Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows XP vom Suisa Trojaner befallen. (https://www.trojaner-board.de/114898-windows-xp-suisa-trojaner-befallen.html)

noob77 16.05.2012 17:13
Ich hoffe, dass das der Log ist:

Code:

18:06:06.0171 3496        TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
18:06:06.0250 3496        ============================================================
18:06:06.0250 3496        Current date / time: 2012/05/16 18:06:06.0250
18:06:06.0250 3496        SystemInfo:
18:06:06.0250 3496       
18:06:06.0250 3496        OS Version: 5.1.2600 ServicePack: 3.0
18:06:06.0250 3496        Product type: Workstation
18:06:06.0250 3496        ComputerName: PC-FLEISCHMANN
18:06:06.0250 3496        UserName: Fleischmann
18:06:06.0250 3496        Windows directory: C:\WINDOWS
18:06:06.0250 3496        System windows directory: C:\WINDOWS
18:06:06.0250 3496        Processor architecture: Intel x86
18:06:06.0250 3496        Number of processors: 2
18:06:06.0250 3496        Page size: 0x1000
18:06:06.0250 3496        Boot type: Normal boot
18:06:06.0250 3496        ============================================================
18:06:07.0062 3496        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:06:07.0109 3496        ============================================================
18:06:07.0109 3496        \Device\Harddisk0\DR0:
18:06:07.0109 3496        MBR partitions:
18:06:07.0109 3496        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559
18:06:07.0109 3496        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1869E598, BlocksNum 0x21CE66A9
18:06:07.0109 3496        ============================================================
18:06:07.0125 3496        C: <-> \Device\Harddisk0\DR0\Partition0
18:06:07.0156 3496        D: <-> \Device\Harddisk0\DR0\Partition1
18:06:07.0156 3496        ============================================================
18:06:07.0156 3496        Initialize success
18:06:07.0156 3496        ============================================================
18:07:26.0453 1428        ============================================================
18:07:26.0453 1428        Scan started
18:07:26.0453 1428        Mode: Manual; SigCheck; TDLFS;
18:07:26.0453 1428        ============================================================
18:07:26.0921 1428        Abiosdsk - ok
18:07:26.0921 1428        abp480n5 - ok
18:07:26.0953 1428        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:07:28.0265 1428        ACPI - ok
18:07:28.0281 1428        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:07:28.0390 1428        ACPIEC - ok
18:07:28.0453 1428        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:07:28.0468 1428        AdobeFlashPlayerUpdateSvc - ok
18:07:28.0468 1428        adpu160m - ok
18:07:28.0484 1428        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:07:28.0562 1428        aec - ok
18:07:28.0593 1428        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:07:28.0640 1428        AFD - ok
18:07:28.0640 1428        Aha154x - ok
18:07:28.0640 1428        aic78u2 - ok
18:07:28.0640 1428        aic78xx - ok
18:07:28.0671 1428        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
18:07:28.0750 1428        Alerter - ok
18:07:28.0765 1428        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
18:07:28.0828 1428        ALG - ok
18:07:28.0828 1428        AliIde - ok
18:07:28.0828 1428        amsint - ok
18:07:28.0890 1428        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:07:28.0906 1428        Apple Mobile Device - ok
18:07:28.0937 1428        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
18:07:29.0015 1428        AppMgmt - ok
18:07:29.0031 1428        Arp1394        (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:07:29.0093 1428        Arp1394 - ok
18:07:29.0109 1428        asc - ok
18:07:29.0109 1428        asc3350p - ok
18:07:29.0109 1428        asc3550 - ok
18:07:29.0171 1428        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:07:29.0218 1428        aspnet_state - ok
18:07:29.0234 1428        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:07:29.0296 1428        AsyncMac - ok
18:07:29.0312 1428        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:07:29.0390 1428        atapi - ok
18:07:29.0421 1428        AtcL001        (19f277bc4ce5689f20f347a6b8aa8c42) C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
18:07:29.0437 1428        AtcL001 - ok
18:07:29.0437 1428        Atdisk - ok
18:07:29.0500 1428        Ati HotKey Poller (43c1105ca8492931b45f1a090fa562c8) C:\WINDOWS\system32\Ati2evxx.exe
18:07:29.0546 1428        Ati HotKey Poller - ok
18:07:29.0765 1428        ati2mtag        (c026951271d59ff97deb2a6b4895b416) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:07:29.0859 1428        ati2mtag - ok
18:07:29.0953 1428        AtiHdmiService  (1cae756c8baefb2b25964baa639fdd5c) C:\WINDOWS\system32\drivers\AtiHdmi.sys
18:07:30.0000 1428        AtiHdmiService - ok
18:07:30.0031 1428        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:07:30.0093 1428        Atmarpc - ok
18:07:30.0171 1428        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
18:07:30.0312 1428        AudioSrv - ok
18:07:30.0343 1428        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:07:30.0406 1428        audstub - ok
18:07:30.0437 1428        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:07:30.0500 1428        Beep - ok
18:07:30.0562 1428        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
18:07:30.0734 1428        BITS - ok
18:07:30.0812 1428        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
18:07:30.0828 1428        Bonjour Service - ok
18:07:30.0843 1428        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
18:07:30.0921 1428        Browser - ok
18:07:30.0937 1428        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:07:31.0015 1428        cbidf2k - ok
18:07:31.0046 1428        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:07:31.0109 1428        CCDECODE - ok
18:07:31.0109 1428        cd20xrnt - ok
18:07:31.0125 1428        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:07:31.0203 1428        Cdaudio - ok
18:07:31.0203 1428        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:07:31.0265 1428        Cdfs - ok
18:07:31.0281 1428        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:07:31.0359 1428        Cdrom - ok
18:07:31.0359 1428        Changer - ok
18:07:31.0375 1428        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
18:07:31.0453 1428        CiSvc - ok
18:07:31.0468 1428        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
18:07:31.0531 1428        ClipSrv - ok
18:07:31.0593 1428        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:31.0703 1428        clr_optimization_v2.0.50727_32 - ok
18:07:31.0703 1428        CmdIde - ok
18:07:31.0703 1428        COMSysApp - ok
18:07:31.0718 1428        Cpqarray - ok
18:07:31.0718 1428        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
18:07:31.0796 1428        CryptSvc - ok
18:07:31.0796 1428        dac2w2k - ok
18:07:31.0796 1428        dac960nt - ok
18:07:31.0828 1428        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
18:07:31.0875 1428        DcomLaunch - ok
18:07:31.0906 1428        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
18:07:31.0984 1428        Dhcp - ok
18:07:32.0000 1428        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:07:32.0078 1428        Disk - ok
18:07:32.0078 1428        dmadmin - ok
18:07:32.0140 1428        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
