Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.03.2012, 07:49   #1
Rolnicke
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



Hallo alle zusammen,

ich hatte vor kurzem ein problem mit einem Virus. Den habe erfolgreich 'bekämpfen' könnnen, zumindest dachte ich das. Seit einigen Tagen ist das Symbol des Sicherheitscenter nicht mehr in der Taskleiste zu sehen. Das Sicherheitscenter ist ausgeschaltet.
Wenn ich es einschalten möchte kommt die Nachricht: "Der Sicherheitscenterdienst kann nicht gestartet werden." Auch die Windows Firewall funktioniert nicht bzw. da steht: "Windows-Firewall verwendet nicht die empfohlenen Einstellungen zum Schutz dieses Computer." Ich kann die Einstellungen aber auch nicht aktualisieren. Es folgt wieder eine Fehlermeldung: Die Aktualisierung kann nicht durchgeführt werden.

Kann mir jemand bei dem Problem helfen?

Gruß Rolnicke

Alt 27.03.2012, 11:39   #2
markusg
/// Malware-holic
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



hi.
1. was für ne malware wurde womit gelöscht? logs posten bitte.
2.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 27.03.2012, 13:53   #3
Rolnicke
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



OTL.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 27.03.2012 13:53:18 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\Roland\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,47 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 46,25% Memory free
5,16 Gb Paging File | 3,75 Gb Available in Paging File | 72,74% Paging File free
Paging file location(s): c:\pagefile.sys 2825 2825 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 89,28 Gb Free Space | 61,98% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 33,69 Gb Free Space | 23,98% Space Free | Partition Type: NTFS
 
