Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojaner AT/ATRAPS.GEN2 eingefangen - BRAUCHE HILFE! (https://www.trojaner-board.de/121246-trojaner-at-atraps-gen2-eingefangen-brauche-hilfe.html)

cosinus 13.08.2012 17:41
Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus.

fux89 13.08.2012 18:37
im abgesicherten modus hat es zum glück funktioniert, danke.

hier das log:

Code:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{060E900E-CF90-4A92-BEAE-F0157EBAA885}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{060E900E-CF90-4A92-BEAE-F0157EBAA885}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{3B04FF80-30F7-4015-98F0-5F4E1773443C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B04FF80-30F7-4015-98F0-5F4E1773443C}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{5B424269-F93D-420B-A117-F88206465508}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B424269-F93D-420B-A117-F88206465508}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{9097F35E-2D15-4382-82A1-D623BE92B975}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9097F35E-2D15-4382-82A1-D623BE92B975}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{9B765276-5685-4824-8058-D39AE46D2366}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9B765276-5685-4824-8058-D39AE46D2366}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{B2A1C263-31CD-4CF2-9711-478F6952DDA5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2A1C263-31CD-4CF2-9711-478F6952DDA5}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{BB9C89E7-2FC7-46E3-962A-5BAE0E06DEE6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB9C89E7-2FC7-46E3-962A-5BAE0E06DEE6}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{BF1AA78B-F6DD-4499-A0D8-977D8EFFAAAB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF1AA78B-F6DD-4499-A0D8-977D8EFFAAAB}\ not found.
Registry key HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Freeware.de Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFSB10&ctid=CT2736476&SearchSource=2&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ deleted successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\Plugins folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\modules folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\META-INF folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\lib folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\skin folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\sl folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\lib folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\core folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\WEATHER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TWITTER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\SEARCH folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\Optimizer folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\404 folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\menu\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\menu\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\menu\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\menu folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\gf\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\gf\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\gf folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui\dlg folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ui folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\searchProtectorSettingsDialog\images scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\js folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options\js\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\options folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\myStuffDialogs folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\features\js\resources folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\features\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\features folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\api folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ac\res folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ac\img folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ac\css folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\ac folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\aboutBox\js folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\aboutBox\images folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\aboutBox folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025} scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\ffxtlbr@zonealarm.com\content\imgs\flgs folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\ffxtlbr@zonealarm.com\content\imgs folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\ffxtlbr@zonealarm.com\content folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\ffxtlbr@zonealarm.com folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\conduit.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-30.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-31.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-32.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\icqplugin.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\siteadvisor-1.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\siteadvisor.xml moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\searchplugins\winamp-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}\ deleted successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}\ deleted successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Programme\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&ICQ Toolbar Search\ deleted successfully.
C:\Programme\ICQToolbar\toolbaru.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{90AE5DAF-82F2-4662-B445-C6878D31A68B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90AE5DAF-82F2-4662-B445-C6878D31A68B}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb63512e-aeb4-11db-994c-00040ec2b791}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eb63512e-aeb4-11db-994c-00040ec2b791}\ not found.
File L:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eff4c8a4-b57c-11de-a023-001111d29f63}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eff4c8a4-b57c-11de-a023-001111d29f63}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8FF81EB0 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8140CB50 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8FB6501C deleted successfully.
========== FILES ==========
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc496 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc491.de folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc489 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc488 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc392 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc391 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc388 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc383 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc382 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc373\Rankings\Prognos Zukunftsatlas folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc373\Rankings folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc373 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Zoo Leipzig 2009 (Einjähriges) folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Zabeltitz Sommer 2009 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Urlaub Warnemünde 2009.2 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Urlaub Warnemünde 2009 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Urlaub Berlin 2010\Urlaub Berlin 2010 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Urlaub Berlin 2010 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Tierpark Cottbus April 2010 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\Schneu folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\434566753 schnucki\Weihnachten 2008 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\434566753 schnucki\Silvester 2008 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\434566753 schnucki\Schneu folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11)\434566753 schnucki folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc340.11) folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc335 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc332 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc312 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc302 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc299 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc285 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc284\Literatur folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc284 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc282\Vorlesung folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc282 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc274 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc272 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc271\Gründungsmanagement - Literatur folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc271 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc265 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc264\Lumix\FZ38 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc264\Lumix folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc264 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc263\DiaShow 7 Ultimate (Demo) folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc263 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc262.00 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc261.8 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc260 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc259 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc258 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc257 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc252 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc229 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006\Dc224 folder moved successfully.
C:\RECYCLER\S-1-5-21-2257774982-1209123923-1774505960-1006 folder moved successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh folder moved successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8 folder moved successfully.
C:\Programme\Check Point Software Technologies LTD\zonealarm folder moved successfully.
C:\Programme\ICQ6Toolbar folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\ICQ Toolbar folder moved successfully.
C:\WINDOWS\Installer\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\@ moved successfully.
C:\Dokumente und Einstellungen\Christopher\Lokale Einstellungen\Anwendungsdaten\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\@ moved successfully.
C:\WINDOWS\Installer\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\L folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Lokale Einstellungen\Anwendungsdaten\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\L folder moved successfully.
C:\WINDOWS\Installer\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\U folder moved successfully.
C:\Dokumente und Einstellungen\Christopher\Lokale Einstellungen\Anwendungsdaten\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\U folder moved successfully.
File\Folder C:\WINDOWS\Installer\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\n not found.
File\Folder C:\Dokumente und Einstellungen\Christopher\Lokale Einstellungen\Anwendungsdaten\{a00ecae0-bbf8-d51e-4bf7-dc9816fbe927}\u not found.
C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\.# folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Besitzer
 
User: Christopher
->Temp folder emptied: 2122279495 bytes
->Temporary Internet Files folder emptied: 11908350 bytes
->Java cache emptied: 27011381 bytes
->FireFox cache emptied: 112796478 bytes
->Google Chrome cache emptied: 6098411 bytes
->Flash cache emptied: 1924339 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: LocalService
->Temp folder emptied: 2193848 bytes
->Temporary Internet Files folder emptied: 2375016 bytes
->FireFox cache emptied: 6368313 bytes
->Flash cache emptied: 764 bytes
 
User: NetworkService
->Temp folder emptied: 2131528 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 109681 bytes
%systemroot%\System32 .tmp files removed: 3871111 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 128684118 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 2.315,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Besitzer
 
User: Christopher
->Flash cache emptied: 0 bytes
 
User: Default User
 
User: LocalService
->Flash cache emptied: 0 bytes
 
User: NetworkService
 
Total Flash Files Cleaned = 0,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.57.0 log created on 08132012_192951

Files\Folders moved on Reboot...
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
File\Folder C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\searchProtectorSettingsDialog\images not found!
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025} scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest\lib not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI\autoTest not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa\TESTER_BCAPI not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\wa not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\searchProtectorSettingsDialog\images not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector\SearchProtectorBubbleDialog not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al\searchProtector not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb\al not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content\tb not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476\content not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome\CT2736476 not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025}\chrome not found!
File C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025} not found!

Registry entries deleted on Reboot...

cosinus 13.08.2012 19:31
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

fux89 14.08.2012 07:47
ich glaub ich hab eine schlechte nachricht. folgende warnmeldung hat antivir gestern gegeben:

Code:
In der Datei 'C:\System Volume Information\_restore{08A5F15B-D5F0-4D17-893D-8B358608DCF6}\RP1931\A0607542.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Trash.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
ich hab es in die quarantäne verschoben.




hier das tdss-log von heute:

Code:
08:37:56.0890 3268        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
08:37:56.0906 3268        ============================================================
08:37:56.0906 3268        Current date / time: 2012/08/14 08:37:56.0906
08:37:56.0906 3268        SystemInfo:
08:37:56.0906 3268       
08:37:56.0906 3268        OS Version: 5.1.2600 ServicePack: 3.0
08:37:56.0906 3268        Product type: Workstation
08:37:56.0906 3268        ComputerName: D67S0N1J
08:37:56.0906 3268        UserName: Christopher
08:37:56.0906 3268        Windows directory: C:\WINDOWS
08:37:56.0906 3268        System windows directory: C:\WINDOWS
08:37:56.0906 3268        Processor architecture: Intel x86
08:37:56.0906 3268        Number of processors: 2
08:37:56.0906 3268        Page size: 0x1000
08:37:56.0906 3268        Boot type: Normal boot
08:37:56.0906 3268        ============================================================
08:37:57.0468 3268        Drive \Device\Harddisk0\DR0 - Size: 0x4A81740000 (298.02 Gb), SectorSize: 0x200, Cylinders: 0x97F8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:37:57.0484 3268        Drive \Device\Harddisk1\DR4 - Size: 0xF1000000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:37:57.0484 3268        ============================================================
08:37:57.0484 3268        \Device\Harddisk0\DR0:
08:37:57.0484 3268        MBR partitions:
08:37:57.0484 3268        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x24E728CB
08:37:57.0484 3268        \Device\Harddisk1\DR4:
08:37:57.0484 3268        MBR partitions:
08:37:57.0484 3268        ============================================================
08:37:57.0515 3268        C: <-> \Device\Harddisk0\DR0\Partition0
08:37:57.0531 3268        ============================================================
08:37:57.0531 3268        Initialize success
08:37:57.0531 3268        ============================================================
08:38:51.0218 3040        ============================================================
08:38:51.0218 3040        Scan started
08:38:51.0218 3040        Mode: Manual; SigCheck; TDLFS;
08:38:51.0218 3040        ============================================================
08:38:51.0875 3040        Abiosdsk - ok
08:38:51.0906 3040        abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
08:38:53.0234 3040        abp480n5 - ok
08:38:53.0281 3040        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:38:53.0578 3040        ACPI - ok
08:38:53.0609 3040        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:38:53.0765 3040        ACPIEC - ok
08:38:53.0812 3040        AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:38:53.0843 3040        AdobeFlashPlayerUpdateSvc - ok
08:38:53.0859 3040        adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
08:38:54.0000 3040        adpu160m - ok
08:38:54.0046 3040        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:38:54.0203 3040        aec - ok
08:38:54.0234 3040        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:38:54.0296 3040        AFD - ok
08:38:54.0343 3040        agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
08:38:54.0484 3040        agp440 - ok
08:38:54.0500 3040        agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
08:38:54.0625 3040        agpCPQ - ok
08:38:54.0625 3040        Aha154x        (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
08:38:54.0703 3040        Aha154x - ok
08:38:54.0703 3040        aic78u2        (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
08:38:54.0828 3040        aic78u2 - ok
08:38:54.0843 3040        aic78xx        (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
08:38:54.0968 3040        aic78xx - ok
08:38:55.0000 3040        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
08:38:55.0171 3040        Alerter - ok
08:38:55.0203 3040        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
08:38:55.0265 3040        ALG - ok
08:38:55.0281 3040        AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
08:38:55.0421 3040        AliIde - ok
08:38:55.0421 3040        alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
08:38:55.0562 3040        alim1541 - ok
08:38:55.0578 3040        amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
08:38:55.0703 3040        amdagp - ok
08:38:55.0718 3040        amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
08:38:55.0781 3040        amsint - ok
08:38:55.0890 3040        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
08:38:55.0921 3040        AntiVirSchedulerService - ok
08:38:55.0953 3040        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
08:38:55.0984 3040        AntiVirService - ok
08:38:55.0984 3040        AppMgmt - ok
08:38:56.0046 3040        Arp1394        (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:38:56.0171 3040        Arp1394 - ok
08:38:56.0187 3040        asc            (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
08:38:56.0328 3040        asc - ok
08:38:56.0343 3040        asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
08:38:56.0406 3040        asc3350p - ok
08:38:56.0406 3040        asc3550        (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
08:38:56.0531 3040        asc3550 - ok
08:38:56.0625 3040        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:38:56.0718 3040        aspnet_state - ok
08:38:56.0750 3040        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:38:56.0859 3040        AsyncMac - ok
08:38:56.0875 3040        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:38:57.0015 3040        atapi - ok
08:38:57.0015 3040        Atdisk - ok
08:38:57.0093 3040        atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
08:38:57.0156 3040        atksgt - ok
08:38:57.0171 3040        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:38:57.0296 3040        Atmarpc - ok
08:38:57.0328 3040        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
08:38:57.0468 3040        AudioSrv - ok
08:38:57.0484 3040        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:38:57.0609 3040        audstub - ok
08:38:57.0640 3040        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
08:38:57.0656 3040        avgntflt - ok
08:38:57.0703 3040        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
08:38:57.0718 3040        avipbb - ok
08:38:57.0734 3040        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
08:38:57.0765 3040        avkmgr - ok
08:38:57.0828 3040        AVM IGD CTRL Service (4ecb2653bfe9116c031a94f708343a16) C:\Programme\FRITZ!DSL\IGDCTRL.EXE
08:38:57.0859 3040        AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - warning
08:38:57.0859 3040        AVM IGD CTRL Service - detected UnsignedFile.Multi.Generic (1)
08:38:57.0921 3040        AVM WLAN Connection Service (c6f4c466b654c1be98af31418bb5ac30) C:\Programme\avmwlanstick\WlanNetService.exe
08:38:57.0968 3040        AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
08:38:57.0968 3040        AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
08:38:58.0031 3040        avmeject        (263cf9d248fd5e020a1333ed4f7eaa88) C:\WINDOWS\system32\drivers\avmeject.sys
08:38:58.0078 3040        avmeject ( UnsignedFile.Multi.Generic ) - warning
08:38:58.0078 3040        avmeject - detected UnsignedFile.Multi.Generic (1)
08:38:58.0125 3040        b57w2k          (4826fcf97c47b361a2e2f68cd487a19e) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
08:38:58.0234 3040        b57w2k - ok
08:38:58.0281 3040        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:38:58.0406 3040        Beep - ok
08:38:58.0453 3040        bgsvcgen        (acc9c8c560c567fad6f79c977ab2ea09) C:\WINDOWS\system32\bgsvcgen.exe
08:38:58.0484 3040        bgsvcgen - ok
08:38:58.0531 3040        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
08:38:58.0843 3040        BITS - ok
08:38:58.0890 3040        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
08:38:59.0031 3040        Browser - ok
08:38:59.0046 3040        cbidf          (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
08:38:59.0187 3040        cbidf - ok
08:38:59.0187 3040        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:38:59.0312 3040        cbidf2k - ok
08:38:59.0343 3040        cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
08:38:59.0421 3040        cd20xrnt - ok
08:38:59.0421 3040        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:38:59.0546 3040        Cdaudio - ok
08:38:59.0578 3040        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:38:59.0703 3040        Cdfs - ok
08:38:59.0750 3040        cdrbsdrv        (e0042bd5bef17a6a3ef1df576bde24d1) C:\WINDOWS\system32\drivers\cdrbsdrv.sys
08:38:59.0765 3040        cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning
08:38:59.0765 3040        cdrbsdrv - detected UnsignedFile.Multi.Generic (1)
08:38:59.0781 3040        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:38:59.0921 3040        Cdrom - ok
08:38:59.0921 3040        Changer - ok
08:38:59.0968 3040        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
08:39:00.0140 3040        CiSvc - ok
08:39:00.0187 3040        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
08:39:00.0359 3040        ClipSrv - ok
08:39:00.0453 3040        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:39:00.0546 3040        clr_optimization_v2.0.50727_32 - ok
08:39:00.0593 3040        CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
08:39:00.0734 3040        CmdIde - ok
08:39:00.0734 3040        COMSysApp - ok
08:39:00.0765 3040        Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
08:39:00.0890 3040        Cpqarray - ok
08:39:00.0921 3040        cpuz132        (097a0a4899b759a4f032bd464963b4be) C:\WINDOWS\system32\drivers\cpuz132_x32.sys
08:39:00.0937 3040        cpuz132 ( UnsignedFile.Multi.Generic ) - warning
08:39:00.0937 3040        cpuz132 - detected UnsignedFile.Multi.Generic (1)
08:39:00.0984 3040        Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\WINDOWS\system32\CTsvcCDA.EXE
08:39:00.0984 3040        Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
08:39:00.0984 3040        Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)
08:39:01.0015 3040        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
08:39:01.0140 3040        CryptSvc - ok
08:39:01.0218 3040        ctac32k        (1e41b8a10b9d78240c8bfacc269db155) C:\WINDOWS\system32\drivers\ctac32k.sys
08:39:01.0437 3040        ctac32k - ok
08:39:01.0500 3040        ctaud2k        (9bf1aa0eac9c7d33ce4d8a152e151f60) C:\WINDOWS\system32\drivers\ctaud2k.sys
08:39:01.0578 3040        ctaud2k - ok
08:39:01.0593 3040        ctdvda2k        (29f78d59b053cb8778f8426e4e24099c) C:\WINDOWS\system32\drivers\ctdvda2k.sys
08:39:01.0656 3040        ctdvda2k - ok
08:39:01.0656 3040        ctprxy2k        (a6f4c70da545230d001915d8eb08d881) C:\WINDOWS\system32\drivers\ctprxy2k.sys
08:39:01.0703 3040        ctprxy2k - ok
08:39:01.0750 3040        ctsfm2k        (b39e55c1c5e28e016ee3848f2e34c205) C:\WINDOWS\system32\drivers\ctsfm2k.sys
08:39:01.0781 3040        ctsfm2k - ok
08:39:01.0796 3040        dac2w2k        (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
08:39:01.0921 3040        dac2w2k - ok
08:39:01.0937 3040        dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
08:39:02.0062 3040        dac960nt - ok
08:39:02.0125 3040        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
08:39:02.0218 3040        DcomLaunch - ok
08:39:02.0296 3040        de_serv        (8261afab6196157d7e19f4b2f3fbc383) C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
08:39:02.0296 3040        de_serv ( UnsignedFile.Multi.Generic ) - warning
08:39:02.0296 3040        de_serv - detected UnsignedFile.Multi.Generic (1)
08:39:02.0343 3040        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
08:39:02.0500 3040        Dhcp - ok
08:39:02.0500 3040        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:39:02.0625 3040        Disk - ok
08:39:02.0640 3040        dmadmin - ok
08:39:02.0687 3040        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
08:39:02.0859 3040        dmboot - ok
08:39:02.0875 3040        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
08:39:03.0031 3040        dmio - ok
08:39:03.0062 3040        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:39:03.0187 3040        dmload - ok
08:39:03.0234 3040        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
08:39:03.0359 3040        dmserver - ok
08:39:03.0375 3040        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:39:03.0515 3040        DMusic - ok
08:39:03.0546 3040        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
08:39:03.0671 3040        Dnscache - ok
08:39:03.0687 3040        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
08:39:03.0812 3040        Dot3svc - ok
08:39:03.0843 3040        dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
08:39:03.0953 3040        dpti2o - ok
08:39:03.0984 3040        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:39:04.0093 3040        drmkaud - ok
08:39:04.0125 3040        drvmcdb        (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
08:39:04.0140 3040        drvmcdb ( UnsignedFile.Multi.Generic ) - warning
08:39:04.0140 3040        drvmcdb - detected UnsignedFile.Multi.Generic (1)
08:39:04.0156 3040        drvnddm        (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
08:39:04.0156 3040        drvnddm ( UnsignedFile.Multi.Generic ) - warning
08:39:04.0156 3040        drvnddm - detected UnsignedFile.Multi.Generic (1)
08:39:04.0171 3040        E100B          (a6de5342417fec3c0aa8efebb899c431) C:\WINDOWS\system32\DRIVERS\e100b325.sys
08:39:04.0296 3040        E100B - ok
08:39:04.0328 3040        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
08:39:04.0453 3040        EapHost - ok
08:39:04.0500 3040        emupia          (5d70013d7e6602ec0a482f2985558c2d) C:\WINDOWS\system32\drivers\emupia2k.sys
08:39:04.0531 3040        emupia - ok
08:39:04.0546 3040        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
08:39:04.0687 3040        ERSvc - ok
08:39:04.0718 3040        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
08:39:04.0765 3040        Eventlog - ok
08:39:04.0828 3040        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
08:39:04.0890 3040        EventSystem - ok
08:39:04.0921 3040        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:39:05.0046 3040        Fastfat - ok
08:39:05.0109 3040        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
08:39:05.0171 3040        FastUserSwitchingCompatibility - ok
08:39:05.0234 3040        Fax            (08b8b302af0d1b3b8543429bbac8f21f) C:\WINDOWS\system32\fxssvc.exe
08:39:05.0390 3040        Fax - ok
08:39:05.0406 3040        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:39:05.0546 3040        Fdc - ok
08:39:05.0562 3040        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
08:39:05.0687 3040        Fips - ok
08:39:05.0703 3040        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:39:05.0828 3040        Flpydisk - ok
08:39:05.0875 3040        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:39:06.0000 3040        FltMgr - ok
08:39:06.0109 3040        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:39:06.0140 3040        FontCache3.0.0.0 - ok
08:39:06.0156 3040        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:39:06.0296 3040        Fs_Rec - ok
08:39:06.0312 3040        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:39:06.0421 3040        Ftdisk - ok
08:39:06.0484 3040        FWLANUSB        (ff12fa487265da2ac7de4be53f72ff1a) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
08:39:06.0593 3040        FWLANUSB - ok
08:39:06.0609 3040        gameenum        (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
08:39:06.0734 3040        gameenum - ok
08:39:06.0796 3040        GcKernel        (72fe2bea6863d4eb93442a1c4fb5ca48) C:\WINDOWS\system32\DRIVERS\GcKernel.sys
08:39:06.0859 3040        GcKernel - ok
08:39:06.0906 3040        GEARAspiWDM    (32a73a8952580b284a47290adb62032a) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
08:39:06.0921 3040        GEARAspiWDM - ok
08:39:06.0953 3040        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:39:07.0093 3040        Gpc - ok
08:39:07.0156 3040        gupdate - ok
08:39:07.0156 3040        gupdatem - ok
08:39:07.0218 3040        gusvc          (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
08:39:07.0265 3040        gusvc - ok
08:39:07.0359 3040        ha10kx2k        (7ec50a84b89dae3458cb0308739b80de) C:\WINDOWS\system32\drivers\ha10kx2k.sys
08:39:07.0437 3040        ha10kx2k - ok
08:39:07.0484 3040        hap16v2k        (02a6bad64177c56d8b86b198b38db361) C:\WINDOWS\system32\drivers\hap16v2k.sys
08:39:07.0515 3040        hap16v2k - ok
08:39:07.0593 3040        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:39:07.0718 3040        helpsvc - ok
08:39:07.0765 3040        HidServ        (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
08:39:07.0890 3040        HidServ - ok
08:39:07.0921 3040        HIDSwvd        (bd205320308fb41c88a4049a2d1764b4) C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys
08:39:07.0984 3040        HIDSwvd - ok
08:39:08.0015 3040        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:39:08.0140 3040        HidUsb - ok
08:39:08.0171 3040        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
08:39:08.0296 3040        hkmsvc - ok
08:39:08.0343 3040        hpn            (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
08:39:08.0453 3040        hpn - ok
08:39:08.0484 3040        HPZid412        (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
08:39:08.0625 3040        HPZid412 - ok
08:39:08.0671 3040        HPZipr12        (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
08:39:08.0765 3040        HPZipr12 - ok
08:39:08.0781 3040        HPZius12        (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
08:39:08.0875 3040        HPZius12 - ok
08:39:08.0937 3040        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:39:09.0015 3040        HTTP - ok
08:39:09.0078 3040        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
08:39:09.0187 3040        HTTPFilter - ok
08:39:09.0250 3040        hwdatacard      (07853191b1bdee5b39be4cfcfe3b9ad4) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
08:39:09.0312 3040        hwdatacard - ok
08:39:09.0343 3040        i2omgmt        (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
08:39:09.0453 3040        i2omgmt - ok
