-a00e-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9df99721-2f86-11db-a00e-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9df99721-2f86-11db-a00e-806d6172696f}\Shell\AutoRun\command - "" = M:\reatogoMenu.exe -- [2005.07.16 23:36:50 | 000,240,128 | R--- | M] ()
O33 - MountPoints2\{a432b440-bd4d-11dd-811b-00e04df78eb6}\Shell - "" = AutoRun
O33 - MountPoints2\{a432b440-bd4d-11dd-811b-00e04df78eb6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a432b440-bd4d-11dd-811b-00e04df78eb6}\Shell\AutoRun\command - "" = N:\start.exe
O33 - MountPoints2\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\Shell - "" = AutoRun
O33 - MountPoints2\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\Shell\AutoRun\command - "" = N:\pushinst.exe
:Files
C:\Dokumente und Einstellungen\miles davis\Lokale Einstellungen\Anwendungsdaten\vTUjlOjGJlxLXvnVrpfye
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

fundf 11.06.2012 10:07
Hallo Arne,
hier das, was OTL nach dem Fix geliefert hat. Gruß Gabriel

========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1844237615-1383384898-1060284298-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ deleted successfully.
C:\Programme\uTorrentBar_DE\tbuTor.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1844237615-1383384898-1060284298-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dac6ed64-8dd1-4ab8-aedf-b97892d28ffe}\ deleted successfully.
C:\Programme\Multi_Media_Germany\tbMul1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Programme\ConduitEngine\ConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
D:\Programme\Spybot - Search & Destroy\SDHelper.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Programme\uTorrentBar_DE\tbuTor.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dac6ed64-8dd1-4ab8-aedf-b97892d28ffe}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dac6ed64-8dd1-4ab8-aedf-b97892d28ffe}\ not found.
File C:\Programme\Multi_Media_Germany\tbMul1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Programme\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Programme\uTorrentBar_DE\tbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{dac6ed64-8dd1-4ab8-aedf-b97892d28ffe} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dac6ed64-8dd1-4ab8-aedf-b97892d28ffe}\ not found.
File C:\Programme\Multi_Media_Germany\tbMul1.dll not found.
Registry value HKEY_USERS\S-1-5-21-1844237615-1383384898-1060284298-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1844237615-1383384898-1060284298-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1844237615-1383384898-1060284298-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DAC6ED64-8DD1-4AB8-AEDF-B97892D28FFE}\ not found.
File C:\Programme\Multi_Media_Germany\tbMul1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
E:\Programme\Winamp\winampa.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1844237615-1383384898-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
D:\Programme\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. M:\AUTORUN.INF scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9df99721-2f86-11db-a00e-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9df99721-2f86-11db-a00e-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9df99721-2f86-11db-a00e-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9df99721-2f86-11db-a00e-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9df99721-2f86-11db-a00e-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9df99721-2f86-11db-a00e-806d6172696f}\ not found.
File move failed. M:\reatogoMenu.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a432b440-bd4d-11dd-811b-00e04df78eb6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a432b440-bd4d-11dd-811b-00e04df78eb6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a432b440-bd4d-11dd-811b-00e04df78eb6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a432b440-bd4d-11dd-811b-00e04df78eb6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a432b440-bd4d-11dd-811b-00e04df78eb6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a432b440-bd4d-11dd-811b-00e04df78eb6}\ not found.
File N:\start.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fcb2e900-d2c0-11db-baa3-cf282c8dae16}\ not found.
File N:\pushinst.exe not found.
========== FILES ==========
C:\Dokumente und Einstellungen\miles davis\Lokale Einstellungen\Anwendungsdaten\vTUjlOjGJlxLXvnVrpfye moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Java cache emptied: 12118723 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes

User: miles davis
->Temp folder emptied: 5159656 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 324374628 bytes
->Flash cache emptied: 2457 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1119339 bytes
%systemroot%\System32 .tmp files removed: 9095 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes

Total Files Cleaned = 327,00 mb


[EMPTYFLASH]

User: Default User
->Temp folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes

User: miles davis
->Temp folder emptied: 49152 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTLPE by OldTimer - Version 3.1.48.0 log created on 06112012_105716

Files\Folders moved on Reboot...
File move failed. M:\AUTORUN.INF scheduled to be moved on reboot.
File move failed. M:\reatogoMenu.exe scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\miles davis\Lokale Einstellungen\Temp\~DFDB99.tmp moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_94.dat not found!

Registry entries deleted on Reboot...

fundf 14.06.2012 07:21
Hallo Arne,
ich hoffe, du bist wohlauf - du hast dich nicht mehr gemeldet, deswegen komm ich drauf. Naja, dafür wird es Gründe geben.
Auf jeden Fall bis hierhin vielen Dank, XP läuft ja nun wieder ganz passabel. Ist denn das System jetzt virenfrei oder muß daran noch gewerkelt werden? Meinst du, ich könnte nun versuchen, die verschlüsselten Dateien zu entschlüsseln oder muß das noch warten?
Kannst dich ja bei Gelegenheit mal melden.

Viele Grüße
Gabriel

cosinus 14.06.2012 12:15
Sry hab deinen Strang übersehen, wen wunderts bei diesem Ansturm :headbang:

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

fundf 14.06.2012 15:08
Hallo Arne,
hier ist der Report von TDSS-Killer

Code:
16:02:27.0198 3916        TDSS rootkit removing tool 2.7.39.0 Jun 14 2012 08:11:46
16:02:29.0201 3916        ============================================================
16:02:29.0201 3916        Current date / time: 2012/06/14 16:02:29.0201
16:02:29.0201 3916        SystemInfo:
16:02:29.0201 3916       
16:02:29.0201 3916        OS Version: 5.1.2600 ServicePack: 2.0
16:02:29.0201 3916        Product type: Workstation
16:02:29.0201 3916        ComputerName: VOODOO
16:02:29.0201 3916        UserName: miles davis
16:02:29.0201 3916        Windows directory: C:\WINDOWS
16:02:29.0201 3916        System windows directory: C:\WINDOWS
16:02:29.0201 3916        Processor architecture: Intel x86
16:02:29.0201 3916        Number of processors: 1
16:02:29.0201 3916        Page size: 0x1000
16:02:29.0201 3916        Boot type: Normal boot
16:02:29.0201 3916        ============================================================
16:02:32.0025 3916        Drive \Device\Harddisk0\DR0 - Size: 0x9962B8000 (38.35 Gb), SectorSize: 0x200, Cylinders: 0x138D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:02:32.0075 3916        ============================================================
16:02:32.0075 3916        \Device\Harddisk0\DR0:
16:02:32.0125 3916        MBR partitions:
16:02:32.0125 3916        \Device\Harddisk0\DR0\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xE00CD3
16:02:32.0135 3916        \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0xE00D51, BlocksNum 0xA9E036
16:02:32.0145 3916        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x6, StartLBA 0x189EDC6, BlocksNum 0x29EAAC
16:02:32.0155 3916        \Device\Harddisk0\DR0\Partition3: MBR, Type 0x6, StartLBA 0x1B3D8B1, BlocksNum 0x29EAAC
16:02:32.0175 3916        \Device\Harddisk0\DR0\Partition4: MBR, Type 0xB, StartLBA 0x1DDC39C, BlocksNum 0x7FF54B
16:02:32.0175 3916        \Device\Harddisk0\DR0\Partition5: MBR, Type 0xB, StartLBA 0x25DB926, BlocksNum 0xBACA3B
16:02:32.0185 3916        \Device\Harddisk0\DR0\Partition6: MBR, Type 0xB, StartLBA 0x31883A0, BlocksNum 0x6A2432
16:02:32.0195 3916        \Device\Harddisk0\DR0\Partition7: MBR, Type 0xB, StartLBA 0x382A811, BlocksNum 0xCB36BE
16:02:32.0205 3916        \Device\Harddisk0\DR0\Partition8: MBR, Type 0xB, StartLBA 0x44DDF0E, BlocksNum 0x7D043F
16:02:32.0205 3916        ============================================================
16:02:32.0235 3916        C: <-> \Device\Harddisk0\DR0\Partition0
16:02:32.0245 3916        D: <-> \Device\Harddisk0\DR0\Partition1
16:02:32.0255 3916        E: <-> \Device\Harddisk0\DR0\Partition2
16:02:32.0275 3916        F: <-> \Device\Harddisk0\DR0\Partition3
16:02:32.0285 3916        G: <-> \Device\Harddisk0\DR0\Partition4
16:02:32.0305 3916        H: <-> \Device\Harddisk0\DR0\Partition5
16:02:32.0325 3916        I: <-> \Device\Harddisk0\DR0\Partition6
16:02:32.0345 3916        J: <-> \Device\Harddisk0\DR0\Partition7
16:02:32.0355 3916        K: <-> \Device\Harddisk0\DR0\Partition8
16:02:32.0386 3916        ============================================================
16:02:32.0386 3916        Initialize success
16:02:32.0386 3916        ============================================================
16:03:18.0862 0636        ============================================================
16:03:18.0862 0636        Scan started
16:03:18.0862 0636        Mode: Manual; SigCheck; TDLFS;
16:03:18.0862 0636        ============================================================
16:03:19.0123 0636        Abiosdsk - ok
16:03:19.0153 0636        abp480n5 - ok
16:03:19.0253 0636        ACPI            (94b4741d2cf9ed38140b831293d1601a) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:03:20.0585 0636        ACPI - ok
16:03:20.0635 0636        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:03:20.0935 0636        ACPIEC - ok
16:03:21.0276 0636        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:03:22.0387 0636        AdobeFlashPlayerUpdateSvc - ok
16:03:22.0407 0636        adpu160m - ok
16:03:22.0508 0636        aec            (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
16:03:23.0098 0636        aec - ok
16:03:23.0179 0636        AFD            (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
16:03:23.0489 0636        AFD - ok
16:03:23.0509 0636        Aha154x - ok
16:03:23.0529 0636        aic78u2 - ok
16:03:23.0559 0636        aic78xx - ok
16:03:23.0629 0636        Alerter        (1aab6c5f8376357cb9b16c38c42c4076) C:\WINDOWS\system32\alrsvc.dll
16:03:23.0930 0636        Alerter - ok
16:03:24.0000 0636        ALG            (6596dd260ffde1bdc994c1df236307bb) C:\WINDOWS\System32\alg.exe
16:03:24.0330 0636        ALG - ok
16:03:24.0340 0636        AliIde - ok
16:03:24.0430 0636        AmdK7          (fbf9ffb0b638df1448821bd0aceeb780) C:\WINDOWS\system32\DRIVERS\amdk7.sys
16:03:24.0701 0636        AmdK7 - ok
16:03:24.0731 0636        amsint - ok
16:03:24.0851 0636        AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) D:\Programme\Avira\AntiVir Desktop\sched.exe
16:03:24.0881 0636        AntiVirSchedulerService - ok
16:03:24.0971 0636        AntiVirService  (72d90e56563165984224493069c69ed4) D:\Programme\Avira\AntiVir Desktop\avguard.exe
16:03:25.0001 0636        AntiVirService - ok
16:03:25.0081 0636        AppMgmt        (becd5328e7869807d6557be4fe60c72f) C:\WINDOWS\System32\appmgmts.dll
16:03:25.0372 0636        AppMgmt - ok
16:03:25.0412 0636        asc - ok
16:03:25.0442 0636        asc3350p - ok
16:03:25.0472 0636        asc3550 - ok
16:03:25.0562 0636        ASPI32          (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
16:03:25.0572 0636        ASPI32 ( UnsignedFile.Multi.Generic ) - warning
16:03:25.0572 0636        ASPI32 - detected UnsignedFile.Multi.Generic (1)
16:03:25.0682 0636        aspnet_state    (4eabf511b1af176a971c3271e48fa3a8) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:03:25.0702 0636        aspnet_state - ok
16:03:25.0742 0636        AsyncMac        (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:03:26.0033 0636        AsyncMac - ok
16:03:26.0093 0636        atapi          (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:03:26.0373 0636        atapi - ok
16:03:26.0393 0636        Atdisk - ok
16:03:26.0473 0636        Ati HotKey Poller (5bfb89a40c843708e94a871ba292ac96) C:\WINDOWS\system32\Ati2evxx.exe
16:03:26.0543 0636        Ati HotKey Poller - ok
16:03:26.0624 0636        ati2mpaa        (e99b564478a28c573dc77d05963244ad) C:\WINDOWS\system32\DRIVERS\ati2mpaa.sys