18:07:32.0234 1428        dmboot - ok
18:07:32.0234 1428        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
18:07:32.0312 1428        dmio - ok
18:07:32.0343 1428        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:07:32.0406 1428        dmload - ok
18:07:32.0500 1428        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
18:07:32.0578 1428        dmserver - ok
18:07:32.0578 1428        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:07:32.0640 1428        DMusic - ok
18:07:32.0671 1428        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
18:07:32.0718 1428        Dnscache - ok
18:07:32.0750 1428        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
18:07:32.0812 1428        Dot3svc - ok
18:07:32.0812 1428        dpti2o - ok
18:07:32.0843 1428        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:07:32.0906 1428        drmkaud - ok
18:07:32.0921 1428        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
18:07:33.0000 1428        EapHost - ok
18:07:33.0031 1428        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
18:07:33.0109 1428        ERSvc - ok
18:07:33.0140 1428        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
18:07:33.0156 1428        Eventlog - ok
18:07:33.0203 1428        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
18:07:33.0234 1428        EventSystem - ok
18:07:33.0250 1428        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:07:33.0328 1428        Fastfat - ok
18:07:33.0359 1428        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
18:07:33.0390 1428        FastUserSwitchingCompatibility - ok
18:07:33.0406 1428        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:07:33.0468 1428        Fdc - ok
18:07:33.0468 1428        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
18:07:33.0531 1428        Fips - ok
18:07:33.0546 1428        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:07:33.0625 1428        Flpydisk - ok
18:07:33.0640 1428        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:07:33.0703 1428        FltMgr - ok
18:07:33.0796 1428        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:07:33.0796 1428        FontCache3.0.0.0 - ok
18:07:33.0812 1428        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:07:33.0890 1428        Fs_Rec - ok
18:07:33.0906 1428        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:07:33.0984 1428        Ftdisk - ok
18:07:34.0015 1428        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:07:34.0015 1428        GEARAspiWDM - ok
18:07:34.0046 1428        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:07:34.0109 1428        Gpc - ok
18:07:34.0140 1428        GTNDIS5        (fc80052194d5708254a346568f0e77c0) C:\WINDOWS\system32\GTNDIS5.SYS
18:07:34.0140 1428        GTNDIS5 ( UnsignedFile.Multi.Generic ) - warning
18:07:34.0140 1428        GTNDIS5 - detected UnsignedFile.Multi.Generic (1)
18:07:34.0218 1428        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
18:07:34.0234 1428        gupdate - ok
18:07:34.0234 1428        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
18:07:34.0234 1428        gupdatem - ok
18:07:34.0281 1428        gusvc          (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
18:07:34.0281 1428        gusvc - ok
18:07:34.0312 1428        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:07:34.0375 1428        HDAudBus - ok
18:07:34.0421 1428        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:07:34.0500 1428        helpsvc - ok
18:07:34.0531 1428        HidServ        (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
18:07:34.0609 1428        HidServ - ok
18:07:34.0609 1428        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:07:34.0671 1428        hidusb - ok
18:07:34.0703 1428        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
18:07:34.0781 1428        hkmsvc - ok
18:07:34.0828 1428        HP Port Resolver (c5f00d15aa15cb7f55a027ff75e44bb7) C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
18:07:34.0875 1428        HP Port Resolver - ok
18:07:34.0890 1428        HP Status Server (c5a288e4ceef5a26d105117baa3763ab) C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
18:07:34.0921 1428        HP Status Server - ok
18:07:34.0921 1428        hpn - ok
18:07:34.0968 1428        HTCAND32        (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
18:07:35.0000 1428        HTCAND32 - ok
18:07:35.0015 1428        htcnprot        (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys
18:07:35.0046 1428        htcnprot - ok
18:07:35.0078 1428        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:07:35.0109 1428        HTTP - ok
18:07:35.0125 1428        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
18:07:35.0187 1428        HTTPFilter - ok
18:07:35.0187 1428        i2omgmt - ok
18:07:35.0203 1428        i2omp - ok
18:07:35.0218 1428        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:07:35.0296 1428        i8042prt - ok
18:07:35.0390 1428        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:07:35.0421 1428        idsvc - ok
18:07:35.0453 1428        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:07:35.0531 1428        Imapi - ok
18:07:35.0562 1428        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
18:07:35.0640 1428        ImapiService - ok
18:07:35.0640 1428        ini910u - ok
18:07:35.0828 1428        IntcAzAudAddService (cbddab14249b2f05407fc09ab8fffb88) C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:07:35.0968 1428        IntcAzAudAddService - ok
18:07:36.0031 1428        IntelIde - ok
18:07:36.0062 1428        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:07:36.0125 1428        intelppm - ok
18:07:36.0156 1428        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:07:36.0218 1428        Ip6Fw - ok
18:07:36.0250 1428        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:07:36.0328 1428        IpFilterDriver - ok
18:07:36.0343 1428        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:07:36.0421 1428        IpInIp - ok
18:07:36.0437 1428        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:07:36.0515 1428        IpNat - ok
18:07:36.0593 1428        iPod Service    (ce004777b92dea56fe14ec900d20baa4) C:\Programme\iPod\bin\iPodService.exe
18:07:36.0625 1428        iPod Service - ok
18:07:36.0625 1428        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:07:36.0703 1428        IPSec - ok
18:07:36.0718 1428        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:07:36.0796 1428        IRENUM - ok
18:07:36.0812 1428        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:07:36.0875 1428        isapnp - ok
18:07:36.0953 1428        JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Programme\Java\jre6\bin\jqs.exe
18:07:36.0968 1428        JavaQuickStarterService - ok
18:07:36.0984 1428        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:07:37.0046 1428        Kbdclass - ok
18:07:37.0062 1428        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:07:37.0125 1428        kbdhid - ok
18:07:37.0156 1428        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:07:37.0218 1428        kmixer - ok
18:07:37.0234 1428        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:07:37.0312 1428        KSecDD - ok
18:07:37.0328 1428        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
18:07:37.0343 1428        lanmanserver - ok
18:07:37.0390 1428        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
18:07:37.0406 1428        lanmanworkstation - ok