Computer Name: ROLAND-PC | User Name: Roland | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.03.27 13:40:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Roland\Desktop\OTL.exe
PRC - [2012.03.23 20:51:18 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.01.31 09:56:34 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.31 09:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.12.18 21:08:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2011.12.18 21:04:24 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2011.11.03 16:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2011.10.28 19:35:26 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011.10.28 19:35:26 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011.10.28 19:35:26 | 001,101,960 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\AWSC.exe
PRC - [2009.02.20 18:45:51 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Roland\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009.01.07 21:46:56 | 001,468,296 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.09 13:48:21 | 003,833,640 | ---- | M] () -- C:\Programme\Acer\Acer Bio Protection\PwdBank.exe
PRC - [2008.10.09 13:48:17 | 003,438,592 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Programme\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2008.10.09 13:48:09 | 003,521,024 | ---- | M] () -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe
PRC - [2008.10.09 13:48:01 | 003,673,600 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe
PRC - [2008.08.19 12:26:34 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.08.01 10:51:42 | 000,405,504 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.07.29 18:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.07.29 18:52:50 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.06.30 17:56:32 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2008.06.17 06:23:24 | 000,817,672 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\QtZgAcer.EXE
PRC - [2008.06.02 10:25:40 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.05.30 13:24:30 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008.03.25 15:25:06 | 000,050,952 | ---- | M] (UPEK Inc.) -- C:\Programme\Common Files\SPBA\upeksvr.exe
PRC - [2008.03.18 06:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.01.21 04:23:32 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Mail\WinMail.exe
PRC - [2007.12.06 17:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2007.04.03 16:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2006.10.27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.03.26 20:28:22 | 000,005,624 | ---- | M] () -- C:\Users\Roland\AppData\Roaming\BAcroIEHelpe092.dll
MOD - [2012.03.25 23:06:32 | 000,173,464 | ---- | M] () -- C:\Users\Roland\AppData\Roaming\11003\components\AcroFF.dll
MOD - [2012.03.23 20:51:17 | 001,969,080 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.03.17 18:53:01 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll
MOD - [2012.03.17 18:52:07 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll
MOD - [2012.03.17 18:51:36 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
MOD - [2012.03.17 18:51:21 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
MOD - [2012.03.17 18:51:16 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2012.03.17 18:50:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2012.03.17 18:50:35 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2012.03.17 18:50:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll
MOD - [2012.03.17 18:49:59 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2012.03.17 18:49:41 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.05.17 20:41:54 | 006,271,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010.11.21 16:54:34 | 000,094,208 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2008.11.02 20:44:29 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2008.11.02 20:44:28 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll
MOD - [2008.11.02 20:44:28 | 000,009,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2008.10.09 13:48:21 | 003,833,640 | ---- | M] () -- C:\Programme\Acer\Acer Bio Protection\PwdBank.exe
MOD - [2008.10.09 13:35:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3163.29521__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.10.09 13:35:30 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3163.29525__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.10.09 13:35:30 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3163.29636__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.10.09 13:35:30 | 000,266,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3163.29501__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.10.09 13:35:30 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3163.29527__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.10.09 13:35:30 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3163.29612__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.10.09 13:35:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3163.29591__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.10.09 13:35:30 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3163.29575__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.10.09 13:35:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3163.29512__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.10.09 13:35:15 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3163.29637__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.10.09 13:35:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3163.29509__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.10.09 13:35:14 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Dashboard\2.0.3163.29584__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Dashboard.dll
MOD - [2008.10.09 13:35:14 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3163.29597__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.10.09 13:35:13 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3163.29571__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008.10.09 13:35:13 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3163.29513__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.10.09 13:35:13 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3163.29590__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008.10.09 13:35:13 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3163.29532__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008.10.09 13:35:13 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3163.29527__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.10.09 13:35:13 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Dashboard\2.0.3163.29579__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Dashboard.dll
MOD - [2008.10.09 13:35:13 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3163.29575__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.10.09 13:35:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Runtime\2.0.3163.29583__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Runtime.dll
MOD - [2008.10.09 13:35:13 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3163.29590__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.10.09 13:35:12 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3163.29576__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.10.09 13:35:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3163.29576__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.10.09 13:35:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3119.30063__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.10.09 13:35:12 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3119.30065__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.10.09 13:35:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3119.30127__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.10.09 13:35:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3119.30092__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.10.09 13:35:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3119.30081__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.10.09 13:35:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3119.30117__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.10.09 13:35:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3119.30171__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.10.09 13:35:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008.10.09 13:35:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3119.30104__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2008.10.09 13:35:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3119.30177__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.10.09 13:35:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3119.30120__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.10.09 13:35:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3119.30176__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.10.09 13:35:12 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.10.09 13:35:11 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3119.30149__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3119.30067__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.10.09 13:35:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3119.30096__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3119.30148__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3119.30144__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.10.09 13:35:11 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3119.30169__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3119.30118__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3119.30232__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.10.09 13:35:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3119.30130__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU2.Graphics.Shared\2.0.3119.30145__90ba9c70f846762e\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiVPU.Graphics.Shared\2.0.3119.30143__90ba9c70f846762e\CLI.Aspect.MultiVPU.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3119.30100__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3119.30089__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3119.30082__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3119.30130__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3119.30128__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.10.09 13:35:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.10.09 13:35:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3119.30094__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3119.30139__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.10.09 13:35:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3119.30129__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.10.09 13:35:10 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3119.30144__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.10.09 13:35:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3119.30148__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.10.09 13:35:10 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3119.30122__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.10.09 13:35:10 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.10.09 13:35:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3119.30119__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.10.09 13:35:10 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3119.30093__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.10.09 13:35:03 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3163.29498_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll
MOD - [2008.10.09 13:35:02 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3163.29648__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.10.09 13:35:02 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3163.29656__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2008.10.09 13:35:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3163.29495__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.10.09 13:35:01 | 000,999,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3163.29506__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.10.09 13:35:01 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3163.29517__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.10.09 13:35:01 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3163.29629__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.10.09 13:35:01 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3163.29628__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.10.09 13:35:01 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3163.29498__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2008.10.09 13:35:01 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3163.29497__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.10.09 13:35:01 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3119.30123__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.10.09 13:35:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3119.30076__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.10.09 13:35:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3119.30101__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.10.09 13:35:01 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3119.30085__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.10.09 13:35:01 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3163.29629__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.09 13:35:01 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3119.30121__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.10.09 13:35:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3119.30121__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.10.09 13:35:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3119.30113__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.10.09 13:35:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3119.30150__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.10.09 13:35:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3119.30074__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008.10.09 13:35:01 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2008.10.09 13:35:01 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2008.10.09 13:35:00 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3163.29497__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.10.09 13:35:00 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3163.29496__90ba9c70f846762e\APM.Server.dll
MOD - [2008.10.09 13:35:00 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3163.29495__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.10.09 13:35:00 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.07.29 18:52:38 | 000,227,888 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008.07.27 20:03:08 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2008.07.27 19:58:25 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.07.22 16:13:08 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.06.30 17:56:32 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2008.04.28 10:49:20 | 000,003,072 | ---- | M] () -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PGPwded.dll -- (RR2IOMod)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndistapi.dll -- (nvata)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vstor2.dll -- (mcsysmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smartscaps.dll -- (GT891x)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SiSRaid.dll -- (giveio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fontcache3.0.0.0.dll -- (EL2000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mmc_2K.dll -- (dlbt_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qkbfiltr.dll -- (citrixwmiservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\npkcmsvc.dll -- (AVRec)
SRV - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.12.18 21:08:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011.11.03 16:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2011.10.28 19:35:26 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2008.10.09 13:48:09 | 003,521,024 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008.07.29 18:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.06.02 10:25:40 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.03.18 06:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.12.06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007.04.03 16:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006.10.26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.01.31 09:56:33 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.01.31 09:56:33 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.11.03 16:44:20 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011.10.28 19:35:28 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2011.10.28 19:35:26 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.05.07 17:51:26 | 000,451,160 | ---- | M] (Check Point Software Technologies LTD) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.12.20 02:08:28 | 000,030,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2008.10.09 13:48:04 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008.07.28 09:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.07.22 16:58:00 | 003,885,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.07.22 13:58:00 | 000,047,616 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008.07.18 03:09:00 | 000,148,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.05.28 17:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008.05.28 08:47:08 | 000,171,016 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.04.28 03:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.03.21 06:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.09.21 03:11:02 | 000,028,432 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.09.21 03:10:46 | 000,036,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.09.21 03:10:40 | 000,035,088 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007.04.03 16:17:08 | 000,306,295 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007.03.28 08:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007.01.31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2007.01.26 08:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2007.01.18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.08.18 11:10:24 | 000,061,504 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\K320bus.sys -- (K320bus) Sony Ericsson K320 driver (WDM)
DRV - [2005.09.06 16:11:50 | 000,202,496 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2005.09.06 16:11:38 | 000,005,376 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
IE - HKCU\..\SearchScopes\{B60C5DD6-A368-4069-9332-D8A78EA2A8B7}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.tageschau.de/"
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.9
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.97
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.startup.homepage: "hxxp://www.tagesschau.de/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012.03.26 19:52:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.23 20:51:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.25 23:05:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Roland\AppData\Roaming\11003 [2012.03.25 23:06:33 | 000,000,000 | ---D | M]
 