16:03:26.0984 0636        ati2mpaa - ok
16:03:27.0054 0636        ati2mtaa        (27bab72eae141d0ce39ec65c0fdeb2d6) C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys
16:03:27.0114 0636        ati2mtaa - ok
16:03:27.0194 0636        Atmarpc        (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:03:27.0785 0636        Atmarpc - ok
16:03:27.0865 0636        AudioSrv        (e98b8250398f6637b335a76ba8dfb602) C:\WINDOWS\System32\audiosrv.dll
16:03:28.0126 0636        AudioSrv - ok
16:03:28.0186 0636        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:03:28.0516 0636        audstub - ok
16:03:28.0586 0636        avgio          (0b497c79824f8e1bf22fa6aacd3de3a0) D:\Programme\Avira\AntiVir Desktop\avgio.sys
16:03:28.0596 0636        avgio - ok
16:03:28.0656 0636        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:03:28.0676 0636        avgntflt - ok
16:03:28.0747 0636        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:03:28.0777 0636        avipbb - ok
16:03:28.0827 0636        AVM IGD CTRL Service (8dfa2ec772f97ed02b384db88641b367) D:\Programme\FRITZ!DSL\IGDCTRL.EXE
16:03:28.0847 0636        AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - warning
16:03:28.0847 0636        AVM IGD CTRL Service - detected UnsignedFile.Multi.Generic (1)
16:03:28.0917 0636        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:03:29.0257 0636        Beep - ok
16:03:29.0357 0636        BITS            (3a5e54a9ab96ef2d273b58136fb58efe) C:\WINDOWS\System32\qmgr.dll
16:03:29.0638 0636        BITS - ok
16:03:29.0718 0636        Browser        (d8653dcd80cf2ebb333fc4fcc43a7def) C:\WINDOWS\System32\browser.dll
16:03:29.0968 0636        Browser - ok
16:03:30.0038 0636        BthEnum        (d24b8d1784c68a25060fffbe8ed34b76) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
16:03:30.0319 0636        BthEnum - ok
16:03:30.0369 0636        BTHMODEM        (9df0adf74ce1d6371ed60cf92eb1d9a6) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
16:03:30.0609 0636        BTHMODEM - ok
16:03:30.0679 0636        BthPan          (10355270be12641b9764235da39dcf0f) C:\WINDOWS\system32\DRIVERS\bthpan.sys
16:03:30.0930 0636        BthPan - ok
16:03:31.0010 0636        BTHPORT        (0b9ace3462420fd48eb5d91868c88b75) C:\WINDOWS\system32\Drivers\BTHport.sys
16:03:31.0290 0636        BTHPORT - ok
16:03:31.0380 0636        BthServ        (822d1875b12b6219cece1d221349cef4) C:\WINDOWS\System32\bthserv.dll
16:03:31.0631 0636        BthServ - ok
16:03:31.0691 0636        BTHUSB          (f06d4cb9918b462a84d9ac00027efc30) C:\WINDOWS\system32\Drivers\BTHUSB.sys
16:03:31.0921 0636        BTHUSB - ok
16:03:31.0981 0636        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:03:32.0342 0636        cbidf2k - ok
16:03:32.0362 0636        cd20xrnt - ok
16:03:32.0442 0636        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:03:32.0772 0636        Cdaudio - ok
16:03:32.0832 0636        Cdfs            (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
16:03:33.0063 0636        Cdfs - ok
16:03:33.0113 0636        Cdrom          (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:03:33.0353 0636        Cdrom - ok
16:03:33.0383 0636        Changer - ok
16:03:33.0503 0636        cisvc          (234d52c63c67a8cf4af9becce43bfb4a) C:\WINDOWS\System32\cisvc.exe
16:03:33.0734 0636        cisvc - ok
16:03:33.0804 0636        ClipSrv        (0461868578d29dc18fb1c79933c5158a) C:\WINDOWS\system32\clipsrv.exe
16:03:34.0044 0636        ClipSrv - ok
16:03:34.0144 0636        clr_optimization_v2.0.50727_32 (234b1bc2796483e1f5c3f26649fb3388) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:03:34.0164 0636        clr_optimization_v2.0.50727_32 - ok
16:03:34.0194 0636        CmdIde - ok
16:03:34.0285 0636        COMSysApp - ok
16:03:34.0335 0636        Cpqarray - ok
16:03:34.0405 0636        CryptSvc        (1a5f9db98df7955b4c7cbdbf2c638238) C:\WINDOWS\System32\cryptsvc.dll
16:03:34.0645 0636        CryptSvc - ok
16:03:34.0675 0636        dac2w2k - ok
16:03:34.0715 0636        dac960nt - ok
16:03:34.0805 0636        DcomLaunch      (891e3e4537c6dfcae475073fc49ce9cb) C:\WINDOWS\system32\rpcss.dll
16:03:35.0136 0636        DcomLaunch - ok
16:03:35.0246 0636        de_serv        (1523251b9d8a5d84de0cd23418847824) C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
16:03:35.0296 0636        de_serv ( UnsignedFile.Multi.Generic ) - warning
16:03:35.0296 0636        de_serv - detected UnsignedFile.Multi.Generic (1)
16:03:35.0376 0636        Dhcp            (7c4d218f9017725589adacab82beb0f8) C:\WINDOWS\System32\dhcpcsvc.dll
16:03:35.0576 0636        Dhcp - ok
16:03:35.0626 0636        Disk            (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
16:03:35.0877 0636        Disk - ok
16:03:35.0917 0636        dmadmin - ok
16:03:36.0027 0636        dmboot          (5789b83ba87fc84c3568cf86cacef8ce) C:\WINDOWS\system32\drivers\dmboot.sys
16:03:36.0378 0636        dmboot - ok
16:03:36.0448 0636        dmio            (084eb0a50a4f7b4705c8a57f234e5291) C:\WINDOWS\system32\drivers\dmio.sys
16:03:36.0698 0636        dmio - ok
16:03:36.0758 0636        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:03:37.0099 0636        dmload - ok
16:03:37.0169 0636        dmserver        (fa2d9d1a9f6b5a88d01e1685ce2378ba) C:\WINDOWS\System32\dmserver.dll
16:03:37.0399 0636        dmserver - ok
16:03:37.0479 0636        DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
16:03:37.0719 0636        DMusic - ok
16:03:37.0770 0636        Dnscache        (d1f5b71bbaeee07b78980dbd878c0bc7) C:\WINDOWS\System32\dnsrslvr.dll
16:03:38.0020 0636        Dnscache - ok
16:03:38.0050 0636        dpti2o - ok
16:03:38.0110 0636        drmkaud        (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
16:03:38.0340 0636        drmkaud - ok
16:03:38.0420 0636        ERSvc          (877a4512cc9074d6954776af47021766) C:\WINDOWS\System32\ersvc.dll
16:03:38.0651 0636        ERSvc - ok
16:03:38.0731 0636        Eventlog        (edb6b81761bd60f32f740bbc40afb676) C:\WINDOWS\system32\services.exe
16:03:38.0991 0636        Eventlog - ok
16:03:39.0061 0636        EventSystem    (bebc63622bdc30053a3145ebd90af450) C:\WINDOWS\System32\es.dll
16:03:39.0142 0636        EventSystem - ok
16:03:39.0202 0636        Fastfat        (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
16:03:39.0452 0636        Fastfat - ok
16:03:39.0522 0636        FastUserSwitchingCompatibility (bac5f7f0c2b8c1b9832594851e0f9914) C:\WINDOWS\System32\shsvcs.dll
16:03:39.0752 0636        FastUserSwitchingCompatibility - ok
