Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Google Links funktionieren nicht mehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.11.2011, 15:01   #1
sabi0520
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



Hallo!!
Ich habe seit 2 Tagen das Problem, dass ich im Google keine Links mehr öffnen kann. Ich kann zwar noch nach Suchbegriffen suchen (dauert ungewöhnlich lange), aber diese dann nicht mehr öffnen.
habe jetzt diese otl-datei wie in der anleitung beschrieben gemacht. hoff, ich hab alles richtig gemacht und ihr könnt mir helfen
vielen dank auf jeden fall schon mal im voraus!!!
lg, sabine


OTL.txt:
OTL logfile created on: 12.11.2011 15:29:54 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Sabine\Desktop
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

1,75 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 39,06% Memory free
3,74 Gb Paging File | 2,19 Gb Available in Paging File | 58,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,05 Gb Total Space | 62,67 Gb Free Space | 45,07% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,07 Gb Free Space | 11,93% Space Free | Partition Type: NTFS
Drive F: | 1020,00 Mb Total Space | 976,52 Mb Free Space | 95,74% Space Free | Partition Type: FAT32
Drive G: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SABINE-NOTEBOOK | User Name: Sabine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.12 15:27:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sabine\Desktop\OTL.exe
PRC - [2011.05.28 07:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2010.11.23 16:50:15 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe
PRC - [2010.09.16 12:22:39 | 009,319,792 | ---- | M] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) -- C:\Programme\bob internet\bobInternet.exe
PRC - [2008.10.31 20:12:10 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008.10.31 20:12:05 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008.08.04 00:02:20 | 000,036,352 | ---- | M] () -- C:\Programme\Winamp\winampa.exe
PRC - [2008.06.12 14:28:40 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008.06.02 18:57:40 | 000,238,984 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2008.06.02 18:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
PRC - [2008.05.30 17:36:20 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008.05.21 01:47:18 | 000,065,296 | ---- | M] (Bioscrypt Inc.) -- c:\Programme\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2008.05.15 23:11:12 | 001,176,824 | ---- | M] (AuthenTec, Inc.) -- c:\Programme\Fingerprint Sensor\AtService.exe
PRC - [2008.05.14 18:55:14 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2008.05.14 18:54:36 | 010,244,096 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe
PRC - [2008.03.31 22:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2008.03.21 22:58:46 | 000,292,120 | ---- | M] (Infineon Technologies AG) -- c:\Programme\Hewlett-Packard\Embedded Security Software\PSDrt.exe
PRC - [2008.03.21 22:54:56 | 000,210,200 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\IfxPsdSv.exe
PRC - [2008.01.21 03:25:56 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:56 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:24:16 | 000,117,248 | ---- | M] () -- \\?\C:\windows\System32\wbem\WMIADAP.EXE
PRC - [2008.01.21 03:23:59 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.21 03:23:55 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2008.01.16 17:56:50 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.01.16 17:56:50 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007.10.19 08:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007.05.16 00:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Programme\ActivIdentity\ActivClient\accoca.exe
PRC - [2007.05.16 00:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Programme\ActivIdentity\ActivClient\acevents.exe
PRC - [2007.05.16 00:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Programme\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007.01.19 12:55:00 | 005,674,352 | ---- | M] (Microsoft Corporation) -- C:\Programme\MSN Messenger\msnmsgr.exe
PRC - [2007.01.05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2011.06.29 18:37:59 | 011,800,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll
MOD - [2011.06.29 18:37:44 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
MOD - [2011.06.29 18:37:09 | 000,025,600 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
MOD - [2011.06.29 18:18:41 | 005,450,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2011.06.29 18:18:15 | 012,430,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2011.06.29 18:18:01 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2011.06.29 18:16:22 | 007,950,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2011.06.29 18:15:10 | 011,490,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.05.28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.08.20 15:14:19 | 001,316,864 | ---- | M] () -- C:\Programme\bob internet\Skins\bob\bob.dbskin
MOD - [2010.08.19 18:32:30 | 000,086,016 | ---- | M] () -- C:\Programme\bob internet\resetregistry.dll
MOD - [2008.08.04 00:02:20 | 000,036,352 | ---- | M] () -- C:\Programme\Winamp\winampa.exe
MOD - [2008.07.27 19:03:09 | 000,167,936 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll
MOD - [2008.07.27 19:03:08 | 000,434,176 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2008.07.27 19:03:08 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.06.30 11:26:21 | 001,679,360 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3063.14741__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l
MOD - [2008.06.30 11:26:21 | 000,688,128 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3063.14908__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008.06.30 11:26:21 | 000,364,544 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3063.14929__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008.06.30 11:26:21 | 000,253,952 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3063.14702__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.06.30 11:26:21 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3063.14754__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.06.30 11:26:21 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3063.14922__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.06.30 11:26:21 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3063.14889__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.06.30 11:26:21 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3063.14734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.06.30 11:26:21 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3063.14847__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l
MOD - [2008.06.30 11:26:21 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3063.14721__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll
MOD - [2008.06.30 11:26:20 | 000,483,328 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3063.14951__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.06.30 11:26:05 | 000,352,256 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3063.14897__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:05 | 000,147,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3063.14950__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard. dll
MOD - [2008.06.30 11:26:05 | 000,135,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3063.14957__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:05 | 000,090,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3063.14902__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.06.30 11:26:05 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3063.14714__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:05 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3063.14896__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.06.30 11:26:05 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3063.14949__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008.06.30 11:26:04 | 000,901,120 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3063.14923__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:04 | 000,802,816 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3063.14855__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:04 | 000,663,552 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3063.14891__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:04 | 000,585,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3063.14766__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll
MOD - [2008.06.30 11:26:04 | 000,479,232 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3063.14849__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:04 | 000,446,464 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3063.14842__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:04 | 000,438,272 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3063.14722__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll
MOD - [2008.06.30 11:26:04 | 000,401,408 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3063.14914__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.06.30 11:26:04 | 000,401,408 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3063.14883__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:04 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3063.14771__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008.06.30 11:26:04 | 000,217,088 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3063.14760__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.06.30 11:26:04 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3063.14869__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll
MOD - [2008.06.30 11:26:04 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3063.14854__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.06.30 11:26:04 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3063.14848__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.06.30 11:26:04 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3063.14771__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll
MOD - [2008.06.30 11:26:04 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3063.14854__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.06.30 11:26:04 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3063.14868__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll
MOD - [2008.06.30 11:26:04 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3063.14882__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.06.30 11:26:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.06.30 11:26:04 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.06.30 11:26:03 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.06.30 11:26:03 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.06.30 11:26:03 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.06.30 11:26:03 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.06.30 11:26:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.06.30 11:26:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.06.30 11:26:03 | 000,006,656 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.06.30 11:26:02 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.06.30 11:26:02 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.06.30 11:26:02 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.06.30 11:26:02 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.06.30 11:26:02 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.06.30 11:26:02 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.06.30 11:26:02 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l
MOD - [2008.06.30 11:26:02 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.06.30 11:26:02 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l
MOD - [2008.06.30 11:26:02 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.06.30 11:26:02 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.06.30 11:26:02 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.06.30 11:26:02 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l
MOD - [2008.06.30 11:26:02 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.06.30 11:26:02 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.06.30 11:25:57 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3063.14728__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.06.30 11:25:57 | 000,102,400 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3063.14943__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.06.30 11:25:57 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3063.14694__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.06.30 11:25:57 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3063.14941__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.06.30 11:25:57 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.06.30 11:25:57 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.06.30 11:25:57 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3063.14967__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.06.30 11:25:57 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.06.30 11:25:57 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.06.30 11:25:57 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.06.30 11:25:57 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008.06.30 11:25:57 | 000,006,656 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3063.14693__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.06.30 11:25:56 | 001,511,424 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3063.14709__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.06.30 11:25:56 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3063.14694__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.06.30 11:25:56 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3063.14692__90ba9c70f846762e\APM.Server.dll
MOD - [2008.06.30 11:25:56 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3063.14693__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.06.30 11:25:56 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.06.30 11:25:56 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3063.14942__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.06.30 11:25:56 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.06.30 11:25:56 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.06.30 11:25:56 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.05.21 10:38:12 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.02.04 21:29:02 | 000,688,128 | ---- | M] () -- c:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2008.01.16 17:51:00 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007.08.14 21:59:54 | 006,365,184 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtGui4.dll
MOD - [2007.07.12 21:55:52 | 000,131,072 | ---- | M] () -- C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007.07.12 21:55:28 | 001,581,056 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtCore4.dll


========== Win32 Services (SafeList) ==========

SRV - [2008.10.31 20:12:10 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008.10.31 20:12:05 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008.06.02 18:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008.05.30 17:36:20 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008.05.21 01:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008.05.21 01:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008.05.15 23:11:12 | 001,176,824 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- c:\Programme\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008.05.14 18:55:14 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Programme\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008.04.08 13:12:50 | 001,112,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008.03.21 22:54:56 | 000,210,200 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Windows\System32\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2008.01.21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 13:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.10.19 08:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007.05.16 00:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007.01.05 03:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2011.01.02 19:21:12 | 000,722,416 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.03.02 13:54:56 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010.03.02 13:54:56 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010.03.02 13:54:56 | 000,105,856 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010.02.22 09:06:42 | 000,009,216 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.12.07 19:53:18 | 000,103,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.05.27 16:03:35 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.05.27 16:03:31 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009.05.27 16:03:27 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2008.05.30 17:37:06 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008.05.30 17:37:02 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008.05.30 17:37:00 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008.05.30 17:36:58 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008.05.21 11:35:06 | 003,552,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.05.15 21:29:32 | 000,475,520 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008.04.28 10:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.04.14 22:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.04.10 17:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.04.07 19:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.04.07 19:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.21 22:54:26 | 000,039,712 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\windows\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2008.02.29 17:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.21 03:23:51 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007.11.08 19:03:26 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007.06.19 01:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=83&bd=all&pf=cmnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=83&bd=all&pf=cmnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=83&bd=all&pf=cmnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Sabine\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)



========== Chrome ==========

CHR - default_search_provider: ICQ Search ()
CHR - default_search_provider: search_url = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
CHR - default_search_provider: suggest_url =