18:07:37.0406 1428        lbrtfdc - ok
18:07:37.0421 1428        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
18:07:37.0484 1428        LmHosts - ok
18:07:37.0500 1428        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
18:07:37.0578 1428        Messenger - ok
18:07:37.0640 1428        Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
18:07:37.0656 1428        Microsoft Office Groove Audit Service - ok
18:07:37.0687 1428        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:07:37.0750 1428        mnmdd - ok
18:07:37.0781 1428        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
18:07:37.0843 1428        mnmsrvc - ok
18:07:37.0890 1428        mod7700        (cca3c610519e98e9eb99ce137f7a4105) C:\WINDOWS\system32\Drivers\dvb7700all.sys
18:07:37.0937 1428        mod7700 - ok
18:07:37.0953 1428        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
18:07:38.0031 1428        Modem - ok
18:07:38.0046 1428        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:07:38.0125 1428        Mouclass - ok
18:07:38.0140 1428        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:07:38.0218 1428        mouhid - ok
18:07:38.0234 1428        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:07:38.0296 1428        MountMgr - ok
18:07:38.0296 1428        MPE            (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
18:07:38.0375 1428        MPE - ok
18:07:38.0375 1428        mraid35x - ok
18:07:38.0390 1428        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:07:38.0453 1428        MRxDAV - ok
18:07:38.0484 1428        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:07:38.0531 1428        MRxSmb - ok
18:07:38.0562 1428        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
18:07:38.0625 1428        MSDTC - ok
18:07:38.0625 1428        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:07:38.0687 1428        Msfs - ok
18:07:38.0687 1428        MSIServer - ok
18:07:38.0703 1428        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:07:38.0765 1428        MSKSSRV - ok
18:07:38.0781 1428        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:07:38.0843 1428        MSPCLOCK - ok
18:07:38.0843 1428        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:07:38.0921 1428        MSPQM - ok
18:07:38.0937 1428        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:07:39.0000 1428        mssmbios - ok
18:07:39.0015 1428        MSTEE          (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:07:39.0078 1428        MSTEE - ok
18:07:39.0109 1428        MTsensor        (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
18:07:39.0125 1428        MTsensor - ok
18:07:39.0156 1428        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:07:39.0156 1428        Mup - ok
18:07:39.0171 1428        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:07:39.0250 1428        NABTSFEC - ok
18:07:39.0281 1428        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
18:07:39.0359 1428        napagent - ok
18:07:39.0375 1428        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:07:39.0453 1428        NDIS - ok
18:07:39.0468 1428        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:07:39.0531 1428        NdisIP - ok
18:07:39.0546 1428        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:07:39.0578 1428        NdisTapi - ok
18:07:39.0593 1428        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:07:39.0671 1428        Ndisuio - ok
18:07:39.0687 1428        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:07:39.0765 1428        NdisWan - ok
18:07:39.0781 1428        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:07:39.0796 1428        NDProxy - ok
18:07:39.0796 1428        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:07:39.0875 1428        NetBIOS - ok
18:07:39.0890 1428        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:07:39.0968 1428        NetBT - ok
18:07:40.0000 1428        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
18:07:40.0062 1428        NetDDE - ok
18:07:40.0062 1428        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
18:07:40.0125 1428        NetDDEdsdm - ok
18:07:40.0156 1428        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:07:40.0218 1428        Netlogon - ok
18:07:40.0218 1428        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
18:07:40.0281 1428        Netman - ok
18:07:40.0343 1428        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:07:40.0343 1428        NetTcpPortSharing - ok
18:07:40.0359 1428        NIC1394        (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:07:40.0421 1428        NIC1394 - ok
18:07:40.0453 1428        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
18:07:40.0468 1428        Nla - ok
18:07:40.0500 1428        NMIndexingService - ok
18:07:40.0500 1428        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:07:40.0562 1428        Npfs - ok
18:07:40.0609 1428        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:07:40.0687 1428        Ntfs - ok
18:07:40.0687 1428        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:07:40.0750 1428        NtLmSsp - ok
18:07:40.0781 1428        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
18:07:40.0859 1428        NtmsSvc - ok
18:07:40.0890 1428        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:07:40.0968 1428        Null - ok
18:07:40.0984 1428        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:07:41.0046 1428        NwlnkFlt - ok
18:07:41.0078 1428        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:07:41.0156 1428        NwlnkFwd - ok
18:07:41.0218 1428        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
18:07:41.0234 1428        odserv - ok
18:07:41.0250 1428        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:07:41.0328 1428        ohci1394 - ok
18:07:41.0359 1428        ose            (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
18:07:41.0375 1428        ose - ok
18:07:41.0390 1428        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
18:07:41.0453 1428        Parport - ok
18:07:41.0468 1428        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:07:41.0546 1428        PartMgr - ok
18:07:41.0562 1428        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
18:07:41.0625 1428        ParVdm - ok
18:07:41.0671 1428        PassThru Service (afada8b97be3c9398dc6c770409c3544) C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
18:07:41.0687 1428        PassThru Service ( UnsignedFile.Multi.Generic ) - warning
18:07:41.0687 1428        PassThru Service - detected UnsignedFile.Multi.Generic (1)
18:07:41.0687 1428        PCASp50 - ok
18:07:41.0718 1428        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
18:07:41.0734 1428        pccsmcfd - ok
18:07:41.0750 1428        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
18:07:41.0828 1428        PCI - ok
18:07:41.0828 1428        PCIDump - ok
18:07:41.0843 1428        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:07:41.0906 1428        PCIIde - ok
18:07:41.0921 1428        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:07:41.0984 1428        Pcmcia - ok
18:07:42.0000 1428        PDCOMP - ok
18:07:42.0000 1428        PDFRAME - ok
18:07:42.0000 1428        PDRELI - ok
18:07:42.0000 1428        PDRFRAME - ok
18:07:42.0000 1428        perc2 - ok
18:07:42.0000 1428        perc2hib - ok
18:07:42.0031 1428        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
18:07:42.0046 1428        PlugPlay - ok
18:07:42.0062 1428        Pml Driver HPZ12 (d31f88c5f19eefa366a415d6bc5f2abc) C:\WINDOWS\system32\HPZipm12.exe