16:03:39.0812 0636        Fdc            (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:03:40.0033 0636        Fdc - ok
16:03:40.0103 0636        Fips            (9e9af89f9b14aa6249065c309ce73bd8) C:\WINDOWS\system32\drivers\Fips.sys
16:03:40.0473 0636        Fips - ok
16:03:40.0534 0636        Flpydisk        (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:03:40.0764 0636        Flpydisk - ok
16:03:40.0834 0636        FltMgr          (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\drivers\fltmgr.sys
16:03:41.0064 0636        FltMgr - ok
16:03:41.0114 0636        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:03:41.0485 0636        Fs_Rec - ok
16:03:41.0545 0636        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:03:41.0895 0636        Ftdisk - ok
16:03:41.0986 0636        FWLANUSB        (b45f1df1cce34e2af422f0ed78cd70ef) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
16:03:42.0056 0636        FWLANUSB - ok
16:03:42.0106 0636        gameenum        (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
16:03:42.0336 0636        gameenum - ok
16:03:42.0386 0636        Gpc            (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:03:42.0617 0636        Gpc - ok
16:03:42.0687 0636        gupdate - ok
16:03:42.0787 0636        helpsvc        (ba85bcf1a2bcf927c3600574173403e0) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:03:43.0017 0636        helpsvc - ok
16:03:43.0067 0636        HidServ        (b647ca198b9c73056abfb0a9d8f4916d) C:\WINDOWS\System32\hidserv.dll
16:03:43.0298 0636        HidServ - ok
16:03:43.0378 0636        HidUsb          (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:03:43.0728 0636        HidUsb - ok
16:03:43.0748 0636        hpn - ok
16:03:43.0768 0636        hpt3xx - ok
16:03:43.0848 0636        HTTP            (cb77bb47e67e84deb17ba29632501730) C:\WINDOWS\system32\Drivers\HTTP.sys
16:03:44.0059 0636        HTTP - ok
16:03:44.0139 0636        HTTPFilter      (9ec7e866bbdbf3ecc0e67f4e0a838eb2) C:\WINDOWS\System32\w3ssl.dll
16:03:44.0369 0636        HTTPFilter - ok
16:03:44.0389 0636        i2omgmt - ok
16:03:44.0419 0636        i2omp - ok
16:03:44.0479 0636        i8042prt        (7c575018d0413440d75432a78b88c899) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:03:44.0710 0636        i8042prt - ok
16:03:44.0840 0636        IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:03:44.0870 0636        IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:03:44.0870 0636        IDriverT - detected UnsignedFile.Multi.Generic (1)
16:03:44.0930 0636        Imapi          (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:03:45.0160 0636        Imapi - ok
16:03:45.0220 0636        ImapiService    (57d7267a9ed91ecaf4336b08c9628fca) C:\WINDOWS\System32\imapi.exe
16:03:45.0461 0636        ImapiService - ok
16:03:45.0511 0636        ini910u - ok
16:03:45.0551 0636        IntelIde - ok
16:03:45.0621 0636        ip6fw          (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
16:03:45.0821 0636        ip6fw - ok
16:03:45.0881 0636        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:03:46.0242 0636        IpFilterDriver - ok
16:03:46.0302 0636        IpInIp          (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:03:46.0532 0636        IpInIp - ok
16:03:46.0592 0636        IpNat          (472c75f85e631f8aa87d21c9fee6238d) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:03:46.0783 0636        IpNat - ok
16:03:46.0833 0636        IPSec          (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:03:47.0063 0636        IPSec - ok
16:03:47.0133 0636        IRENUM          (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:03:47.0363 0636        IRENUM - ok
16:03:47.0443 0636        isapnp          (ce9b7afdf0a3d7dd8d1487262316b959) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:03:47.0804 0636        isapnp - ok
16:03:47.0964 0636        JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Programme\Java\jre6\bin\jqs.exe
16:03:48.0004 0636        JavaQuickStarterService - ok
16:03:48.0064 0636        Kbdclass        (b128fc0a5cd83f669d5de4b58f77c7d6) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:03:48.0285 0636        Kbdclass - ok
16:03:48.0345 0636        kbdhid          (7ec877aa899323b92874fe62c7ddcde7) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:03:48.0575 0636        kbdhid - ok
16:03:48.0655 0636        kmixer          (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
16:03:48.0906 0636        kmixer - ok
16:03:48.0966 0636        KSecDD          (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
16:03:49.0206 0636        KSecDD - ok
16:03:49.0306 0636        lanmanserver    (2865fa4ed4471929881c053a6e5a85f6) C:\WINDOWS\System32\srvsvc.dll
16:03:49.0366 0636        lanmanserver - ok
16:03:49.0436 0636        lanmanworkstation (36d74668f5448d55887fa3958488dc06) C:\WINDOWS\System32\wkssvc.dll
16:03:49.0667 0636        lanmanworkstation - ok
16:03:49.0697 0636        lbrtfdc - ok
16:03:49.0787 0636        LmHosts        (4c25fadd7fe1d5bd779b20d3d0eb8d7c) C:\WINDOWS\System32\lmhsvc.dll
16:03:50.0027 0636        LmHosts - ok
16:03:50.0087 0636        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
16:03:50.0137 0636        MBAMProtector - ok
16:03:50.0278 0636        MBAMService    (ba400ed640bca1eae5c727ae17c10207) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
16:03:50.0388 0636        MBAMService - ok
16:03:50.0458 0636        Messenger      (e5215ab942c5ac5f7eb0e54871d7a27c) C:\WINDOWS\System32\msgsvc.dll
16:03:50.0718 0636        Messenger - ok
16:03:50.0778 0636        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:03:51.0139 0636        mnmdd - ok
16:03:51.0229 0636        mnmsrvc        (bb2470d20405b272ea47ca5e18f1c58e) C:\WINDOWS\System32\mnmsrvc.exe
16:03:51.0459 0636        mnmsrvc - ok
16:03:51.0519 0636        Modem          (91a3da4b12f6f1d760463a7f7857f748) C:\WINDOWS\system32\drivers\Modem.sys
16:03:51.0760 0636        Modem - ok
16:03:51.0810 0636        Mouclass        (71e15ca47fd947552054afb28536268f) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:03:52.0040 0636        Mouclass - ok
16:03:52.0110 0636        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:03:52.0461 0636        mouhid - ok
16:03:52.0521 0636        MountMgr        (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
16:03:52.0731 0636        MountMgr - ok
16:03:52.0851 0636        MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
16:03:52.0891 0636        MozillaMaintenance - ok