[2009.02.20 19:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roland\AppData\Roaming\mozilla\Extensions
[2009.02.20 19:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roland\AppData\Roaming\mozilla\Firefox\Profiles\sfwd8mr6.default\extensions
[2012.03.26 19:47:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roland\AppData\Roaming\mozilla\Firefox\Profiles\vi9fpy5h.default\extensions
[2012.01.27 08:30:37 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Roland\AppData\Roaming\mozilla\Firefox\Profiles\vi9fpy5h.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011.01.10 19:19:49 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Roland\AppData\Roaming\mozilla\Firefox\Profiles\vi9fpy5h.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2012.03.26 19:47:10 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\Roland\AppData\Roaming\mozilla\Firefox\Profiles\vi9fpy5h.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}
[2010.11.29 22:53:04 | 000,002,354 | ---- | M] () -- C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\vi9fpy5h.default\searchplugins\ecosia.xml
[2011.01.15 15:26:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.02.21 00:07:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.03.23 20:51:20 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.23 20:51:10 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.23 20:51:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.23 20:51:10 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.23 20:51:10 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.23 20:51:10 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.23 20:51:10 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [ISW]  File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [Userinit] C:\Users\Roland\AppData\Roaming\appconf32.exe ()
O4 - Startup: C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech-Produktregistrierung.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2B96208-60D4-4835-BF64-4E80FC012D6E}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Programme\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Roland\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Roland\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1dc5dcb0-d48c-11df-ab74-001e68fd442e}\Shell - "" = AutoRun
O33 - MountPoints2\{1dc5dcb0-d48c-11df-ab74-001e68fd442e}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: citrixwmiservice - %systemroot%\system32\qkbfiltr.dll File not found
NetSvcs: mcsysmon - %systemroot%\system32\vstor2.dll File not found
NetSvcs: dlbt_device - %systemroot%\system32\mmc_2K.dll File not found
NetSvcs: nvata - %systemroot%\system32\ndistapi.dll File not found
NetSvcs: giveio - %systemroot%\system32\SiSRaid.dll File not found
NetSvcs: AVRec - %systemroot%\system32\npkcmsvc.dll File not found
NetSvcs: EL2000 - %systemroot%\system32\fontcache3.0.0.0.dll File not found
NetSvcs: RR2IOMod - %systemroot%\system32\PGPwded.dll File not found
NetSvcs: GT891x - %systemroot%\system32\smartscaps.dll File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Programme\Microsoft Office\Office\OSA9.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: EA Core - hkey= - key= -  File not found
MsConfig - StartUpReg: RGSC - hkey= - key= -  File not found
MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SweetIM - hkey= - key= -  File not found
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.27 13:40:23 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Roland\Desktop\OTL.exe
[2012.03.26 20:29:52 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012.03.26 20:05:21 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2012.03.26 20:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2012.03.26 20:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012.03.26 20:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012.03.26 19:49:31 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Roaming\UAs
[2012.03.26 07:57:43 | 000,000,000 | ---D | C] -- C:\Users\Roland\Documents\ForceField Shared Files
[2012.03.26 07:57:17 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Roaming\CheckPoint
[2012.03.26 07:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012.03.26 07:54:30 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Local\Conduit
[2012.03.26 07:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm-Sicherheit
[2012.03.26 07:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012.03.26 07:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2012.03.26 07:43:26 | 000,000,000 | ---D | C] -- C:\211378fa17191c3307a2
[2012.03.26 07:42:12 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012.03.26 07:42:12 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012.03.25 23:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2012.03.25 23:06:33 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Roaming\11003
[2012.03.25 23:06:18 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Roaming\xmldm
[2012.03.25 23:06:18 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Roaming\kock
[2012.03.23 22:22:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2012.03.23 22:21:01 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012.03.17 18:40:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012.03.17 16:18:04 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2012.03.17 16:18:03 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2012.03.17 16:18:01 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2012.03.17 16:18:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2012.03.17 16:18:01 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2012.03.17 16:18:01 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2012.03.17 16:18:00 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2012.03.17 16:18:00 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012.03.17 16:18:00 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2012.03.17 16:17:59 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2012.03.17 16:17:59 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012.03.17 16:17:59 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2012.03.17 16:17:59 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2012.03.17 16:17:58 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2012.03.17 16:17:58 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012.03.17 16:17:58 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2012.03.17 16:17:57 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2012.03.17 16:17:57 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2012.03.17 16:17:56 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012.03.17 16:17:56 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012.03.17 16:17:56 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012.03.17 16:17:56 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012.03.17 16:17:56 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012.03.17 16:10:10 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012.03.17 16:10:00 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012.03.17 16:09:58 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012.03.17 15:37:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2012.03.17 15:36:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2012.03.17 15:36:49 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2012.03.17 15:36:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2012.03.17 15:36:48 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2012.03.17 15:36:48 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2012.03.17 15:36:44 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2012.03.17 15:36:44 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2012.03.17 15:36:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2012.03.17 15:36:44 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2012.03.17 15:36:44 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2012.03.17 15:36:33 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2012.03.17 15:36:33 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2012.03.17 15:36:33 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2012.03.17 15:36:32 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2012.03.17 15:36:32 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2012.03.17 15:33:31 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012.03.17 15:33:30 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012.03.17 15:33:22 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012.03.17 15:33:21 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.03.17 15:33:14 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012.03.17 15:33:13 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012.03.17 15:33:00 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012.03.17 15:32:55 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012.03.17 15:32:34 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012.03.17 15:31:31 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.03.17 15:31:28 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.03.17 15:31:26 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.03.17 15:31:26 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.03.17 15:31:25 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.03.17 15:31:25 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.03.17 15:31:24 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.03.17 15:31:24 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.03.17 15:31:24 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.03.17 15:31:23 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2012.03.17 15:31:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.03.17 15:31:22 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.03.17 15:31:14 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012.03.17 15:31:13 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012.03.17 15:31:13 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012.03.17 15:31:13 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012.03.17 15:31:12 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012.03.17 15:31:12 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012.03.17 15:31:11 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012.03.17 15:31:11 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012.03.17 15:31:11 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012.03.17 15:30:57 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012.03.17 15:30:56 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012.03.17 15:30:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012.03.17 15:30:56 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012.03.17 