Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Avira meldet 4 Funde, was nun?

Avira meldet 4 Funde, was nun?


Plagegeister aller Art und deren Bekämpfung: Avira meldet 4 Funde, was nun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 3 1 2 3
Alt 30.04.2012, 12:25   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.04.2012, 13:39   #17
FW313
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Ist erledigt.

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.04.2012 14:05:15 - Run 2
OTL by OldTimer - Version 3.2.40.0     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 58,32% Memory free
6,70 Gb Paging File | 5,13 Gb Available in Paging File | 76,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 308,88 Gb Total Space | 70,16 Gb Free Space | 22,71% Space Free | Partition Type: NTFS
Drive D: | 613,85 Gb Total Space | 609,31 Gb Free Space | 99,26% Space Free | Partition Type: NTFS
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.22 00:14:57 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2012.04.21 12:24:08 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Programme\Common Files\Steam\SteamService.exe
PRC - [2012.04.10 17:27:41 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Programme\Steam\Steam.exe
PRC - [2012.02.29 22:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.02.29 22:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.10.11 15:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.12.23 11:00:12 | 003,344,384 | ---- | M] () -- C:\Programme\MOUSE Editor\MouseEditor.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.09.19 11:44:20 | 000,113,664 | ---- | M] (Fujitsu Siemens Computers GmbH) -- C:\Programme\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe
PRC - [2008.08.21 03:18:00 | 000,443,968 | ---- | M] (Google Inc.) -- C:\Programme\Picasa2\PicasaMediaDetector.exe
PRC - [2008.04.25 15:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Programme\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.09.04 15:14:04 | 000,974,848 | ---- | M] (Hama GmbH & Co KG) -- C:\Programme\Hama\Common\RaUI.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Programme\RocketDock\RocketDock.exe
PRC - [2007.03.02 17:48:00 | 000,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.21 12:24:04 | 020,297,512 | ---- | M] () -- C:\Programme\Steam\bin\libcef.dll
MOD - [2012.04.21 12:23:51 | 000,907,048 | ---- | M] () -- C:\Programme\Steam\bin\chromehtml.dll
MOD - [2012.04.21 12:23:51 | 000,190,776 | ---- | M] () -- C:\Programme\Steam\bin\avformat-53.dll
MOD - [2012.04.21 12:23:51 | 000,123,192 | ---- | M] () -- C:\Programme\Steam\bin\avutil-51.dll
MOD - [2012.04.21 12:23:50 | 001,099,576 | ---- | M] () -- C:\Programme\Steam\bin\avcodec-53.dll
MOD - [2012.04.12 21:39:57 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll
MOD - [2012.04.12 21:39:48 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll
MOD - [2012.02.17 17:11:45 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012.02.16 18:14:08 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011.10.13 22:07:12 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011.05.28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.12.23 11:00:12 | 003,344,384 | ---- | M] () -- C:\Programme\MOUSE Editor\MouseEditor.exe
MOD - [2010.12.02 14:01:18 | 000,994,304 | ---- | M] () -- C:\Programme\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2010.12.02 11:56:52 | 000,815,104 | ---- | M] () -- C:\Programme\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
MOD - [2010.11.24 03:11:21 | 002,535,936 | ---- | M] () -- C:\Programme\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2010.11.01 14:16:00 | 000,062,976 | ---- | M] () -- C:\Programme\MOUSE Editor\dll\DLL_AnalyzeGesturesInOne.dll
MOD - [2010.10.11 04:13:52 | 000,087,040 | ---- | M] () -- C:\Programme\MOUSE Editor\dll\DLL_MouseDeviceManager.dll
MOD - [2010.09.20 08:19:01 | 000,062,976 | ---- | M] () -- C:\Programme\MOUSE Editor\dll\DLL_AnalyzeGesturesInRight.dll
MOD - [2010.09.20 08:18:57 | 000,085,504 | ---- | M] () -- C:\Programme\MOUSE Editor\dll\DLL_ZoomControl.dll
MOD - [2010.09.20 08:18:54 | 000,054,272 | ---- | M] () -- C:\Programme\MOUSE Editor\dll\DLL_ScrollbarControl.dll
MOD - [2010.09.20 08:18:50 | 000,117,760 | ---- | M] () -- C:\Programme\MOUSE Editor\dll\DLL_Wheel4D.dll
MOD - [2010.08.23 04:22:39 | 000,034,816 | ---- | M] () -- C:\Programme\Google\Google Desktop Search\gzlib.dll
MOD - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Programme\RocketDock\RocketDock.exe
MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Programme\RocketDock\RocketDock.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.04.27 20:42:35 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.21 12:24:08 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.04.13 21:46:39 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.03.01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008.04.25 15:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Programme\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.12.14 18:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.11.17 16:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.03.01 01:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.02.22 04:15:14 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2012.02.15 16:41:21 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 15:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.11.30 18:26:44 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.11.30 18:26:43 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.07.22 10:21:08 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008.07.08 03:32:52 | 001,050,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008.05.27 13:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.04.03 14:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2008.03.07 14:46:32 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007.08.15 22:49:48 | 000,552,448 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007.03.13 10:27:00 | 000,047,648 | ---- | M] (Hitachi Semiconductor and Devices Sales Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CESG502.sys -- (PVUSB)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJC
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/webhp?rls=ig
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/webhp?rls=ig
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJE
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GPEA_de
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=gb3_Xcsv4gbku0cIIJy60Gzb99E?q={searchTerms}
IE - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d49175b3-3fd8-43b8-b28e-da5d47f3c398}:1.0.30
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\***\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\***\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.06.24 22:01:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.27 20:42:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.11 23:06:37 | 000,000,000 | ---D | M]
 
[2009.09.02 14:02:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.04.21 21:21:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\m4chw5b8.default\extensions
[2012.04.01 22:55:36 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\m4chw5b8.default\extensions\battlefieldplay4free@ea.com
[2011.03.12 13:46:47 | 000,000,000 | ---D | M] (Personas) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\m4chw5b8.default\extensions\personas@christopher.beard
[2011.11.03 13:40:25 | 000,000,933 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\11-suche.xml
[2011.11.03 13:40:25 | 000,002,419 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\englische-ergebnisse.xml
[2011.11.03 13:40:25 | 000,010,525 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\gmx-suche.xml
[2011.03.11 21:29:56 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-1.xml
[2010.07.23 10:23:44 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-10.xml
[2010.07.24 15:22:23 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-11.xml
[2010.08.23 11:45:40 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-12.xml
[2010.09.17 12:50:50 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-13.xml
[2010.10.21 19:43:07 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-14.xml
[2010.10.30 00:09:47 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-15.xml
[2010.12.11 00:14:29 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-16.xml
[2011.03.03 14:03:56 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-17.xml
[2011.03.05 12:57:17 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-18.xml
[2011.03.24 20:34:37 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-19.xml
[2009.11.03 01:58:19 | 000,000,961 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-2.xml
[2009.11.15 10:45:58 | 000,000,961 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-3.xml
[2010.01.06 19:05:55 | 000,000,961 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-4.xml
[2010.01.30 22:25:07 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-5.xml
[2010.03.26 21:24:39 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-6.xml
[2010.04.02 18:54:20 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-7.xml
[2010.05.24 01:02:57 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-8.xml
[2010.06.29 23:08:21 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin-9.xml
[2009.09.15 17:55:18 | 000,000,961 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\icqplugin.xml
[2011.11.03 13:40:25 | 000,002,457 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\lastminute.xml
[2011.04.07 19:12:52 | 000,005,549 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\searchplugins\webde-suche.xml
[2011.12.30 13:29:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.08.17 03:01:17 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M4CHW5B8.DEFAULT\EXTENSIONS\{20CC25E2-48C9-45E1-9A1F-1CCC1882B81B}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M4CHW5B8.DEFAULT\EXTENSIONS\{578E7CAA-210F-4967-A0D3-88FE5B59A39F}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M4CHW5B8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M4CHW5B8.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M4CHW5B8.DEFAULT\EXTENSIONS\{D49175B3-3FD8-43B8-B28E-DA5D47F3C398}.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M4CHW5B8.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M4CHW5B8.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