08:39:09.0500 3040        i2omp          (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
08:39:09.0625 3040        i2omp - ok
08:39:09.0640 3040        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:39:09.0765 3040        i8042prt - ok
08:39:09.0859 3040        IAANTMon        (a38bf37fd0795382655f756dd4446fa0) C:\Programme\Intel\Intel Application Accelerator\iaantmon.exe
08:39:09.0875 3040        IAANTMon ( UnsignedFile.Multi.Generic ) - warning
08:39:09.0875 3040        IAANTMon - detected UnsignedFile.Multi.Generic (1)
08:39:09.0937 3040        iaStor          (d7731536e183b4397402ca6f9e1d52f7) C:\WINDOWS\system32\drivers\iaStor.sys
08:39:10.0031 3040        iaStor - ok
08:39:10.0031 3040        ICQ Service - ok
08:39:10.0156 3040        IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
08:39:10.0156 3040        IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:39:10.0156 3040        IDriverT - detected UnsignedFile.Multi.Generic (1)
08:39:10.0312 3040        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:39:10.0437 3040        idsvc - ok
08:39:10.0593 3040        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:39:10.0718 3040        Imapi - ok
08:39:10.0781 3040        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
08:39:10.0921 3040        ImapiService - ok
08:39:10.0937 3040        ini910u        (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
08:39:11.0062 3040        ini910u - ok
08:39:11.0078 3040        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:39:11.0203 3040        IntelIde - ok
08:39:11.0312 3040        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:39:11.0437 3040        intelppm - ok
08:39:11.0453 3040        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:39:11.0578 3040        Ip6Fw - ok
08:39:11.0593 3040        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:39:11.0718 3040        IpFilterDriver - ok
08:39:11.0765 3040        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:39:11.0875 3040        IpInIp - ok
08:39:11.0921 3040        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:39:12.0062 3040        IpNat - ok
08:39:12.0156 3040        iPodService    (962bc769d1008d83f6a00b9de887eef4) C:\Programme\iPod\bin\iPodService.exe
08:39:12.0203 3040        iPodService ( UnsignedFile.Multi.Generic ) - warning
08:39:12.0203 3040        iPodService - detected UnsignedFile.Multi.Generic (1)
08:39:12.0234 3040        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:39:12.0406 3040        IPSec - ok
08:39:12.0437 3040        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:39:12.0500 3040        IRENUM - ok
08:39:12.0531 3040        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:39:12.0656 3040        isapnp - ok
08:39:12.0671 3040        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:39:12.0796 3040        Kbdclass - ok
08:39:12.0812 3040        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:39:12.0937 3040        kbdhid - ok
08:39:12.0968 3040        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:39:13.0093 3040        kmixer - ok
08:39:13.0109 3040        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:39:13.0203 3040        KSecDD - ok
08:39:13.0281 3040        L8042Kbd        (ad1541d5ff5b3f903da34737b6ba9a53) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
08:39:13.0328 3040        L8042Kbd - ok
08:39:13.0343 3040        L8042mou        (e9d3c991f28f01415a7b56a854d243d8) C:\WINDOWS\system32\Drivers\L8042mou.sys
08:39:13.0406 3040        L8042mou - ok
08:39:13.0468 3040        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
08:39:13.0500 3040        lanmanserver - ok
08:39:13.0546 3040        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
08:39:13.0656 3040        lanmanworkstation - ok
08:39:13.0656 3040        lbrtfdc - ok
08:39:13.0703 3040        LHidKe          (e47f94327e369ed6916049febf5f85e5) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
08:39:13.0718 3040        LHidKe - ok
08:39:13.0750 3040        LHidUsbK        (a54c75e7481272eaaa6245683c89ecaa) C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
08:39:13.0796 3040        LHidUsbK - ok
08:39:13.0843 3040        lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
08:39:13.0875 3040        lirsgt - ok
08:39:13.0890 3040        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
08:39:14.0015 3040        LmHosts - ok
08:39:14.0031 3040        LMouKE          (0e34232fca6f20172b1d8b6e8a9a26d1) C:\WINDOWS\system32\Drivers\LMouKE.sys
08:39:14.0046 3040        LMouKE - ok
08:39:14.0078 3040        MBAMProtector  (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
08:39:14.0093 3040        MBAMProtector - ok
08:39:14.0187 3040        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
08:39:14.0234 3040        MBAMService - ok
08:39:14.0265 3040        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
08:39:14.0390 3040        Messenger - ok
08:39:14.0437 3040        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:39:14.0546 3040        mnmdd - ok
08:39:14.0593 3040        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
08:39:14.0734 3040        mnmsrvc - ok
08:39:14.0843 3040        MOBCleanup - ok
08:39:14.0859 3040        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
08:39:14.0984 3040        Modem - ok
08:39:15.0015 3040        MODEMCSA        (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
08:39:15.0140 3040        MODEMCSA - ok
08:39:15.0156 3040        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:39:15.0296 3040        Mouclass - ok
08:39:15.0312 3040        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:39:15.0437 3040        mouhid - ok
08:39:15.0453 3040        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:39:15.0562 3040        MountMgr - ok
08:39:15.0640 3040        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
08:39:15.0656 3040        MozillaMaintenance - ok
08:39:15.0671 3040        mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
08:39:15.0812 3040        mraid35x - ok
08:39:15.0843 3040        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:39:15.0968 3040        MRxDAV - ok
08:39:16.0015 3040        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:39:16.0109 3040        MRxSmb - ok
08:39:16.0140 3040        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
08:39:16.0281 3040        MSDTC - ok
08:39:16.0312 3040        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:39:16.0437 3040        Msfs - ok
08:39:16.0453 3040        MSIServer - ok
08:39:16.0468 3040        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:39:16.0578 3040        MSKSSRV - ok
08:39:16.0609 3040        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:39:16.0734 3040        MSPCLOCK - ok
08:39:16.0750 3040        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:39:16.0859 3040        MSPQM - ok
08:39:16.0906 3040        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:39:17.0031 3040        mssmbios - ok
08:39:17.0062 3040        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:39:17.0109 3040        Mup - ok
08:39:17.0171 3040        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
08:39:17.0312 3040        napagent - ok
08:39:17.0343 3040        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:39:17.0453 3040        NDIS - ok
08:39:17.0484 3040        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:39:17.0531 3040        NdisTapi - ok
08:39:17.0546 3040        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:39:17.0671 3040        Ndisuio - ok
08:39:17.0703 3040        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:39:17.0812 3040        NdisWan - ok
08:39:17.0843 3040        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:39:17.0906 3040        NDProxy - ok
08:39:17.0921 3040        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:39:18.0046 3040        NetBIOS - ok
08:39:18.0109 3040        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:39:18.0234 3040        NetBT - ok
08:39:18.0296 3040        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
08:39:18.0421 3040        NetDDE - ok
08:39:18.0437 3040        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
08:39:18.0546 3040        NetDDEdsdm - ok
08:39:18.0593 3040        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:18.0718 3040        Netlogon - ok
08:39:18.0765 3040        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
08:39:18.0890 3040        Netman - ok
08:39:19.0015 3040        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:39:19.0046 3040        NetTcpPortSharing - ok
08:39:19.0078 3040        NIC1394        (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:39:19.0203 3040        NIC1394 - ok
08:39:19.0312 3040        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
08:39:19.0343 3040        Nla - ok
08:39:19.0421 3040        NMSAccess      (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Programme\CDBurnerXP\NMSAccessU.exe
08:39:19.0453 3040        NMSAccess - ok
08:39:19.0484 3040        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:39:19.0593 3040        Npfs - ok
08:39:19.0640 3040        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:39:19.0843 3040        Ntfs - ok
08:39:19.0890 3040        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:20.0000 3040        NtLmSsp - ok
08:39:20.0062 3040        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
08:39:20.0234 3040        NtmsSvc - ok
08:39:20.0281 3040        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:39:20.0406 3040        Null - ok
08:39:20.0828 3040        nv              (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:39:21.0203 3040        nv - ok
08:39:21.0359 3040        NVSvc          (1633409e67f1bd6e5ac8ecb9cd5d2027) C:\WINDOWS\system32\nvsvc32.exe
08:39:21.0453 3040        NVSvc - ok
08:39:21.0484 3040        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:39:21.0609 3040        NwlnkFlt - ok
08:39:21.0609 3040        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:39:21.0734 3040        NwlnkFwd - ok
08:39:21.0765 3040        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:39:21.0890 3040        ohci1394 - ok
08:39:21.0921 3040        omci            (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
08:39:21.0937 3040        omci ( UnsignedFile.Multi.Generic ) - warning
08:39:21.0937 3040        omci - detected UnsignedFile.Multi.Generic (1)
08:39:21.0984 3040        ossrv          (c52548b920482db03af8b49babd9fc48) C:\WINDOWS\system32\drivers\ctoss2k.sys
08:39:22.0015 3040        ossrv - ok
08:39:22.0031 3040        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
08:39:22.0156 3040        Parport - ok
08:39:22.0187 3040        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:39:22.0296 3040        PartMgr - ok
08:39:22.0328 3040        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
08:39:22.0453 3040        ParVdm - ok
08:39:22.0468 3040        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
08:39:22.0593 3040        PCI - ok
08:39:22.0593 3040        PCIDump - ok
08:39:22.0609 3040        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:39:22.0734 3040        PCIIde - ok
08:39:22.0765 3040        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:39:22.0906 3040        Pcmcia - ok
08:39:22.0906 3040        PDCOMP - ok
08:39:22.0921 3040        PDFRAME - ok
08:39:22.0937 3040        PDRELI - ok
08:39:22.0937 3040        PDRFRAME - ok
08:39:22.0953 3040        perc2          (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
08:39:23.0078 3040        perc2 - ok
08:39:23.0093 3040        perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
08:39:23.0203 3040        perc2hib - ok
08:39:23.0265 3040        PfModNT        (fefc8ebc170615068c3305dbee2667dd) C:\WINDOWS\system32\drivers\PfModNT.sys
08:39:23.0281 3040        PfModNT - ok
08:39:23.0343 3040        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
08:39:23.0359 3040        PlugPlay - ok
08:39:23.0406 3040        Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\system32\HPZipm12.exe
08:39:23.0406 3040        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:39:23.0406 3040        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:39:23.0421 3040        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:23.0546 3040        PolicyAgent - ok
08:39:23.0578 3040        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:39:23.0703 3040        PptpMiniport - ok
08:39:23.0750 3040        prodrv06        (6d3b2fc5dec2f59b28fe5fa17250a7b0) C:\WINDOWS\System32\drivers\prodrv06.sys
08:39:23.0750 3040        prodrv06 ( UnsignedFile.Multi.Generic ) - warning
08:39:23.0750 3040        prodrv06 - detected UnsignedFile.Multi.Generic (1)
08:39:23.0781 3040        prohlp02        (c5f47b7ec2ec906847d5f80ba779a5bd) C:\WINDOWS\system32\drivers\prohlp02.sys
08:39:23.0796 3040        prohlp02 ( UnsignedFile.Multi.Generic ) - warning
08:39:23.0796 3040        prohlp02 - detected UnsignedFile.Multi.Generic (1)
08:39:23.0812 3040        prosync1        (f3471e7971ee62420451d958da635064) C:\WINDOWS\system32\drivers\prosync1.sys
08:39:23.0828 3040        prosync1 ( UnsignedFile.Multi.Generic ) - warning
08:39:23.0828 3040        prosync1 - detected UnsignedFile.Multi.Generic (1)
08:39:23.0828 3040        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:23.0937 3040        ProtectedStorage - ok
08:39:23.0968 3040        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:39:24.0093 3040        PSched - ok
08:39:24.0125 3040        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:39:24.0250 3040        Ptilink - ok
08:39:24.0265 3040        PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:39:24.0281 3040        PxHelp20 - ok
08:39:24.0312 3040        ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
08:39:24.0421 3040        ql1080 - ok
08:39:24.0437 3040        Ql10wnt        (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
08:39:24.0562 3040        Ql10wnt - ok
08:39:24.0562 3040        ql12160        (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
08:39:24.0687 3040        ql12160 - ok
08:39:24.0687 3040        ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
08:39:24.0812 3040        ql1240 - ok
08:39:24.0828 3040        ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
08:39:24.0937 3040        ql1280 - ok
08:39:24.0953 3040        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:39:25.0078 3040        RasAcd - ok
08:39:25.0109 3040        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
08:39:25.0234 3040        RasAuto - ok
08:39:25.0250 3040        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:39:25.0359 3040        Rasl2tp - ok
08:39:25.0421 3040        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
08:39:25.0546 3040        RasMan - ok
08:39:25.0562 3040        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:39:25.0687 3040        RasPppoe - ok
08:39:25.0687 3040        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:39:25.0812 3040        Raspti - ok
08:39:25.0843 3040        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:39:25.0953 3040        Rdbss - ok
08:39:25.0968 3040        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:39:26.0078 3040        RDPCDD - ok
08:39:26.0140 3040        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:39:26.0265 3040        rdpdr - ok
08:39:26.0296 3040        RDPWD          (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
08:39:26.0343 3040        RDPWD - ok
08:39:26.0359 3040        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
08:39:26.0500 3040        RDSessMgr - ok
08:39:26.0531 3040        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:39:26.0640 3040        redbook - ok
08:39:26.0687 3040        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
08:39:26.0812 3040        RemoteAccess - ok
08:39:26.0828 3040        ROOTMODEM      (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
08:39:26.0953 3040        ROOTMODEM - ok
08:39:26.0984 3040        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
08:39:27.0125 3040        RpcLocator - ok
08:39:27.0187 3040        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
08:39:27.0234 3040        RpcSs - ok
08:39:27.0265 3040        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
08:39:27.0375 3040        RSVP - ok
08:39:27.0421 3040        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:39:27.0531 3040        SamSs - ok
08:39:27.0546 3040        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
08:39:27.0671 3040        SCardSvr - ok
08:39:27.0734 3040        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
08:39:27.0859 3040        Schedule - ok
08:39:27.0890 3040        se44bus        (3097cff31374e309a8950775111a52bd) C:\WINDOWS\system32\DRIVERS\se44bus.sys
08:39:28.0140 3040        se44bus - ok
08:39:28.0171 3040        se44mdfl        (4a03dd4fb5b7cb2c53d8fe8848455a4e) C:\WINDOWS\system32\DRIVERS\se44mdfl.sys
08:39:28.0203 3040        se44mdfl - ok
08:39:28.0234 3040        se44mdm        (2ca2e66a945b5de1228ab5f5341d0e97) C:\WINDOWS\system32\DRIVERS\se44mdm.sys
08:39:28.0265 3040        se44mdm - ok
08:39:28.0296 3040        se44mgmt        (1977fb3c58c7c714a0ba8ad7960efb26) C:\WINDOWS\system32\DRIVERS\se44mgmt.sys
08:39:28.0312 3040        se44mgmt - ok
08:39:28.0359 3040        se44nd5        (9bd87c965eb93475bcbd732936f46e7c) C:\WINDOWS\system32\DRIVERS\se44nd5.sys
08:39:28.0390 3040        se44nd5 - ok
08:39:28.0437 3040        se44obex        (5eff45d05677695417c523d89c1757b6) C:\WINDOWS\system32\DRIVERS\se44obex.sys
08:39:28.0484 3040        se44obex - ok
08:39:28.0500 3040        se44unic        (037d2d26f91ca67bad9da36fe5c88640) C:\WINDOWS\system32\DRIVERS\se44unic.sys
08:39:28.0515 3040        se44unic - ok
08:39:28.0671 3040        SearchAnonymizer (0f4a80438e7286a0e623582f5f2395bd) C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
08:39:28.0687 3040        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
08:39:28.0687 3040        SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
08:39:28.0718 3040        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:39:28.0781 3040        Secdrv - ok
08:39:28.0812 3040        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
08:39:28.0921 3040        seclogon - ok
08:39:28.0953 3040        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
08:39:29.0062 3040        SENS - ok