15:30:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012.03.17 15:30:56 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012.03.17 15:30:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2012.03.17 15:30:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012.03.17 15:30:38 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012.03.17 15:30:20 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012.03.17 15:30:19 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2012.03.17 15:30:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2012.03.17 15:30:18 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2012.03.17 15:30:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2012.03.17 15:30:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2012.03.17 15:30:18 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2012.03.17 15:28:39 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012.03.17 15:28:38 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2012.03.17 15:28:38 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2012.03.17 15:28:28 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.03.17 15:28:28 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.03.17 15:28:16 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2012.03.17 15:27:38 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012.03.17 15:26:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012.03.17 15:26:31 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2012.03.17 15:26:20 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012.03.17 15:26:20 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012.03.17 15:26:19 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012.03.17 15:26:10 | 002,042,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.03.17 15:26:06 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012.03.17 15:26:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2012.03.17 15:25:53 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012.03.17 15:25:53 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012.03.17 15:25:42 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.03.17 15:25:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012.03.17 15:25:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.03.17 15:25:42 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2012.03.17 15:25:36 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012.03.17 15:25:33 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012.03.17 15:25:25 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012.03.17 15:25:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2012.03.17 15:25:12 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012.03.17 15:24:49 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.03.17 15:24:34 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012.03.17 15:24:20 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012.03.17 15:24:20 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012.03.17 15:24:19 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012.03.17 15:24:19 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2012.03.17 15:24:13 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012.03.17 15:24:11 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012.03.17 15:24:04 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012.03.17 15:24:02 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.03.17 15:23:53 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012.03.17 15:23:44 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012.03.17 15:23:40 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.03.17 15:23:40 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012.03.17 14:58:06 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2012.03.17 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Roaming\Avira
[2012.03.17 14:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.03.17 14:12:58 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.03.17 14:12:56 | 000,137,416 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.03.17 14:12:56 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.03.17 14:12:55 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.03.17 14:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.03.17 14:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.03.16 21:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.03.16 21:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012.03.16 17:46:43 | 000,000,000 | ---D | C] -- C:\Users\Roland\Desktop\fdbg
[2012.03.16 17:46:20 | 000,000,000 | ---D | C] -- C:\Users\Roland\Desktop\Neuer Ordner
[2012.03.15 15:21:37 | 000,000,000 | ---D | C] -- C:\Users\Roland\Desktop\Roland Stick1
[2012.02.26 18:15:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Roland\AppData\Roaming\*.tmp files -> C:\Users\Roland\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.27 13:40:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Roland\Desktop\OTL.exe
[2012.03.27 13:36:14 | 000,000,016 | ---- | M] () -- C:\Users\Roland\AppData\Roaming\blckdom.res
[2012.03.27 13:35:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.27 12:20:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.27 12:20:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.27 08:28:34 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.03.27 08:28:34 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.03.27 08:28:34 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.03.27 08:28:34 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.03.27 08:20:43 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012.03.26 20:29:52 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2012.03.26 20:29:50 | 000,016,432 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2012.03.26 20:28:22 | 000,296,440 | ---- | M] () -- C:\Users\Roland\AppData\Roaming\AcroIEHelpe092.dll
[2012.03.26 20:28:22 | 000,005,624 | ---- | M] () -- C:\Users\Roland\AppData\Roaming\BAcroIEHelpe092.dll
[2012.03.26 20:05:25 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2012.03.26 19:45:02 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5ACE0C72-AE56-4E35-9A15-8A031D81A3BB}.job
[2012.03.26 08:08:46 | 000,415,859 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012.03.25 14:45:22 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_trash_log.cmd
[2012.03.25 14:41:26 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.03.17 18:45:14 | 000,381,552 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.17 14:13:17 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.03.16 17:58:28 | 000,046,080 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Roland\AppData\Roaming\*.tmp files -> C:\Users\Roland\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.26 20:38:56 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2012.03.26 20:28:22 | 000,296,440 | ---- | C] () -- C:\Users\Roland\AppData\Roaming\AcroIEHelpe092.dll
[2012.03.26 20:28:22 | 000,005,624 | ---- | C] () -- C:\Users\Roland\AppData\Roaming\BAcroIEHelpe092.dll
[2012.03.26 20:05:25 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2012.03.26 07:57:53 | 000,415,859 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012.03.25 23:06:26 | 000,000,016 | ---- | C] () -- C:\Users\Roland\AppData\Roaming\blckdom.res
[2012.03.25 14:36:46 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_trash_log.cmd
[2012.03.17 16:18:04 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012.03.17 16:18:03 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.03.17 16:17:59 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012.03.17 15:36:35 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2012.03.17 15:36:35 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2012.03.17 15:36:35 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2012.03.17 15:28:40 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012.03.17 14:13:17 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.10.21 16:17:00 | 000,000,115 | ---- | C] () -- C:\Windows\wininit.ini
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2009.03.24 18:57:23 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2009.10.13 18:31:48 | 000,000,000 | ---D | M] -- C:\03a39d7f4ca6a79891fca5c3
[2012.03.26 07:43:32 | 000,000,000 | ---D | M] -- C:\211378fa17191c3307a2
[2009.02.21 19:42:22 | 000,000,000 | ---D | M] -- C:\ACER
[2009.02.20 18:42:52 | 000,000,000 | ---D | M] -- C:\ACERSW
[2010.09.17 20:09:57 | 000,000,000 | RH-D | M] -- C:\AHCache
[2008.11.02 21:38:39 | 000,000,000 | ---D | M] -- C:\book
[2008.11.03 04:43:40 | 000,000,000 | -HSD | M] -- C:\Boot
[2008.10.09 13:46:29 | 000,000,000 | ---D | M] -- C:\CLSetup
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.02.20 18:34:28 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.10.06 20:53:20 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2008.01.21 04:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.03.26 21:03:49 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.03.26 20:05:05 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.02.20 18:34:28 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.03.17 01:57:59 | 000,000,000 | -H-D | M] -- C:\Recycle.Bin
[2012.03.27 14:01:24 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2008.06.11 07:55:48 | 000,000,000 | ---D | M] -- C:\TEMP
[2009.03.24 18:56:42 | 000,000,000 | R--D | M] -- C:\Users
[2012.03.26 08:02:13 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2008.05.28 08:47:08 | 000,171,016 | R--- | M] (AMD Technologies Inc.) MD5=9879FF9F6A04D660BC245788E1881B00 -- C:\ACER\Preload\Autorun\DRV\AMD VGA Chip RS780MN M82ME-XT M86ME\Packages\Drivers\SBDrv\SB7xx\RAID\LH\ahcix86s.sys
[2008.05.28 08:47:08 | 000,171,016 | ---- | M] (AMD Technologies Inc.) MD5=9879FF9F6A04D660BC245788E1881B00 -- C:\Windows\System32\drivers\ahcix86s.sys
[2008.05.28 08:47:08 | 000,171,016 | ---- | M] (AMD Technologies Inc.) MD5=9879FF9F6A04D660BC245788E1881B00 -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_37966648\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.22 06:59:12 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=76D70915EB81608DC6ACA87887FAB38F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22120_none_ddac250d3ab7a648\atapi.sys
[2008.02.22 07:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_3d9c5057\atapi.sys
[2008.02.22 07:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18023_none_dd25892021975283\atapi.sys
[2008.03.12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
[2008.07.22 16:13:22 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
[2008.01.21 04:24:05 | 000,564,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msftedit.dll
 