() (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M4CHW5B8.DEFAULT\EXTENSIONS\TINEYE@IDEEINC.COM.XPI
[2009.06.27 22:12:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.04.27 20:42:35 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.08.17 23:13:32 | 001,275,856 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv501.dll
[2011.09.30 18:30:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.30 18:30:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.30 18:30:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.30 18:30:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.30 18:30:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.30 18:30:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\***\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\***\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Flatcast Viewer Plugin 5.0.356 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NpFv501.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java(TM) Platform SE 7 U3 (Enabled) = C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.30.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll
CHR - plugin: Unity Player (Enabled) = C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: HideMyAss Proxifier = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\akficmgoadaflmeeiapifgdbkalhacif\0.6_0\
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EnergySettings] C:\Programme\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe File not found
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-18..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000..\Run: [OscarEditor] C:\Program Files\MOUSE Editor\MouseEditor.exe ()
O4 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk =  File not found
O7 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1980743469-3674975028-2304663644-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.1)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} hxxp://80.237.209.20/objects/NpFv501.dll (Flatcast Viewer 5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61119530-AA6A-4060-B75B-696801F37432}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A54F7D6E-F1C3-44BC-918E-3C1856CF6B09}: NameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{16924bff-c20e-11dd-8638-002185c1d801}\Shell - "" = AutoRun
O33 - MountPoints2\{16924bff-c20e-11dd-8638-002185c1d801}\Shell\AutoRun\command - "" = K:\setup.exe
O33 - MountPoints2\{16924c09-c20e-11dd-8638-002185c1d801}\Shell - "" = AutoRun
O33 - MountPoints2\{16924c09-c20e-11dd-8638-002185c1d801}\Shell\AutoRun\command - "" = K:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.28 15:50:24 | 002,322,184 | ---- | C] (ESET) -- C:\Users\***\Desktop\esetsmartinstaller_enu.exe
[2012.04.27 20:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.04.27 20:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.27 20:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.04.25 13:40:44 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\tdsskiller(1)
[2012.04.25 13:38:18 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\tdsskiller
[2012.04.22 00:42:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2012.04.22 00:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.22 00:42:42 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.22 00:42:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.04.22 00:35:14 | 010,063,000 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\***\Desktop\mbam-setup-1.61.0.1400.exe
[2012.04.22 00:14:53 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.04.22 00:13:42 | 003,645,656 | ---- | C] (Piriform Ltd) -- C:\Users\***\Desktop\ccsetup317.exe
[2012.04.16 21:34:03 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\TooManyItems2012_04_13_1.2.5(1)
[2012.04.15 23:01:26 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Beatles Best of
[2012.04.15 17:38:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\.minecraft
[2012.04.13 14:24:20 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\1967-1970 (Disc 2)
[2012.04.13 14:24:18 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\1967-1970 (Disc 1)
[2012.04.13 14:24:16 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\1962-1966 (Disc 2)
[2012.04.13 14:24:15 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\1962-1966 (Disc 1)
[2012.04.11 17:52:45 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Minecraft
[2012.04.10 20:41:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\2K Games
[2012.04.10 17:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012.04.10 17:26:43 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.30 14:06:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.30 13:59:08 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.30 13:59:05 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.30 13:59:05 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.30 13:59:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.30 13:58:56 | 3488,747,520 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.28 20:46:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.28 20:13:03 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1980743469-3674975028-2304663644-1000Core.job
[2012.04.28 20:13:02 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1980743469-3674975028-2304663644-1000UA.job
[2012.04.28 15:50:46 | 002,322,184 | ---- | M] (ESET) -- C:\Users\***\Desktop\esetsmartinstaller_enu.exe
[2012.04.27 21:04:35 | 000,000,829 | ---- | M] () -- C:\Users\***\AppData\Local\RT2870_{A54F7D6E-F1C3-44BC-918E-3C1856CF6B09}_sta
[2012.04.27 20:59:13 | 000,001,616 | ---- | M] () -- C:\Users\***\AppData\Local\RT2870_{A54F7D6E-F1C3-44BC-918E-3C1856CF6B09}_prof
[2012.04.25 13:53:53 | 000,074,638 | ---- | M] () -- C:\Users\***\Desktop\TDSSKILLER.jpg
[2012.04.25 13:53:53 | 000,000,846 | ---- | M] () -- C:\Users\***\.recently-used.xbel
[2012.04.25 13:39:52 | 002,054,861 | ---- | M] () -- C:\Users\***\Desktop\tdsskiller(1).zip
[2012.04.25 13:36:37 | 002,054,550 | ---- | M] () -- C:\Users\***\Desktop\tdsskiller.zip
[2012.04.22 00:42:45 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.22 00:36:06 | 010,063,000 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\***\Desktop\mbam-setup-1.61.0.1400.exe
[2012.04.22 00:16:04 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.04.22 00:15:44 | 002,911,828 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.22 00:15:44 | 001,290,782 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.22 00:15:44 | 000,855,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.22 00:15:44 | 000,770,248 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.22 00:14:57 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.04.22 00:14:08 | 003,645,656 | ---- | M] (Piriform Ltd) -- C:\Users\***\Desktop\ccsetup317.exe
[2012.04.16 22:55:39 | 001,799,207 | ---- | M] () -- C:\Users\***\Desktop\HyperGTS_1.01_GERMAN.rar
[2012.04.16 21:29:31 | 000,051,131 | ---- | M] () -- C:\Users\***\Desktop\TooManyItems2012_04_13_1.2.5(1).zip
[2012.04.16 21:09:58 | 000,000,132 | ---- | M] () -- C:\Users\***\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.04.16 19:07:26 | 006,793,229 | ---- | M] () -- C:\Users\***\Desktop\Hello, Goodbye.mp3
[2012.04.16 19:07:26 | 004,663,309 | ---- | M] () -- C:\Users\***\Desktop\Penny Lane.mp3
[2012.04.16 19:06:04 | 000,004,610 | -HS- | M] () -- C:\Users\***\Desktop\Folder.jpg
[2012.04.16 19:06:04 | 000,004,610 | -HS- | M] () -- C:\Users\***\Desktop\AlbumArt_{BD5986B1-3666-481B-829F-268C027B8396}_Large.jpg
[2012.04.16 19:05:33 | 000,001,491 | -HS- | M] () -- C:\Users\***\Desktop\AlbumArtSmall.jpg
[2012.04.16 19:05:33 | 000,001,491 | -HS- | M] () -- C:\Users\***\Desktop\AlbumArt_{BD5986B1-3666-481B-829F-268C027B8396}_Small.jpg
[2012.04.15 18:18:00 | 001,488,305 | ---- | M] () -- C:\Users\***\Desktop\mcpatcher-2.3.5_01.exe
[2012.04.15 18:05:27 | 000,037,894 | ---- | M] () -- C:\Users\***\Desktop\600px-Biohazard.svg.png
[2012.04.14 12:16:18 | 000,002,048 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk
[2012.04.10 17:26:49 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012.04.08 15:29:45 | 000,002,631 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Word 2007.lnk
[2012.04.05 19:14:53 | 000,001,456 | ---- | M] () -- C:\Users\***\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.03 03:52:59 | 000,184,832 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.04.25 13:53:53 | 000,074,638 | ---- | C] () -- C:\Users\***\Desktop\TDSSKILLER.jpg
[2012.04.25 13:53:53 | 000,000,846 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[2012.04.25 13:39:38 | 002,054,861 | ---- | C] () -- C:\Users\***\Desktop\tdsskiller(1).zip
[2012.04.25 13:36:19 | 002,054,550 | ---- | C] () -- C:\Users\***\Desktop\tdsskiller.zip
[2012.04.22 00:42:45 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.04.22 00:16:04 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.04.16 22:55:30 | 001,799,207 | ---- | C] () -- C:\Users\***\Desktop\HyperGTS_1.01_GERMAN.rar
[2012.04.16 21:29:30 | 000,051,131 | ---- | C] () -- C:\Users\***\Desktop\TooManyItems2012_04_13_1.2.5(1).zip
[2012.04.16 19:06:24 | 000,004,610 | -HS- | C] () -- C:\Users\***\Desktop\AlbumArt_{BD5986B1-3666-481B-829F-268C027B8396}_Large.jpg
[2012.04.16 19:06:24 | 000,001,491 | -HS- | C] () -- C:\Users\***\Desktop\AlbumArt_{BD5986B1-3666-481B-829F-268C027B8396}_Small.jpg
[2012.04.15 23:33:01 | 004,663,309 | ---- | C] () -- C:\Users\***\Desktop\Penny Lane.mp3
[2012.04.15 23:32:49 | 006,793,229 | ---- | C] () -- C:\Users\***\Desktop\Hello, Goodbye.mp3
[2012.04.15 18:17:41 | 001,488,305 | ---- | C] () -- C:\Users\***\Desktop\mcpatcher-2.3.5_01.exe
[2012.04.15 18:05:26 | 000,037,894 | ---- | C] () -- C:\Users\***\Desktop\600px-Biohazard.svg.png