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Programme\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CognizanceTS] c:\Programme\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Programme\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Programme\MSN Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NvCplDaemonTool] C:\Users\Sabine\qiload1B.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scanrdiskrm82.dll (Microsoft Corporation)
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-AT\local\search.html ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00DFC09C-0A6E-478A-A72A-C9A9C4F0F2DF}: NameServer = 194.48.139.254 194.48.124.200
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) -C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.16 16:43:21 | 000,000,421 | R--- | M] () - G:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - G:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{18c47f8c-4b45-11e0-b546-9d5649a75435}\Shell - "" = AutoRun
O33 - MountPoints2\{18c47f8c-4b45-11e0-b546-9d5649a75435}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{18c47f9e-4b45-11e0-b546-9d5649a75435}\Shell - "" = AutoRun
O33 - MountPoints2\{18c47f9e-4b45-11e0-b546-9d5649a75435}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{31a08a4c-809d-11e0-88eb-df70dc50563c}\Shell - "" = AutoRun
O33 - MountPoints2\{31a08a4c-809d-11e0-88eb-df70dc50563c}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{cf44e32e-4199-11df-afc9-902a72a6be30}\Shell - "" = AutoRun
O33 - MountPoints2\{cf44e32e-4199-11df-afc9-902a72a6be30}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{cf44e346-4199-11df-afc9-902a72a6be30}\Shell - "" = AutoRun
O33 - MountPoints2\{cf44e346-4199-11df-afc9-902a72a6be30}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\System32\rundll32.exe" "C:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.11.12 15:27:02 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Sabine\Desktop\OTL.exe
[2008.10.31 19:31:54 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2008.10.31 19:31:53 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll
[1 C:\Users\Sabine\Desktop\*.tmp files -> C:\Users\Sabine\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.11.12 15:41:32 | 000,000,897 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk
[2011.11.12 15:29:39 | 002,107,744 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011.11.12 15:29:39 | 001,073,222 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.11.12 15:29:39 | 000,617,076 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011.11.12 15:29:39 | 000,541,122 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011.11.12 15:27:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sabine\Desktop\OTL.exe
[2011.11.12 15:22:29 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.12 15:21:59 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.12 15:21:58 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.12 15:21:50 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.11.12 15:21:46 | 1875,763,200 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.12 15:20:36 | 000,001,660 | ---- | M] () -- C:\windows\bthservsdp.dat
[2011.11.12 15:19:50 | 000,000,190 | ---- | M] () -- C:\Users\Sabine\defogger_reenable
[2011.11.12 15:18:30 | 000,050,477 | ---- | M] () -- C:\Users\Sabine\Desktop\Defogger.exe
[2011.11.12 14:42:04 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.09 20:04:13 | 000,000,680 | ---- | M] () -- C:\Users\Sabine\AppData\Local\d3d9caps.dat
[2011.11.04 19:20:40 | 000,036,056 | ---- | M] () -- C:\Users\Sabine\Desktop\EVN - Zwischenabrechnung KdNr 11159762.pdf
[2011.11.01 18:46:48 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[1 C:\Users\Sabine\Desktop\*.tmp files -> C:\Users\Sabine\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.12 15:19:28 | 000,000,190 | ---- | C] () -- C:\Users\Sabine\defogger_reenable
[2011.11.12 15:18:24 | 000,050,477 | ---- | C] () -- C:\Users\Sabine\Desktop\Defogger.exe
[2011.11.12 14:55:17 | 000,000,897 | ---- | C] () -- C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk
[2011.11.04 19:20:37 | 000,036,056 | ---- | C] () -- C:\Users\Sabine\Desktop\EVN - Zwischenabrechnung KdNr 11159762.pdf
[2011.09.23 13:54:20 | 000,002,554 | ---- | C] () -- C:\windows\WAVEMIX.INI
[2011.06.19 17:55:12 | 000,095,664 | ---- | C] () -- C:\Users\Sabine\AppData\Roaming\mdbu.bin
[2011.05.23 06:20:02 | 000,000,000 | ---- | C] () -- C:\Users\Sabine\AppData\Local\{E052E979-EAFA-4938-926E-45F167AD4BE2}
[2011.05.21 08:32:31 | 000,000,000 | ---- | C] () -- C:\Users\Sabine\AppData\Local\{44146EC3-1C8A-4987-90A8-E245C9177B65}
[2010.07.19 12:14:11 | 000,284,160 | ---- | C] () -- C:\windows\unin0407.exe
[2010.06.08 14:19:24 | 000,692,224 | ---- | C] () -- C:\windows\System32\libeay32.dll
[2010.06.08 14:19:24 | 000,151,552 | ---- | C] () -- C:\windows\System32\ssleay32.dll
[2010.04.20 15:31:43 | 000,936,832 | ---- | C] () -- C:\windows\System32\M2ElevatedCalls.dll
[2010.01.19 20:48:00 | 000,000,680 | ---- | C] () -- C:\Users\Sabine\AppData\Local\d3d9caps.dat
[2009.07.28 09:59:53 | 000,012,949 | ---- | C] () -- C:\Users\Sabine\AppData\Roaming\Microsoft Excel 97-2003.CAL
[2008.11.04 20:15:49 | 000,028,160 | ---- | C] () -- C:\Users\Sabine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.01 10:39:44 | 000,000,145 | ---- | C] () -- C:\windows\System32\EBPPORT.DAT
[2008.11.01 10:21:46 | 000,000,094 | ---- | C] () -- C:\Users\Sabine\AppData\Local\fusioncache.dat
[2008.11.01 10:21:36 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2008.10.31 20:14:33 | 000,106,605 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2008.10.31 20:14:33 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.31 19:31:54 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2008.10.31 19:31:54 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2008.10.31 19:31:53 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2008.10.31 19:13:30 | 000,001,660 | ---- | C] () -- C:\windows\bthservsdp.dat
[2008.06.30 12:17:59 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008.06.30 12:17:59 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008.06.30 12:17:59 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008.06.30 12:17:59 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008.06.30 12:17:59 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008.06.30 12:17:59 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008.06.30 11:50:28 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008.06.30 11:01:15 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2008.05.30 17:36:58 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008.05.21 10:38:12 | 000,159,744 | ---- | C] () -- C:\windows\System32\atitmmxx.dll
[2008.05.21 10:09:24 | 003,107,788 | ---- | C] () -- C:\windows\System32\atiumdva.dat
[2008.04.15 21:22:46 | 000,290,748 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2008.04.15 21:22:45 | 002,107,744 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2008.04.15 21:22:45 | 000,617,076 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2008.04.15 21:22:45 | 000,036,916 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2008.03.06 11:40:54 | 000,168,883 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2008.03.04 20:02:00 | 000,090,112 | ---- | C] () -- C:\windows\System32\atibrtmon.exe
[2008.01.21 03:25:51 | 000,062,976 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2006.11.02 13:56:48 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006.11.02 13:47:43 | 000,418,288 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006.11.02 11:33:01 | 001,073,222 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,541,122 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006.03.09 10:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005.04.03 23:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll
[1998.05.07 04:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll

========== LOP Check ==========

[2011.07.18 18:28:58 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\HappyFoto
[2009.01.10 16:30:12 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\ICQ
[2008.10.31 19:25:17 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\Infineon
[2011.01.02 19:10:52 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\InterVideo
[2011.08.26 04:27:50 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\log
[2011.11.12 15:20:37 | 000,032,630 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2008.10.31 19:37:26 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.06.24 08:45:18 | 000,000,000 | ---D | M] -- C:\50549dacca8f23dae0
[2010.07.12 17:15:53 | 000,000,000 | ---D | M] -- C:\ANNO1602
[2008.04.16 10:47:43 | 000,000,000 | -HSD | M] -- C:\boot
[2006.11.02 14:02:24 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008.10.31 19:19:38 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.12.20 10:16:19 | 000,000,000 | ---D | M] -- C:\Games
[2008.06.30 11:48:41 | 000,000,000 | -H-D | M] -- C:\hp
[2009.02.01 18:44:04 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2008.01.21 03:33:10 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.06.30 19:16:14 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.06.19 17:19:00 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2008.10.31 19:19:38 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.09.24 11:56:50 | 000,000,000 | ---D | M] -- C:\SIMTOWER
[2011.08.26 04:29:13 | 000,000,000 | ---D | M] -- C:\Swsetup
[2011.11.12 15:37:19 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2008.10.31 19:35:19 | 000,000,000 | -H-D | M] -- C:\System.sav
[2011.06.30 19:19:12 | 000,000,000 | ---D | M] -- C:\UbiSoft
[2008.10.31 19:24:57 | 000,000,000 | R--D | M] -- C:\Users
[2011.06.20 18:48:19 | 000,000,000 | ---D | M] -- C:\VGigant
[2010.06.06 20:25:21 | 000,000,000 | ---D | M] -- C:\VWLUPO
[2011.10.29 08:28:08 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >


< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:50 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: REGEDIT.EXE >
[2008.01.21 03:25:18 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 03:25:18 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe

< MD5 for: USERINIT.EXE >
[2008.01.21 03:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WININIT.EXE >
[2008.01.21 03:24:09 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 03:24:09 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:25:17 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 03:25:17 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-11 13:19:42

========== Alternate Data Streams ==========

@Alternate Data Stream - 248 bytes -> C:\ProgramData\TEMP:BC359956
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:0E08FC17

< End of report >


Extras.txt

OTL Extras logfile created on: 12.11.2011 15:29:54 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Sabine\Desktop
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