18:07:42.0093 1428        Pml Driver HPZ12 - ok
18:07:42.0109 1428        PnkBstrA        (831883b107684301f48ace752c963984) C:\WINDOWS\system32\PnkBstrA.exe
18:07:42.0109 1428        PnkBstrA - ok
18:07:42.0125 1428        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:07:42.0187 1428        PolicyAgent - ok
18:07:42.0203 1428        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:07:42.0281 1428        PptpMiniport - ok
18:07:42.0281 1428        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:07:42.0343 1428        ProtectedStorage - ok
18:07:42.0343 1428        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:07:42.0421 1428        PSched - ok
18:07:42.0453 1428        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:07:42.0515 1428        Ptilink - ok
18:07:42.0531 1428        PxHelp20        (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:07:42.0546 1428        PxHelp20 - ok
18:07:42.0546 1428        ql1080 - ok
18:07:42.0562 1428        Ql10wnt - ok
18:07:42.0562 1428        ql12160 - ok
18:07:42.0562 1428        ql1240 - ok
18:07:42.0562 1428        ql1280 - ok
18:07:42.0578 1428        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:07:42.0640 1428        RasAcd - ok
18:07:42.0656 1428        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
18:07:42.0718 1428        RasAuto - ok
18:07:42.0734 1428        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:07:42.0796 1428        Rasl2tp - ok
18:07:42.0828 1428        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
18:07:42.0906 1428        RasMan - ok
18:07:42.0906 1428        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:07:42.0968 1428        RasPppoe - ok
18:07:42.0984 1428        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:07:43.0062 1428        Raspti - ok
18:07:43.0078 1428        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:07:43.0140 1428        Rdbss - ok
18:07:43.0156 1428        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:07:43.0218 1428        RDPCDD - ok
18:07:43.0234 1428        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:07:43.0296 1428        rdpdr - ok
18:07:43.0328 1428        RDPWD          (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
18:07:43.0375 1428        RDPWD - ok
18:07:43.0390 1428        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
18:07:43.0468 1428        RDSessMgr - ok
18:07:43.0468 1428        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:07:43.0546 1428        redbook - ok
18:07:43.0562 1428        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
18:07:43.0625 1428        RemoteAccess - ok
18:07:43.0640 1428        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
18:07:43.0703 1428        RemoteRegistry - ok
18:07:43.0718 1428        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
18:07:43.0781 1428        RpcLocator - ok
18:07:43.0828 1428        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
18:07:43.0843 1428        RpcSs - ok
18:07:43.0875 1428        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
18:07:43.0953 1428        RSVP - ok
18:07:43.0984 1428        RT2500          (e2988349fe0567cbe4161cc653575a8e) C:\WINDOWS\system32\DRIVERS\RT2500.sys
18:07:44.0015 1428        RT2500 - ok
18:07:44.0078 1428        RTL8192su      (e598def689b7f137d478c2d2a65c6998) C:\WINDOWS\system32\DRIVERS\RTL8192su.sys
18:07:44.0093 1428        RTL8192su ( UnsignedFile.Multi.Generic ) - warning
18:07:44.0093 1428        RTL8192su - detected UnsignedFile.Multi.Generic (1)
18:07:44.0109 1428        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
18:07:44.0171 1428        SamSs - ok
18:07:44.0203 1428        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
18:07:44.0281 1428        SCardSvr - ok
18:07:44.0312 1428        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
18:07:44.0375 1428        Schedule - ok
18:07:44.0406 1428        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:07:44.0468 1428        Secdrv - ok
18:07:44.0484 1428        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
18:07:44.0546 1428        seclogon - ok
18:07:44.0562 1428        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
18:07:44.0640 1428        SENS - ok
18:07:44.0656 1428        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:07:44.0734 1428        serenum - ok
18:07:44.0750 1428        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
18:07:44.0812 1428        Serial - ok
18:07:44.0906 1428        ServiceLayer    (3ec8de67b1c78c31e54c0f030e6bd7d5) C:\Programme\PC Connectivity Solution\ServiceLayer.exe
18:07:44.0937 1428        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
18:07:44.0937 1428        ServiceLayer - detected UnsignedFile.Multi.Generic (1)
18:07:44.0937 1428        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:07:45.0015 1428        Sfloppy - ok
18:07:45.0031 1428        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
18:07:45.0109 1428        SharedAccess - ok
18:07:45.0156 1428        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
18:07:45.0156 1428        ShellHWDetection - ok
18:07:45.0156 1428        Simbad - ok
18:07:45.0234 1428        SkypeUpdate    (db0405d9aad62f0762e0876ac142b7e1) C:\Programme\Skype\Updater\Updater.exe
18:07:45.0234 1428        SkypeUpdate - ok
18:07:45.0250 1428        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:07:45.0328 1428        SLIP - ok
18:07:45.0328 1428        Sparrow - ok
18:07:45.0343 1428        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:07:45.0421 1428        splitter - ok
18:07:45.0453 1428        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
18:07:45.0468 1428        Spooler - ok
18:07:45.0468 1428        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
18:07:45.0531 1428        sr - ok
18:07:45.0578 1428        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
18:07:45.0640 1428        srservice - ok
18:07:45.0656 1428        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:07:45.0703 1428        Srv - ok
18:07:45.0718 1428        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
18:07:45.0796 1428        SSDPSRV - ok
18:07:45.0828 1428        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
18:07:45.0890 1428        stisvc - ok
18:07:45.0906 1428        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:07:45.0984 1428        streamip - ok
18:07:46.0015 1428        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:07:46.0078 1428        swenum - ok
18:07:46.0109 1428        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:07:46.0171 1428        swmidi - ok
18:07:46.0171 1428        SwPrv - ok
18:07:46.0171 1428        symc810 - ok
18:07:46.0171 1428        symc8xx - ok
18:07:46.0187 1428        sym_hi - ok
18:07:46.0187 1428        sym_u3 - ok
18:07:46.0187 1428        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:07:46.0250 1428        sysaudio - ok
18:07:46.0281 1428        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
18:07:46.0343 1428        SysmonLog - ok
18:07:46.0375 1428        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
18:07:46.0437 1428        TapiSrv - ok
18:07:46.0484 1428        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:07:46.0515 1428        Tcpip - ok
18:07:46.0531 1428        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:07:46.0593 1428        TDPIPE - ok
18:07:46.0609 1428        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:07:46.0671 1428        TDTCP - ok