[2012.04.10 17:26:49 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012.04.05 12:43:17 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.10.08 23:34:33 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.06.29 20:31:12 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2011.04.16 13:42:17 | 000,138,056 | ---- | C] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys
[2011.04.01 15:32:27 | 000,000,829 | ---- | C] () -- C:\Users\***\AppData\Local\RT2870_{A54F7D6E-F1C3-44BC-918E-3C1856CF6B09}_sta
[2011.04.01 15:32:03 | 000,001,616 | ---- | C] () -- C:\Users\***\AppData\Local\RT2870_{A54F7D6E-F1C3-44BC-918E-3C1856CF6B09}_prof
[2011.02.07 22:12:37 | 000,000,164 | ---- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}
[2010.08.16 12:39:30 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2010.08.06 23:43:37 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.08.06 20:09:24 | 000,001,456 | ---- | C] () -- C:\Users\***\AppData\Local\Adobe Für Web speichern 12.0 Prefs
 
========== LOP Check ==========
 
[2012.04.16 21:43:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2012.02.22 20:17:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.Nitrous
[2012.01.15 19:03:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.spoutcraft
[2008.12.02 19:23:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ace
[2011.08.11 04:03:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\aicon
[2009.05.01 13:32:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2010.04.11 15:24:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AnvSoft
[2009.01.09 16:48:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Atari
[2008.12.27 19:31:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Blender Foundation
[2010.08.17 03:21:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.08.09 05:32:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2011.02.07 22:09:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Degener
[2009.10.22 18:52:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\EA
[2010.06.26 23:36:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FireShot
[2012.04.25 13:53:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2010.04.05 22:34:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2009.01.09 16:46:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2008.11.29 15:43:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2011.05.05 22:17:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2008.12.02 21:46:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc
[2011.05.09 13:55:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Publish Providers
[2011.06.29 20:36:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony
[2009.01.05 00:41:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony Setup
[2008.12.08 16:31:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SPORE
[2008.12.03 20:23:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SPORE Creature Creator
[2010.06.12 02:08:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.06.24 22:04:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Swiss Academic Software
[2011.10.29 13:46:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tropico 3
[2012.02.22 04:16:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TrueCrypt
[2012.03.24 21:54:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2008.12.04 16:18:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Vodafone
[2011.07.17 21:25:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\wargaming.net
[2011.06.29 20:48:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WEB.DE
[2012.04.28 20:57:00 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.04.16 21:43:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2012.02.22 20:17:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.Nitrous
[2012.01.15 19:03:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.spoutcraft
[2008.12.02 19:23:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ace
[2011.01.04 03:47:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe
[2010.06.12 02:08:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe Mini Bridge CS5
[2011.08.11 04:03:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\aicon
[2009.05.01 13:32:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2010.04.11 15:24:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AnvSoft
[2009.01.09 16:48:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Atari
[2011.10.14 19:03:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avira
[2009.07.10 22:32:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AVS4YOU
[2008.12.27 19:31:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Blender Foundation
[2009.12.23 14:20:24 | 000,000,000 | R--D | M] -- C:\Users\***\AppData\Roaming\Brother
[2010.08.17 03:21:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.08.09 05:32:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2011.02.07 22:09:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Degener
[2011.12.31 01:58:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\dvdcss
[2009.10.22 18:52:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\EA
[2010.06.26 23:36:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FireShot
[2008.12.12 12:55:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Google
[2012.04.25 13:53:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2010.04.05 22:34:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2008.11.29 15:23:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities
[2009.02.11 22:00:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InstallShield
[2009.01.09 16:46:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2008.11.29 18:09:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia
[2008.11.29 15:43:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2012.04.22 00:42:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2011.08.17 19:34:36 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft
[2009.09.02 14:02:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla
[2009.03.13 17:57:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nero
[2012.02.22 19:35:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NVIDIA
[2011.05.05 22:17:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2008.12.02 21:46:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc
[2011.05.09 13:55:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Publish Providers
[2008.11.29 15:41:41 | 000,000,000 | RH-D | M] -- C:\Users\***\AppData\Roaming\SecuROM
[2011.06.29 20:36:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony
[2009.01.05 00:41:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony Setup
[2008.12.08 16:31:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SPORE
[2008.12.03 20:23:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SPORE Creature Creator
[2010.06.12 02:08:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.06.24 22:04:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Swiss Academic Software
[2011.10.29 13:46:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tropico 3
[2012.02.22 04:16:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TrueCrypt
[2012.03.24 21:54:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2012.04.16 21:27:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\vlc
[2008.12.04 16:18:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Vodafone
[2011.07.17 21:25:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\wargaming.net
[2011.06.29 20:48:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WEB.DE
[2011.06.15 01:49:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2009.09.29 20:29:08 | 000,006,144 | ---- | M] (Electronic Arts Canada) -- C:\Users\***\AppData\Roaming\EA\EASW\GameFace\DetectOpenGLConsole.exe
[2009.09.29 20:29:08 | 000,005,120 | ---- | M] (Electronic Arts Canada) -- C:\Users\***\AppData\Roaming\EA\EASW\GameFace\DownloadSourcePhotoConsole.exe
[2009.10.22 18:52:49 | 000,030,208 | ---- | M] (Electronic Arts Canada) -- C:\Users\***\AppData\Roaming\EA\EASW\GameFace\FileDownloadConsole.exe
[2009.10.08 10:30:41 | 000,013,312 | ---- | M] (Electronic Arts Canada) -- C:\Users\***\AppData\Roaming\EA\EASW\GameFace\PhotoFaceConsole.exe
[2009.09.29 20:29:04 | 000,009,216 | ---- | M] (Electronic Arts Canada) -- C:\Users\***\AppData\Roaming\EA\EASW\GameFace\UploadPhotofitConsole.exe
[2011.05.21 20:18:10 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\***\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.07.07 16:53:58 | 000,010,134 | R--- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.09.23 14:07:18 | 001,005,512 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\extensions\battlefieldplay4free@ea.com\plugins\BP4FUpdater.exe
[2009.01.05 00:59:59 | 027,288,880 | ---- | M] (Apple Inc.) -- C:\Users\***\AppData\Roaming\Sony Setup\A189E68E-2253-4C3B-86B7-D77E36F13C55\QuickTimeInstaller.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2008.05.27 13:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Windows\System32\drivers\ahcix86s.sys
[2008.05.27 13:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_c617648e\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2007.09.30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.09.30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
[2007.09.30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_41af7b1f\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.11.11 02:56:40 | 013,115,392 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.11.11 02:56:33 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.11.11 02:56:41 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2008.11.11 02:56:49 | 017,633,280 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2008.11.11 02:56:51 | 006,705,152 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >
--- --- ---

[/code]
__________________
Alt 30.04.2012, 17:19   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Zitat:
[2012.04.25 13:39:52 | 002,054,861 | ---- | M] () -- C:\Users\***\Desktop\tdsskiller(1).zip
[2012.04.25 13:36:37 | 002,054,550 | ---- | M] () -- C:\Users\***\Desktop\tdsskiller.zip
Was hast du schon mit dem TDSS-Killer gemacht? Das Tool ist KEIN Spielzeug und man darf nicht einfach pauschal jeden bemängelten Eintrag damit löschen!