1,75 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 39,06% Memory free
3,74 Gb Paging File | 2,19 Gb Available in Paging File | 58,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,05 Gb Total Space | 62,67 Gb Free Space | 45,07% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,07 Gb Free Space | 11,93% Space Free | Partition Type: NTFS
Drive F: | 1020,00 Mb Total Space | 976,52 Mb Free Space | 95,74% Space Free | Partition Type: FAT32
Drive G: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: SABINE-NOTEBOOK | User Name: Sabine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A9101D6-9198-453E-BDD0-0EDA6B516363}" = lport=445 | protocol=6 | dir=in | app=system |
"{12AC5AC6-7341-4F6E-8F26-C062158F7D9A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{14E0D639-77E5-4315-BB7D-74A1CC93C3BD}" = lport=16051 | protocol=6 | dir=in | name=aris70_name_private |
"{16D70E88-B0B3-448F-BAAE-576312A27C8D}" = lport=16056 | protocol=6 | dir=in | name=aris70_local_sybasev |
"{17A3F4C2-5B5A-4F69-B862-562868E2BEE1}" = lport=9124 | protocol=6 | dir=in | name=aris70_9124 |
"{1913E58D-4D3C-44BA-B362-D9B279AB8144}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A27B55B-FBAE-437D-A0A5-B0238CAA48F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{223ACED6-5ADE-4546-A7D4-C1FA6A98F65B}" = rport=445 | protocol=6 | dir=out | app=system |
"{2A0D73D0-8B6C-464D-BEED-57FAD5DBCEA6}" = lport=138 | protocol=17 | dir=in | app=system |
"{2BFFA8A8-ED05-4194-AEB6-1219D23B2DA8}" = lport=16052 | protocol=6 | dir=in | name=aris70_admin |
"{31ADB8E7-5533-4065-B9C6-132EC5F1D93F}" = lport=16054 | protocol=6 | dir=in | name=aris70_sybase |
"{336DF486-73EA-427A-B4D0-EE354BF22FA1}" = lport=137 | protocol=17 | dir=in | app=system |
"{44029861-2315-46C5-ABCA-D06A3AAD9251}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BAD92AC-D794-44CF-A92F-637D1662E5FF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5ACF1866-4AA0-4B90-8B24-94C42F6A654C}" = lport=16057 | protocol=6 | dir=in | name=aris70_local_private |
"{60100F34-F476-4DC5-90B8-9717092A56AB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{78CDFCE4-6459-4CD7-94FD-7A21DC90EED7}" = lport=16055 | protocol=6 | dir=in | name=aris70_local_public |
"{81C3F19D-C878-452D-9F07-26A4E4EDFA54}" = lport=16058 | protocol=6 | dir=in | name=aris70_local_admin |
"{8305FDB5-B5DA-41DE-A95F-7E6CC7B2E0D2}" = lport=139 | protocol=6 | dir=in | app=system |
"{87EA4BBB-7951-4EAE-A679-E760F4F3E8DB}" = lport=16059 | protocol=6 | dir=in | name=aris70_bp_service |
"{8CBE30D1-69B2-4A7D-B89A-883F2AD11F6F}" = lport=16053 | protocol=6 | dir=in | name=aris70_admin_agent |
"{8D7B1322-0BD6-4926-B189-F95D84B98A03}" = lport=16050 | protocol=6 | dir=in | name=aris70_name_public |
"{9228E6BA-5C03-432A-B60F-DA50F61304BA}" = rport=137 | protocol=17 | dir=out | app=system |
"{A19EDC40-BB1E-4A17-875D-51A9355B4D1B}" = lport=9125 | protocol=6 | dir=in | name=aris70_9125 |
"{A3E23614-58C0-4818-A3D1-B0419705C529}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B37BD1AD-0D63-47C0-84A5-237E4014E1FF}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BC87D352-44CD-4BA0-938F-7D61A8BCD2E1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{CCAD4863-EF7A-4767-9BF0-DCA8A00152F0}" = rport=138 | protocol=17 | dir=out | app=system |
"{D77F4295-F207-4994-A9D8-90345087D35E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E634EE05-8A0D-41CE-BF63-E289A486D9EB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EAAAE799-1E1F-41B0-96CB-26980E056BC0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F8305961-F638-4EA0-9B41-68F7F1F9DBF8}" = rport=139 | protocol=6 | dir=out | app=system |
"{FBD4E042-00DA-4E33-9A75-3490B1C5F5E4}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{080D8E5E-8CEA-4FF1-9ACC-E1CB6355D658}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{18797199-C1C1-49DA-A82F-43524FFA778C}" = protocol=17 | dir=in | app=c:\program files\aris7.0\javaclient\arisadm70.exe |
"{1B3AB01F-FB1B-45F3-88AF-57AA25881F62}" = protocol=17 | dir=in | app=c:\program files\aris7.0\localserver\asa9\win32\dbsrv9.exe |
"{204E59CB-E4B5-4902-BBDF-735B20AD05D4}" = protocol=17 | dir=in | app=c:\program files\aris7.0\javaclient\aris business architect 7.0.exe |
"{24CA7512-642D-4631-B0EE-5F410AD23CD4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3EB3AEBD-1D26-45CB-AE45-3CC82FB7E38C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4CFAA8FD-2EF8-4CD8-A80F-EDD096970536}" = protocol=17 | dir=in | app=c:\program files\aris7.0\reportserver.exe |
"{4F0438F3-1393-4EE0-B618-C2AF84C52C89}" = protocol=6 | dir=in | app=c:\program files\aris7.0\javaclient\aris symbol editor 7.0.exe |
"{565E596B-D0BC-4909-9EE3-D55E70C892B9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5B103368-574E-491A-B117-6A3CD82AD4E0}" = protocol=17 | dir=in | app=c:\program files\aris7.0\javaclient\aris converter 7.0.exe |
"{5DDC834D-5B36-4888-80FF-2A2954FD959F}" = protocol=17 | dir=in | app=c:\program files\aris7.0\localserver\jre\bin\java.exe |
"{60B9F905-5233-49CA-8F45-07E2EAA1629D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{61CA8528-1176-48C6-A874-9726934CC1B1}" = protocol=6 | dir=in | app=c:\program files\aris7.0\localserver\jre\bin\java.exe |
"{69F7AFD0-25EC-46B6-94E9-A50612318069}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{74911FE8-8EEB-4324-8ABF-883988D0FA22}" = protocol=17 | dir=in | app=c:\program files\aris7.0\reportserverlauncher.exe |
"{990CE8FD-4F5B-495C-AFAA-B5DD772ED975}" = protocol=6 | dir=in | app=c:\program files\aris7.0\localserver\asa9\win32\dbsrv9.exe |
"{9E7B2B2D-75C1-4E3A-8B2F-4A25A90BA472}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9F3B9567-6215-4E88-B568-3E186B56498A}" = protocol=6 | dir=in | app=c:\program files\aris7.0\reportserver.exe |
"{B2A0B895-C4B4-4BD2-A270-F4C9D0B12B19}" = protocol=17 | dir=in | app=c:\program files\aris7.0\javaclient\jre\bin\java.exe |
"{B4AE76C1-CBE6-4452-A896-3D25797B869D}" = protocol=6 | dir=in | app=c:\program files\aris7.0\localserver\jsl\simusrv.exe |
"{B9BB4F5C-5B64-4563-80D2-EB06F29C358C}" = protocol=17 | dir=in | app=c:\program files\aris7.0\arisserverw70.exe |
"{C536EA9D-341C-4D0E-BD4D-E42A8AE184B8}" = protocol=17 | dir=in | app=c:\program files\aris7.0\localserver\jsl\simusrv.exe |
"{C5B07298-DD56-4F92-BE2D-7DD1C277DD19}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C70EB837-FEF2-4C1D-B66D-60C9F58DAF89}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{C932F4DB-A0CB-4AF0-B5A7-DF19502E1F41}" = protocol=6 | dir=in | app=c:\program files\aris7.0\javaclient\aris business architect 7.0.exe |
"{CE3C7485-07B7-4DA7-96AF-97AE3727C336}" = protocol=6 | dir=in | app=c:\program files\aris7.0\javaclient\jre\bin\java.exe |
"{D12A84BA-D41F-455E-81F0-07010DBFEC45}" = protocol=6 | dir=in | app=c:\program files\aris7.0\reportserverlauncher.exe |
"{D89A6E45-B453-438E-92DE-80B42727E5D4}" = protocol=6 | dir=in | app=c:\program files\aris7.0\javaclient\aris converter 7.0.exe |
"{E41D89FB-4100-4CC4-9423-A370901094FE}" = protocol=6 | dir=in | app=c:\program files\aris7.0\javaclient\arisadm70.exe |
"{EFBEA68E-FBE2-491C-A232-3F376311CF0E}" = protocol=17 | dir=in | app=c:\program files\aris7.0\javaclient\aris symbol editor 7.0.exe |
"{F5F09BE8-9191-4C77-8ACE-8C2631E73DA2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F77874CF-78C8-4112-8B3F-6D9CC18E0F4A}" = protocol=6 | dir=in | app=c:\program files\aris7.0\arisserverw70.exe |
"TCP Query User{270725A4-EA0E-4D81-8C75-0B7556DE40CD}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{427E0E9C-E157-44F8-850A-09CC015E5386}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{7C381007-844E-495F-A53B-3FAF410A4E59}C:\anno1602\1602.exe" = protocol=6 | dir=in | app=c:\anno1602\1602.exe |
"TCP Query User{8330CE84-B00A-41D8-8542-4F0600D4AE40}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{968A46E5-E58B-4A42-8D6A-A659D70EADE7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{9B3052B8-9871-48A2-9036-698121BE25E3}C:\vwlupo\lupo.exe" = protocol=6 | dir=in | app=c:\vwlupo\lupo.exe |
"TCP Query User{BB156D25-164E-44D2-A086-9F358F02F304}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{D02FD0C0-FB1E-4888-A7AE-491AB4882ACC}C:\program files\soulseek\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseek\slsk.exe |
"TCP Query User{E6D64ABE-B085-41D2-8344-04CAF91B1CAD}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{F770C020-ADE8-4093-962B-14B124A39172}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{2B73E690-E065-4212-A66C-A1ECBCCA48F3}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{2C5130C0-929E-47EF-A72E-FFED2DEEF66F}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{430BB387-4E99-4E09-A731-8AAD74AC3D3F}C:\anno1602\1602.exe" = protocol=17 | dir=in | app=c:\anno1602\1602.exe |
"UDP Query User{57968795-602A-494A-AA4D-AAF44B448CCC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5F93C812-6A56-46A4-AF64-8DD3B79BA76E}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{6152B654-4C4F-4D77-A00C-09E7CB495DDB}C:\program files\soulseek\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseek\slsk.exe |
"UDP Query User{91806E53-D5D8-40A1-A26A-34B34EB1B8B9}C:\vwlupo\lupo.exe" = protocol=17 | dir=in | app=c:\vwlupo\lupo.exe |
"UDP Query User{B555C58C-E98C-48D9-96D6-7B7BD8CD0E8E}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{C41FF7CA-F9A8-4974-BF22-939A26258C6F}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{FE12C7DE-DFDE-4200-A2D8-282321A8D881}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07B22FB1-6A1E-41E7-8323-A9CA716026ED}" = bob internet
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{084D80A0-A897-F435-CE63-A3A7CDB46D9A}" = CCC Help Danish
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0E485D10-139A-21B6-471C-7856AF893F42}" = Catalyst Control Center Localization Spanish
"{0F98662A-EA83-414F-8766-3FCE46A32641}" = Credential Manager for HP ProtectTools
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{196A2093-817C-7237-9FB8-7223FF8D3424}" = Catalyst Control Center Localization Portuguese
"{19C6BC99-B7D0-E36A-3F72-24501D2FF8F0}" = Catalyst Control Center Localization Thai
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{207A8D54-51C9-48B6-80E6-CBA5403B3ED4}" = Vista Default Settings
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2462B5A9-CDE0-A51C-5646-6863B445B717}" = CCC Help Dutch
"{2472CC23-7C6E-F1A5-F439-B93CC198D0E2}" = Catalyst Control Center Graphics Light
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{27AB9B63-70B4-3444-7FE7-EAAF837286B6}" = Catalyst Control Center Localization Turkish
"{2B01122D-645A-7A29-5F98-025F3F920EEE}" = CCC Help Thai
"{2E8A56E1-8421-623F-7D27-5B0D64052D35}" = CCC Help Swedish
"{3032FE9D-1EF0-2B28-E28F-D14123A54091}" = CCC Help Norwegian
"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD
"{30BF4E6C-D866-46F7-A4F6-81A45E97706E}" = Catalyst Control Center - Branding
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{32D95F2D-17A3-9457-667D-DC603227295F}" = ATI Catalyst Install Manager
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{3FE45683-E0A6-8887-BA46-93846D76A571}" = Catalyst Control Center Localization Japanese
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{4B8CE04B-567D-A6D1-C8C3-55151585051A}" = Catalyst Control Center Localization Hungarian
"{4BBB1697-A0C0-C00D-CC3B-2A3D8D7ED8E1}" = CCC Help Czech
"{4BDBFEB0-784B-8FBB-E323-17F4B8C3450D}" = Catalyst Control Center Core Implementation
"{4C203E35-B5C7-4E35-9834-619668C0FFEE}" = HP 3D DriveGuard
"{4DEB1738-EE2D-9415-B1F3-99FE75519BB8}" = Catalyst Control Center Localization Norwegian
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5FEB063B-B9A0-7677-8D4B-5DE1397BBC7F}" = Catalyst Control Center Localization Swedish
"{6079977A-C216-0ED5-7E82-5E94A7683EB1}" = Catalyst Control Center Localization Chinese Traditional
"{609C59C0-2920-B88F-AC4E-8434CEEA093F}" = CCC Help Chinese Standard
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62A07DAC-EE36-7C2D-28D4-18A4B8F55EC9}" = Catalyst Control Center Localization Greek
"{63C8FE88-478F-4E14-ADD0-B55227CC3234}" = Personalize Your PC
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6716796A-DD6E-8B10-AF22-D30ECB25C682}" = CCC Help Portuguese
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6C0B7864-DC0E-4C9E-BF4A-23E4AD590A5B}" = ARIS_Client
"{6F854740-01D1-46A4-C809-D73B14F9FAA2}" = ccc-utility
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71EBA647-B48F-41DF-A928-6D088AC37E67}" = ARIS Platform 7.0
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78584C1B-8F7B-4B24-80D1-02B309F67AB3}" = Privacy Manager for HP ProtectTools
"{789C97CE-9E17-4126-BDF4-11FF458BF705}" = File Sanitizer For HP ProtectTools
"{7BE6A272-9078-5035-FB61-D2D1C15D1EA0}" = Catalyst Control Center Localization Russian
"{8253DB6F-C883-93A4-435F-9526DC07C17F}" = CCC Help Italian
"{8595812B-9104-4196-B629-FD298D819399}" = HP User Guides 0097
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8EC7AB5C-7128-B1CD-CA1D-74190D31313E}" = Catalyst Control Center Localization Chinese Standard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9320B364-EF7F-90E6-63F8-C58EEB9AE517}" = Catalyst Control Center Graphics Full New
"{959B8759-D31A-CE42-6BA1-A8F7812C040B}" = CCC Help Finnish
"{959BAC64-7722-EBD6-660E-C74ED44CA0D3}" = Catalyst Control Center Localization Danish
"{99A5C123-2741-45BA-276A-8BDA52303CAD}" = CCC Help German
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9CDB5063-D699-42BA-9135-7B8C4ECAC856}" = BIOS Configuration for HP ProtectTools
"{9DEE62F7-3C8A-A6E8-6D00-99BB99B0A19C}" = CCC Help French
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A3EB6C7C-F959-9258-3A35-2A6EDB9CA176}" = CCC Help Hungarian
"{A4B50564-9B8D-49DF-4A90-C6EC349A6538}" = Catalyst Control Center Localization Korean
"{A55C2FF6-4217-F05B-E603-0544CB9EBD93}" = Catalyst Control Center Localization French
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABE1ADEC-E87A-48F7-808B-18614054D7A0}" = Embedded Security for HP ProtectTools
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{B076BAB8-B78C-053A-FAC2-0A9CCD802E0A}" = CCC Help Korean
"{B1508FDD-AFC7-373B-8B96-6A6BEC48A9A8}" = Catalyst Control Center Localization Polish
"{B3B36E34-2E5A-20E8-AF99-A2D40E84CC6F}" = CCC Help Turkish
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B57BC333-F983-C25E-4C04-834548DF8607}" = Catalyst Control Center Localization Italian
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BECF6C08-ED85-7F05-E2CD-43A18DA0B3D7}" = CCC Help Spanish
"{BEEA5BCB-CCA1-6FBA-764C-625239FE0F50}" = CCC Help Polish
"{C09C13C7-B636-01CC-D5A1-A7411F858891}" = Catalyst Control Center Localization Czech
"{C19BD21C-AF1A-CBC1-3B73-938B37F6B0E6}" = CCC Help Chinese Traditional
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C9EF2D75-ECB0-602D-6700-977702AD7CCF}" = Catalyst Control Center Graphics Full Existing
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBC24502-5EB5-45B6-9E56-E6A2F6AFA367}" = HP JavaCard for HP ProtectTools
"{CC8128C5-EC9A-0167-65F5-305E78F1A535}" = CCC Help Russian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0FF1E97-85BA-C735-1D4C-636293B0E9F0}" = CCC Help Greek
"{D405A9E1-5D02-46FB-A2B3-796F1F218B32}" = HP ProtectTools Security Manager
"{D4C5185C-A8DF-8466-FE8A-1692E08ECBF7}" = Skins
"{D7FD9036-5EE1-A970-B981-BF46AF433380}" = Catalyst Control Center Localization German
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EF3C3C9A-C96B-051E-99D1-72D7CE823DA8}" = ccc-core-static
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F46CBAC2-20F4-98DA-D890-81F4DE2BF3BA}" = Catalyst Control Center Localization Finnish
"{F545FAC8-4D05-229A-E1A3-3DF671518DC3}" = CCC Help English
"{F657EF23-08BB-4C8D-B688-78C20FA657EA}" = Drive Encryption for HP ProtectTools
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{FECEF9D2-9D3D-449B-9EA4-CFA775C99461}" = AuthenTec Fingerprint System
"{FF165D48-1562-B757-E006-69197226E903}" = CCC Help Japanese
"{FFCA8569-F139-54BF-A9EF-092A3DFDFB4B}" = Catalyst Control Center Localization Dutch
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ANNO1602" = Anno 1602
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"AOL Toolbar" = AOL Toolbar 5.0
"bob internet" = bob internet
"Der VerkehrsGigant-Gold Edition" = Der VerkehrsGigant-Gold Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Google Chrome" = Google Chrome
"Hospital" = Theme Hospital
"HP QuickLook 2_is1" = HP QuickLook 2
"ICQToolbar" = ICQ Toolbar
"Invekos-GIS" = Invekos-GIS
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mplayer.com" = Mplayer.com
"Soulseek" = SoulSeek Client 156c
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UltraStar" = UltraStar 0.6.1
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.01 (32-Bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"sc09-ORF_MAIN" = ORF-Ski Challenge 2009