18:07:46.0687 1428        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:07:46.0750 1428        TermDD - ok
18:07:46.0781 1428        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
18:07:46.0859 1428        TermService - ok
18:07:46.0875 1428        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
18:07:46.0890 1428        Themes - ok
18:07:46.0906 1428        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
18:07:46.0968 1428        TlntSvr - ok
18:07:46.0968 1428        TosIde - ok
18:07:47.0000 1428        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
18:07:47.0062 1428        TrkWks - ok
18:07:47.0078 1428        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:07:47.0140 1428        Udfs - ok
18:07:47.0156 1428        ultra - ok
18:07:47.0187 1428        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:07:47.0281 1428        Update - ok
18:07:47.0296 1428        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
18:07:47.0375 1428        upnphost - ok
18:07:47.0375 1428        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
18:07:47.0437 1428        UPS - ok
18:07:47.0468 1428        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
18:07:47.0484 1428        USBAAPL ( UnsignedFile.Multi.Generic ) - warning
18:07:47.0484 1428        USBAAPL - detected UnsignedFile.Multi.Generic (1)
18:07:47.0500 1428        usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
18:07:47.0562 1428        usbaudio - ok
18:07:47.0578 1428        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:07:47.0640 1428        usbccgp - ok
18:07:47.0656 1428        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:07:47.0718 1428        usbehci - ok
18:07:47.0734 1428        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:07:47.0796 1428        usbhub - ok
18:07:47.0812 1428        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:07:47.0875 1428        usbprint - ok
18:07:47.0875 1428        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:07:47.0937 1428        USBSTOR - ok
18:07:47.0937 1428        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:07:48.0000 1428        usbuhci - ok
18:07:48.0015 1428        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:07:48.0078 1428        VgaSave - ok
18:07:48.0078 1428        ViaIde - ok
18:07:48.0078 1428        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
18:07:48.0140 1428        VolSnap - ok
18:07:48.0171 1428        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
18:07:48.0234 1428        VSS - ok
18:07:48.0250 1428        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
18:07:48.0312 1428        W32Time - ok
18:07:48.0312 1428        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:07:48.0375 1428        Wanarp - ok
18:07:48.0421 1428        Wdf01000        (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys
18:07:48.0437 1428        Wdf01000 - ok
18:07:48.0437 1428        WDICA - ok
18:07:48.0468 1428        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:07:48.0546 1428        wdmaud - ok
18:07:48.0562 1428        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
18:07:48.0640 1428        WebClient - ok
18:07:48.0687 1428        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
18:07:48.0765 1428        winmgmt - ok
18:07:48.0796 1428        WLNdis50        (bb2c5a7a555b387b85481b8bde5370d7) C:\WINDOWS\system32\DRIVERS\wlndis50.sys
18:07:48.0796 1428        WLNdis50 ( UnsignedFile.Multi.Generic ) - warning
18:07:48.0796 1428        WLNdis50 - detected UnsignedFile.Multi.Generic (1)
18:07:48.0843 1428        WLSVC          (5bf6d377d3c277a3a174cafae32e5831) C:\Programme\TRENDnet\TEW-648UB\WLSVC.exe
18:07:48.0843 1428        WLSVC ( UnsignedFile.Multi.Generic ) - warning
18:07:48.0843 1428        WLSVC - detected UnsignedFile.Multi.Generic (1)
18:07:48.0875 1428        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
18:07:48.0906 1428        WmdmPmSN - ok
18:07:48.0968 1428        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
18:07:49.0000 1428        Wmi - ok
18:07:49.0015 1428        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:07:49.0078 1428        WmiApSrv - ok
18:07:49.0109 1428        WMP54Gv4SVC    (ccfdecd6060ea8eb0f8466782a97ff21) C:\Programme\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
18:07:49.0109 1428        WMP54Gv4SVC ( UnsignedFile.Multi.Generic ) - warning
18:07:49.0109 1428        WMP54Gv4SVC - detected UnsignedFile.Multi.Generic (1)
18:07:49.0203 1428        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
18:07:49.0234 1428        WMPNetworkSvc - ok
18:07:49.0265 1428        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
18:07:49.0328 1428        wscsvc - ok
18:07:49.0375 1428        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:07:49.0437 1428        WSTCODEC - ok
18:07:49.0453 1428        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
18:07:49.0531 1428        wuauserv - ok
18:07:49.0562 1428        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:07:49.0578 1428        WudfPf - ok
18:07:49.0593 1428        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
18:07:49.0687 1428        WudfSvc - ok
18:07:49.0734 1428        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
18:07:49.0812 1428        WZCSVC - ok
18:07:49.0828 1428        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
18:07:49.0921 1428        xmlprov - ok
18:07:49.0937 1428        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
18:07:50.0328 1428        \Device\Harddisk0\DR0 - ok
18:07:50.0328 1428        Boot (0x1200)  (315e1a3b42c58005eaea7dc89de19bb9) \Device\Harddisk0\DR0\Partition0
18:07:50.0328 1428        \Device\Harddisk0\DR0\Partition0 - ok
18:07:50.0343 1428        Boot (0x1200)  (9df2de385d126668114fdc2454f51165) \Device\Harddisk0\DR0\Partition1
18:07:50.0343 1428        \Device\Harddisk0\DR0\Partition1 - ok
18:07:50.0343 1428        ============================================================
18:07:50.0343 1428        Scan finished
18:07:50.0343 1428        ============================================================
18:07:50.0453 1140        Detected object count: 8
18:07:50.0453 1140        Actual detected object count: 8
18:08:13.0640 1140        GTNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:13.0640 1140        GTNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:13.0640 1140        PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:13.0640 1140        PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:13.0640 1140        RTL8192su ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:13.0640 1140        RTL8192su ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:13.0640 1140        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:13.0640 1140        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:13.0640 1140        USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:13.0640 1140        USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:13.0640 1140        WLNdis50 ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:13.0640 1140        WLNdis50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:13.0640 1140        WLSVC ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:13.0640 1140        WLSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:08:13.0640 1140        WMP54Gv4SVC ( UnsignedFile.Multi.Generic ) - skipped by user
18:08:13.0640 1140        WMP54Gv4SVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 16.05.2012 20:57
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