08:39:29.0093 3040        Ser2pl          (b490ad520257dda26c1d587a71e527b5) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
08:39:29.0109 3040        Ser2pl ( UnsignedFile.Multi.Generic ) - warning
08:39:29.0109 3040        Ser2pl - detected UnsignedFile.Multi.Generic (1)
08:39:29.0140 3040        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:39:29.0250 3040        serenum - ok
08:39:29.0265 3040        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
08:39:29.0390 3040        Serial - ok
08:39:29.0453 3040        sfhlp01        (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
08:39:29.0468 3040        sfhlp01 ( UnsignedFile.Multi.Generic ) - warning
08:39:29.0468 3040        sfhlp01 - detected UnsignedFile.Multi.Generic (1)
08:39:29.0484 3040        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:39:29.0593 3040        Sfloppy - ok
08:39:29.0656 3040        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
08:39:29.0671 3040        ShellHWDetection - ok
08:39:29.0687 3040        Simbad - ok
08:39:29.0718 3040        sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
08:39:29.0843 3040        sisagp - ok
08:39:29.0859 3040        siusbmod        (9fe3c19c993179c1266bd2b6cfb83e6b) C:\WINDOWS\system32\DRIVERS\siusbmod.sys
08:39:29.0859 3040        siusbmod ( UnsignedFile.Multi.Generic ) - warning
08:39:29.0859 3040        siusbmod - detected UnsignedFile.Multi.Generic (1)
08:39:29.0890 3040        Sparrow        (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
08:39:29.0968 3040        Sparrow - ok
08:39:29.0984 3040        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:39:30.0093 3040        splitter - ok
08:39:30.0125 3040        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
08:39:30.0187 3040        Spooler - ok
08:39:30.0281 3040        sptd            (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\System32\Drivers\sptd.sys
08:39:30.0343 3040        sptd - ok
08:39:30.0359 3040        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
08:39:30.0421 3040        sr - ok
08:39:30.0468 3040        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
08:39:30.0546 3040        srservice - ok
08:39:30.0593 3040        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:39:30.0718 3040        Srv - ok
08:39:30.0734 3040        sscdbhk5        (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
08:39:30.0765 3040        sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
08:39:30.0765 3040        sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
08:39:30.0781 3040        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
08:39:30.0859 3040        SSDPSRV - ok
08:39:30.0890 3040        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
08:39:30.0906 3040        ssmdrv - ok
08:39:30.0906 3040        ssrtln          (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
08:39:30.0921 3040        ssrtln ( UnsignedFile.Multi.Generic ) - warning
08:39:30.0921 3040        ssrtln - detected UnsignedFile.Multi.Generic (1)
08:39:30.0953 3040        StarOpen        (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
08:39:30.0953 3040        StarOpen ( UnsignedFile.Multi.Generic ) - warning
08:39:30.0953 3040        StarOpen - detected UnsignedFile.Multi.Generic (1)
08:39:31.0015 3040        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
08:39:31.0187 3040        stisvc - ok
08:39:31.0250 3040        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:39:31.0390 3040        swenum - ok
08:39:31.0453 3040        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:39:31.0593 3040        swmidi - ok
08:39:31.0593 3040        SwPrv - ok
08:39:31.0625 3040        symc810        (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
08:39:31.0765 3040        symc810 - ok
08:39:31.0781 3040        symc8xx        (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
08:39:31.0890 3040        symc8xx - ok
08:39:31.0906 3040        sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
08:39:32.0031 3040        sym_hi - ok
08:39:32.0046 3040        sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
08:39:32.0156 3040        sym_u3 - ok
08:39:32.0187 3040        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:39:32.0312 3040        sysaudio - ok
08:39:32.0343 3040        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
08:39:32.0468 3040        SysmonLog - ok
08:39:32.0484 3040        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
08:39:32.0625 3040        TapiSrv - ok
08:39:32.0687 3040        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:39:32.0765 3040        Tcpip - ok
08:39:32.0796 3040        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:39:32.0921 3040        TDPIPE - ok
08:39:32.0968 3040        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:39:33.0093 3040        TDTCP - ok
08:39:33.0109 3040        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:39:33.0234 3040        TermDD - ok
08:39:33.0296 3040        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
08:39:33.0437 3040        TermService - ok
08:39:33.0500 3040        tfsnboio        (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
08:39:33.0531 3040        tfsnboio ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0531 3040        tfsnboio - detected UnsignedFile.Multi.Generic (1)
08:39:33.0546 3040        tfsncofs        (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
08:39:33.0562 3040        tfsncofs ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0562 3040        tfsncofs - detected UnsignedFile.Multi.Generic (1)
08:39:33.0562 3040        tfsndrct        (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
08:39:33.0578 3040        tfsndrct ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0578 3040        tfsndrct - detected UnsignedFile.Multi.Generic (1)
08:39:33.0609 3040        tfsndres        (d4400188782aa797598958969c9657d4) C:\WINDOWS\system32\dla\tfsndres.sys
08:39:33.0609 3040        tfsndres ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0609 3040        tfsndres - detected UnsignedFile.Multi.Generic (1)
08:39:33.0640 3040        tfsnifs        (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
08:39:33.0640 3040        tfsnifs ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0640 3040        tfsnifs - detected UnsignedFile.Multi.Generic (1)
08:39:33.0656 3040        tfsnopio        (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
08:39:33.0656 3040        tfsnopio ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0656 3040        tfsnopio - detected UnsignedFile.Multi.Generic (1)
08:39:33.0671 3040        tfsnpool        (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
08:39:33.0671 3040        tfsnpool ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0671 3040        tfsnpool - detected UnsignedFile.Multi.Generic (1)
08:39:33.0687 3040        tfsnudf        (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
08:39:33.0703 3040        tfsnudf ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0703 3040        tfsnudf - detected UnsignedFile.Multi.Generic (1)
08:39:33.0718 3040        tfsnudfa        (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
08:39:33.0718 3040        tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
08:39:33.0718 3040        tfsnudfa - detected UnsignedFile.Multi.Generic (1)
08:39:33.0765 3040        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
08:39:33.0781 3040        Themes - ok
08:39:33.0828 3040        TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys
08:39:33.0921 3040        TosIde - ok
08:39:33.0953 3040        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
08:39:34.0078 3040        TrkWks - ok
08:39:34.0140 3040        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:39:34.0281 3040        Udfs - ok
08:39:34.0296 3040        ultra          (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
08:39:34.0359 3040        ultra - ok
08:39:34.0421 3040        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:39:34.0593 3040        Update - ok
08:39:34.0656 3040        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
08:39:34.0734 3040        upnphost - ok
08:39:34.0781 3040        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
08:39:34.0906 3040        UPS - ok
08:39:34.0953 3040        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:39:35.0078 3040        usbccgp - ok
08:39:35.0093 3040        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:39:35.0218 3040        usbehci - ok
08:39:35.0234 3040        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:39:35.0359 3040        usbhub - ok
08:39:35.0390 3040        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:39:35.0531 3040        usbprint - ok
08:39:35.0531 3040        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:39:35.0656 3040        usbscan - ok
08:39:35.0671 3040        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:39:35.0812 3040        USBSTOR - ok
08:39:35.0828 3040        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:39:35.0937 3040        usbuhci - ok
08:39:36.0000 3040        UserAccess7    (d40a2f00da5a23a254c7b9c1678043c1) C:\WINDOWS\system32\UAService7.exe
08:39:36.0015 3040        UserAccess7 ( UnsignedFile.Multi.Generic ) - warning
08:39:36.0015 3040        UserAccess7 - detected UnsignedFile.Multi.Generic (1)
08:39:36.0046 3040        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:39:36.0171 3040        VgaSave - ok
08:39:36.0203 3040        viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
08:39:36.0312 3040        viaagp - ok
08:39:36.0328 3040        ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
08:39:36.0437 3040        ViaIde - ok
08:39:36.0500 3040        vmm            (e41fef9e3056fe88c71e411f705be41e) C:\WINDOWS\system32\Drivers\vmm.sys
08:39:36.0531 3040        vmm - ok
08:39:36.0531 3040        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
08:39:36.0656 3040        VolSnap - ok
08:39:36.0671 3040        VPCNetS2        (f96a678debdccb0b4bb7f38cb2580589) C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
08:39:36.0703 3040        VPCNetS2 - ok
08:39:36.0750 3040        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
08:39:36.0828 3040        VSS - ok
08:39:36.0875 3040        w200bus        (34923e278eac7ddcea717ae1fcf592f6) C:\WINDOWS\system32\DRIVERS\w200bus.sys
08:39:36.0953 3040        w200bus - ok
08:39:37.0000 3040        w200mdfl        (eff90a983cd3deab05922242e8072dc6) C:\WINDOWS\system32\DRIVERS\w200mdfl.sys
08:39:37.0125 3040        w200mdfl - ok
08:39:37.0171 3040        w200mdm        (f03da4fbb2708a0b5409ea63e88c0f50) C:\WINDOWS\system32\DRIVERS\w200mdm.sys
08:39:37.0218 3040        w200mdm - ok
08:39:37.0250 3040        w200mgmt        (1522d6387e6bb54aef9824b1733832db) C:\WINDOWS\system32\DRIVERS\w200mgmt.sys
08:39:37.0265 3040        w200mgmt - ok
08:39:37.0296 3040        w200obex        (8405be0bba1ccf26d0fbdd26be03c816) C:\WINDOWS\system32\DRIVERS\w200obex.sys
08:39:37.0328 3040        w200obex - ok
08:39:37.0406 3040        w32time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
08:39:37.0531 3040        w32time - ok
08:39:37.0562 3040        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:39:37.0687 3040        Wanarp - ok
08:39:37.0703 3040        WDICA - ok
08:39:37.0734 3040        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:39:37.0859 3040        wdmaud - ok
08:39:37.0906 3040        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
08:39:38.0031 3040        WebClient - ok
08:39:38.0125 3040        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
08:39:38.0250 3040        winmgmt - ok
08:39:38.0312 3040        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
08:39:38.0406 3040        WmdmPmSN - ok
08:39:38.0453 3040        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:39:38.0593 3040        WmiApSrv - ok
08:39:38.0687 3040        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
08:39:38.0796 3040        WMPNetworkSvc - ok
08:39:38.0828 3040        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
08:39:38.0859 3040        WpdUsb - ok
08:39:38.0875 3040        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:39:38.0984 3040        WS2IFSL - ok
08:39:39.0015 3040        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
08:39:39.0187 3040        wuauserv - ok
08:39:39.0250 3040        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:39:39.0296 3040        WudfPf - ok
08:39:39.0296 3040        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:39:39.0328 3040        WudfRd - ok
08:39:39.0343 3040        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
08:39:39.0375 3040        WudfSvc - ok
08:39:39.0437 3040        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
08:39:39.0625 3040        WZCSVC - ok
08:39:39.0671 3040        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
08:39:39.0843 3040        xmlprov - ok
08:39:39.0875 3040        MBR (0x1B8)    (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
08:39:40.0453 3040        \Device\Harddisk0\DR0 - ok
08:39:40.0468 3040        MBR (0x1B8)    (53adf81be61316f4f38c854dcd59bc05) \Device\Harddisk1\DR4
08:39:50.0609 3040        \Device\Harddisk1\DR4 - ok
08:39:50.0625 3040        Boot (0x1200)  (6a3c7c285378ca155b34b4f236f50650) \Device\Harddisk0\DR0\Partition0
08:39:50.0625 3040        \Device\Harddisk0\DR0\Partition0 - ok
08:39:50.0625 3040        ============================================================
08:39:50.0625 3040        Scan finished
08:39:50.0625 3040        ============================================================
08:39:50.0734 2200        Detected object count: 34
08:39:50.0734 2200        Actual detected object count: 34
08:40:20.0984 2200        AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200        AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:20.0984 2200        AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200        AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:20.0984 2200        avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200        avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:20.0984 2200        cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200        cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:20.0984 2200        cpuz132 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:20.0984 2200        cpuz132 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0000 2200        Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200        Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0000 2200        de_serv ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200        de_serv ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0000 2200        drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200        drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0000 2200        drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200        drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0000 2200        IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200        IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0000 2200        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0000 2200        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0015 2200        iPodService ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200        iPodService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0015 2200        omci ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200        omci ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0015 2200        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0015 2200        prodrv06 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200        prodrv06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0015 2200        prohlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200        prohlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0015 2200        prosync1 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200        prosync1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0015 2200        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0015 2200        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0031 2200        Ser2pl ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200        Ser2pl ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0031 2200        sfhlp01 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200        sfhlp01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0031 2200        siusbmod ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200        siusbmod ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0031 2200        sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200        sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0031 2200        ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200        ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0031 2200        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0031 2200        tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0031 2200        tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0046 2200        tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200        tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0046 2200        tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200        tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0046 2200        tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200        tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0046 2200        tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200        tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0046 2200        tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200        tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0046 2200        tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200        tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0046 2200        tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0046 2200        tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0062 2200        tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0062 2200        tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:40:21.0062 2200        UserAccess7 ( UnsignedFile.Multi.Generic ) - skipped by user
08:40:21.0062 2200        UserAccess7 ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 14.08.2012 15:44
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