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12.11.2011 10:02:02 | Computer Name = Sabine-Notebook | Source = LoadPerf | ID = 3012
Description =

Error - 12.11.2011 10:02:02 | Computer Name = Sabine-Notebook | Source = LoadPerf | ID = 3011
Description =

Error - 12.11.2011 10:03:18 | Computer Name = Sabine-Notebook | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel
0x4de07b1b, fehlerhaftes Modul ntdll.dll, Version 6.0.6001.18538, Zeitstempel 0x4cb733dc,
Ausnahmecode 0xc0000374, Fehleroffset 0x000b0dbc, Prozess-ID 0xff0, Anwendungsstartzeit
01cca1438e4e5b57.

Error - 12.11.2011 10:16:57 | Computer Name = Sabine-Notebook | Source = LoadPerf | ID = 3012
Description =

Error - 12.11.2011 10:16:57 | Computer Name = Sabine-Notebook | Source = LoadPerf | ID = 3012
Description =

Error - 12.11.2011 10:16:57 | Computer Name = Sabine-Notebook | Source = LoadPerf | ID = 3011
Description =

Error - 12.11.2011 10:28:48 | Computer Name = Sabine-Notebook | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.31.0 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1440 Anfangszeit: 01cca14745f9da76 Zeitpunkt der Beendigung:
15

Error - 12.11.2011 10:29:36 | Computer Name = Sabine-Notebook | Source = LoadPerf | ID = 3012
Description =

Error - 12.11.2011 10:29:36 | Computer Name = Sabine-Notebook | Source = LoadPerf | ID = 3012
Description =

Error - 12.11.2011 10:29:36 | Computer Name = Sabine-Notebook | Source = LoadPerf | ID = 3011
Description =

[ Credential Manager Events ]
Error - 18.05.2011 15:09:08 | Computer Name = Sabine-Notebook | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Sabine@Sabine-Notebook Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost

Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP

Error - 18.05.2011 15:09:48 | Computer Name = Sabine-Notebook | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Sabine@Sabine-Notebook Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost

Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP

Error - 25.08.2011 14:41:39 | Computer Name = Sabine-Notebook | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Sabine@Sabine-Notebook Client-GUID: {F01A31F7-51E5-4754-A9E9-47628503D6E2} Fehler:
0xC5161001 Client-Host: localhost Client-Adresse: 127.0.0.1 Authentifizierungsstelle:
HP Server-Host: localhost Protokoll: HTTP

Error - 21.09.2011 13:37:39 | Computer Name = Sabine-Notebook | Source = AuthWiz | ID = 100796070
Description = The submitted user identity was rejected. Benutzer: Sabine@SABINE-NOTEBOOK
Fehler: (0xC516043A) Das System konnte den angeforderten Vorgang nicht ausführen.
Der Hauptschlüsselsatz des Authentifizierungsservers ist nicht ordnungsgemäß konfiguriert.

Bitte
wenden Sie sich an Ihren Systemadministrator.


[ System Events ]
Error - 12.11.2011 10:03:32 | Computer Name = Sabine-Notebook | Source = DCOM | ID = 10016
Description =

Error - 12.11.2011 10:09:15 | Computer Name = Sabine-Notebook | Source = HTTP | ID = 15016
Description =

Error - 12.11.2011 10:11:26 | Computer Name = Sabine-Notebook | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 12.11.2011 10:12:04 | Computer Name = Sabine-Notebook | Source = DCOM | ID = 10016
Description =

Error - 12.11.2011 10:13:33 | Computer Name = Sabine-Notebook | Source = DCOM | ID = 10016
Description =

Error - 12.11.2011 10:16:28 | Computer Name = Sabine-Notebook | Source = DCOM | ID = 10016
Description =

Error - 12.11.2011 10:21:55 | Computer Name = Sabine-Notebook | Source = HTTP | ID = 15016
Description =

Error - 12.11.2011 10:24:39 | Computer Name = Sabine-Notebook | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 12.11.2011 10:24:56 | Computer Name = Sabine-Notebook | Source = DCOM | ID = 10016
Description =

Error - 12.11.2011 10:26:22 | Computer Name = Sabine-Notebook | Source = DCOM | ID = 10016
Description =


< End of report >

Alt 12.11.2011, 16:09   #2
markusg
/// Malware-holic
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



hiho
achtung!
dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [NvCplDaemonTool] C:\Users\Sabine\qiload1B.dll (Microsoft Corporation)

:Files
C:\Users\Sabine\qiload1B.dll
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.

öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
folge dem link, und lade das archiv im upload channel hoch
http://www.trojaner-board.de/54791-a...ner-board.html
__________________

__________________

Alt 12.11.2011, 18:08   #3
sabi0520
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NvCplDaemonTool deleted successfully.
C:\Users\Sabine\qiload1B.dll moved successfully.
========== FILES ==========
File\Folder C:\Users\Sabine\qiload1B.dll not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Sabine
->Flash cache emptied: 456 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Sabine
->Temp folder emptied: 1083532 bytes
->Temporary Internet Files folder emptied: 353908720 bytes
->Java cache emptied: 45230653 bytes
->Google Chrome cache emptied: 6184450 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 424097819 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 976 bytes

Total Files Cleaned = 792,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11122011_184854

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...



lg, Sabine
__________________

Alt 12.11.2011, 18:12   #4
markusg
/// Malware-holic
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



weiter mit der anleitung bitte, der upload im upload channel fehlt noch :-)
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.11.2011, 18:30   #5
markusg
/// Malware-holic
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



danke.
bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.11.2011, 17:37   #6
sabi0520
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



hallo!
habe jetzt 2x versucht combofix auszführen, aber der pc ist mir jedes mal mittendrin abgestürzt. was kann ich jetzt tun?

lg, sabine

Alt 14.11.2011, 18:01   #7
markusg
/// Malware-holic
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



wie siehts im abgesicherten modus aus? bei pc start mit f8 zu erreichen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.11.2011, 19:12   #8
sabi0520
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



im abgesicht modus hats geklappt...

Combofix Logfile:
Code:
ATTFilter
ComboFix 11-11-14.02 - Sabine 14.11.2011  19:40:47.1.2 - x86 MINIMAL
Microsoft® Windows Vista™ Business   6.0.6001.1.1252.43.1031.18.1788.1328 [GMT 1:00]
ausgeführt von:: c:\users\Sabine\Desktop\cofi.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk
c:\users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scanrdiskrm82.dll
c:\windows\IsUn0407.exe
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-10-14 bis 2011-11-14  ))))))))))))))))))))))))))))))
.
.
2011-11-14 18:48 . 2011-11-14 18:52	--------	d-----w-	c:\users\Sabine\AppData\Local\temp
2011-11-12 17:27 . 2011-11-12 18:09	--------	d-----w-	C:\_OTL
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-14 18:50 . 2011-11-14 18:50	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D0AEC12-56E1-4DE3-84DB-8200EA0ECB72}\offreg.dll
2011-10-07 03:48 . 2011-11-12 17:21	6668624	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D0AEC12-56E1-4DE3-84DB-8200EA0ECB72}\mpengine.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"msnmsgr"="c:\progra~1\MSNMES~1\msnmsgr.exe" [2007-01-19 5674352]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-09-30 203928]
"NvCplDaemonTool"="c:\users\Sabine\qiload1B.dll" [2011-04-12 1273856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-06-02 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2008-04-21 1090840]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-14 10244096]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-01 136600]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-05-24 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
" Malwarebytes Anti-Malware  (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2008-6-30 197904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R0 fjrtt;fjrtt;c:\windows\System32\drivers\mctbt.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 136176]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-11-29 181760]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 136176]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 9216]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-02 722416]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2008-03-21 39712]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2008-05-15 1176824]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-14 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-04-07 24936]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2008-05-15 475520]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
Cognizance	REG_MULTI_SZ   	ASBroker ASChannel
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
bthsvcs	REG_MULTI_SZ   	BthServ
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 19:50]
.
2011-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 19:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.at/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=83&bd=all&pf=cmnb
IE: &AOL Toolbar-Suche - c:\programdata\AOL\ieToolbar\resources\de-AT\local\search.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Hospital - c:\windows\unin0407.exe
.
.
.
**************************************************************************
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(772)
c:\program files\Hewlett-Packard\IAM\bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
.
- - - - - - - > 'Explorer.exe'(3944)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WLANExt.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\windows\System32\lpksetup.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\agrsmsvc.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\ActivIdentity\ActivClient\acevents.exe
c:\windows\system32\ifxtcs.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\IfxPsdSv.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-14  20:00:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-11-14 19:00
.
Vor Suchlauf: Das System hat keinen Meldungstext für die Meldungsnummer 0x2379 in der Meldungsdatei Application gefunden.
Nach Suchlauf: 20 Verzeichnis(se), 74.325.053.440 Bytes frei
.
- - End Of File - - 6E23461774C8D71525095057B4F78573
         
--- --- ---


lg, Sabie

Alt 14.11.2011, 19:18   #9
markusg
/// Malware-holic
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



öffne mal bitte den arbeitsplatz c: rechtsklick qoobox, mit winrar zip oder nem anderen pack programm ein archiv erstellen und nach anleitung im upload channel hochladen.
http://www.trojaner-board.de/54791-a...ner-board.html
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.11.2011, 19:34   #10
sabi0520
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



funktioniert leider nicht.. bekomm die fehlermeldung "kann den inhalt von c:\qoobox\BackEnv\* nicht lesen"

Alt 14.11.2011, 19:43   #11
markusg
/// Malware-holic
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



nicht so schlimm, auf ok bzw schließen klicken und archiv sollte trotzdem erstellt werden
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.11.2011, 19:58   #12
sabi0520
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



hoffe, das passt jetzt so...

Alt 14.11.2011, 20:11   #13
markusg
/// Malware-holic
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



hatt geklappt, man dankt
http://www.trojaner-board.de/82358-t...entfernen.html
bitte mal ausführen, nichts löschen (skip) log posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.11.2011, 15:52   #14
sabi0520
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