16:03:52.0901 0636        mraid35x - ok
16:03:52.0981 0636        MRxDAV          (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:03:53.0232 0636        MRxDAV - ok
16:03:53.0332 0636        MRxSmb          (025af03ce51645c62f3b6907a7e2be5e) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:03:53.0582 0636        MRxSmb - ok
16:03:53.0652 0636        MSDTC          (d059f9c7752ef461476e83180daa5c62) C:\WINDOWS\System32\msdtc.exe
16:03:53.0883 0636        MSDTC - ok
16:03:53.0923 0636        Msfs            (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
16:03:54.0153 0636        Msfs - ok
16:03:54.0213 0636        MSIServer - ok
16:03:54.0273 0636        MSKSSRV        (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:03:54.0514 0636        MSKSSRV - ok
16:03:54.0574 0636        MSPCLOCK        (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:03:54.0794 0636        MSPCLOCK - ok
16:03:54.0864 0636        MSPQM          (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
16:03:55.0104 0636        MSPQM - ok
16:03:55.0155 0636        mssmbios        (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:03:55.0395 0636        mssmbios - ok
16:03:55.0435 0636        ms_mpu401      (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
16:03:55.0795 0636        ms_mpu401 - ok
16:03:55.0846 0636        Mup            (f66b6b1cddee6ca87cefc016eb7a0d8e) C:\WINDOWS\system32\drivers\Mup.sys
16:03:55.0916 0636        Mup - ok
16:03:55.0986 0636        NDIS            (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
16:03:56.0216 0636        NDIS - ok
16:03:56.0266 0636        NdisTapi        (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:03:56.0607 0636        NdisTapi - ok
16:03:56.0697 0636        Ndisuio        (8d3ce6b579cde8d37acc690b67dc2106) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:03:56.0737 0636        Ndisuio - ok
16:03:56.0797 0636        NdisWan        (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:03:57.0017 0636        NdisWan - ok
16:03:57.0077 0636        NDProxy        (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
16:03:57.0448 0636        NDProxy - ok
16:03:57.0498 0636        NetBIOS        (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:03:57.0728 0636        NetBIOS - ok
16:03:57.0778 0636        NetBT          (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:03:58.0019 0636        NetBT - ok
16:03:58.0089 0636        NetDDE          (f4eff57254f565f39b6029150414a0d5) C:\WINDOWS\system32\netdde.exe
16:03:58.0329 0636        NetDDE - ok
16:03:58.0379 0636        NetDDEdsdm      (f4eff57254f565f39b6029150414a0d5) C:\WINDOWS\system32\netdde.exe
16:03:58.0610 0636        NetDDEdsdm - ok
16:03:58.0680 0636        Netlogon        (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\System32\lsass.exe
16:03:58.0900 0636        Netlogon - ok
16:03:59.0000 0636        Netman          (1e5218fbe323c375b488318950e10fb4) C:\WINDOWS\System32\netman.dll
16:03:59.0070 0636        Netman - ok
16:03:59.0140 0636        Nla            (b36e08f680bae4dfc5c24d00a2dfc9e7) C:\WINDOWS\System32\mswsock.dll
16:03:59.0401 0636        Nla - ok
16:03:59.0491 0636        NMSAccess      (7aea4df1ca68fd45dd4bbe1f0243ce7f) D:\Programme\CDBurnerXP\NMSAccessU.exe
16:03:59.0521 0636        NMSAccess - ok
16:03:59.0601 0636        nmwcd          (696b37ea78f9d9767a2f18ba0304a51a) C:\WINDOWS\system32\drivers\nmwcd.sys
16:03:59.0741 0636        nmwcd - ok
16:03:59.0821 0636        nmwcdc          (bbb6010fc01d9239d88fcdf133e03ff0) C:\WINDOWS\system32\drivers\nmwcdc.sys
16:03:59.0891 0636        nmwcdc - ok
16:03:59.0951 0636        nmwcdcj        (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcj.sys
16:04:00.0042 0636        nmwcdcj - ok
16:04:00.0082 0636        nmwcdcm        (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcm.sys
16:04:00.0142 0636        nmwcdcm - ok
16:04:00.0192 0636        Npfs            (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
16:04:00.0422 0636        Npfs - ok
16:04:00.0542 0636        Ntfs            (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
16:04:00.0823 0636        Ntfs - ok
16:04:00.0873 0636        NtLmSsp        (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\System32\lsass.exe
16:04:01.0093 0636        NtLmSsp - ok
16:04:01.0343 0636        NtmsSvc        (428aa946a8d9f32dbb4260c8e6e13377) C:\WINDOWS\system32\ntmssvc.dll
16:04:01.0624 0636        NtmsSvc - ok
16:04:01.0674 0636        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:04:02.0034 0636        Null - ok
16:04:02.0235 0636        nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:04:03.0036 0636        nv - ok
16:04:03.0106 0636        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:04:03.0467 0636        NwlnkFlt - ok
16:04:03.0517 0636        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:04:03.0837 0636        NwlnkFwd - ok
16:04:03.0907 0636        Parport        (b2f17a2edb5450e61973a037f63a595b) C:\WINDOWS\system32\DRIVERS\parport.sys
16:04:04.0137 0636        Parport - ok
16:04:04.0198 0636        PartMgr        (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
16:04:04.0548 0636        PartMgr - ok
16:04:04.0618 0636        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
16:04:04.0959 0636        ParVdm - ok
16:04:05.0019 0636        PCI            (6fb463e5b243fbd6f3d3c83f914d94fb) C:\WINDOWS\system32\DRIVERS\pci.sys
16:04:05.0269 0636        PCI - ok
16:04:05.0299 0636        PCIDump - ok
16:04:05.0359 0636        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:04:05.0700 0636        PCIIde - ok
16:04:05.0780 0636        Pcmcia          (e2363f4c1daff89abee5f593e13d8a05) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:04:06.0010 0636        Pcmcia - ok
16:04:06.0030 0636        PDCOMP - ok
16:04:06.0060 0636        PDFRAME - ok
16:04:06.0090 0636        PDRELI - ok
16:04:06.0110 0636        PDRFRAME - ok
16:04:06.0140 0636        perc2 - ok
16:04:06.0170 0636        perc2hib - ok
16:04:06.0451 0636        PlugPlay        (edb6b81761bd60f32f740bbc40afb676) C:\WINDOWS\system32\services.exe
16:04:06.0681 0636        PlugPlay - ok
16:04:06.0731 0636        PolicyAgent    (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\System32\lsass.exe
16:04:06.0942 0636        PolicyAgent - ok
16:04:07.0002 0636        PptpMiniport    (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:04:07.0222 0636        PptpMiniport - ok
16:04:07.0272 0636        PQNTDrv        (474543751522111dd7c0cf09e17f6d9f) C:\WINDOWS\system32\drivers\PQNTDrv.sys