< %USERPROFILE%\*.* >
[2012.03.27 14:35:22 | 003,407,872 | -HS- | M] () -- C:\Users\Roland\ntuser.dat
[2012.03.27 14:35:22 | 000,262,144 | -H-- | M] () -- C:\Users\Roland\ntuser.dat.LOG1
[2009.02.20 18:42:34 | 000,000,000 | -H-- | M] () -- C:\Users\Roland\ntuser.dat.LOG2
[2012.03.26 22:45:26 | 000,065,536 | -HS- | M] () -- C:\Users\Roland\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2011.11.10 12:38:15 | 000,524,288 | -HS- | M] () -- C:\Users\Roland\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2012.03.26 22:45:25 | 000,524,288 | -HS- | M] () -- C:\Users\Roland\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2009.02.20 18:42:34 | 000,000,020 | -HS- | M] () -- C:\Users\Roland\ntuser.ini
[2009.11.22 14:55:50 | 000,104,677 | ---- | M] () -- C:\Users\Roland\Zeugnis der Allgemeinen Hochschulreife.pdf
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB52908$] -> Error: Cannot create file handle -> Unknown point type
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 920 bytes -> C:\Users\Roland\Desktop\Bewerbung um einen Praktikumsplatz.eml:OECustomProperty
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:8173A019
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:FEBEC560