16:49:15.0093 2176 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
16:49:16.0466 2176 ============================================================
16:49:16.0466 2176 Current date / time: 2011/11/15 16:49:16.0466
16:49:16.0466 2176 SystemInfo:
16:49:16.0466 2176
16:49:16.0466 2176 OS Version: 6.0.6001 ServicePack: 1.0
16:49:16.0466 2176 Product type: Workstation
16:49:16.0466 2176 ComputerName: SABINE-NOTEBOOK
16:49:16.0466 2176 UserName: Sabine
16:49:16.0466 2176 Windows directory: C:\windows
16:49:16.0466 2176 System windows directory: C:\windows
16:49:16.0466 2176 Processor architecture: Intel x86
16:49:16.0466 2176 Number of processors: 2
16:49:16.0481 2176 Page size: 0x1000
16:49:16.0481 2176 Boot type: Normal boot
16:49:16.0481 2176 ============================================================
16:49:18.0774 2176 Initialize success
16:49:22.0347 3748 ============================================================
16:49:22.0347 3748 Scan started
16:49:22.0347 3748 Mode: Manual;
16:49:22.0347 3748 ============================================================
16:49:25.0030 3748 Accelerometer (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys
16:49:25.0046 3748 Accelerometer - ok
16:49:25.0155 3748 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\windows\system32\drivers\acpi.sys
16:49:25.0155 3748 ACPI - ok
16:49:25.0389 3748 ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys
16:49:25.0404 3748 ADIHdAudAddService - ok
16:49:25.0529 3748 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
16:49:25.0529 3748 adp94xx - ok
16:49:25.0716 3748 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
16:49:25.0716 3748 adpahci - ok
16:49:25.0748 3748 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
16:49:25.0763 3748 adpu160m - ok
16:49:25.0794 3748 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
16:49:25.0794 3748 adpu320 - ok
16:49:25.0982 3748 AFD (48eb99503533c27ac6135648e5474457) C:\windows\system32\drivers\afd.sys
16:49:25.0982 3748 AFD - ok
16:49:26.0169 3748 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
16:49:26.0184 3748 AgereSoftModem - ok
16:49:26.0606 3748 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
16:49:26.0606 3748 agp440 - ok
16:49:27.0027 3748 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
16:49:27.0042 3748 aic78xx - ok
16:49:27.0183 3748 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
16:49:27.0183 3748 aliide - ok
16:49:27.0276 3748 amdagp (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
16:49:27.0292 3748 amdagp - ok
16:49:27.0386 3748 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
16:49:27.0386 3748 amdide - ok
16:49:27.0479 3748 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
16:49:27.0479 3748 AmdK7 - ok
16:49:27.0526 3748 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
16:49:27.0526 3748 AmdK8 - ok
16:49:27.0698 3748 arc (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
16:49:27.0698 3748 arc - ok
16:49:27.0838 3748 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
16:49:27.0838 3748 arcsas - ok
16:49:28.0041 3748 AsyncMac (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
16:49:28.0041 3748 AsyncMac - ok
16:49:28.0134 3748 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\windows\system32\drivers\atapi.sys
16:49:28.0134 3748 atapi - ok
16:49:28.0415 3748 atikmdag (5e4232783f05ebae72d22a91907a76f4) C:\windows\system32\DRIVERS\atikmdag.sys
16:49:28.0462 3748 atikmdag - ok
16:49:28.0524 3748 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\windows\system32\DRIVERS\AtiPcie.sys
16:49:28.0524 3748 AtiPcie - ok
16:49:28.0634 3748 ATSwpWDF (a9f9d1d24441889beb1aa2b917457e23) C:\windows\system32\Drivers\ATSwpWDF.sys
16:49:28.0634 3748 ATSwpWDF - ok
16:49:28.0727 3748 avgio (87828ecd657f81503465ac705e845076) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
16:49:28.0727 3748 avgio - ok
16:49:28.0774 3748 avgntflt (fcb30820bed1d3feb55e3dd55a3f947f) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
16:49:28.0774 3748 avgntflt - ok
16:49:28.0977 3748 avipbb (0b09df022250fb7ba91fb932eac6ea9b) C:\windows\system32\DRIVERS\avipbb.sys
16:49:28.0977 3748 avipbb - ok
16:49:29.0086 3748 b57nd60x (db76881f34e600fbb29bc3d7c854d056) C:\windows\system32\DRIVERS\b57nd60x.sys
16:49:29.0102 3748 b57nd60x - ok
16:49:29.0351 3748 BCM43XX (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys
16:49:29.0382 3748 BCM43XX - ok
16:49:29.0523 3748 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
16:49:29.0523 3748 Beep - ok
16:49:29.0632 3748 blbdrive (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
16:49:29.0632 3748 blbdrive - ok
16:49:29.0710 3748 bowser (8153396d5551276227fa146900f734e6) C:\windows\system32\DRIVERS\bowser.sys
16:49:29.0710 3748 bowser - ok
16:49:30.0209 3748 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
16:49:30.0209 3748 BrFiltLo - ok
16:49:30.0287 3748 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
16:49:30.0287 3748 BrFiltUp - ok
16:49:30.0396 3748 Brserid (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
16:49:30.0396 3748 Brserid - ok
16:49:30.0630 3748 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
16:49:30.0630 3748 BrSerWdm - ok
16:49:30.0911 3748 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
16:49:30.0927 3748 BrUsbMdm - ok
16:49:31.0005 3748 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
16:49:31.0005 3748 BrUsbSer - ok
16:49:31.0270 3748 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\windows\system32\DRIVERS\BthEnum.sys
16:49:31.0270 3748 BthEnum - ok
16:49:31.0410 3748 BTHMODEM (5ffa6988ff9597986ff2ada736cc90c0) C:\windows\system32\DRIVERS\bthmodem.sys
16:49:31.0410 3748 BTHMODEM - ok
16:49:31.0457 3748 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
16:49:31.0473 3748 BthPan - ok
16:49:31.0613 3748 BTHPORT (73d53f8e90550ba81e2cf44a0873b410) C:\windows\system32\Drivers\BTHport.sys
16:49:31.0613 3748 BTHPORT - ok
16:49:31.0644 3748 BTHUSB (32045a4bb143bbc5bab1298c4e9e309a) C:\windows\system32\Drivers\BTHUSB.sys
16:49:31.0644 3748 BTHUSB - ok
16:49:31.0738 3748 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys
16:49:31.0738 3748 btwaudio - ok
16:49:31.0894 3748 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys
16:49:31.0894 3748 btwavdt - ok
16:49:32.0019 3748 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys
16:49:32.0019 3748 btwrchid - ok
16:49:32.0362 3748 catchme - ok
16:49:32.0502 3748 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
16:49:32.0502 3748 cdfs - ok
16:49:32.0612 3748 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\windows\system32\DRIVERS\cdrom.sys
16:49:32.0612 3748 cdrom - ok
16:49:32.0705 3748 circlass (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
16:49:32.0705 3748 circlass - ok
16:49:32.0783 3748 CLFS (0703b9dee7eec6d6370edebd43d0f5c2) C:\windows\system32\CLFS.sys
16:49:32.0783 3748 CLFS - ok
16:49:32.0939 3748 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
16:49:32.0939 3748 CmBatt - ok
16:49:33.0002 3748 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
16:49:33.0002 3748 cmdide - ok
16:49:33.0111 3748 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
16:49:33.0111 3748 Compbatt - ok
16:49:33.0158 3748 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
16:49:33.0158 3748 crcdisk - ok
16:49:33.0236 3748 Crusoe (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
16:49:33.0236 3748 Crusoe - ok
16:49:33.0360 3748 CSC (9a5434125c3dfe42393de4bbb791bd19) C:\windows\system32\drivers\csc.sys
16:49:33.0376 3748 CSC - ok
16:49:33.0563 3748 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\windows\system32\Drivers\dfsc.sys
16:49:33.0579 3748 DfsC - ok
16:49:33.0735 3748 disk (64109e623abd6955c8fb110b592e68b7) C:\windows\system32\drivers\disk.sys
16:49:33.0735 3748 disk - ok
16:49:33.0860 3748 drmkaud (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
16:49:33.0860 3748 drmkaud - ok
16:49:33.0984 3748 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\windows\System32\drivers\dxgkrnl.sys
16:49:34.0000 3748 DXGKrnl - ok
16:49:34.0109 3748 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
16:49:34.0109 3748 E1G60 - ok
16:49:34.0187 3748 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\windows\system32\drivers\ecache.sys
16:49:34.0187 3748 Ecache - ok
16:49:34.0296 3748 elxstor (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
16:49:34.0296 3748 elxstor - ok
16:49:34.0421 3748 ErrDev (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
16:49:34.0421 3748 ErrDev - ok
16:49:34.0499 3748 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\windows\system32\drivers\exfat.sys
16:49:34.0515 3748 exfat - ok
16:49:34.0546 3748 fastfat (3c489390c2e2064563727752af8eab9e) C:\windows\system32\drivers\fastfat.sys
16:49:34.0546 3748 fastfat - ok
16:49:34.0593 3748 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
16:49:34.0593 3748 fdc - ok
16:49:34.0702 3748 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
16:49:34.0702 3748 FileInfo - ok
16:49:34.0780 3748 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
16:49:34.0780 3748 Filetrace - ok
16:49:34.0858 3748 fjrtt - ok
16:49:34.0905 3748 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
16:49:34.0905 3748 flpydisk - ok
16:49:35.0014 3748 FltMgr (05ea53afe985443011e36dab07343b46) C:\windows\system32\drivers\fltmgr.sys
16:49:35.0014 3748 FltMgr - ok
16:49:35.0139 3748 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
16:49:35.0154 3748 Fs_Rec - ok
16:49:35.0232 3748 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
16:49:35.0232 3748 gagp30kx - ok
16:49:35.0591 3748 HBtnKey (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
16:49:35.0591 3748 HBtnKey - ok
16:49:35.0732 3748 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
16:49:35.0732 3748 HdAudAddService - ok
16:49:35.0778 3748 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\windows\system32\DRIVERS\HDAudBus.sys
16:49:35.0778 3748 HDAudBus - ok
16:49:35.0825 3748 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
16:49:35.0825 3748 HidBth - ok
16:49:35.0903 3748 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
16:49:35.0903 3748 HidIr - ok
16:49:36.0012 3748 HidUsb (854ca287ab7faf949617a788306d967e) C:\windows\system32\DRIVERS\hidusb.sys
16:49:36.0012 3748 HidUsb - ok
16:49:36.0122 3748 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
16:49:36.0122 3748 HpCISSs - ok
16:49:36.0293 3748 hpdskflt (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys
16:49:36.0293 3748 hpdskflt - ok
16:49:36.0402 3748 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
16:49:36.0402 3748 HpqKbFiltr - ok
16:49:36.0543 3748 HTTP (96e241624c71211a79c84f50a8e71cab) C:\windows\system32\drivers\HTTP.sys
16:49:36.0543 3748 HTTP - ok
16:49:36.0636 3748 hwdatacard (1fc7a63148e4f2bd831dab0dc732026d) C:\windows\system32\DRIVERS\ewusbmdm.sys
16:49:36.0636 3748 hwdatacard - ok
16:49:36.0699 3748 i2omp (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
16:49:36.0714 3748 i2omp - ok
16:49:36.0824 3748 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
16:49:36.0839 3748 i8042prt - ok
16:49:36.0933 3748 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
16:49:36.0933 3748 iaStorV - ok
16:49:37.0026 3748 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
16:49:37.0026 3748 iirsp - ok
16:49:37.0151 3748 intelide (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
16:49:37.0151 3748 intelide - ok
16:49:37.0245 3748 intelppm (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
16:49:37.0245 3748 intelppm - ok
16:49:37.0323 3748 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
16:49:37.0338 3748 IpFilterDriver - ok
16:49:37.0526 3748 IpInIp - ok
16:49:37.0604 3748 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
16:49:37.0604 3748 IPMIDRV - ok
16:49:37.0666 3748 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
16:49:37.0666 3748 IPNAT - ok
16:49:37.0744 3748 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
16:49:37.0760 3748 IRENUM - ok
16:49:37.0791 3748 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
16:49:37.0806 3748 isapnp - ok
16:49:37.0838 3748 iScsiPrt (f247eec28317f6c739c16de420097301) C:\windows\system32\DRIVERS\msiscsi.sys
16:49:37.0853 3748 iScsiPrt - ok
16:49:37.0884 3748 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
16:49:37.0900 3748 iteatapi - ok
16:49:38.0009 3748 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
16:49:38.0009 3748 iteraid - ok
16:49:38.0118 3748 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
16:49:38.0134 3748 kbdclass - ok
16:49:38.0196 3748 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\windows\system32\DRIVERS\kbdhid.sys
16:49:38.0196 3748 kbdhid - ok
16:49:38.0290 3748 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\windows\system32\Drivers\ksecdd.sys
16:49:38.0290 3748 KSecDD - ok
16:49:38.0384 3748 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
16:49:38.0384 3748 lltdio - ok
16:49:38.0524 3748 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
16:49:38.0524 3748 LSI_FC - ok
16:49:38.0602 3748 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
16:49:38.0602 3748 LSI_SAS - ok
16:49:38.0664 3748 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
16:49:38.0664 3748 LSI_SCSI - ok
16:49:38.0789 3748 luafv (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
16:49:38.0789 3748 luafv - ok
16:49:38.0914 3748 massfilter (0b058116d3d4ecca7ded38f16e0581b2) C:\windows\system32\drivers\massfilter.sys
16:49:38.0914 3748 massfilter - ok
16:49:39.0242 3748 megasas (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
16:49:39.0242 3748 megasas - ok
16:49:39.0507 3748 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
16:49:39.0507 3748 MegaSR - ok
16:49:39.0667 3748 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
16:49:39.0698 3748 Modem - ok
16:49:39.0820 3748 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
16:49:39.0835 3748 monitor - ok
16:49:39.0882 3748 mouclass (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
16:49:39.0884 3748 mouclass - ok
16:49:40.0014 3748 mouhid (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
16:49:40.0017 3748 mouhid - ok
16:49:40.0085 3748 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
16:49:40.0085 3748 MountMgr - ok
16:49:40.0131 3748 mpio (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
16:49:40.0131 3748 mpio - ok
16:49:40.0194 3748 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
16:49:40.0194 3748 mpsdrv - ok
16:49:40.0287 3748 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
16:49:40.0287 3748 Mraid35x - ok
16:49:40.0771 3748 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\windows\system32\drivers\mrxdav.sys
16:49:40.0771 3748 MRxDAV - ok
16:49:40.0958 3748 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\windows\system32\DRIVERS\mrxsmb.sys
16:49:40.0974 3748 mrxsmb - ok
16:49:41.0099 3748 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\windows\system32\DRIVERS\mrxsmb10.sys
16:49:41.0099 3748 mrxsmb10 - ok
16:49:41.0192 3748 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\windows\system32\DRIVERS\mrxsmb20.sys
16:49:41.0208 3748 mrxsmb20 - ok
16:49:41.0333 3748 msahci (f70590424eefbf5c27a40c67afdb8383) C:\windows\system32\DRIVERS\msahci.sys
16:49:41.0333 3748 msahci - ok
16:49:41.0379 3748 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
16:49:41.0379 3748 msdsm - ok
16:49:41.0520 3748 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
16:49:41.0520 3748 Msfs - ok
16:49:41.0598 3748 msisadrv (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
16:49:41.0598 3748 msisadrv - ok
16:49:41.0723 3748 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
16:49:41.0723 3748 MSKSSRV - ok
16:49:41.0801 3748 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
16:49:41.0801 3748 MSPCLOCK - ok
16:49:41.0941 3748 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
16:49:41.0957 3748 MSPQM - ok
16:49:42.0035 3748 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\windows\system32\drivers\MsRPC.sys
16:49:42.0035 3748 MsRPC - ok
16:49:42.0081 3748 mssmbios (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
16:49:42.0081 3748 mssmbios - ok
16:49:42.0206 3748 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
16:49:42.0206 3748 MSTEE - ok
16:49:42.0378 3748 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\windows\system32\Drivers\mup.sys