16:04:07.0292 0636        PQNTDrv ( UnsignedFile.Multi.Generic ) - warning
16:04:07.0292 0636        PQNTDrv - detected UnsignedFile.Multi.Generic (1)
16:04:07.0362 0636        Processor      (3d7f196e77f986c106e9320b81a5ebbf) C:\WINDOWS\system32\DRIVERS\processr.sys
16:04:07.0582 0636        Processor - ok
16:04:07.0633 0636        ProtectedStorage (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
16:04:07.0853 0636        ProtectedStorage - ok
16:04:07.0913 0636        PSched          (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
16:04:08.0143 0636        PSched - ok
16:04:08.0183 0636        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:04:08.0534 0636        Ptilink - ok
16:04:08.0594 0636        PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:04:08.0614 0636        PxHelp20 - ok
16:04:08.0654 0636        ql1080 - ok
16:04:08.0684 0636        Ql10wnt - ok
16:04:08.0714 0636        ql12160 - ok
16:04:08.0744 0636        ql1240 - ok
16:04:08.0774 0636        ql1280 - ok
16:04:08.0824 0636        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:04:09.0175 0636        RasAcd - ok
16:04:09.0255 0636        RasAuto        (e3c6e87c1f84584a773d7c3dd205dbff) C:\WINDOWS\System32\rasauto.dll
16:04:09.0485 0636        RasAuto - ok
16:04:09.0535 0636        Rasl2tp        (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:04:09.0746 0636        Rasl2tp - ok
16:04:09.0816 0636        RasMan          (ffc8343b35fb2df01a5767748efa5b58) C:\WINDOWS\System32\rasmans.dll
16:04:10.0016 0636        RasMan - ok
16:04:10.0056 0636        RasPppoe        (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:04:10.0286 0636        RasPppoe - ok
16:04:10.0336 0636        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:04:10.0667 0636        Raspti - ok
16:04:10.0747 0636        Rdbss          (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:04:10.0917 0636        Rdbss - ok
16:04:10.0957 0636        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:04:11.0328 0636        RDPCDD - ok
16:04:11.0408 0636        rdpdr          (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:04:11.0648 0636        rdpdr - ok
16:04:11.0728 0636        RDPWD          (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
16:04:11.0788 0636        RDPWD - ok
16:04:11.0869 0636        RDSessMgr      (aec159942df64a9890072d7bb1797762) C:\WINDOWS\system32\sessmgr.exe
16:04:12.0119 0636        RDSessMgr - ok
16:04:12.0169 0636        redbook        (aa56702e230860565cb8d43680f57f33) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:04:12.0419 0636        redbook - ok
16:04:12.0479 0636        RemoteAccess    (eba80cdf25e02084857957e820004934) C:\WINDOWS\System32\mprdim.dll
16:04:12.0820 0636        RemoteAccess - ok
16:04:12.0900 0636        RemoteRegistry  (ae81cf7d7cfa79cd03e8fb99788a7e09) C:\WINDOWS\system32\regsvc.dll
16:04:13.0110 0636        RemoteRegistry - ok
16:04:13.0190 0636        RFCOMM          (99c4b74981a1413f142a3903130088cb) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
16:04:13.0411 0636        RFCOMM - ok
16:04:13.0481 0636        RpcLocator      (da23f9f3f1b1871120f980a6879581ac) C:\WINDOWS\System32\locator.exe
16:04:13.0711 0636        RpcLocator - ok
16:04:13.0801 0636        RpcSs          (891e3e4537c6dfcae475073fc49ce9cb) C:\WINDOWS\system32\rpcss.dll
16:04:13.0871 0636        RpcSs - ok
16:04:13.0962 0636        rspndr          (a3b23fb3f295694091f51865f98588b2) C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:04:14.0002 0636        rspndr - ok
16:04:14.0082 0636        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
16:04:14.0472 0636        RSVP - ok
16:04:14.0613 0636        RTCore32 - ok
16:04:14.0683 0636        rtl8139        (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
16:04:14.0893 0636        rtl8139 - ok
16:04:14.0973 0636        SamSs          (183805eb05bca5a1e4aaaed4d2be3690) C:\WINDOWS\system32\lsass.exe
16:04:15.0173 0636        SamSs - ok
16:04:15.0263 0636        SCardSvr        (b4cf7b42de6cfa6fde7d6af4daa55f57) C:\WINDOWS\System32\SCardSvr.exe
16:04:15.0494 0636        SCardSvr - ok
16:04:15.0574 0636        Schedule        (d5e73842f38e24457c63fef8ceffbe19) C:\WINDOWS\system32\schedsvc.dll
16:04:15.0814 0636        Schedule - ok
16:04:15.0874 0636        Secdrv          (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:04:16.0105 0636        Secdrv - ok
16:04:16.0165 0636        seclogon        (fed544b43903fb801b106f062110358a) C:\WINDOWS\System32\seclogon.dll
16:04:16.0395 0636        seclogon - ok
16:04:16.0455 0636        SENS            (ab74d986c1dd0d0c95b6ad37ec1e9f4f) C:\WINDOWS\system32\sens.dll
16:04:16.0676 0636        SENS - ok
16:04:16.0686 0636        Ser2pl - ok
16:04:16.0776 0636        serenum        (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:04:16.0986 0636        serenum - ok
16:04:17.0046 0636        Serial          (cd5b9995afcdb466c9efc048d167e3be) C:\WINDOWS\system32\DRIVERS\serial.sys
16:04:17.0256 0636        Serial - ok
16:04:17.0326 0636        sermouse        (e8f3e51da8098201f50678cec5fce179) C:\WINDOWS\system32\DRIVERS\sermouse.sys
16:04:17.0697 0636        sermouse - ok
16:04:17.0817 0636        ServiceLayer    (78546cd2eca6dd6bdcd4b13048621f88) C:\Programme\PC Connectivity Solution\ServiceLayer.exe
16:04:17.0857 0636        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
16:04:17.0867 0636        ServiceLayer - detected UnsignedFile.Multi.Generic (1)
16:04:17.0917 0636        sfdrv01        (9e7dee11fd5a4355941a45f13c0ed59a) C:\WINDOWS\system32\drivers\sfdrv01.sys
16:04:17.0937 0636        sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
16:04:17.0937 0636        sfdrv01 - detected UnsignedFile.Multi.Generic (1)
16:04:17.0987 0636        sfhlp02        (ecefb59d2206d281e6d317af0ea0d8bd) C:\WINDOWS\system32\drivers\sfhlp02.sys
16:04:17.0997 0636        sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
16:04:17.0997 0636        sfhlp02 - detected UnsignedFile.Multi.Generic (1)
16:04:18.0047 0636        Sfloppy        (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:04:18.0268 0636        Sfloppy - ok
16:04:18.0328 0636        sfvfs02        (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys
16:04:18.0348 0636        sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
16:04:18.0348 0636        sfvfs02 - detected UnsignedFile.Multi.Generic (1)
16:04:18.0458 0636        SharedAccess    (9245420422e409a25c1410acb4244060) C:\WINDOWS\System32\ipnathlp.dll
16:04:18.0718 0636        SharedAccess - ok