< End of report >
         
--- --- ---
__________________

Alt 27.03.2012, 13:58   #4
Rolnicke
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



und hier die Extras.txt:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 27.03.2012 13:53:18 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\Roland\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,47 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 46,25% Memory free
5,16 Gb Paging File | 3,75 Gb Available in Paging File | 72,74% Paging File free
Paging file location(s): c:\pagefile.sys 2825 2825 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 89,28 Gb Free Space | 61,98% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 33,69 Gb Free Space | 23,98% Space Free | Partition Type: NTFS
 
Computer Name: ROLAND-PC | User Name: Roland | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2F651FE1-7DE1-4EA3-AA71-2BA357E3BA5F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{32C77ACD-7456-407A-8836-9236BE528749}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{40060CF6-1F93-4009-A15F-E2525256A3C0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4571704A-3894-4FE2-BD32-590312E091BF}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{45751AE7-64D6-486C-9B60-85A3E4A1C7B4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4CD31166-3822-4FB1-9B16-18DE579FADC0}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{5A36BB78-F7A5-43F0-9C84-FCA61BA7900D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A039BD6E-8820-4870-996C-8573C88F401F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BC137AE8-A5E5-48F7-8C90-EE56D0045DA2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DEA8D4B6-5361-4307-882E-9D54F42E4DBC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0295DB8C-4D34-4B41-96D4-6837599935AA}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{05A62151-2D95-4C9A-A443-5244F36BC2E5}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{13814C78-A373-4489-8776-F3F763BB2F3F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{17017371-A6DE-4828-A779-7D6DC76F87E5}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{1D29D6BB-35FB-427F-A1F9-E6D52AD03B94}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{23A3C4BC-FF0A-4CC7-BC7C-F168164A21F8}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{273B75E1-7C5F-4E7D-AA28-791EE6FA620B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{44651A5A-1D79-4C3E-9E74-810390DA04CF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{47C3B2E3-B578-4130-B068-81FFFD63E472}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{49903B60-94D9-4CC6-910F-B7CEA9CC2E56}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | 
"{524F7873-BBA6-499F-84C2-0936032E8FE4}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{5C843E89-5E59-4FAD-8EAA-38993C9B8553}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5F6B9371-EFFC-4207-8E89-BD35184C2146}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{6C783F19-6032-43EB-8191-83B0D5B1630D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6DF1ED00-9AE3-4BE0-B18D-E94C482911A9}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6F90D51F-01BD-4F18-8ECF-43A12700782A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{712652DD-7037-4BE5-AAB4-6187A7C279E4}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | 
"{74FAAFCD-87CB-45A7-ACC3-AF31DE726F47}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{85C770A2-E9C2-47C6-9B44-37B7ABCA6E4B}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{88EA6CF1-2E78-4687-902B-5FC3834CF00C}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{89A6E70C-07DD-492D-8FB7-643941326A5B}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{981C595F-F8D5-442C-AFDF-CB7A1F1ED3A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A07F7901-DFF3-40CB-9DB3-9C1620CB0A4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A611CFC2-A439-4CF3-B608-0557CEAA41F3}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{BB06D7CC-384A-4224-BED4-83960E1F4BB4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BD375F23-A727-49F9-9221-4CF403CB6948}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{C0C7E012-16EA-4274-9EBA-F412940DAD16}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{D5721604-68A6-4258-A474-431042B47823}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DCBF8A86-FC25-4A21-860D-7536BBFBE93B}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{E014F835-F99A-4A98-A330-89DB9DE18E36}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{FD54AD41-3EEF-46C0-826F-EBF43ADAFBFC}" = protocol=6 | dir=out | app=system | 
"TCP Query User{4026A092-6CB4-4AAE-A67C-4F45C246CCCE}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{6682A9B9-DA94-4E57-81DF-856DA994668B}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{6C54B0E1-BC23-4D03-9E46-C4F3DD87E8A4}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{9CCA88BD-B6EE-4ADF-B56F-B1C7DC650A8E}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{AAEF6B40-9F36-46A0-8591-235F3AECE446}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{AEC4A16F-75C5-42EA-85FF-447C2B16DBBB}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{DB12B45A-8EDB-4CDE-A54C-69AAC65F2638}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{0470C822-EC82-48FF-8B47-60F7AD0213C2}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{3449DD7A-322E-4884-97A3-33EB0BC6B502}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{7CCE3A0B-F103-4520-9267-F994BFDAC476}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{A26A66D1-DF78-430E-9482-874D43A7C958}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{A9EA2A4F-FF3D-4023-89B0-6F4CA1A2D454}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{C3C952DD-7A97-4CB1-B37F-23553EE49BC5}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{F0471D6A-16C4-4FFC-8478-148C6483AB56}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002097BB-4AFC-F885-A061-D674E5A7D586}" = Catalyst Control Center Localization Czech
"{02755AE5-6643-FF3B-E1B9-C35D88D1B519}" = Catalyst Control Center Core Implementation
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0D0E5A72-16E4-2976-1BB6-9B1588FD1688}" = CCC Help Danish
"{0D7B6373-8A37-A1FD-8AB0-43AAD69A4173}" = CCC Help Portuguese
"{0DED2BE4-B8D3-6422-613D-79619C997D03}" = CCC Help Czech
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{12F0F9AE-14C1-D9B2-3627-4E7B2E3FCC62}" = Catalyst Control Center Localization Swedish
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13EAEF04-7E24-F813-9F5E-588ABAB48DDF}" = Catalyst Control Center Localization Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F9DFBC7-D9C5-2F90-EB8C-1BFAA992A264}" = CCC Help Spanish
"{223E1972-08A7-6232-B8BF-AEFB0D55F131}" = Catalyst Control Center Graphics Full New
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{28043791-BCD6-349E-1358-74E91F0CC056}" = CCC Help Japanese
"{28C0E907-7C72-7E55-C9D1-822635050011}" = Catalyst Control Center Localization Russian
"{29CF0734-CBA0-E24C-6CE4-CF8CCF65E9F1}" = Catalyst Control Center Localization French
"{29E9D72B-AFAB-5EDF-DF53-FE41147CDF44}" = CCC Help Greek
"{2E4AB89A-C177-40D5-B018-B0152D3F2305}" = Catalyst Control Center - Branding
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{31DC5AB6-0E15-97EF-F8C5-507D9A4254A2}" = Catalyst Control Center Localization Portuguese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C4DF11D-CDB9-9FC4-68B2-0639C35D12B3}" = CCC Help Turkish
"{44353286-A029-E150-E0AC-D5A9A7354EDC}" = CCC Help French
"{4D5FE96A-7708-CD37-FF52-C7E00D9E4E4C}" = Catalyst Control Center Localization Hungarian
"{5095E8BE-8C1F-EDDA-8E46-8EDA4ECCDC62}" = Catalyst Control Center Localization Dutch
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5BD279D5-67E0-9088-1A3D-12F51671021D}" = Catalyst Control Center Localization Norwegian
"{5C77247B-F8B6-FAF4-1681-B5DAE7E62312}" = CCC Help Hungarian
"{5D6C26B9-D9E7-4E77-A4DE-0C2B242E85FA}" = ZoneAlarm Firewall
"{6090F363-5D4F-E7D7-5ED7-031A753C3384}" = ccc-utility
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6252C234-C8D0-5B4F-A142-AC50DBF48718}" = Catalyst Control Center Localization Korean
"{641BC1FD-F2A2-1A40-DAF7-F5A96A96D4CB}" = Catalyst Control Center Localization Polish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C55D7E5-F296-4352-CB18-D53443D26B45}" = Catalyst Control Center Localization Italian
"{7036A07A-FE2A-4920-A944-19B73D16F106}" = Duden Tipptrainer 2.0
"{7157B290-394E-30E1-3B1B-D46CB6913BC8}" = Catalyst Control Center Localization Thai
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7A1D1C2B-0F70-1914-CE8D-6A1E6C928AE8}" = CCC Help Chinese Standard
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{8D36BA0E-75EC-51FB-A7B0-EB7BA6BE0A05}" = CCC Help Korean
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{92894D89-0A51-C4B4-39B4-C5460544F788}" = CCC Help Russian
"{9346230F-C4A8-17D3-D096-7E8367676DD1}" = ATI Catalyst Install Manager
"{9451B7F2-1745-99D0-DEBB-D589EAD4E96C}" = CCC Help Polish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E569D4E-7DB4-2EF9-4E14-786507F4415D}" = CCC Help Norwegian
"{9FB10BC7-66AF-74D8-730C-937D717D7179}" = CCC Help English
"{A15FA2C2-261B-EAB2-B966-8747ACC663BB}" = ccc-core-static
"{A2FAA089-E483-8F22-1EC4-DF063D35BC07}" = CCC Help German
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A73A8DFE-C038-771D-7E02-E10489D5FDE2}" = Catalyst Control Center InstallProxy
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8.3
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B12707C5-AC65-1931-DDB4-01BDF3E8199E}" = Catalyst Control Center Localization Chinese Standard
"{B7246337-1876-A73D-4BA1-F82580ECBEFB}" = Catalyst Control Center Localization German
"{BA4022C7-73DC-0475-66D5-42F848C8689C}" = Catalyst Control Center Localization Danish
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C3998FFF-D1A7-6EDA-A875-1E682FF97C8B}" = CCC Help Dutch
"{C4BC01F3-B7E6-49FA-8FBE-6B62FDF9CED0}" = ZoneAlarm Security
"{C7DDA8E7-AD3D-4F51-AC1E-B0FF57002192}" = Microsoft IntelliPoint 6.3
"{C910E5DF-2963-E060-5788-60652960B779}" = CCC Help Chinese Traditional
"{C9AEF005-E9D0-5696-609B-223A1F5895F2}" = CCC Help Thai
"{CC9A7C19-5B95-738F-8874-CCBD3C953265}" = Catalyst Control Center Localization Turkish
"{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}" = Cisco Systems VPN Client 5.0.00.0340
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D2951D23-EA51-8B7F-21A2-41F70CE18420}" = Catalyst Control Center Localization Finnish
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD7CF461-F5F3-B13D-EB0F-D693E93732A8}" = Catalyst Control Center Localization Japanese
"{DDC3E8AB-3642-69AF-92FE-5AF21BC7674E}" = CCC Help Swedish
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E43196CF-182A-4D9E-9CE7-69616DBEE3B0}" = Ad-Aware
"{E7FDC74E-1212-26E7-F3D3-017B7EAF465D}" = Catalyst Control Center Graphics Light
"{E962C12D-980F-3FD1-4668-EFE380BAAD66}" = CCC Help Italian
"{EB1DFFCD-0910-800A-B11A-15AD9386E524}" = Catalyst Control Center Localization Greek
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD52F0AA-76EB-D838-EF16-BB157EE9351C}" = Catalyst Control Center Graphics Full Existing
"{FDBA1DEC-67ED-BC53-F667-C679FAC0B692}" = CCC Help Finnish
"{FE6C4A72-BB28-6E2D-3EE9-F0E37ECC7EFF}" = Catalyst Control Center Localization Chinese Traditional
"Acer Acer Bio Protection 6.0.00.16" = Acer Bio Protection