Wo ist das Log dazu?
__________________
__________________
Alt 30.04.2012, 20:08   #19
FW313
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Das wurde mir in dem anderen Forum gesagt, die Löschfunktion habe ich natürlich deaktiviert aber das Programm hat ohnehin nichts gefunden.

Hier ist der Log:

Code:
ATTFilter
13:40:52.0342 4268	TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
13:40:52.0541 4268	============================================================
13:40:52.0541 4268	Current date / time: 2012/04/25 13:40:52.0541
13:40:52.0541 4268	SystemInfo:
13:40:52.0541 4268	
13:40:52.0541 4268	OS Version: 6.0.6002 ServicePack: 2.0
13:40:52.0541 4268	Product type: Workstation
13:40:52.0541 4268	ComputerName: ***-PC
13:40:52.0541 4268	UserName: ***
13:40:52.0541 4268	Windows directory: C:\Windows
13:40:52.0541 4268	System windows directory: C:\Windows
13:40:52.0541 4268	Processor architecture: Intel x86
13:40:52.0541 4268	Number of processors: 4
13:40:52.0541 4268	Page size: 0x1000
13:40:52.0541 4268	Boot type: Normal boot
13:40:52.0541 4268	============================================================
13:40:53.0934 4268	Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:40:53.0951 4268	============================================================
13:40:53.0951 4268	\Device\Harddisk0\DR0:
13:40:53.0951 4268	MBR partitions:
13:40:53.0951 4268	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1194800, BlocksNum 0x269C1000
13:40:53.0951 4268	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x27B55800, BlocksNum 0x4CBB0DB0
13:40:53.0951 4268	============================================================
13:40:54.0001 4268	C: <-> \Device\Harddisk0\DR0\Partition0
13:40:54.0034 4268	D: <-> \Device\Harddisk0\DR0\Partition1
13:40:54.0034 4268	============================================================
13:40:54.0034 4268	Initialize success
13:40:54.0034 4268	============================================================
13:41:14.0660 2716	============================================================
13:41:14.0660 2716	Scan started
13:41:14.0660 2716	Mode: Manual; 
13:41:14.0660 2716	============================================================
13:41:15.0062 2716	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:41:15.0064 2716	ACPI - ok
13:41:15.0123 2716	AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:41:15.0126 2716	AdobeFlashPlayerUpdateSvc - ok
13:41:15.0164 2716	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
13:41:15.0168 2716	adp94xx - ok
13:41:15.0198 2716	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
13:41:15.0201 2716	adpahci - ok
13:41:15.0236 2716	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
13:41:15.0237 2716	adpu160m - ok
13:41:15.0263 2716	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
13:41:15.0264 2716	adpu320 - ok
13:41:15.0294 2716	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:41:15.0295 2716	AeLookupSvc - ok
13:41:15.0333 2716	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:41:15.0335 2716	AFD - ok
13:41:15.0377 2716	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
13:41:15.0377 2716	agp440 - ok
13:41:15.0422 2716	ahcix86s        (fbe4016f9ef3ab3db547e40a936b6cd9) C:\Windows\system32\drivers\ahcix86s.sys
13:41:15.0423 2716	ahcix86s - ok
13:41:15.0455 2716	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:41:15.0457 2716	aic78xx - ok
13:41:15.0498 2716	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:41:15.0499 2716	ALG - ok
13:41:15.0515 2716	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
13:41:15.0516 2716	aliide - ok
13:41:15.0529 2716	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
13:41:15.0530 2716	amdagp - ok
13:41:15.0546 2716	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
13:41:15.0546 2716	amdide - ok
13:41:15.0564 2716	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
13:41:15.0565 2716	AmdK7 - ok
13:41:15.0592 2716	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
13:41:15.0593 2716	AmdK8 - ok
13:41:15.0861 2716	AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:41:15.0862 2716	AntiVirSchedulerService - ok
13:41:15.0910 2716	AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:41:15.0911 2716	AntiVirService - ok
13:41:15.0944 2716	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:41:15.0945 2716	Appinfo - ok
13:41:15.0971 2716	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
13:41:15.0972 2716	arc - ok
13:41:16.0003 2716	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
13:41:16.0003 2716	arcsas - ok
13:41:16.0040 2716	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:41:16.0041 2716	AsyncMac - ok
13:41:16.0068 2716	atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
13:41:16.0068 2716	atapi - ok
13:41:16.0104 2716	atksgt          (72bc628af75c4c3250f2a3bac260265a) C:\Windows\system32\DRIVERS\atksgt.sys
13:41:16.0115 2716	atksgt - ok
13:41:16.0195 2716	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:41:16.0198 2716	AudioEndpointBuilder - ok
13:41:16.0204 2716	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:41:16.0208 2716	Audiosrv - ok
13:41:16.0239 2716	avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
13:41:16.0246 2716	avgntflt - ok
13:41:16.0276 2716	avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
13:41:16.0284 2716	avipbb - ok
13:41:16.0303 2716	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
13:41:16.0310 2716	avkmgr - ok
13:41:16.0327 2716	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:41:16.0328 2716	Beep - ok
13:41:16.0395 2716	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
13:41:16.0398 2716	BFE - ok
13:41:16.0464 2716	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
13:41:16.0476 2716	BITS - ok
13:41:16.0493 2716	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
13:41:16.0494 2716	blbdrive - ok
13:41:16.0542 2716	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:41:16.0543 2716	bowser - ok
13:41:16.0578 2716	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:41:16.0579 2716	BrFiltLo - ok
13:41:16.0592 2716	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:41:16.0593 2716	BrFiltUp - ok
13:41:16.0615 2716	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:41:16.0616 2716	Browser - ok
13:41:16.0635 2716	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:41:16.0636 2716	Brserid - ok
13:41:16.0658 2716	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:41:16.0659 2716	BrSerWdm - ok
13:41:16.0685 2716	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:41:16.0686 2716	BrUsbMdm - ok
13:41:16.0699 2716	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:41:16.0700 2716	BrUsbSer - ok
13:41:16.0724 2716	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:41:16.0725 2716	BTHMODEM - ok
13:41:16.0763 2716	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:41:16.0768 2716	cdfs - ok
13:41:16.0791 2716	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:41:16.0792 2716	cdrom - ok
13:41:16.0839 2716	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:41:16.0845 2716	CertPropSvc - ok
13:41:16.0870 2716	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
13:41:16.0871 2716	circlass - ok
13:41:17.0214 2716	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:41:17.0223 2716	CLFS - ok
13:41:17.0489 2716	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:41:17.0496 2716	clr_optimization_v2.0.50727_32 - ok
13:41:17.0562 2716	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:41:17.0563 2716	clr_optimization_v4.0.30319_32 - ok
13:41:17.0584 2716	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
13:41:17.0585 2716	cmdide - ok
13:41:17.0600 2716	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
13:41:17.0601 2716	Compbatt - ok
13:41:17.0604 2716	COMSysApp - ok
13:41:17.0632 2716	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
13:41:17.0637 2716	crcdisk - ok
13:41:17.0661 2716	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
13:41:17.0662 2716	Crusoe - ok
13:41:17.0703 2716	CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
13:41:17.0705 2716	CryptSvc - ok
13:41:17.0757 2716	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:41:17.0766 2716	DcomLaunch - ok
13:41:17.0792 2716	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:41:17.0794 2716	DfsC - ok
13:41:17.0920 2716	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:41:17.0971 2716	DFSR - ok
13:41:18.0071 2716	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:41:18.0073 2716	Dhcp - ok
13:41:18.0120 2716	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:41:18.0121 2716	disk - ok