16:04:18.0789 0636        ShellHWDetection (bac5f7f0c2b8c1b9832594851e0f9914) C:\WINDOWS\System32\shsvcs.dll
16:04:19.0019 0636        ShellHWDetection - ok
16:04:19.0039 0636        Simbad - ok
16:04:19.0099 0636        SiS7012        (7d0a8098fc8105c5f6fc6cdaeaf43f88) C:\WINDOWS\system32\drivers\sis7012.sys
16:04:19.0119 0636        SiS7012 ( UnsignedFile.Multi.Generic ) - warning
16:04:19.0119 0636        SiS7012 - detected UnsignedFile.Multi.Generic (1)
16:04:19.0209 0636        SiS7018        (93640ef0f4606a08df13bb059e181aeb) C:\WINDOWS\system32\drivers\sis7018.sys
16:04:19.0289 0636        SiS7018 - ok
16:04:19.0349 0636        sisagp          (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:04:19.0580 0636        sisagp - ok
16:04:19.0610 0636        Sparrow - ok
16:04:19.0690 0636        splitter        (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
16:04:19.0910 0636        splitter - ok
16:04:19.0960 0636        Spooler        (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
16:04:20.0020 0636        Spooler - ok
16:04:20.0080 0636        sr              (e4200cb2f418d8fc4acdd7e38c419d6a) C:\WINDOWS\system32\DRIVERS\sr.sys
16:04:20.0311 0636        sr - ok
16:04:20.0381 0636        srservice      (015f302c4cf961f20c3f98f3a7ca7917) C:\WINDOWS\System32\srsvc.dll
16:04:20.0611 0636        srservice - ok
16:04:20.0691 0636        Srv            (e03b4ea274c9e509cca7f9f0cec24232) C:\WINDOWS\system32\DRIVERS\srv.sys
16:04:20.0902 0636        Srv - ok
16:04:21.0002 0636        SSDPSRV        (6fa03b462b2fffe2627171b7fe73ee29) C:\WINDOWS\System32\ssdpsrv.dll
16:04:21.0222 0636        SSDPSRV - ok
16:04:21.0282 0636        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
16:04:21.0292 0636        ssmdrv - ok
16:04:21.0352 0636        StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
16:04:21.0372 0636        StarOpen ( UnsignedFile.Multi.Generic ) - warning
16:04:21.0372 0636        StarOpen - detected UnsignedFile.Multi.Generic (1)
16:04:21.0482 0636        stisvc          (7e751068ada60fc77638622e86a7cd9e) C:\WINDOWS\system32\wiaservc.dll
16:04:21.0713 0636        stisvc - ok
16:04:21.0783 0636        swenum          (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:04:22.0003 0636        swenum - ok
16:04:22.0053 0636        swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
16:04:22.0434 0636        swmidi - ok
16:04:22.0584 0636        SwPrv - ok
16:04:22.0634 0636        symc810 - ok
16:04:22.0654 0636        symc8xx - ok
16:04:22.0684 0636        sym_hi - ok
16:04:22.0714 0636        sym_u3 - ok
16:04:22.0784 0636        sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
16:04:22.0995 0636        sysaudio - ok
16:04:23.0085 0636        SysmonLog      (6d0c43df9d3a7c5a9b4f94772cbd5ddc) C:\WINDOWS\system32\smlogsvc.exe
16:04:23.0315 0636        SysmonLog - ok
16:04:23.0405 0636        TapiSrv        (427d7eb3b453347082c8f4b370065d60) C:\WINDOWS\System32\tapisrv.dll
16:04:23.0485 0636        TapiSrv - ok
16:04:23.0565 0636        Tcpip          (1dbf125862891817f374f407626967f4) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:04:23.0766 0636        Tcpip - ok
16:04:23.0836 0636        TDPIPE          (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:04:24.0036 0636        TDPIPE - ok
16:04:24.0116 0636        TDTCP          (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
16:04:24.0347 0636        TDTCP - ok
16:04:24.0407 0636        TermDD          (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:04:24.0627 0636        TermDD - ok
16:04:24.0707 0636        TermService    (1850bc10de5dcccede063fc2d0f2ceda) C:\WINDOWS\System32\termsrv.dll
16:04:24.0957 0636        TermService - ok
16:04:25.0038 0636        Themes          (bac5f7f0c2b8c1b9832594851e0f9914) C:\WINDOWS\System32\shsvcs.dll
16:04:25.0258 0636        Themes - ok
16:04:25.0338 0636        TlntSvr        (58708746b8267033e5cf2b29659e7f74) C:\WINDOWS\System32\tlntsvr.exe
16:04:25.0568 0636        TlntSvr - ok
16:04:25.0588 0636        TosIde - ok
16:04:25.0678 0636        TrkWks          (a34e894201d66e380e1fa96fe11b587e) C:\WINDOWS\system32\trkwks.dll
16:04:25.0909 0636        TrkWks - ok
16:04:25.0979 0636        Udfs            (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
16:04:26.0199 0636        Udfs - ok
16:04:26.0229 0636        ultra - ok
16:04:26.0289 0636        UMWdf          (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
16:04:26.0329 0636        UMWdf - ok
16:04:26.0420 0636        Update          (a4815a4884898f355a3513e60843a4fd) C:\WINDOWS\system32\DRIVERS\update.sys
16:04:26.0460 0636        Update - ok
16:04:26.0550 0636        upnphost        (09d4a2d7c5a8abec227d118765faaddf) C:\WINDOWS\System32\upnphost.dll
16:04:26.0790 0636        upnphost - ok
16:04:26.0840 0636        UPS            (a99f867e76cfdaa28ee305b93f70e84f) C:\WINDOWS\System32\ups.exe
16:04:27.0060 0636        UPS - ok
16:04:27.0151 0636        usbccgp        (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:04:27.0381 0636        usbccgp - ok
16:04:27.0441 0636        usbhub          (6d46b1f89134892a862ac56b00ac11fe) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:04:27.0481 0636        usbhub - ok
16:04:27.0541 0636        usbohci        (555b2b2108c5085cc203202fec702d08) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:04:27.0561 0636        usbohci - ok
16:04:27.0611 0636        usbprint        (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:04:27.0842 0636        usbprint - ok
16:04:27.0912 0636        USBSTOR        (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:04:28.0122 0636        USBSTOR - ok
16:04:28.0212 0636        usnjsvc        (9d19b042a4fd5c02195071ea2fe0c821) C:\Programme\Windows Live\Messenger\usnsvc.exe
16:04:28.0242 0636        usnjsvc - ok
16:04:28.0292 0636        VgaSave        (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
16:04:28.0523 0636        VgaSave - ok
16:04:28.0543 0636        ViaIde - ok
16:04:28.0623 0636        VolSnap        (d6888520ff56d72a50437e371ca25fc9) C:\WINDOWS\system32\drivers\VolSnap.sys
16:04:28.0853 0636        VolSnap - ok
16:04:28.0923 0636        VSS            (6635ecbf0d8090dc3a452d0d072b5d5b) C:\WINDOWS\System32\vssvc.exe
16:04:29.0143 0636        VSS - ok
16:04:29.0234 0636        W32Time        (c6d874cd2a5b83cd11cdebd28a638584) C:\WINDOWS\System32\w32time.dll
16:04:29.0474 0636        W32Time - ok
16:04:29.0544 0636        Wanarp          (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:04:29.0764 0636        Wanarp - ok
16:04:29.0784 0636        WDICA - ok