fux89 14.08.2012 17:37
hier das ergebnis:

[code]
Combofix Logfile:
Code:
ComboFix 12-08-14.02 - Christopher 14.08.2012  18:18:58.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1022.423 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Christopher\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\Christopher\WINDOWS
c:\windows\Help\d2hlnk32.dll
c:\windows\Help\d2htls32.dll
c:\windows\IsUn0407.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\FUSION.DLL
c:\windows\system32\URTTemp\MSCOREE.DLL
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\MSCORSN.DLL
c:\windows\system32\URTTemp\MSCORWKS.DLL
c:\windows\system32\URTTemp\MSVCR71.DLL
c:\windows\system32\URTTemp\REGTLIB.EXE
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-07-14 bis 2012-08-14  ))))))))))))))))))))))))))))))
.
.
2012-08-12 17:27 . 2012-08-12 17:27        --------        d-----w-        C:\_OTL
2012-08-07 14:43 . 2012-08-07 14:43        --------        d-----w-        c:\programme\ESET
2012-08-07 12:48 . 2012-08-07 12:48        --------        d-----w-        c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-08-07 12:47        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-07-03 11:46        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-08-07 12:47 . 2012-08-07 12:47        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware
2012-08-04 15:18 . 2012-08-04 15:20        --------        d-----w-        c:\programme\7-Zip
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 19:40 . 2012-03-31 06:57        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-08-02 19:40 . 2011-05-23 10:32        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:55 . 2004-08-04 13:00        1866240        ----a-w-        c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2007-05-15 13:43        1372672        ----a-w-        c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-04 13:00        1172480        ----a-w-        c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-04 13:00        152576        ----a-w-        c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-06-21 13:20        18456        ----a-w-        c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2007-06-21 13:20        15896        ----a-w-        c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00        329240        ----a-w-        c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2004-08-04 13:00        219160        ----a-w-        c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2004-08-04 13:00        210968        ----a-w-        c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-06-21 13:20        15896        ----a-w-        c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2005-05-26 03:16        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2004-08-04 13:00        97304        ----a-w-        c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2004-08-04 13:00        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2004-08-04 13:00        35864        ----a-w-        c:\windows\system32\WUPS.DLL
2012-06-02 13:19 . 2007-06-21 13:20        23576        ----a-w-        c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2004-08-04 13:00        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2009-09-22 05:53        214256        ----a-w-        c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-09-22 05:53        275696        ----a-w-        c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-09-22 05:53        18160        ----a-w-        c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2004-08-04 13:00        604160        ----a-w-        c:\windows\system32\crypt32.dll
2012-07-19 11:11 . 2011-09-02 12:07        136672        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll
2011-04-14 12:01 . 2010-12-11 15:48        24376        ----a-w-        c:\programme\mozilla firefox\components\Scriptff.dll
2006-05-03 10:06        163328        --sh--r-        c:\windows\SYSTEM32\flvDX.dll
2007-02-21 11:47        31232        --sh--r-        c:\windows\SYSTEM32\msfDX.dll
2008-03-16 13:30        216064        --sh--r-        c:\windows\SYSTEM32\nbDX.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-06-28 67128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\programme\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"CTSysVol"="c:\programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"CTHelper"="CTHELPER.EXE" [2004-03-11 28672]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DMXLauncher"="c:\programme\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"bacstray"="c:\programme\Broadcom\BACS\\BacsTray.exe" [2004-04-20 118784]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"AVMWlanClient"="c:\programme\avmwlanstick\FRITZWLANMini.exe" [2007-02-02 283136]
"Ocs_SM"="c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe" [2011-06-12 106496]
"Launch LGDCore"="c:\programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-21 296056]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
Logitech Desktop Messenger.lnk - c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-6-28 67128]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2007-4-11 434176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41        37296        ----a-w-        c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-10-12 15:54        57344        ----a-w-        c:\programme\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2006-02-23 13:45        278528        ----a-w-        c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2011-11-03 09:20        220744        ----a-w-        c:\programme\pdf24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38        421888        ----a-w-        c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2006-11-23 23:06        487424        ----a-r-        c:\programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-21 07:51        296056        ----a-w-        c:\program files\Real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-08-27 15:05        247144        ----a-w-        c:\programme\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 00:01        110592        ----a-w-        c:\programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
R1 avkmgr;avkmgr;c:\windows\SYSTEM32\DRIVERS\avkmgr.sys [10.12.2011 17:09 36000]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [10.12.2011 17:09 86224]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [07.08.2012 14:47 655944]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\SYSTEM32\DRIVERS\fwlanusb.sys [02.12.2005 14:49 265088]
R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [07.08.2012 14:47 22344]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe --> c:\programme\ICQ6Toolbar\ICQ Service.exe [?]
S2 MOBCleanup;MOBCleanup;"c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe" --> c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe [?]
S2 SearchAnonymizer;SearchAnonymizer;c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe [31.05.2011 17:52 40960]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe [31.03.2012 08:57 250056]
S3 avmeject;AVM Eject;c:\windows\SYSTEM32\DRIVERS\avmeject.sys [20.01.2011 17:10 4352]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [03.05.2012 13:10 113120]
S3 siusbmod;siusbmod;c:\windows\SYSTEM32\DRIVERS\siusbmod.sys [27.03.2008 19:14 26624]
S4 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [12.06.2011 17:39 697328]
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:40]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-13 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]
.
2005-05-20 c:\windows\Tasks\ISP-Anmeldungserinnerung 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 02:22]
.
2012-08-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-07-26 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\programme\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - www.google.de
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.newTab - false
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN24950295514244-1001&toolbarId=base&affiliateId=1001&Lan={dfltLng}&utid=cc0f9335000000000000001c4af26575&q=
FF - user.js: extensions.zonealarm.id - cc0f9335000000000000001c4af26575
FF - user.js: extensions.zonealarm.instlDay - 15466
FF - user.js: extensions.zonealarm.vrsn - 1.5.23.8
FF - user.js: extensions.zonealarm.vrsni - 1.5.23.8
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.5.23.816:54
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1001
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN24950295514244-1001
FF - user.js: extensions.zonealarm.dfltLng - de
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-ISW - (no file)
AddRemove-FRITZ!DSL - c:\windows\IsUn0407.exe
AddRemove-Future Cop - c:\windows\unin0407.exe
AddRemove-ICQToolbar - c:\programme\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-MFatigue Uninst - c:\windows\IsUn0407.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
AddRemove-ZoneAlarm Security Toolbar - c:\programme\Check Point Software Technologies LTD\zonealarm\1.5.23.8\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-14 18:31
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5e,83,41,d5,3b,69,51,e1,dc,d2,ed,e5,47,fe,b0,ec,13,ec,ed,78,24,95,4f,
  e4,0a,40,89,00,8e,f7,7d,b7,35,b6,c7,2e,c5,df,7b,78,89,30,ed,ce,30,85,a0,7b,\
"??"=hex:f1,14,a9,de,97,cf,aa,85,e5,5d,d7,b7,5c,0a,de,bf
.
Zeit der Fertigstellung: 2012-08-14  18:34:51
ComboFix-quarantined-files.txt  2012-08-14 16:34
.
Vor Suchlauf: 28 Verzeichnis(se), 198.281.134.080 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 198.767.878.144 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 8D5770633013EC7E09E03BDEF778CEA0
--- --- ---