13:41:18.0163 2716	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:41:18.0165 2716	Dnscache - ok
13:41:18.0204 2716	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:41:18.0207 2716	dot3svc - ok
13:41:18.0248 2716	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:41:18.0250 2716	DPS - ok
13:41:18.0273 2716	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:41:18.0274 2716	drmkaud - ok
13:41:18.0315 2716	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
13:41:18.0323 2716	DXGKrnl - ok
13:41:18.0363 2716	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:41:18.0364 2716	E1G60 - ok
13:41:18.0386 2716	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:41:18.0388 2716	EapHost - ok
13:41:18.0420 2716	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:41:18.0422 2716	Ecache - ok
13:41:18.0485 2716	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:41:18.0487 2716	ehRecvr - ok
13:41:18.0503 2716	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:41:18.0505 2716	ehSched - ok
13:41:18.0518 2716	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:41:18.0519 2716	ehstart - ok
13:41:18.0550 2716	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
13:41:18.0553 2716	elxstor - ok
13:41:18.0604 2716	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:41:18.0610 2716	EMDMgmt - ok
13:41:18.0630 2716	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
13:41:18.0631 2716	ErrDev - ok
13:41:18.0660 2716	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:41:18.0664 2716	EventSystem - ok
13:41:18.0702 2716	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:41:18.0703 2716	exfat - ok
13:41:18.0742 2716	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:41:18.0744 2716	fastfat - ok
13:41:18.0768 2716	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:41:18.0768 2716	fdc - ok
13:41:18.0773 2716	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:41:18.0774 2716	fdPHost - ok
13:41:18.0783 2716	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:41:18.0785 2716	FDResPub - ok
13:41:18.0806 2716	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:41:18.0807 2716	FileInfo - ok
13:41:18.0835 2716	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:41:18.0836 2716	Filetrace - ok
13:41:19.0038 2716	FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
13:41:19.0058 2716	FirebirdServerMAGIXInstance - ok
13:41:19.0144 2716	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:41:19.0145 2716	flpydisk - ok
13:41:19.0182 2716	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:41:19.0184 2716	FltMgr - ok
13:41:19.0257 2716	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
13:41:19.0266 2716	FontCache - ok
13:41:19.0491 2716	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:41:19.0496 2716	FontCache3.0.0.0 - ok
13:41:19.0528 2716	Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
13:41:19.0531 2716	Fs_Rec - ok
13:41:19.0553 2716	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
13:41:19.0554 2716	gagp30kx - ok
13:41:19.0641 2716	GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
13:41:19.0642 2716	GoogleDesktopManager-051210-111108 - ok
13:41:19.0688 2716	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:41:19.0697 2716	gpsvc - ok
13:41:19.0769 2716	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:41:19.0770 2716	gupdate - ok
13:41:19.0781 2716	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:41:19.0782 2716	gupdatem - ok
13:41:19.0810 2716	gusvc           (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:41:19.0812 2716	gusvc - ok
13:41:19.0865 2716	HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
13:41:19.0867 2716	HdAudAddService - ok
13:41:19.0926 2716	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:41:19.0932 2716	HDAudBus - ok
13:41:19.0950 2716	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:41:19.0950 2716	HidBth - ok
13:41:19.0975 2716	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:41:19.0976 2716	HidIr - ok
13:41:19.0996 2716	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
13:41:19.0997 2716	hidserv - ok
13:41:20.0019 2716	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:41:20.0020 2716	HidUsb - ok
13:41:20.0042 2716	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:41:20.0050 2716	hkmsvc - ok
13:41:20.0077 2716	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
13:41:20.0077 2716	HpCISSs - ok
13:41:20.0126 2716	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:41:20.0129 2716	HTTP - ok
13:41:20.0159 2716	hwdatacard      (4e370a583e78b614918c8f2cd5b733ef) C:\Windows\system32\DRIVERS\ewusbmdm.sys
13:41:20.0161 2716	hwdatacard - ok
13:41:20.0186 2716	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
13:41:20.0187 2716	i2omp - ok
13:41:20.0223 2716	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:41:20.0224 2716	i8042prt - ok
13:41:20.0271 2716	iaStor          (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\drivers\iastor.sys
13:41:20.0273 2716	iaStor - ok
13:41:20.0295 2716	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
13:41:20.0297 2716	iaStorV - ok
13:41:20.0387 2716	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:41:20.0397 2716	IDriverT - ok
13:41:20.0505 2716	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:41:20.0536 2716	idsvc - ok
13:41:20.0577 2716	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:41:20.0577 2716	iirsp - ok
13:41:20.0629 2716	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:41:20.0635 2716	IKEEXT - ok
13:41:20.0803 2716	IntcAzAudAddService (516e2292f266c2f30089b5479c355858) C:\Windows\system32\drivers\RTKVHDA.sys
13:41:20.0890 2716	IntcAzAudAddService - ok
13:41:20.0972 2716	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
13:41:20.0972 2716	intelide - ok
13:41:20.0996 2716	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:41:20.0997 2716	intelppm - ok
13:41:21.0032 2716	IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:41:21.0034 2716	IPBusEnum - ok
13:41:21.0053 2716	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:41:21.0054 2716	IpFilterDriver - ok
13:41:21.0089 2716	iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
13:41:21.0092 2716	iphlpsvc - ok
13:41:21.0101 2716	IpInIp - ok
13:41:21.0133 2716	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
13:41:21.0133 2716	IPMIDRV - ok
13:41:21.0163 2716	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:41:21.0165 2716	IPNAT - ok
13:41:21.0176 2716	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:41:21.0176 2716	IRENUM - ok
13:41:21.0197 2716	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
13:41:21.0198 2716	isapnp - ok
13:41:21.0232 2716	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:41:21.0233 2716	iScsiPrt - ok
13:41:21.0257 2716	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:41:21.0258 2716	iteatapi - ok
13:41:21.0304 2716	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:41:21.0305 2716	iteraid - ok
13:41:21.0347 2716	JRAID           (c36f3a1a4e8416ef43f30deab7701730) C:\Windows\system32\drivers\jraid.sys
13:41:21.0348 2716	JRAID - ok
13:41:21.0374 2716	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:41:21.0380 2716	kbdclass - ok
13:41:21.0399 2716	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:41:21.0400 2716	kbdhid - ok
13:41:21.0415 2716	KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:41:21.0417 2716	KeyIso - ok
13:41:21.0443 2716	KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
13:41:21.0447 2716	KSecDD - ok
13:41:21.0475 2716	KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:41:21.0480 2716	KtmRm - ok
13:41:21.0506 2716	LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
13:41:21.0510 2716	LanmanServer - ok
13:41:21.0533 2716	LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:41:21.0537 2716	LanmanWorkstation - ok
13:41:21.0589 2716	lirsgt          (4127e8b6ddb4090e815c1f8852c277d3) C:\Windows\system32\DRIVERS\lirsgt.sys
13:41:21.0594 2716	lirsgt - ok
13:41:21.0608 2716	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:41:21.0609 2716	lltdio - ok
13:41:21.0642 2716	lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:41:21.0645 2716	lltdsvc - ok
13:41:21.0674 2716	lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:41:21.0676 2716	lmhosts - ok
13:41:21.0706 2716	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
13:41:21.0707 2716	LSI_FC - ok
13:41:21.0735 2716	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
13:41:21.0736 2716	LSI_SAS - ok
13:41:21.0760 2716	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
13:41:21.0761 2716	LSI_SCSI - ok
13:41:21.0798 2716	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:41:21.0799 2716	luafv - ok