16:49:42.0378 3748 Mup - ok
16:49:42.0503 3748 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\windows\system32\DRIVERS\nwifi.sys
16:49:42.0518 3748 NativeWifiP - ok
16:49:42.0659 3748 NDIS (c8560010a542b5dca94c62468dc20784) C:\windows\system32\drivers\ndis.sys
16:49:42.0674 3748 NDIS - ok
16:49:42.0752 3748 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS\ndistapi.sys
16:49:42.0752 3748 NdisTapi - ok
16:49:42.0783 3748 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS\ndisuio.sys
16:49:42.0783 3748 Ndisuio - ok
16:49:42.0846 3748 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\windows\system32\DRIVERS\ndiswan.sys
16:49:42.0846 3748 NdisWan - ok
16:49:42.0893 3748 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
16:49:42.0893 3748 NDProxy - ok
16:49:42.0971 3748 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS\netbios.sys
16:49:42.0971 3748 NetBIOS - ok
16:49:43.0033 3748 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\windows\system32\DRIVERS\netbt.sys
16:49:43.0033 3748 netbt - ok
16:49:43.0111 3748 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers\nfrd960.sys
16:49:43.0111 3748 nfrd960 - ok
16:49:43.0158 3748 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\windows\system32\drivers\Npfs.sys
16:49:43.0158 3748 Npfs - ok
16:49:43.0251 3748 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers\nsiproxy.sys
16:49:43.0251 3748 nsiproxy - ok
16:49:43.0376 3748 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\windows\system32\drivers\Ntfs.sys
16:49:43.0392 3748 Ntfs - ok
16:49:43.0485 3748 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers\ntrigdigi.sys
16:49:43.0501 3748 ntrigdigi - ok
16:49:43.0563 3748 Null (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
16:49:43.0563 3748 Null - ok
16:49:43.0657 3748 nvraid (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers\nvraid.sys
16:49:43.0657 3748 nvraid - ok
16:49:43.0719 3748 nvstor (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers\nvstor.sys
16:49:43.0719 3748 nvstor - ok
16:49:43.0829 3748 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers\nv_agp.sys
16:49:43.0844 3748 nv_agp - ok
16:49:43.0891 3748 NwlnkFlt - ok
16:49:43.0938 3748 NwlnkFwd - ok
16:49:44.0063 3748 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\windows\system32\DRIVERS\ohci1394.sys
16:49:44.0063 3748 ohci1394 - ok
16:49:44.0527 3748 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\windows\system32\DRIVERS\parport.sys
16:49:44.0527 3748 Parport - ok
16:49:44.0808 3748 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\windows\system32\drivers\partmgr.sys
16:49:44.0808 3748 partmgr - ok
16:49:45.0120 3748 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\windows\system32\DRIVERS\parvdm.sys
16:49:45.0135 3748 Parvdm - ok
16:49:45.0291 3748 pci (01b94418deb235dff777cc80076354b4) C:\windows\system32\drivers\pci.sys
16:49:45.0291 3748 pci - ok
16:49:45.0478 3748 pciide (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\drivers\pciide.sys
16:49:45.0478 3748 pciide - ok
16:49:45.0556 3748 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys
16:49:45.0572 3748 pcmcia - ok
16:49:46.0009 3748 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
16:49:46.0009 3748 PEAUTH - ok
16:49:46.0305 3748 PersonalSecureDrive (91f90ac06d40a9bada14047c02e6c592) C:\windows\System32\drivers\psd.sys
16:49:46.0305 3748 PersonalSecureDrive - ok
16:49:46.0570 3748 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERS\raspptp.sys
16:49:46.0570 3748 PptpMiniport - ok
16:49:46.0617 3748 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\DRIVERS\processr.sys
16:49:46.0633 3748 Processor - ok
16:49:46.0680 3748 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\windows\system32\DRIVERS\pacer.sys
16:49:46.0680 3748 PSched - ok
16:49:46.0773 3748 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\windows\system32\Drivers\PxHelp20.sys
16:49:46.0773 3748 PxHelp20 - ok
16:49:46.0898 3748 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
16:49:46.0914 3748 ql2300 - ok
16:49:46.0992 3748 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
16:49:46.0992 3748 ql40xx - ok
16:49:47.0054 3748 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
16:49:47.0054 3748 QWAVEdrv - ok
16:49:47.0085 3748 RasAcd (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERS\rasacd.sys
16:49:47.0085 3748 RasAcd - ok
16:49:47.0163 3748 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERS\rasl2tp.sys
16:49:47.0179 3748 Rasl2tp - ok
16:49:47.0272 3748 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\windows\system32\DRIVERS\raspppoe.sys
16:49:47.0272 3748 RasPppoe - ok
16:49:47.0382 3748 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\windows\system32\DRIVERS\rassstp.sys
16:49:47.0382 3748 RasSstp - ok
16:49:47.0694 3748 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\windows\system32\DRIVERS\rdbss.sys
16:49:47.0694 3748 rdbss - ok
16:49:47.0756 3748 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
16:49:47.0756 3748 RDPCDD - ok
16:49:47.0896 3748 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\windows\system32\DRIVERS\rdpdr.sys
16:49:47.0912 3748 rdpdr - ok
16:49:48.0068 3748 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\drivers\rdpencdd.sys
16:49:48.0068 3748 RDPENCDD - ok
16:49:48.0130 3748 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\windows\system32\drivers\RDPWD.sys
16:49:48.0130 3748 RDPWD - ok
16:49:48.0240 3748 RFCOMM (34cc78c06587718c2ad6d3aa83b1f072) C:\windows\system32\DRIVERS\rfcomm.sys
16:49:48.0240 3748 RFCOMM - ok
16:49:48.0396 3748 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERS\rspndr.sys
16:49:48.0396 3748 rspndr - ok
16:49:48.0474 3748 RsvLock (07b7213ba5d87f19bc9f1dd3dd2619f2) C:\windows\system32\drivers\RsvLock.sys
16:49:48.0474 3748 RsvLock - ok
16:49:48.0505 3748 SafeBoot (fbd8bfd3faf7691f1f1053270af176d6) C:\windows\system32\drivers\SafeBoot.sys
16:49:48.0505 3748 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: fbd8bfd3faf7691f1f1053270af176d6
16:49:48.0505 3748 SafeBoot ( LockedFile.Multi.Generic ) - warning
16:49:48.0505 3748 SafeBoot - detected LockedFile.Multi.Generic (1)
16:49:48.0598 3748 SbAlg (7852168088eb0022a37d0217788ab639) C:\windows\system32\drivers\SbAlg.sys
16:49:48.0598 3748 SbAlg - ok
16:49:48.0661 3748 SbFsLock (f80c0ce3d911b35d6ffe0bd8af608ce6) C:\windows\system32\drivers\SbFsLock.sys
16:49:48.0661 3748 SbFsLock - ok
16:49:48.0739 3748 sbp2port (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
16:49:48.0739 3748 sbp2port - ok
16:49:48.0801 3748 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
16:49:48.0801 3748 secdrv - ok
16:49:48.0895 3748 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\windows\system32\DRIVERS\serenum.sys
16:49:48.0895 3748 Serenum - ok
16:49:49.0051 3748 Serial (6d663022db3e7058907784ae14b69898) C:\windows\system32\DRIVERS\serial.sys
16:49:49.0051 3748 Serial - ok
16:49:49.0191 3748 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
16:49:49.0191 3748 sermouse - ok
16:49:49.0378 3748 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
16:49:49.0394 3748 sffdisk - ok
16:49:49.0566 3748 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
16:49:49.0566 3748 sffp_mmc - ok
16:49:49.0675 3748 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
16:49:49.0675 3748 sffp_sd - ok
16:49:49.0753 3748 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
16:49:49.0753 3748 sfloppy - ok
16:49:49.0878 3748 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
16:49:49.0878 3748 sisagp - ok
16:49:49.0956 3748 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
16:49:49.0956 3748 SiSRaid2 - ok
16:49:49.0987 3748 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
16:49:49.0987 3748 SiSRaid4 - ok
16:49:50.0096 3748 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\windows\system32\DRIVERS\smb.sys
16:49:50.0096 3748 Smb - ok
16:49:50.0361 3748 SNP2UVC (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys
16:49:50.0376 3748 SNP2UVC - ok
16:49:50.0497 3748 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
16:49:50.0499 3748 spldr - ok
16:49:50.0738 3748 sptd (a80cd850d69d996c832bea37e3a6aa1e) C:\windows\system32\Drivers\sptd.sys
16:49:50.0738 3748 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: a80cd850d69d996c832bea37e3a6aa1e
16:49:50.0738 3748 sptd ( LockedFile.Multi.Generic ) - warning
16:49:50.0738 3748 sptd - detected LockedFile.Multi.Generic (1)
16:49:50.0894 3748 srv (2252aef839b1093d16761189f45af885) C:\windows\system32\DRIVERS\srv.sys
16:49:50.0894 3748 srv - ok
16:49:51.0004 3748 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\windows\system32\DRIVERS\srv2.sys
16:49:51.0004 3748 srv2 - ok
16:49:51.0534 3748 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\windows\system32\DRIVERS\srvnet.sys
16:49:51.0534 3748 srvnet - ok
16:49:51.0659 3748 ssmdrv (71d609c5dff067906d930bde031c4cfe) C:\windows\system32\DRIVERS\ssmdrv.sys
16:49:51.0659 3748 ssmdrv - ok
16:49:51.0830 3748 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
16:49:51.0830 3748 swenum - ok
16:49:51.0971 3748 Symc8xx (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
16:49:51.0971 3748 Symc8xx - ok
16:49:52.0033 3748 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
16:49:52.0033 3748 Sym_hi - ok
16:49:52.0080 3748 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
16:49:52.0080 3748 Sym_u3 - ok
16:49:52.0298 3748 SynTP (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
16:49:52.0314 3748 SynTP - ok
16:49:52.0532 3748 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\windows\system32\drivers\tcpip.sys
16:49:52.0532 3748 Tcpip - ok
16:49:52.0657 3748 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\windows\system32\DRIVERS\tcpip.sys
16:49:52.0657 3748 Tcpip6 - ok
16:49:52.0766 3748 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\windows\system32\drivers\tcpipreg.sys
16:49:52.0766 3748 tcpipreg - ok
16:49:52.0860 3748 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers\tdpipe.sys
16:49:52.0876 3748 TDPIPE - ok
16:49:52.0954 3748 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers\tdtcp.sys
16:49:52.0954 3748 TDTCP - ok
16:49:53.0094 3748 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\windows\system32\DRIVERS\tdx.sys
16:49:53.0094 3748 tdx - ok
16:49:53.0219 3748 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\windows\system32\DRIVERS\termdd.sys
16:49:53.0219 3748 TermDD - ok
16:49:53.0344 3748 TPM (cb258c2f726f1be73c507022be33ebb3) C:\windows\system32\drivers\tpm.sys
16:49:53.0344 3748 TPM - ok
16:49:53.0484 3748 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS\tssecsrv.sys
16:49:53.0484 3748 tssecsrv - ok
16:49:53.0609 3748 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS\tunmp.sys
16:49:53.0609 3748 tunmp - ok
16:49:53.0749 3748 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\windows\system32\DRIVERS\tunnel.sys
16:49:53.0749 3748 tunnel - ok
16:49:53.0843 3748 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
16:49:53.0843 3748 uagp35 - ok
16:49:54.0014 3748 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\windows\system32\DRIVERS\udfs.sys
16:49:54.0014 3748 udfs - ok
16:49:54.0108 3748 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
16:49:54.0108 3748 uliagpkx - ok
16:49:54.0233 3748 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
16:49:54.0233 3748 uliahci - ok
16:49:54.0326 3748 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
16:49:54.0326 3748 UlSata - ok
16:49:54.0436 3748 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
16:49:54.0451 3748 ulsata2 - ok
16:49:54.0514 3748 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
16:49:54.0514 3748 umbus - ok
16:49:54.0950 3748 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
16:49:54.0950 3748 usbccgp - ok
16:49:55.0044 3748 usbcir (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
16:49:55.0044 3748 usbcir - ok
16:49:55.0153 3748 usbehci (cebe90821810e76320155beba722fcf9) C:\windows\system32\DRIVERS\usbehci.sys
16:49:55.0153 3748 usbehci - ok
16:49:55.0200 3748 usbhub (cc6b28e4ce39951357963119ce47b143) C:\windows\system32\DRIVERS\usbhub.sys
16:49:55.0200 3748 usbhub - ok
16:49:55.0278 3748 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
16:49:55.0278 3748 usbohci - ok
16:49:55.0496 3748 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
16:49:55.0496 3748 usbprint - ok
16:49:55.0590 3748 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\windows\system32\DRIVERS\USBSTOR.SYS
16:49:55.0590 3748 USBSTOR - ok
16:49:55.0684 3748 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
16:49:55.0684 3748 usbuhci - ok
16:49:55.0793 3748 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys
16:49:55.0808 3748 usbvideo - ok
16:49:55.0902 3748 vga (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
16:49:55.0902 3748 vga - ok
16:49:55.0980 3748 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
16:49:55.0980 3748 VgaSave - ok
16:49:56.0042 3748 viaagp (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
16:49:56.0042 3748 viaagp - ok
16:49:56.0495 3748 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
16:49:56.0510 3748 ViaC7 - ok
16:49:56.0822 3748 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
16:49:56.0822 3748 viaide - ok
16:49:56.0994 3748 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
16:49:56.0994 3748 volmgr - ok
16:49:57.0072 3748 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\windows\system32\drivers\volmgrx.sys
16:49:57.0072 3748 volmgrx - ok
16:49:57.0306 3748 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\windows\system32\drivers\volsnap.sys
16:49:57.0306 3748 volsnap - ok
16:49:57.0446 3748 vsmraid (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
16:49:57.0446 3748 vsmraid - ok
16:49:57.0524 3748 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
16:49:57.0540 3748 WacomPen - ok
16:49:57.0618 3748 Wanarp (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
16:49:57.0618 3748 Wanarp - ok
16:49:57.0634 3748 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
16:49:57.0634 3748 Wanarpv6 - ok
16:49:57.0774 3748 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
16:49:57.0774 3748 Wd - ok
16:49:57.0852 3748 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
16:49:57.0852 3748 Wdf01000 - ok
16:49:57.0977 3748 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
16:49:57.0977 3748 WmiAcpi - ok
16:49:58.0102 3748 WpdUsb (0cec23084b51b8288099eb710224e955) C:\windows\system32\DRIVERS\wpdusb.sys
16:49:58.0102 3748 WpdUsb - ok
16:49:58.0242 3748 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
16:49:58.0242 3748 ws2ifsl - ok
16:49:58.0398 3748 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
16:49:58.0414 3748 WUDFRd - ok
16:49:58.0554 3748 ZTEusbmdm6k (d1d32a7fb32603f922f233f86a019c9f) C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys
16:49:58.0554 3748 ZTEusbmdm6k - ok
16:49:58.0601 3748 ZTEusbnmea (d1d32a7fb32603f922f233f86a019c9f) C:\windows\system32\DRIVERS\ZTEusbnmea.sys
16:49:58.0616 3748 ZTEusbnmea - ok
16:49:58.0726 3748 ZTEusbser6k (d1d32a7fb32603f922f233f86a019c9f) C:\windows\system32\DRIVERS\ZTEusbser6k.sys
16:49:58.0726 3748 ZTEusbser6k - ok
16:49:58.0819 3748 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:49:58.0835 3748 \Device\Harddisk0\DR0 - ok
16:49:58.0835 3748 Boot (0x1200) (e06ce281df9368d01d079c4532520910) \Device\Harddisk0\DR0\Partition0
16:49:58.0835 3748 \Device\Harddisk0\DR0\Partition0 - ok
16:49:58.0882 3748 Boot (0x1200) (1c972325936f2e5c1e07616c49066a87) \Device\Harddisk0\DR0\Partition1
16:49:58.0882 3748 \Device\Harddisk0\DR0\Partition1 - ok
16:49:58.0897 3748 Boot (0x1200) (4aa5e94b01fe139b0228a83af7bf7431) \Device\Harddisk0\DR0\Partition2
16:49:58.0897 3748 \Device\Harddisk0\DR0\Partition2 - ok
16:49:58.0897 3748 ============================================================
16:49:58.0897 3748 Scan finished
16:49:58.0897 3748 ============================================================
16:49:58.0928 2812 Detected object count: 2
16:49:58.0928 2812 Actual detected object count: 2
16:51:25.0707 2812 SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
16:51:25.0707 2812 SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip
16:51:25.0722 2812 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:51:25.0722 2812 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