cosinus 14.08.2012 17:48
Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:
Firefox::
FF - ProfilePath - c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.newTab - false
FF - user.js: extensions.zonealarm.tlbrSrchUrl - http://search.zonealarm.com/search?Source=ToolBar&oemCode=ZLN24950295514244-1001&toolbarId=base&affiliateId=1001&Lan={dfltLng}&utid=cc0f9335000000000000001c4af26575&q=
FF - user.js: extensions.zonealarm.id - cc0f9335000000000000001c4af26575
FF - user.js: extensions.zonealarm.instlDay - 15466
FF - user.js: extensions.zonealarm.vrsn - 1.5.23.8
FF - user.js: extensions.zonealarm.vrsni - 1.5.23.8
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.5.23.816:54
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1001
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base
FF - user.js: extensions.zonealarm.instlRef - ZLN24950295514244-1001
FF - user.js: extensions.zonealarm.dfltLng - de
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

http://users.pandora.be/bluepatchy/m...s/CFScript.gif

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

fux89 14.08.2012 18:44
und hier das nächste log:

[code]
Combofix Logfile:
Code:
ComboFix 12-08-14.03 - Christopher 14.08.2012  19:25:40.2.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1022.353 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Christopher\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Christopher\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-07-14 bis 2012-08-14  ))))))))))))))))))))))))))))))
.
.
2012-08-12 17:27 . 2012-08-12 17:27        --------        d-----w-        C:\_OTL
2012-08-07 14:43 . 2012-08-07 14:43        --------        d-----w-        c:\programme\ESET
2012-08-07 12:48 . 2012-08-07 12:48        --------        d-----w-        c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-08-07 12:47        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-07-03 11:46        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-08-07 12:47 . 2012-08-07 12:47        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware
2012-08-04 15:18 . 2012-08-04 15:20        --------        d-----w-        c:\programme\7-Zip
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 19:40 . 2012-03-31 06:57        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-08-02 19:40 . 2011-05-23 10:32        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:55 . 2004-08-04 13:00        1866240        ----a-w-        c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2007-05-15 13:43        1372672        ----a-w-        c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-04 13:00        1172480        ----a-w-        c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-04 13:00        152576        ----a-w-        c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-06-21 13:20        18456        ----a-w-        c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2007-06-21 13:20        15896        ----a-w-        c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00        329240        ----a-w-        c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2004-08-04 13:00        219160        ----a-w-        c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2004-08-04 13:00        210968        ----a-w-        c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-06-21 13:20        15896        ----a-w-        c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2005-05-26 03:16        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2004-08-04 13:00        97304        ----a-w-        c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2004-08-04 13:00        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2004-08-04 13:00        35864        ----a-w-        c:\windows\system32\WUPS.DLL
2012-06-02 13:19 . 2007-06-21 13:20        23576        ----a-w-        c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2004-08-04 13:00        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2009-09-22 05:53        214256        ----a-w-        c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-09-22 05:53        275696        ----a-w-        c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-09-22 05:53        18160        ----a-w-        c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2004-08-04 13:00        604160        ----a-w-        c:\windows\system32\crypt32.dll
2012-07-19 11:11 . 2011-09-02 12:07        136672        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll
2011-04-14 12:01 . 2010-12-11 15:48        24376        ----a-w-        c:\programme\mozilla firefox\components\Scriptff.dll
2006-05-03 10:06        163328        --sh--r-        c:\windows\SYSTEM32\flvDX.dll
2007-02-21 11:47        31232        --sh--r-        c:\windows\SYSTEM32\msfDX.dll
2008-03-16 13:30        216064        --sh--r-        c:\windows\SYSTEM32\nbDX.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-06-28 67128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\programme\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"CTSysVol"="c:\programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"CTHelper"="CTHELPER.EXE" [2004-03-11 28672]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DMXLauncher"="c:\programme\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"bacstray"="c:\programme\Broadcom\BACS\\BacsTray.exe" [2004-04-20 118784]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"AVMWlanClient"="c:\programme\avmwlanstick\FRITZWLANMini.exe" [2007-02-02 283136]
"Ocs_SM"="c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe" [2011-06-12 106496]
"Launch LGDCore"="c:\programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-21 296056]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
Logitech Desktop Messenger.lnk - c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-6-28 67128]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2007-4-11 434176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41        37296        ----a-w-        c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-10-12 15:54        57344        ----a-w-        c:\programme\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2006-02-23 13:45        278528        ----a-w-        c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2011-11-03 09:20        220744        ----a-w-        c:\programme\pdf24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38        421888        ----a-w-        c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2006-11-23 23:06        487424        ----a-r-        c:\programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-21 07:51        296056        ----a-w-        c:\program files\Real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-08-27 15:05        247144        ----a-w-        c:\programme\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 00:01        110592        ----a-w-        c:\programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
.
R1 avkmgr;avkmgr;c:\windows\SYSTEM32\DRIVERS\avkmgr.sys [10.12.2011 17:09 36000]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [10.12.2011 17:09 86224]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [07.08.2012 14:47 655944]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\SYSTEM32\DRIVERS\fwlanusb.sys [02.12.2005 14:49 265088]
R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [07.08.2012 14:47 22344]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe --> c:\programme\ICQ6Toolbar\ICQ Service.exe [?]
S2 MOBCleanup;MOBCleanup;"c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe" --> c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe [?]
S2 SearchAnonymizer;SearchAnonymizer;c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe [31.05.2011 17:52 40960]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe [31.03.2012 08:57 250056]
S3 avmeject;AVM Eject;c:\windows\SYSTEM32\DRIVERS\avmeject.sys [20.01.2011 17:10 4352]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [03.05.2012 13:10 113120]
S3 siusbmod;siusbmod;c:\windows\SYSTEM32\DRIVERS\siusbmod.sys [27.03.2008 19:14 26624]
S4 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [12.06.2011 17:39 697328]
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:40]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-13 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]
.
2005-05-20 c:\windows\Tasks\ISP-Anmeldungserinnerung 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 02:22]
.
2012-08-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-07-26 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\programme\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - www.google.de
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-14 19:38
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5e,83,41,d5,3b,69,51,e1,dc,d2,ed,e5,47,fe,b0,ec,13,ec,ed,78,24,95,4f,
  e4,0a,40,89,00,8e,f7,7d,b7,35,b6,c7,2e,c5,df,7b,78,89,30,ed,ce,30,85,a0,7b,\
"??"=hex:f1,14,a9,de,97,cf,aa,85,e5,5d,d7,b7,5c,0a,de,bf
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(1992)
c:\programme\Logitech\SetPoint\GameHook.dll
c:\programme\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Zeit der Fertigstellung: 2012-08-14  19:41:32
ComboFix-quarantined-files.txt  2012-08-14 17:41
ComboFix2.txt  2012-08-14 16:34
.
Vor Suchlauf: 29 Verzeichnis(se), 198.782.914.560 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 198.753.456.128 Bytes frei
.
- - End Of File - - F87809475B43EC4BBAE13D633A8C5AEA
--- --- ---

cosinus 15.08.2012 18:38
Ok, das ganze nochmal, aber diesmal dieses Script in die CFScript.txt kopieren, es darf nur noch das hier in der CFScript.txt stehen, der Rest wie oben gehabt:

Code:
Seccenter::
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

Driver::
ICQ Service

Folder::
c:\programme\ICQ6Toolbar

fux89 15.08.2012 19:49
erledigt:

[code]
Combofix Logfile:
Code:
ComboFix 12-08-15.01 - Christopher 15.08.2012  20:25:12.3.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1022.439 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Christopher\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Christopher\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-07-15 bis 2012-08-15  ))))))))))))))))))))))))))))))
.
.
2012-08-12 17:27 . 2012-08-12 17:27        --------        d-----w-        C:\_OTL
2012-08-07 14:43 . 2012-08-07 14:43        --------        d-----w-        c:\programme\ESET
2012-08-07 12:48 . 2012-08-07 12:48        --------        d-----w-        c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-08-07 12:47        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-08-07 12:47 . 2012-07-03 11:46        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-08-07 12:47 . 2012-08-07 12:47        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware
2012-08-04 15:18 . 2012-08-04 15:20        --------        d-----w-        c:\programme\7-Zip
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 19:40 . 2012-03-31 06:57        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-08-02 19:40 . 2011-05-23 10:32        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:55 . 2004-08-04 13:00        1866240        ----a-w-        c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2007-05-15 13:43        1372672        ----a-w-        c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-04 13:00        1172480        ----a-w-        c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-04 13:00        152576        ----a-w-        c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-06-21 13:20        18456        ----a-w-        c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2007-06-21 13:20        15896        ----a-w-        c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00        329240        ----a-w-        c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2004-08-04 13:00        219160        ----a-w-        c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2004-08-04 13:00        210968        ----a-w-        c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-06-21 13:20        15896        ----a-w-        c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2005-05-26 03:16        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2004-08-04 13:00        97304        ----a-w-        c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2004-08-04 13:00        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2004-08-04 13:00        35864        ----a-w-        c:\windows\system32\WUPS.DLL
2012-06-02 13:19 . 2007-06-21 13:20        23576        ----a-w-        c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2004-08-04 13:00        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2004-08-04 13:00        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2009-09-22 05:53        214256        ----a-w-        c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2009-09-22 05:53        275696        ----a-w-        c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-09-22 05:53        18160        ----a-w-        c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2004-08-04 13:00        604160        ----a-w-        c:\windows\system32\crypt32.dll
2012-07-19 11:11 . 2011-09-02 12:07        136672        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll
2011-04-14 12:01 . 2010-12-11 15:48        24376        ----a-w-        c:\programme\mozilla firefox\components\Scriptff.dll
2006-05-03 10:06        163328        --sh--r-        c:\windows\SYSTEM32\flvDX.dll
2007-02-21 11:47        31232        --sh--r-        c:\windows\SYSTEM32\msfDX.dll
2008-03-16 13:30        216064        --sh--r-        c:\windows\SYSTEM32\nbDX.dll
.
.
(((((((((((((((((((((((((((((  SnapShot@2012-08-14_16.31.14  )))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-06-28 67128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\programme\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"CTSysVol"="c:\programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"CTHelper"="CTHELPER.EXE" [2004-03-11 28672]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DMXLauncher"="c:\programme\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016]
"bacstray"="c:\programme\Broadcom\BACS\\BacsTray.exe" [2004-04-20 118784]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"AVMWlanClient"="c:\programme\avmwlanstick\FRITZWLANMini.exe" [2007-02-02 283136]
"Ocs_SM"="c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe" [2011-06-12 106496]
"Launch LGDCore"="c:\programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-21 296056]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
Logitech Desktop Messenger.lnk - c:\programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-6-28 67128]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2007-4-11 434176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41        37296        ----a-w-        c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-10-12 15:54        57344        ----a-w-        c:\programme\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2006-02-23 13:45        278528        ----a-w-        c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2011-11-03 09:20        220744        ----a-w-        c:\programme\pdf24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38        421888        ----a-w-        c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2006-11-23 23:06        487424        ----a-r-        c:\programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-21 07:51        296056        ----a-w-        c:\program files\Real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-08-27 15:05        247144        ----a-w-        c:\programme\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 00:01        110592        ----a-w-        c:\programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
.
R1 avkmgr;avkmgr;c:\windows\SYSTEM32\DRIVERS\avkmgr.sys [10.12.2011 17:09 36000]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [10.12.2011 17:09 86224]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [07.08.2012 14:47 655944]
R2 SearchAnonymizer;SearchAnonymizer;c:\dokumente und einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe [31.05.2011 17:52 40960]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\SYSTEM32\DRIVERS\fwlanusb.sys [02.12.2005 14:49 265088]
R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [07.08.2012 14:47 22344]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S2 MOBCleanup;MOBCleanup;"c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe" --> c:\dokume~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe [31.03.2012 08:57 250056]
S3 avmeject;AVM Eject;c:\windows\SYSTEM32\DRIVERS\avmeject.sys [20.01.2011 17:10 4352]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [10.04.2011 19:54 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [03.05.2012 13:10 113120]
S3 siusbmod;siusbmod;c:\windows\SYSTEM32\DRIVERS\siusbmod.sys [27.03.2008 19:14 26624]
S4 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [12.06.2011 17:39 697328]
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:40]
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-04-10 17:54]
.
2012-08-14 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]
.
2005-05-20 c:\windows\Tasks\ISP-Anmeldungserinnerung 1.job
- c:\windows\system32\OOBE\OOBEBALN.EXE [2004-08-04 02:22]
.
2012-08-15 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-07-26 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://de.search.yahoo.com/search?fr=mcafee&p=%s
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\programme\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\dokumente und einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\e9r827ci.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - www.google.de
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-15 20:40
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2257774982-1209123923-1774505960-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5e,83,41,d5,3b,69,51,e1,dc,d2,ed,e5,47,fe,b0,ec,13,ec,ed,78,24,95,4f,
  e4,0a,40,89,00,8e,f7,7d,b7,35,b6,c7,2e,c5,df,7b,78,89,30,ed,ce,30,85,a0,7b,\
"??"=hex:f1,14,a9,de,97,cf,aa,85,e5,5d,d7,b7,5c,0a,de,bf
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(2312)
c:\programme\Logitech\SetPoint\GameHook.dll
c:\programme\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\ctagent.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programme\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\FRITZ!DSL\IGDCTRL.EXE
c:\programme\avmwlanstick\WlanNetService.exe
c:\windows\system32\bgsvcgen.exe
c:\windows\system32\CTsvcCDA.EXE
c:\programme\Intel\Intel Application Accelerator\iaantmon.exe
c:\programme\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\UAService7.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\CTHELPER.EXE
c:\programme\Broadcom\BACS\BacsTray.exe
c:\programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-15  20:46:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-08-15 18:46
ComboFix2.txt  2012-08-14 17:41
ComboFix3.txt  2012-08-14 16:34
.
Vor Suchlauf: 29 Verzeichnis(se), 198.595.555.328 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 198.444.511.232 Bytes frei
.
- - End Of File - - EFBBDEFD647BC420E7C729BAB875BD04
--- --- ---

cosinus 16.08.2012 08:54
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

fux89 16.08.2012 15:25
hier zunächst das log von gmer:

[code]
GMER Logfile:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-16 13:32:45
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Intel___ rev.0.1.
Running: berw7wji.exe; Driver: C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\fxtyapog.sys


---- System - GMER 1.0.15 ----

SSDT            B832AB44                                                                                              ZwClose
SSDT            B832AAFE                                                                                              ZwCreateKey
SSDT            B832AB4E                                                                                              ZwCreateSection
SSDT            B832AAF4                                                                                              ZwCreateThread
SSDT            B832AB03                                                                                              ZwDeleteKey
SSDT            B832AB0D                                                                                              ZwDeleteValueKey
SSDT            B832AB3F                                                                                              ZwDuplicateObject
SSDT            B832AB12                                                                                              ZwLoadKey
SSDT            B832AAE0                                                                                              ZwOpenProcess
SSDT            B832AAE5                                                                                              ZwOpenThread
SSDT            B832AB67                                                                                              ZwQueryValueKey
SSDT            B832AB1C                                                                                              ZwReplaceKey
SSDT            B832AB58                                                                                              ZwRequestWaitReplyPort
SSDT            B832AB17                                                                                              ZwRestoreKey
SSDT            B832AB53                                                                                              ZwSetContextThread
SSDT            B832AB5D                                                                                              ZwSetSecurityObject
SSDT            B832AB08                                                                                              ZwSetValueKey
SSDT            B832AB62                                                                                              ZwSystemDebugControl
SSDT            B832AAEF                                                                                              ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text          C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                              section is writeable [0xF4DCB3A0, 0x5CC259, 0xE8000020]
.text          C:\WINDOWS\system32\DRIVERS\atksgt.sys                                                                section is writeable [0xB0FED300, 0x3B6D8, 0xE8000020]
.text          C:\WINDOWS\system32\DRIVERS\lirsgt.sys                                                                section is writeable [0xF7932300, 0x1BEE, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text          C:\program files\real\realplayer\update\realsched.exe[2524] kernel32.dll!SetUnhandledExceptionFilter  7C84495D 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- Devices - GMER 1.0.15 ----

Device          \Driver\prodrv06 \Device\ProDrv06                                                                    E1FE4478
Device          \Driver\iaStor \Device\Ide\iaStor0                                                                    prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\atapi \Device\Ide\IdePort0                                                                    prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4                                                          prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c                                                          prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\iaStor \Device\Ide\IAAStorageDevice-0                                                        prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device          \Driver\prohlp02 \Device\ProHlp02                                                                    E10016D0

AttachedDevice  \FileSystem\Fastfat \Fat                                                                              fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device          \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer                                                    tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer                                                    tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer                                                        tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer                                                      tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer                                                    tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device          \FileSystem\Cdfs \Cdfs                                                                                tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----
--- --- ---


und hier das andere:

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-16 13:42:03
-----------------------------
13:42:03.609    OS Version: Windows 5.1.2600 Service Pack 3
13:42:03.609    Number of processors: 2 586 0x403
13:42:03.609    ComputerName: D67S0N1J  UserName:
13:42:04.468    Initialize success
13:45:25.281    AVAST engine defs: 12081600
13:45:48.531    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
13:45:48.531    Disk 0 Vendor: Intel___ 0.1. Size: 305175MB BusType: 3
13:45:48.734    Disk 0 MBR read successfully
13:45:48.734    Disk 0 MBR scan
13:45:49.015    Disk 0 unknown MBR code
13:45:49.046    Disk 0 Partition 1 00    DE Dell Utility Dell 4.1      47 MB offset 63
13:45:49.156    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS      302309 MB offset 96390
13:45:49.218    Disk 0 Partition 3 00    DB  CP/M / CTOS MSWIN4.1    2816 MB offset 619225425
13:45:49.390    Disk 0 scanning sectors +624992760
13:45:49.906    Disk 0 scanning C:\WINDOWS\system32\drivers
13:47:17.328    Service scanning
13:47:33.187    Modules scanning
13:49:27.906    Disk 0 trace - called modules:
13:49:27.968    ntkrnlpa.exe CLASSPNP.SYS disk.sys prosync1.sys hal.dll iaStor.sys
13:49:27.968    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87185030]
13:49:27.984    3 CLASSPNP.SYS[f7612fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86e66030]
13:49:28.968    AVAST engine scan C:\WINDOWS
13:52:26.953    AVAST engine scan C:\WINDOWS\system32
14:11:31.296    AVAST engine scan C:\WINDOWS\system32\drivers
14:14:43.000    AVAST engine scan C:\Dokumente und Einstellungen\Christopher
15:30:52.953    AVAST engine scan C:\Dokumente und Einstellungen\All Users
15:36:51.078    Scan finished successfully
16:24:11.812    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Christopher\Desktop\MBR.dat"
16:24:11.812    The log file has been saved successfully to "C:\Dokumente und Einstellungen\Christopher\Desktop\aswMBR.txt"

cosinus 17.08.2012 18:12
Was ist mit OSAM?

fux89 17.08.2012 18:19
oh sry, das hat ich vergessen zu posten

Code:
OSAM Logfile:

       
Code:

       
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 13:40:39 on 16.08.2012

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 14.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"HPpromotions journeysoftware.job" - "hp" - C:\Programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"RealUpgradeLogonTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-2257774982-1209123923-1774505960-1006.job" - "RealNetworks, Inc." - C:\Programme\Real\RealUpgrade\realupgrade.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"BACSCPL.cpl" - ? - C:\WINDOWS\system32\BACSCPL.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl
"PhysX.cpl" - ? - C:\WINDOWS\system32\PhysX.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"ECSEPM" - "Sony Ericsson Mobile Communications AB" - C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\ecsepm.cpl
"IAA" - "Intel Corporation" - C:\Programme\Intel\Intel Application Accelerator\cpl\iaa.cpl
"Pando" - "Pando Networks" - C:\Programme\Pando Networks\Media Booster\PMB.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"atksgt" (atksgt) - ? - C:\WINDOWS\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avkmgr.sys
"AVM Eject" (avmeject) - "AVM Berlin" - C:\WINDOWS\System32\drivers\avmeject.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"cdrbsdrv" (cdrbsdrv) - "B.H.A Corporation" - C:\WINDOWS\system32\drivers\cdrbsdrv.sys
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"cpuz132" (cpuz132) - "Windows (R) Codename Longhorn DDK provider" - C:\WINDOWS\system32\drivers\cpuz132_x32.sys
"drvmcdb" (drvmcdb) - "Sonic Solutions" - C:\WINDOWS\System32\drivers\drvmcdb.sys
"drvnddm" (drvnddm) - "Sonic Solutions" - C:\WINDOWS\System32\drivers\drvnddm.sys
"fxtyapog" (fxtyapog) - ? - C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\fxtyapog.sys  (Hidden registry entry, rootkit activity | File not found)
"GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"lirsgt" (lirsgt) - ? - C:\WINDOWS\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MAT Serial port driver" (Ser2pl) - "Prolific Technology Inc." - C:\WINDOWS\System32\DRIVERS\ser2pl.sys
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\WINDOWS\system32\drivers\mbam.sys
"OMCI WDM Device Driver" (omci) - "Dell Computer Corporation" - C:\WINDOWS\System32\DRIVERS\omci.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"siusbmod" (siusbmod) - "Siemens AG " - C:\WINDOWS\System32\DRIVERS\siusbmod.sys
"sscdbhk5" (sscdbhk5) - "Sonic Solutions" - C:\WINDOWS\System32\drivers\sscdbhk5.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"ssrtln" (ssrtln) - "Sonic Solutions" - C:\WINDOWS\System32\drivers\ssrtln.sys
"StarForce Protection Environment Driver v6" (prodrv06) - "Protection Technology" - C:\WINDOWS\System32\drivers\prodrv06.sys
"StarForce Protection Helper Driver" (sfhlp01) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfhlp01.sys
"StarForce Protection Helper Driver v2" (prohlp02) - "Protection Technology" - C:\WINDOWS\System32\drivers\prohlp02.sys
"StarForce Protection Synchronization Driver v1" (prosync1) - "Protection Technology" - C:\WINDOWS\System32\drivers\prosync1.sys
"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys  (File found, but it contains no detailed information)
"tfsnboio" (tfsnboio) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnboio.sys
"tfsncofs" (tfsncofs) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsncofs.sys
"tfsndrct" (tfsndrct) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsndrct.sys
"tfsndres" (tfsndres) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsndres.sys
"tfsnifs" (tfsnifs) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnifs.sys
"tfsnopio" (tfsnopio) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnopio.sys
"tfsnpool" (tfsnpool) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnpool.sys
"tfsnudf" (tfsnudf) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnudf.sys
"tfsnudfa" (tfsnudfa) - "Sonic Solutions" - C:\WINDOWS\System32\dla\tfsnudfa.sys
"Virtual Machine Monitor" (vmm) - "Microsoft Corporation" - C:\WINDOWS\system32\Drivers\vmm.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Programme\Essentials Codec Pack\Haali\mmfinfo.dll  (File found, but it contains no detailed information)
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{A173B69A-1F9B-4823-9FDA-412F641E65D6} "INSMimeFilterPP Class" - ? - C:\Programme\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{9462A756-7B47-47BC-8C80-C34B9B80B32B} "BackWeb GA Pluggable Protocol" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -   (File not found | COM-object registry key not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll
{5CA3D70E-1895-11CF-8E15-001234567890} "DriveLetterAccess" - "Sonic Solutions" - C:\WINDOWS\system32\dla\tfswshx.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Programme\Essentials Codec Pack\Haali\mmfinfo.dll  (File found, but it contains no detailed information)
{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\Programme\Essentials Codec Pack\Haali\mmfinfo.dll  (File found, but it contains no detailed information)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\Programme\Essentials Codec Pack\Haali\mmfinfo.dll  (File found, but it contains no detailed information)
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "ICQ Lite Shell Extension" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Computer, Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll
{DEE12703-6333-4D4E-8F34-738C4DCC2E04} "RecordNow! SendToExt" - ? - C:\Programme\Sonic\RecordNow!\shlext.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{03DAACC5-10BA-4E3E-9D54-2A569F6B4B87} "Sony Ericsson File Manager" - "Popwire AB" - C:\Programme\Sony Ericsson\Mobile2\File Manager\FM.dll
{738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Sony Ericsson File Manager" - "Popwire AB" - C:\Programme\Sony Ericsson\Mobile2\File Manager\FM.dll
{8932AEFE-9DB6-4f43-AFB2-5682F55E773A} "VPCHostCopyHook" - "Microsoft Corporation" - C:\Programme\Microsoft Virtual PC\VPCShExH.DLL
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Google" - "Google Germany GmbH" - c:\programme\google\googletoolbar3.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{D821DC4A-0814-435E-9820-661C543A4679} "CRLDownloadWrapper Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\crlocx.ocx / hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash32_11_3_300_270.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} "{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}" - ? -   (File not found | COM-object registry key not found) / hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} "{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}" - ? -   (File not found | COM-object registry key not found) / hxxp://download.mcafee.com/molbin/shared/mcgdmgr/de/1,0,0,23/mcgdmgr.cab
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} "{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} "ClsidExtension" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll
"ICQ Lite" - ? - C:\Programme\ICQLite\ICQLite.exe  (File not found)
"ICQ7.5" - "ICQ, LLC." - C:\Programme\ICQ7.5\ICQ.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Google" - "Google Germany GmbH" - c:\programme\google\googletoolbar3.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"DESKTOP.INI" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DESKTOP.INI
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)
"Logitech Desktop Messenger.lnk" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe  (Shortcut exists | File exists)
"Logitech SetPoint.lnk" - "Logitech Inc." - C:\Programme\Logitech\SetPoint\SetPoint.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"DESKTOP.INI" - ? - C:\Dokumente und Einstellungen\Christopher\Startmenü\Programme\Autostart\DESKTOP.INI
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"LDM" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"AVMWlanClient" - "AVM Berlin" - C:\Programme\avmwlanstick\FRITZWLANMini.exe
"bacstray" - "Broadcom Corporation" - C:\Programme\Broadcom\BACS\\BacsTray.exe
"CTDVDDET" - "Creative Technology Ltd" - C:\Programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
"CTHelper" - "Creative Technology Ltd" - CTHELPER.EXE
"CTSysVol" - "Creative Technology Ltd" - C:\Programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
"dla" - "Sonic Solutions" - C:\WINDOWS\system32\dla\tfswctrl.exe
"DMXLauncher" - ? - C:\Programme\Dell\Media Experience\DMXLauncher.exe  (File found, but it contains no detailed information)
"HP Software Update" - "Hewlett-Packard" - C:\Programme\HP\HP Software Update\HPWuSchd2.exe
"IAAnotif" - "Intel Corporation" - C:\Programme\Intel\Intel Application Accelerator\iaanotif.exe
"Launch LGDCore" - "Logitech Inc." - "C:\Programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"nwiz" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet
"Ocs_SM" - "OCS" - C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe
"TkBellExe" - "RealNetworks, Inc." - "C:\program files\real\realplayer\update\realsched.exe"  -osboot
"UpdReg" - "Creative Technology Ltd." - C:\WINDOWS\UpdReg.EXE

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFCreator" - ? - C:\WINDOWS\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll  (File not found)
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"AVM FRITZ!web Routing Service" (de_serv) - "AVM Berlin" - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
"AVM IGD CTRL Service" (AVM IGD CTRL Service) - "AVM Berlin" - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
"AVM WLAN Connection Service" (AVM WLAN Connection Service) - "AVM Berlin" - C:\Programme\avmwlanstick\WlanNetService.exe
"B's Recorder GOLD Library General Service" (bgsvcgen) - "B.H.A Corporation" - C:\WINDOWS\system32\bgsvcgen.exe
"Creative Service for CDROM Access" (Creative Service for CDROM Access) - "Creative Technology Ltd" - C:\WINDOWS\system32\CTsvcCDA.EXE
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"IAA Event Monitor" (IAANTMon) - "Intel Corporation" - C:\Programme\Intel\Intel Application Accelerator\iaantmon.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"iPodService" (iPodService) - "Apple Computer, Inc." - C:\Programme\iPod\bin\iPodService.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
"MOBCleanup" (MOBCleanup) - ? - "C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\MOBCleanup.exe"  (File not found)
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
"NMSAccess" (NMSAccess) - ? - C:\Programme\CDBurnerXP\NMSAccessU.exe  (File found, but it contains no detailed information)
"Pml Driver HPZ12" (Pml Driver HPZ12) - "HP" - C:\WINDOWS\system32\HPZipm12.exe
"SearchAnonymizer" (SearchAnonymizer) - ? - C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
"SecuROM User Access Service (V7)" (UserAccess7) - "Sony DADC Austria AG." - C:\WINDOWS\system32\UAService7.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus 17.08.2012 21:28
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:27 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55