13:41:21.0821 2716	Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:41:21.0823 2716	Mcx2Svc - ok
13:41:21.0863 2716	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
13:41:21.0863 2716	megasas - ok
13:41:21.0899 2716	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
13:41:21.0902 2716	MegaSR - ok
13:41:21.0926 2716	MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:41:21.0928 2716	MMCSS - ok
13:41:21.0948 2716	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:41:21.0952 2716	Modem - ok
13:41:21.0980 2716	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:41:21.0981 2716	monitor - ok
13:41:21.0989 2716	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:41:21.0996 2716	mouclass - ok
13:41:22.0010 2716	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:41:22.0011 2716	mouhid - ok
13:41:22.0020 2716	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:41:22.0022 2716	MountMgr - ok
13:41:22.0058 2716	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
13:41:22.0059 2716	mpio - ok
13:41:22.0083 2716	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:41:22.0084 2716	mpsdrv - ok
13:41:22.0123 2716	MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
13:41:22.0128 2716	MpsSvc - ok
13:41:22.0149 2716	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:41:22.0150 2716	Mraid35x - ok
13:41:22.0173 2716	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:41:22.0175 2716	MRxDAV - ok
13:41:22.0194 2716	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:41:22.0195 2716	mrxsmb - ok
13:41:22.0223 2716	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:41:22.0225 2716	mrxsmb10 - ok
13:41:22.0243 2716	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:41:22.0244 2716	mrxsmb20 - ok
13:41:22.0268 2716	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
13:41:22.0268 2716	msahci - ok
13:41:22.0296 2716	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
13:41:22.0297 2716	msdsm - ok
13:41:22.0321 2716	MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:41:22.0324 2716	MSDTC - ok
13:41:22.0356 2716	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:41:22.0360 2716	Msfs - ok
13:41:22.0385 2716	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:41:22.0390 2716	msisadrv - ok
13:41:22.0421 2716	MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:41:22.0423 2716	MSiSCSI - ok
13:41:22.0427 2716	msiserver - ok
13:41:22.0454 2716	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:41:22.0455 2716	MSKSSRV - ok
13:41:22.0488 2716	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:41:22.0489 2716	MSPCLOCK - ok
13:41:22.0494 2716	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:41:22.0496 2716	MSPQM - ok
13:41:22.0521 2716	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:41:22.0522 2716	MsRPC - ok
13:41:22.0544 2716	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:41:22.0545 2716	mssmbios - ok
13:41:22.0569 2716	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:41:22.0570 2716	MSTEE - ok
13:41:22.0578 2716	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:41:22.0580 2716	Mup - ok
13:41:22.0628 2716	napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:41:22.0635 2716	napagent - ok
13:41:22.0668 2716	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:41:22.0670 2716	NativeWifiP - ok
13:41:22.0738 2716	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:41:22.0744 2716	NDIS - ok
13:41:22.0756 2716	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:41:22.0757 2716	NdisTapi - ok
13:41:22.0768 2716	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:41:22.0768 2716	Ndisuio - ok
13:41:22.0778 2716	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:41:22.0779 2716	NdisWan - ok
13:41:22.0788 2716	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:41:22.0795 2716	NDProxy - ok
13:41:23.0117 2716	Nero BackItUp Scheduler 3 (a0101e836d2a39682e134c47b1565256) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
13:41:23.0132 2716	Nero BackItUp Scheduler 3 - ok
13:41:23.0137 2716	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:41:23.0138 2716	NetBIOS - ok
13:41:23.0167 2716	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:41:23.0168 2716	netbt - ok
13:41:23.0204 2716	Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:41:23.0206 2716	Netlogon - ok
13:41:23.0257 2716	Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:41:23.0261 2716	Netman - ok
13:41:23.0290 2716	netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:41:23.0294 2716	netprofm - ok
13:41:23.0350 2716	netr28u         (6f8480809d14f0594b4b1df07385da33) C:\Windows\system32\DRIVERS\netr28u.sys
13:41:23.0364 2716	netr28u - ok
13:41:23.0426 2716	NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:41:23.0435 2716	NetTcpPortSharing - ok
13:41:23.0455 2716	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:41:23.0456 2716	nfrd960 - ok
13:41:23.0473 2716	NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:41:23.0476 2716	NlaSvc - ok
13:41:23.0574 2716	NMIndexingService (9cf3e134eb0490d60fe68631a7d666a0) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
13:41:23.0629 2716	NMIndexingService - ok
13:41:23.0655 2716	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:41:23.0661 2716	Npfs - ok
13:41:23.0673 2716	nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:41:23.0676 2716	nsi - ok
13:41:23.0684 2716	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:41:23.0685 2716	nsiproxy - ok
13:41:23.0755 2716	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:41:23.0782 2716	Ntfs - ok
13:41:23.0795 2716	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:41:23.0795 2716	ntrigdigi - ok
13:41:23.0816 2716	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:41:23.0819 2716	Null - ok
13:41:23.0918 2716	NVENETFD        (adb84b1e6b837c45443aa25abe9e7012) C:\Windows\system32\DRIVERS\nvmfdx32.sys
13:41:23.0938 2716	NVENETFD - ok
13:41:24.0391 2716	nvlddmkm        (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:41:24.0745 2716	nvlddmkm - ok
13:41:24.0846 2716	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
13:41:24.0847 2716	nvraid - ok
13:41:24.0875 2716	nvsmu           (736054614ab962d4ec01ef4abce115f1) C:\Windows\system32\DRIVERS\nvsmu.sys
13:41:24.0876 2716	nvsmu - ok
13:41:24.0901 2716	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
13:41:24.0902 2716	nvstor - ok
13:41:24.0962 2716	nvsvc           (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
13:41:24.0971 2716	nvsvc - ok
13:41:25.0226 2716	nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:41:25.0259 2716	nvUpdatusService - ok
13:41:25.0513 2716	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
13:41:25.0514 2716	nv_agp - ok
13:41:25.0518 2716	NwlnkFlt - ok
13:41:25.0525 2716	NwlnkFwd - ok
13:41:25.0845 2716	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:41:25.0849 2716	odserv - ok
13:41:25.0885 2716	ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
13:41:25.0886 2716	ohci1394 - ok
13:41:25.0932 2716	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:41:25.0933 2716	ose - ok
13:41:25.0982 2716	p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:41:25.0992 2716	p2pimsvc - ok
13:41:26.0002 2716	p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:41:26.0008 2716	p2psvc - ok
13:41:26.0032 2716	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:41:26.0033 2716	Parport - ok
13:41:26.0071 2716	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
13:41:26.0073 2716	partmgr - ok
13:41:26.0089 2716	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:41:26.0089 2716	Parvdm - ok
13:41:26.0125 2716	PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:41:26.0128 2716	PcaSvc - ok
13:41:26.0140 2716	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:41:26.0141 2716	pci - ok
13:41:26.0160 2716	pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
13:41:26.0166 2716	pciide - ok
13:41:26.0197 2716	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:41:26.0198 2716	pcmcia - ok
13:41:26.0271 2716	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:41:26.0282 2716	PEAUTH - ok
13:41:26.0371 2716	pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:41:26.0403 2716	pla - ok
13:41:26.0499 2716	PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:41:26.0503 2716	PlugPlay - ok
13:41:26.0548 2716	PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:41:26.0554 2716	PNRPAutoReg - ok
13:41:26.0565 2716	PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:41:26.0571 2716	PNRPsvc - ok
13:41:26.0609 2716	PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:41:26.0613 2716	PolicyAgent - ok