16:04:29.0864 0636        wdmaud          (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
16:04:30.0095 0636        wdmaud - ok
16:04:30.0145 0636        WebClient      (879ecb9a5f14a03960b84edb7207a051) C:\WINDOWS\System32\webclnt.dll
16:04:30.0335 0636        WebClient - ok
16:04:30.0425 0636        winmgmt        (da2dadb42916e59c6e4bba593bccda73) C:\WINDOWS\system32\wbem\WMIsvc.dll
16:04:30.0656 0636        winmgmt - ok
16:04:30.0776 0636        WmdmPmSN        (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\MsPMSNSv.dll
16:04:30.0806 0636        WmdmPmSN - ok
16:04:30.0936 0636        Wmi            (9cbb06e4438d6a0d52a46e0b44796d37) C:\WINDOWS\System32\advapi32.dll
16:04:31.0226 0636        Wmi - ok
16:04:31.0317 0636        WmiApSrv        (042a78fcd1adfb0fba9865d55c6f5cc1) C:\WINDOWS\System32\wbem\wmiapsrv.exe
16:04:31.0547 0636        WmiApSrv - ok
16:04:31.0597 0636        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:04:31.0927 0636        WS2IFSL - ok
16:04:31.0998 0636        wscsvc          (bd3561aae748150cf51c2ca876449ea7) C:\WINDOWS\system32\wscsvc.dll
16:04:32.0228 0636        wscsvc - ok
16:04:32.0308 0636        wuauserv        (1eddd5c0ecf3fa6edfd8a25b2b4e7df6) C:\WINDOWS\System32\wuauserv.dll
16:04:32.0518 0636        wuauserv - ok
16:04:32.0598 0636        WudfPf          (729f76cd53af1685ca4c4c058519c58c) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:04:32.0658 0636        WudfPf - ok
16:04:32.0719 0636        WudfRd          (a2aafcc8a204736296d937c7c545b53f) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:04:32.0759 0636        WudfRd - ok
16:04:32.0829 0636        WudfSvc        (db5bf5aab72b1b99b5331231d09ebb26) C:\WINDOWS\System32\WUDFSvc.dll
16:04:32.0869 0636        WudfSvc - ok
16:04:32.0959 0636        WZCSVC          (eb52b74a5daadc2cca68b3e7d81007e6) C:\WINDOWS\System32\wzcsvc.dll
16:04:33.0049 0636        WZCSVC - ok
16:04:33.0139 0636        xmlprov        (8302de1c64618d72346dd0034dbc5d9b) C:\WINDOWS\System32\xmlprov.dll
16:04:33.0380 0636        xmlprov - ok
16:04:33.0490 0636        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
16:04:34.0251 0636        \Device\Harddisk0\DR0 - ok
16:04:34.0301 0636        Boot (0x1200)  (2f7f093747cb69aaba48a5670c5ce8d1) \Device\Harddisk0\DR0\Partition0
16:04:34.0301 0636        \Device\Harddisk0\DR0\Partition0 - ok
16:04:34.0341 0636        Boot (0x1200)  (fa9676ba57ee5f3ff44d9b6f1388ee92) \Device\Harddisk0\DR0\Partition1
16:04:34.0341 0636        \Device\Harddisk0\DR0\Partition1 - ok
16:04:34.0381 0636        Boot (0x1200)  (2ffe9f0ce543a27b77288d20b6ac7fa7) \Device\Harddisk0\DR0\Partition2
16:04:34.0381 0636        \Device\Harddisk0\DR0\Partition2 - ok
16:04:34.0421 0636        Boot (0x1200)  (699b31bd4c7f3ac24f1636dcae4d771d) \Device\Harddisk0\DR0\Partition3
16:04:34.0421 0636        \Device\Harddisk0\DR0\Partition3 - ok
16:04:34.0461 0636        Boot (0x1200)  (94408a7b62eb3928f971160e89f78c33) \Device\Harddisk0\DR0\Partition4
16:04:34.0461 0636        \Device\Harddisk0\DR0\Partition4 - ok
16:04:34.0481 0636        Boot (0x1200)  (e205dc27613776a916c4f796979c6d47) \Device\Harddisk0\DR0\Partition5
16:04:34.0481 0636        \Device\Harddisk0\DR0\Partition5 - ok
16:04:34.0511 0636        Boot (0x1200)  (6f158bdd2716352ff75d875b9314fa10) \Device\Harddisk0\DR0\Partition6
16:04:34.0511 0636        \Device\Harddisk0\DR0\Partition6 - ok
16:04:34.0541 0636        Boot (0x1200)  (61439c606b7fa61dc61640f9925c92bc) \Device\Harddisk0\DR0\Partition7
16:04:34.0541 0636        \Device\Harddisk0\DR0\Partition7 - ok
16:04:34.0571 0636        Boot (0x1200)  (39e499cd1d6868810c2a331b939ab8a8) \Device\Harddisk0\DR0\Partition8
16:04:34.0571 0636        \Device\Harddisk0\DR0\Partition8 - ok
16:04:34.0581 0636        ============================================================
16:04:34.0581 0636        Scan finished
16:04:34.0581 0636        ============================================================
16:04:34.0741 0644        Detected object count: 11
16:04:34.0741 0644        Actual detected object count: 11
16:05:03.0663 0644        ASPI32 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0663 0644        ASPI32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0673 0644        AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0673 0644        AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0673 0644        de_serv ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0673 0644        de_serv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0673 0644        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0673 0644        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0683 0644        PQNTDrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0683 0644        PQNTDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0683 0644        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0683 0644        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0693 0644        sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0693 0644        sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0693 0644        sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0693 0644        sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0703 0644        sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0713 0644        sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0713 0644        SiS7012 ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0713 0644        SiS7012 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:05:03.0723 0644        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
16:05:03.0723 0644        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
Gruß
Gabriel

cosinus 14.06.2012 15:32
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

fundf 14.06.2012 22:47
Hallo Arne,
Combofix läuft durch bis zum Schritt

Code:
Fertiggestellt Stufe_50
und dann zeigt es an

Code:
Lösche Ordner
C:\Dokumente und Einstellungen\Miles davis\Anwendungsdaten\1&1
und dann läuft es nicht mehr weiter.
Ich hab den Computer nochmal neu gestartet, es nochmal versucht und wieder dasselbe Ergebnis. Es bleibt an dieser Stelle stehen.

Eine combofix.txt hab ich unter c: auch nicht gefunden.

Was tun? Hast du ne Idee?

Gruß
Gabriel

cosinus 15.06.2012 14:50
Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es bitte nochmal.

fundf 15.06.2012 16:20
Hallo Arne,
nee, funktioniert nicht - gleiches Problem wie vorher.

Gruß
Gabriel


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:26 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131