AAU 6.0.00.16
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira Free Antivirus
"BOORBERG VSV SACHSEN_ANHALT ON CLICK _" = Boorberg VSV SACHSEN-ANHALT ON CLICK .
"Cyberduck" = Cyberduck 4.1.3 (9045)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Opera 11.60.1185" = Opera 11.60
"PDFTK Builder_is1" = PDFTK Builder 3.5.3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.0.3
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
"ZoneAlarm-Sicherheit Toolbar" = ZoneAlarm-Sicherheit Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.5.1
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---

Alt 27.03.2012, 14:54   #5
markusg
/// Malware-holic
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [Userinit] C:\Users\Roland\AppData\Roaming\appconf32.exe ()
[2012.03.25 23:06:33 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Roaming\11003
[2012.03.25 23:06:18 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Roaming\xmldm
[2012.03.25 23:06:18 | 000,000,000 | ---D | C] -- C:\Users\Roland\AppData\Roaming\kock
[2012.03.26 20:28:22 | 000,296,440 | ---- | M] () -- C:\Users\Roland\AppData\Roaming\AcroIEHelpe092.dll
[2012.03.26 20:28:22 | 000,005,624 | ---- | M] () -- C:\Users\Roland\AppData\Roaming\BAcroIEHelpe092.dll
 :Files
C:\Users\Roland\AppData\Roaming\appconf32.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.


Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 28.03.2012, 15:40   #6
markusg
/// Malware-holic
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



danke für den upload.
nutzt du den pc für onlinebanking, einkäufe, sonstige zahlungsabwicklungen, oder ähnlich wichtiges, wie berufliches?
__________________
--> Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten

Alt 29.03.2012, 14:15   #7
Rolnicke
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



hi...zum online banking erst seit kurzem...einkaufen und so mach ich damit schon länger?
Macht das denn einen unterschied? ich möchte eigentlich immer einen sicheren PC heben.

Gruß Rolnicke

Alt 29.03.2012, 15:34   #8
markusg
/// Malware-holic
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



hi,
du hast einen trojan.banker auf dem pc, bank anrufen, onlinebanking sperren lassen.
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neuinstallieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 29.03.2012, 17:32   #9
Rolnicke
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



son mist...kann ich den Trojaner nicht anders loswerden.
Das ist ja eine woche arbeit wenn man windows neu aufspielt und so. Außerdem habe ich dazu gar keine cd erhalten( Recovery, oä).
Und warum kann ich dieses Sicherheitscenter nicht starten?
Gruß Roland

Alt 29.03.2012, 18:29   #10
markusg
/// Malware-holic
 
Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Standard

Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten



nein, oder willst du das dir jemand geld abbucht, weil wir ne malware kompoonennte nicht gefunden haben.
wenn sie dir keine cd geliefert haben, hat das gerät sicher ne recovery funktion, starte also mit der datensicherung und beantworte die komplette frage 2 von oben
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten
aktualisierung, bekämpfen, durchgeführt, einschalten, einstellungen, erfolgreich, fehlermeldung, firewall, funktioniert, funktioniert nicht, gestartet, kurzem, nachricht, nicht mehr, problem, schutz, sicherheitscenter, sicherheitscenterdienst, symbol, tagen, taskleiste, verwendet, vista, windows, windows firewall, windows-firewall, windows-sicherheitscenter, zusammen



Ähnliche Themen: Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten


  1. (Vista) Sicherheitscenter lässt sich nicht mehr aktivieren
    Log-Analyse und Auswertung - 24.12.2014 (3)
  2. Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen
    Log-Analyse und Auswertung - 14.11.2014 (26)
  3. Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen
    Plagegeister aller Art und deren Bekämpfung - 05.10.2014 (4)
  4. Windows 7: Windows-Sicherheitscenter nicht aktivierbar, MS Security Essentials lässt sich nicht benutzen
    Log-Analyse und Auswertung - 17.09.2014 (23)
  5. AdWare und Windows Sicherheitscenter lässt sich nicht aktivieren
    Plagegeister aller Art und deren Bekämpfung - 23.06.2013 (21)
  6. Sicherheitszentrum ausgeschaltet, einschalten nicht möglich - IE9-Vista Home Premium
    Plagegeister aller Art und deren Bekämpfung - 15.04.2013 (23)
  7. Sicherheitscenter bei Windows Vista lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 16.02.2013 (25)
  8. Google Chrom entführt die Seite, Sicherheitscenter lässt sich nicht einschalten
    Plagegeister aller Art und deren Bekämpfung - 29.08.2012 (7)
  9. (2x) keinerlei Netzwerkverbindungen Windows lässt sich nicht mehr einschalten
    Mülltonne - 15.08.2012 (1)
  10. Windows Firewall lässt sich nicht einschalten Fehlercode 0X80070424
    Plagegeister aller Art und deren Bekämpfung - 14.05.2012 (12)
  11. Windows Firewall lässt sich nicht einschalten
    Plagegeister aller Art und deren Bekämpfung - 08.05.2012 (10)
  12. (Vista) Sicherheitscenter lässt sich nach Virus nicht mehr aktivieren
    Log-Analyse und Auswertung - 11.04.2012 (9)
  13. Windows Sicherheitscenter deaktiviert sich ständig, Systemwiederherstellung lässt sich nicht öffnen
    Log-Analyse und Auswertung - 29.03.2012 (13)
  14. Windows-Sicherheitscenter lässt sich nicht aktivieren
    Antiviren-, Firewall- und andere Schutzprogramme - 27.03.2011 (5)
  15. Windows-Sicherheitscenter lässt sich nicht aktivieren
    Mülltonne - 26.03.2011 (1)
  16. Windows Sicherheitscenter lässt sich nicht mehr aktivieren, die zweite
    Plagegeister aller Art und deren Bekämpfung - 08.03.2011 (2)
  17. Windows-Sicherheitscenter lässt sich nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 02.03.2011 (15)

Zum Thema Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten - Hallo alle zusammen, ich hatte vor kurzem ein problem mit einem Virus. Den habe erfolgreich 'bekämpfen' könnnen, zumindest dachte ich das. Seit einigen Tagen ist das Symbol des Sicherheitscenter nicht - Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten...
Archiv
Du betrachtest: Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.