Alt 15.11.2011, 16:03   #15
markusg
/// Malware-holic
 
Google Links funktionieren nicht mehr - Standard

Google Links funktionieren nicht mehr



wie siehts mit google aus?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Google Links funktionieren nicht mehr
32 bit, 32-bit, adobe, alternate, antivir, autorun, avira, bho, browser, c:\windows\system32\rundll32.exe, converter, defender, error, excel, excel.exe, explorer, failed, format, google, google earth, helper, install.exe, launch, logfile, microsoft office word, ntdll.dll, office 2007, otl-datei, problem, rundll, scan, security, security update, software, svchost.exe, temp, udp, version=1.0, vista



Ähnliche Themen: Google Links funktionieren nicht mehr


  1. Google Chrome und Firefox funktionieren nach Anwendung von Malwarebytes nicht mehr
    Log-Analyse und Auswertung - 03.09.2014 (12)
  2. Google.de, Youtube und JDownloader nicht mehr erreichbar/funktionieren nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 30.11.2013 (1)
  3. Google Chrome und alle anderen Browser funktionieren nicht mehr!
    Plagegeister aller Art und deren Bekämpfung - 11.07.2013 (15)
  4. Google-Links funktionieren nicht mehr, AviraAntivir und MalwareBytes scannen nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (11)
  5. Google links funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 25.02.2011 (14)
  6. Alle Web-Browser funktionieren nicht mehr (Internet Explorer, Google Chrome etc.) auser Firefox
    Plagegeister aller Art und deren Bekämpfung - 07.11.2010 (1)
  7. Java-Problem ? Lesezeichen und Links funktionieren nicht mehr .
    Plagegeister aller Art und deren Bekämpfung - 18.07.2010 (0)
  8. Links werden umgeleitet, AV Webseiten und Programme funktionieren nicht mehr, Homepage gehackt
    Plagegeister aller Art und deren Bekämpfung - 13.07.2010 (12)
  9. Browser - Google Links funktionieren nicht, andere Seiten öffnen sich
    Log-Analyse und Auswertung - 04.03.2010 (27)
  10. Brauche Hilfe bei TR/Dropper.gen + windowsclick (google links funktionieren nicht)
    Plagegeister aller Art und deren Bekämpfung - 17.02.2010 (21)
  11. Google links funktionieren nicht mehr
    Log-Analyse und Auswertung - 14.05.2009 (15)
  12. Google Links öffnen nicht mehr richtig
    Plagegeister aller Art und deren Bekämpfung - 26.04.2009 (20)
  13. Google links funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 15.03.2009 (9)
  14. Google Links funktionieren nicht
    Log-Analyse und Auswertung - 31.01.2009 (1)
  15. Google Links funktionieren nicht mehr!
    Log-Analyse und Auswertung - 24.11.2008 (27)
  16. Google Links und leider mehr - einige Seiten nicht aufrufbar
    Plagegeister aller Art und deren Bekämpfung - 03.10.2008 (13)
  17. Google und einige andere Seiten funktionieren nach Trojaner-Befall nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 07.06.2008 (28)

Zum Thema Google Links funktionieren nicht mehr - Hallo!! Ich habe seit 2 Tagen das Problem, dass ich im Google keine Links mehr öffnen kann. Ich kann zwar noch nach Suchbegriffen suchen (dauert ungewöhnlich lange), aber diese dann - Google Links funktionieren nicht mehr...
Archiv
Du betrachtest: Google Links funktionieren nicht mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.