13:41:26.0647 2716	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:41:26.0648 2716	PptpMiniport - ok
13:41:26.0668 2716	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
13:41:26.0668 2716	Processor - ok
13:41:26.0699 2716	ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:41:26.0703 2716	ProfSvc - ok
13:41:26.0727 2716	ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:41:26.0728 2716	ProtectedStorage - ok
13:41:26.0742 2716	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:41:26.0743 2716	PSched - ok
13:41:26.0783 2716	PVUSB           (72289d214b581981a860b0f9fb61e9c8) C:\Windows\system32\DRIVERS\CESG502.sys
13:41:26.0783 2716	PVUSB - ok
13:41:26.0807 2716	PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
13:41:26.0808 2716	PxHelp20 - ok
13:41:26.0901 2716	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
13:41:26.0922 2716	ql2300 - ok
13:41:26.0950 2716	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:41:26.0951 2716	ql40xx - ok
13:41:26.0980 2716	QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:41:26.0984 2716	QWAVE - ok
13:41:26.0991 2716	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:41:26.0997 2716	QWAVEdrv - ok
13:41:27.0009 2716	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:41:27.0010 2716	RasAcd - ok
13:41:27.0033 2716	RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:41:27.0036 2716	RasAuto - ok
13:41:27.0049 2716	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:41:27.0050 2716	Rasl2tp - ok
13:41:27.0082 2716	RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:41:27.0086 2716	RasMan - ok
13:41:27.0109 2716	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:41:27.0110 2716	RasPppoe - ok
13:41:27.0122 2716	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:41:27.0123 2716	RasSstp - ok
13:41:27.0152 2716	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:41:27.0154 2716	rdbss - ok
13:41:27.0162 2716	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:41:27.0163 2716	RDPCDD - ok
13:41:27.0199 2716	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
13:41:27.0201 2716	rdpdr - ok
13:41:27.0208 2716	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:41:27.0209 2716	RDPENCDD - ok
13:41:27.0264 2716	RDPWD           (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
13:41:27.0266 2716	RDPWD - ok
13:41:27.0299 2716	RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:41:27.0302 2716	RemoteAccess - ok
13:41:27.0329 2716	RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:41:27.0332 2716	RemoteRegistry - ok
13:41:27.0348 2716	RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:41:27.0350 2716	RpcLocator - ok
13:41:27.0380 2716	RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:41:27.0387 2716	RpcSs - ok
13:41:27.0401 2716	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:41:27.0402 2716	rspndr - ok
13:41:27.0423 2716	SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:41:27.0425 2716	SamSs - ok
13:41:27.0448 2716	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:41:27.0449 2716	sbp2port - ok
13:41:27.0488 2716	SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:41:27.0491 2716	SCardSvr - ok
13:41:27.0537 2716	Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:41:27.0544 2716	Schedule - ok
13:41:27.0573 2716	SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:41:27.0574 2716	SCPolicySvc - ok
13:41:27.0609 2716	SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:41:27.0612 2716	SDRSVC - ok
13:41:27.0627 2716	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:41:27.0631 2716	secdrv - ok
13:41:27.0642 2716	seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:41:27.0645 2716	seclogon - ok
13:41:27.0653 2716	SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
13:41:27.0656 2716	SENS - ok
13:41:27.0668 2716	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:41:27.0669 2716	Serenum - ok
13:41:27.0686 2716	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:41:27.0687 2716	Serial - ok
13:41:27.0706 2716	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:41:27.0707 2716	sermouse - ok
13:41:27.0739 2716	SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:41:27.0742 2716	SessionEnv - ok
13:41:27.0763 2716	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
13:41:27.0763 2716	sffdisk - ok
13:41:27.0777 2716	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
13:41:27.0778 2716	sffp_mmc - ok
13:41:27.0793 2716	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
13:41:27.0794 2716	sffp_sd - ok
13:41:27.0817 2716	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:41:27.0817 2716	sfloppy - ok
13:41:27.0860 2716	SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:41:27.0864 2716	SharedAccess - ok
13:41:27.0907 2716	ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:41:27.0910 2716	ShellHWDetection - ok
13:41:27.0928 2716	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
13:41:27.0929 2716	sisagp - ok
13:41:27.0949 2716	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
13:41:27.0950 2716	SiSRaid2 - ok
13:41:27.0970 2716	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
13:41:27.0971 2716	SiSRaid4 - ok
13:41:28.0134 2716	slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:41:28.0188 2716	slsvc - ok
13:41:28.0276 2716	SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:41:28.0281 2716	SLUINotify - ok
13:41:28.0314 2716	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:41:28.0315 2716	Smb - ok
13:41:28.0364 2716	SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:41:28.0370 2716	SNMPTRAP - ok
13:41:28.0379 2716	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:41:28.0384 2716	spldr - ok
13:41:28.0404 2716	Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:41:28.0409 2716	Spooler - ok
13:41:28.0451 2716	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:41:28.0454 2716	srv - ok
13:41:28.0473 2716	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:41:28.0474 2716	srv2 - ok
13:41:28.0483 2716	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:41:28.0484 2716	srvnet - ok
13:41:28.0503 2716	SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:41:28.0507 2716	SSDPSRV - ok
13:41:28.0534 2716	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
13:41:28.0538 2716	ssmdrv - ok
13:41:28.0562 2716	SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:41:28.0565 2716	SstpSvc - ok
13:41:28.0602 2716	Steam Client Service - ok
13:41:28.0677 2716	Stereo Service  (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:41:28.0679 2716	Stereo Service - ok
13:41:28.0753 2716	stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:41:28.0760 2716	stisvc - ok
13:41:28.0773 2716	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:41:28.0777 2716	swenum - ok
13:41:28.0861 2716	SwitchBoard     (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:41:28.0865 2716	SwitchBoard - ok
13:41:28.0900 2716	swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:41:28.0905 2716	swprv - ok
13:41:28.0933 2716	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:41:28.0934 2716	Symc8xx - ok
13:41:28.0960 2716	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:41:28.0961 2716	Sym_hi - ok
13:41:28.0980 2716	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:41:28.0980 2716	Sym_u3 - ok
13:41:29.0027 2716	SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:41:29.0035 2716	SysMain - ok
13:41:29.0060 2716	TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:41:29.0063 2716	TabletInputService - ok
13:41:29.0100 2716	TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:41:29.0105 2716	TapiSrv - ok
13:41:29.0124 2716	TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:41:29.0127 2716	TBS - ok
13:41:29.0199 2716	Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
13:41:29.0209 2716	Tcpip - ok
13:41:29.0220 2716	Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
13:41:29.0227 2716	Tcpip6 - ok
13:41:29.0252 2716	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:41:29.0257 2716	tcpipreg - ok
13:41:29.0276 2716	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:41:29.0277 2716	TDPIPE - ok
13:41:29.0297 2716	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:41:29.0298 2716	TDTCP - ok
13:41:29.0324 2716	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:41:29.0325 2716	tdx - ok
13:41:29.0350 2716	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:41:29.0356 2716	TermDD - ok
13:41:29.0390 2716	TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:41:29.0396 2716	TermService - ok
13:41:29.0475 2716	TestHandler     (250b9120c7c103afdc0c6643f9691055) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