noob77 17.05.2012 13:13
Der ComboFix zeigt mir an, dass sich Norton 360 auf meinem PC befindet und ich den deaktivieren soll.
Nun habe ich das Problem, dass ich Norton nirgens finden kann.
Weder in der Systemsteuerung --> Software noch bei allen Programmen.
Was soll ich nun machen?

cosinus 17.05.2012 18:17
Wenn das nicht drauf ist, kannst du diese Meldung ignorieren und einfach weitermachen

noob77 17.05.2012 18:49
Combofix Logfile:


Code:
ComboFix 12-05-17.05 - Fleischmann 17.05.2012  19:36:07.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.41.1031.18.3327.2506 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Fleischmann\Desktop\ComboFix.exe
AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Fleischmann\Favoriten\Thumbs.db
c:\dokumente und einstellungen\Fleischmann\Recent\Thumbs.db
c:\dokumente und einstellungen\Fleischmann\WINDOWS
c:\windows\system32\HPZipm12.1
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_PASSWORD
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-04-17 bis 2012-05-17  ))))))))))))))))))))))))))))))
.
.
2012-05-15 16:01 . 2012-05-15 16:01        --------        d-----w-        c:\dokumente und einstellungen\Fleischmann\Anwendungsdaten\Outlook
2012-05-15 16:00 . 2007-11-27 01:24        14640        ------w-        c:\windows\system32\spmsgXP_2k3.dll
2012-05-15 15:54 . 2009-06-10 13:49        24576        ----a-w-        c:\windows\system32\drivers\ANDROIDUSB.sys
2012-05-15 15:54 . 2009-06-09 11:41        1122664        ----a-w-        c:\windows\system32\WdfCoInstaller01007.dll
2012-05-15 15:54 . 2012-05-15 15:54        --------        d-----w-        c:\programme\Spirent Communications
2012-05-15 15:54 . 2012-05-16 16:14        --------        d-----w-        c:\programme\HTC
2012-05-15 15:54 . 2012-05-15 15:54        --------        d-----w-        c:\programme\Gemeinsame Dateien\Adobe AIR
2012-05-12 10:28 . 2012-05-12 10:28        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware
2012-05-12 10:28 . 2012-04-04 13:56        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-05-11 23:40 . 2012-05-11 23:40        --------        d-----w-        c:\programme\ESET
2012-05-11 15:45 . 2012-05-11 15:45        --------        d-----w-        c:\dokumente und einstellungen\Fleischmann\Anwendungsdaten\Malwarebytes
2012-05-11 15:44 . 2012-05-11 15:44        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-05-10 15:24 . 2012-05-10 15:24        --------        d-----r-        c:\dokumente und einstellungen\LocalService\Favoriten
2012-05-09 02:10 . 2012-05-09 02:10        --------        d-----w-        C:\_OTL
2012-05-08 20:15 . 2012-05-10 19:13        --------        d-----w-        c:\windows\system32\NtmsData
2012-05-07 16:18 . 2012-05-07 16:18        --------        d-----w-        c:\dokumente und einstellungen\Administrator
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-08 19:44 . 2012-04-02 16:26        419488        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-05-08 19:44 . 2012-01-22 18:16        70304        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:51 . 2004-08-04 00:50        2029056        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:51 . 2007-10-29 12:00        2150912        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-04-11 13:51 . 2007-10-29 12:00        1862400        ----a-w-        c:\windows\system32\win32k.sys
2012-03-01 11:00 . 2007-10-29 12:00        916992        ----a-w-        c:\windows\system32\wininet.dll
2012-03-01 11:00 . 2007-10-29 12:00        43520        ----a-w-        c:\windows\system32\licmgr10.dll
2012-03-01 11:00 . 2007-10-29 12:00        1469440        ------w-        c:\windows\system32\inetcpl.cpl
2012-02-29 14:09 . 2007-10-29 12:00        177664        ----a-w-        c:\windows\system32\wintrust.dll
2012-02-29 14:09 . 2007-10-29 12:00        148480        ----a-w-        c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2007-10-29 12:00        385024        ----a-w-        c:\windows\system32\html.iec
2011-05-18 18:25 . 2011-05-18 18:25        142296        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-09 39408]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2012-02-15 17146504]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 16126464]
"GrooveMonitor"="c:\programme\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2011-10-24 421888]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2011-06-09 254696]
"AppleSyncNotifier"="c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2012-03-06 421736]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Wireless Configuration Utility.lnk - c:\programme\TRENDnet\TEW-648UB\WlanCU.exe [2010-7-22 368640]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36        30040        ----a-w-        c:\programme\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 00:41        49152        ----a-w-        c:\programme\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 18:05        421736        ----a-w-        c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2008-04-18 18:57        20480        ----a-w-        c:\program files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:12        3872080        ----a-w-        c:\programme\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-09 10:56        39408        ----a-w-        c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3 (0x3)
"N360"=2 (0x2)
"iPod Service"=3 (0x3)
"gusvc"=3 (0x3)
"gupdate"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Programme\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programme\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Programme\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programme\\Java\\jre6\\bin\\java.exe"=
"c:\\Programme\\Trend\\Clusterball\\Clusterballs.exe"=
"c:\\Programme\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Programme\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Programme\\Steam\\SteamApps\\muesch\\day of defeat source\\hl2.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programme\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programme\\Steam\\SteamApps\\muesch\\counter-strike source\\hl2.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
.
R2 PassThru Service;Internet Pass-Through Service;c:\programme\HTC\Internet Pass-Through\PassThruSvr.exe [23.03.2012 14:25 87040]
R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control;c:\windows\system32\drivers\WLNdis50.sys [22.07.2010 14:41 20480]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [18.04.2008 11:20 38656]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [01.02.2010 13:41 135664]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [15.02.2012 14:30 158856]
S2 WLSVC;WLSVC;c:\programme\TRENDnet\TEW-648UB\WLSVC.exe [22.07.2010 14:45 167936]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [02.04.2012 18:26 257696]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [01.02.2010 13:41 135664]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [15.05.2012 17:54 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.06.2010 18:01 21248]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [22.07.2010 14:45 587392]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - GTNDIS5
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 19:44]
.
2012-05-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:57]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-01 11:41]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-01 11:41]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.ch/
uInternet Connection Wizard,ShellNext = hxxp://www.google.ch/
uInternet Settings,ProxyOverride = localhost;*.local
IE: Free YouTube to Mp3 Converter - c:\dokumente und einstellungen\Fleischmann\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\dokumente und einstellungen\Fleischmann\Anwendungsdaten\Mozilla\Firefox\Profiles\hty4jsbx.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-AppleSyncNotifier - c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSConfigStartUp-MobiLink Lite - c:\programme\Novatel Wireless\MobiLink\Lite.exe
MSConfigStartUp-NeroFilterCheck - c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
AddRemove-Free Audio CD Burner_is1 - c:\programme\DVDVideoSoft\Free Audio CD Burner\unins000.exe
AddRemove-Free Studio_is1 - c:\programme\DVDVideoSoft\Free Studio\unins000.exe
AddRemove-Multicheck-Kurztest - c:\multicheck\DeIsL2.isu
AddRemove-softonic-de3 Toolbar - c:\programme\softonic-de3\uninstall.exe
AddRemove-{2A9F95AB-65A3-432c-8631-B8BC5BF7477A} - c:\programme\Electronic Arts\Die Schlacht um Mittelerde II\EAUninstall.exe
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - c:\programme\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-05-17 19:42
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(808)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(3604)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programme\Samsung\Samsung PC Studio 7\phonebrowser.dll
c:\programme\Samsung\Samsung PC Studio 7\PCSCM_Samsung.dll
c:\programme\Samsung\Samsung PC Studio 7\Lang\PhoneBrowser_ger.nlr
c:\programme\Samsung\Samsung PC Studio 7\Resource\PhoneBrowser_Samsung.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\RTHDCPL.EXE
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
c:\programme\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
c:\programme\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
c:\programme\iPod\bin\iPodService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-05-17  19:46:22 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-05-17 17:46
.
Vor Suchlauf: 9 Verzeichnis(se), 75'904'438'272 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 78'987'145'216 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - EB91121197D7D5C7D23EE3DBEC8D90F6
--- --- ---

cosinus 17.05.2012 19:12
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

noob77 18.05.2012 16:39
Ich habe jetzt einen Log vom aswMBR und einen Log von osam auf dem Desktop.
Nun versteh ich nicht ganz, wie ich den Log vom awMBR mit dem osam erstellen und posten soll :confused:
Mit, [ code ] Text [ /code ] , soll ich ja nicht mehr posten.

cosinus 19.05.2012 12:08
Zitat:
Mit, [ code ] Text [ /code ] , soll ich ja nicht mehr posten.
Wie kommst du auf diesen Unsinn?! Natürlich sollst du die Logs in CODE-Tags posten!

noob77 19.05.2012 14:36
Du sagtest:
Bitte nun Logs mit GMER und OSAM erstellen und posten.

Log vom aswMBR:

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-17 20:24:13
-----------------------------
20:24:13.500    OS Version: Windows 5.1.2600 Service Pack 3
20:24:13.500    Number of processors: 2 586 0xF0B
20:24:13.500    ComputerName: PC-FLEISCHMANN  UserName: Fleischmann
20:24:14.062    Initialize success
20:28:05.390    AVAST engine defs: 12051700
20:29:31.343    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-12
20:29:31.359    Disk 0 Vendor: SAMSUNG_HD501LJ CR100-12 Size: 476940MB BusType: 3
20:29:31.375    Disk 0 MBR read successfully
20:29:31.375    Disk 0 MBR scan
20:29:31.390    Disk 0 Windows XP default MBR code
20:29:31.390    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS      199996 MB offset 63
20:29:31.421    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      276940 MB offset 409593240
20:29:31.421    Disk 0 scanning sectors +976768065
20:29:31.484    Disk 0 scanning C:\WINDOWS\system32\drivers
20:29:37.718    Service scanning
20:29:46.343    Modules scanning
20:29:53.125    Disk 0 trace - called modules:
20:29:53.125    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
20:29:53.125    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b181ab8]
20:29:53.125    3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\0000006f[0x8b1a49e8]
20:29:53.125    5 ACPI.sys[b7f7e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-12[0x8b183d98]
20:29:53.625    AVAST engine scan C:\WINDOWS
20:30:10.250    AVAST engine scan C:\WINDOWS\system32
20:32:09.531    AVAST engine scan C:\WINDOWS\system32\drivers
20:32:22.515    AVAST engine scan C:\Dokumente und Einstellungen\Fleischmann
20:58:36.578    AVAST engine scan C:\Dokumente und Einstellungen\All Users
20:59:56.421    Scan finished successfully
21:03:04.906    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Fleischmann\Desktop\MBR.dat"
21:03:04.906    The log file has been saved successfully to "C:\Dokumente und Einstellungen\Fleischmann\Desktop\LOg vom aswMBR.txt"

cosinus 20.05.2012 19:43
Zitat:
Du sagtest:
Bitte nun Logs mit GMER und OSAM erstellen und posten.
Und was ist daran nicht zu versehen? Soll ich jetzt jedesmal reinschreiben, dass du die Logs on CODE-Tags zu posten hast?
Was ist denn nun mit OSAM und GMER?

noob77 21.05.2012 19:12
Sorry, ich habe dich missverstanden.
Ich dachte, ich muss mit Hilfe von OSAM oder GMER einen Log vom aswMBR erstellen.

OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 20:05:32 on 21.05.2012

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"SamsungConnectionManager" - ? - C:\PROGRA~1\Samsung\SAMSUN~1\CONNEC~1.CPL

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Apple Mobile USB Driver" (USBAAPL) - "Apple, Inc." - C:\WINDOWS\System32\Drivers\usbaapl.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"GTNDIS5 NDIS Protocol Driver" (GTNDIS5) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\WINDOWS\system32\GTNDIS5.SYS
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"PCASp50 NDIS Protocol Driver" (PCASp50) - ? - C:\WINDOWS\System32\Drivers\PCASp50.sys  (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter" (RTL8192su) - "Realtek Semiconductor Corporation                          " - C:\WINDOWS\System32\DRIVERS\RTL8192su.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
"Wireless Lan NDIS Protocol I/O Control" (WLNdis50) - ? - C:\WINDOWS\System32\DRIVERS\wlndis50.sys

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -  (File not found | COM-object registry key not found)
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -  (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{B062CBE9-07D9-4EA1-A103-3041708C2392} "Samsung Phone Browser" - ? - C:\Programme\Samsung\Samsung PC Studio 7\phonebrowser.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -  (File not found | COM-object registry key not found)
{A40526DD-F152-4C1D-844C-CE668D29B77E} "Shell extension for NTP" - ? -  (File not found | COM-object registry key not found)
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -  (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{f955b925-355b-47f5-891f-85576a173ac2} "StructureFilePreview.StructureFileThumbnailExtention" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{85b625bf-db20-4606-850b-5770bdb78771} "StructureFilePreview.StructureFileThumbnailProvider" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
{7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~1\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -  (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}" - ? -  (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}" - ? -  (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}" - ? -  (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"Wireless Configuration Utility.lnk" - ? - C:\Programme\TRENDnet\TEW-648UB\WlanCU.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Fleischmann\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"msnmsgr" - "Microsoft Corporation" - "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
"Skype" - "Skype Technologies S.A." - "C:\Programme\Skype\Phone\Skype.exe" /minimized /regrun
"Sonexaavad" - ? - "C:\Dokumente und Einstellungen\Fleischmann\Anwendungsdaten\Vopy\woyly.exe"  (File found, but it contains no detailed information)
"swg" - "Google Inc." - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"AppleSyncNotifier" - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe
"APSDaemon" - "Apple Inc." - "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe"
"GrooveMonitor" - "Microsoft Corporation" - "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
"iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe"
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"HP Standard TCP/IP Port" - "Hewlett Packard" - C:\WINDOWS\system32\HpTcpMon.dll
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Internet Pass-Through Service" (PassThru Service) - ? - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
"NMIndexingService" (NMIndexingService) - ? - "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe"  (File not found)
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"PnkBstrA" (PnkBstrA) - ? - C:\WINDOWS\system32\PnkBstrA.exe  (File found, but it contains no detailed information)
"ServiceLayer" (ServiceLayer) - "Nokia." - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Programme\Skype\Updater\Updater.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
"WLSVC" (WLSVC) - ? - C:\Programme\TRENDnet\TEW-648UB\WLSVC.exe
"WMP54Gv4SVC" (WMP54Gv4SVC) - "GEMTEKS" - C:\Programme\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---



Nun habe ich ein anderes Problem.
Beim Herunterladen vom GMER öffnet sich eine Seite mit '' Error 404 ( Not found ) ''.
Was nun?

cosinus 21.05.2012 20:08
Zitat:
Beim Herunterladen vom GMER öffnet sich eine Seite mit '' Error 404 ( Not found ) ''.
Du klickst auch hier drauf => GMER - Rootkit Detector and Remover

noob77 25.05.2012 19:00
Sobald ich auf den Link klicke, öffnet sich bei mir Google...

cosinus 25.05.2012 23:30
Sowas kann eigentlich nur ein DNS-Problem sein :wtf:
Aus dem Stegreif fallen mir drei mögliche Stellen ein wo man nachschauen muss

1.) Hosts-Datei
2.) DNS-Einstellung auf diesem Rechner
3.) eingestellter DNS-Server auf deinem Router

Ich glaube 3.) ist am wahrscheinlichsten, denn dein Rechner nimmt lt. Log die DNS-Vorgaben die auch in deinem Router hinterlegt sind

Wurde vom Router mal das Adminpasswort geändert?
Wenn nicht, setz diesen Router auf Werkseinstellungen zurück und konfiguriere ihn neu. Wichtig ist, dass du das unsichere vordefinierte Adminkennwort zum Router änderst! Und achte bei EInsatz von WLAN auf sichere Verschlüsselungen!

noob77 01.06.2012 19:08
Soviel ich weiss, wurde das Kennwort des Routers nicht geändert.
Da es nicht mein Router ist, kann bzw. darf ich ihn nicht zurücksetzen und neu konfigurieren.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:00 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131