13:41:29.0477 2716	TestHandler - ok
13:41:29.0518 2716	Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:41:29.0522 2716	Themes - ok
13:41:29.0549 2716	THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:41:29.0551 2716	THREADORDER - ok
13:41:29.0574 2716	TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:41:29.0577 2716	TrkWks - ok
13:41:29.0608 2716	truecrypt       (746b8cf9cededdd865472544edf626da) C:\Windows\system32\drivers\truecrypt.sys
13:41:29.0618 2716	truecrypt - ok
13:41:29.0645 2716	TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:41:29.0651 2716	TrustedInstaller - ok
13:41:29.0717 2716	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:41:29.0718 2716	tssecsrv - ok
13:41:29.0750 2716	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:41:29.0751 2716	tunmp - ok
13:41:29.0767 2716	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:41:29.0769 2716	tunnel - ok
13:41:29.0793 2716	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
13:41:29.0794 2716	uagp35 - ok
13:41:29.0821 2716	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:41:29.0824 2716	udfs - ok
13:41:29.0842 2716	UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:41:29.0845 2716	UI0Detect - ok
13:41:29.0866 2716	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
13:41:29.0867 2716	uliagpkx - ok
13:41:29.0892 2716	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
13:41:29.0894 2716	uliahci - ok
13:41:29.0920 2716	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:41:29.0921 2716	UlSata - ok
13:41:29.0944 2716	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:41:29.0945 2716	ulsata2 - ok
13:41:29.0972 2716	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:41:29.0973 2716	umbus - ok
13:41:29.0999 2716	upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:41:30.0004 2716	upnphost - ok
13:41:30.0095 2716	UPnPService     (7ce0fe34fd8fb7f52d1e503b0c1e4fa9) C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
13:41:30.0101 2716	UPnPService - ok
13:41:30.0148 2716	usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
13:41:30.0149 2716	usbaudio - ok
13:41:30.0178 2716	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:41:30.0179 2716	usbccgp - ok
13:41:30.0200 2716	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:41:30.0200 2716	usbcir - ok
13:41:30.0228 2716	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:41:30.0229 2716	usbehci - ok
13:41:30.0247 2716	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:41:30.0249 2716	usbhub - ok
13:41:30.0258 2716	usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
13:41:30.0259 2716	usbohci - ok
13:41:30.0284 2716	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:41:30.0285 2716	usbprint - ok
13:41:30.0332 2716	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:41:30.0333 2716	usbscan - ok
13:41:30.0362 2716	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:41:30.0362 2716	USBSTOR - ok
13:41:30.0380 2716	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:41:30.0382 2716	usbuhci - ok
13:41:30.0403 2716	UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:41:30.0407 2716	UxSms - ok
13:41:30.0450 2716	vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:41:30.0457 2716	vds - ok
13:41:30.0472 2716	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
13:41:30.0473 2716	vga - ok
13:41:30.0478 2716	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:41:30.0480 2716	VgaSave - ok
13:41:30.0509 2716	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
13:41:30.0510 2716	viaagp - ok
13:41:30.0530 2716	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
13:41:30.0531 2716	ViaC7 - ok
13:41:30.0559 2716	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
13:41:30.0559 2716	viaide - ok
13:41:30.0580 2716	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:41:30.0581 2716	volmgr - ok
13:41:30.0608 2716	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:41:30.0610 2716	volmgrx - ok
13:41:30.0649 2716	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:41:30.0651 2716	volsnap - ok
13:41:30.0675 2716	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
13:41:30.0676 2716	vsmraid - ok
13:41:30.0742 2716	VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:41:30.0753 2716	VSS - ok
13:41:30.0780 2716	W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:41:30.0784 2716	W32Time - ok
13:41:30.0815 2716	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:41:30.0816 2716	WacomPen - ok
13:41:30.0832 2716	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:41:30.0833 2716	Wanarp - ok
13:41:30.0846 2716	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:41:30.0848 2716	Wanarpv6 - ok
13:41:30.0908 2716	wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
13:41:30.0915 2716	wcncsvc - ok
13:41:30.0942 2716	WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
13:41:30.0945 2716	WcsPlugInService - ok
13:41:30.0958 2716	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
13:41:30.0963 2716	Wd - ok
13:41:30.0985 2716	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
13:41:30.0991 2716	Wdf01000 - ok
13:41:31.0001 2716	WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:41:31.0004 2716	WdiServiceHost - ok
13:41:31.0019 2716	WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:41:31.0023 2716	WdiSystemHost - ok
13:41:31.0045 2716	WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
13:41:31.0049 2716	WebClient - ok
13:41:31.0078 2716	Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
13:41:31.0082 2716	Wecsvc - ok
13:41:31.0095 2716	wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
13:41:31.0098 2716	wercplsupport - ok
13:41:31.0111 2716	WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
13:41:31.0121 2716	WerSvc - ok
13:41:31.0174 2716	WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
13:41:31.0176 2716	WinDefend - ok
13:41:31.0184 2716	WinHttpAutoProxySvc - ok
13:41:31.0240 2716	Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
13:41:31.0242 2716	Winmgmt - ok
13:41:31.0325 2716	WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
13:41:31.0344 2716	WinRM - ok
13:41:31.0404 2716	Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
13:41:31.0414 2716	Wlansvc - ok
13:41:31.0537 2716	wlidsvc         (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:41:31.0576 2716	wlidsvc - ok
13:41:31.0640 2716	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:41:31.0640 2716	WmiAcpi - ok
13:41:31.0702 2716	wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
13:41:31.0704 2716	wmiApSrv - ok
13:41:31.0776 2716	WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:41:31.0783 2716	WMPNetworkSvc - ok
13:41:31.0808 2716	WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
13:41:31.0812 2716	WPCSvc - ok
13:41:31.0848 2716	WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
13:41:31.0852 2716	WPDBusEnum - ok
13:41:31.0893 2716	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
13:41:31.0894 2716	WpdUsb - ok
13:41:32.0010 2716	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:41:32.0018 2716	WPFFontCache_v0400 - ok
13:41:32.0054 2716	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:41:32.0055 2716	ws2ifsl - ok
13:41:32.0085 2716	wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
13:41:32.0088 2716	wscsvc - ok
13:41:32.0093 2716	WSearch - ok
13:41:32.0217 2716	wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
13:41:32.0251 2716	wuauserv - ok
13:41:32.0324 2716	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:41:32.0325 2716	WUDFRd - ok
13:41:32.0360 2716	wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
13:41:32.0363 2716	wudfsvc - ok
13:41:32.0381 2716	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:41:32.0458 2716	\Device\Harddisk0\DR0 - ok
13:41:32.0461 2716	Boot (0x1200)   (f4f9b226973f88bc72737850dc2f8a92) \Device\Harddisk0\DR0\Partition0
13:41:32.0463 2716	\Device\Harddisk0\DR0\Partition0 - ok
13:41:32.0486 2716	Boot (0x1200)   (92921f5562a488c63399b36733628529) \Device\Harddisk0\DR0\Partition1
13:41:32.0487 2716	\Device\Harddisk0\DR0\Partition1 - ok
13:41:32.0488 2716	============================================================
13:41:32.0488 2716	Scan finished
13:41:32.0488 2716	============================================================
13:41:32.0504 4208	Detected object count: 0
13:41:32.0504 4208	Actual detected object count: 0
13:43:31.0337 4508	Deinitialize success

Alt 01.05.2012, 14:42   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Zitat:
Das wurde mir in dem anderen Forum gesagt,
Was heißt das? Du hast doch nicht etwas ein Crossposting gemacht oder doch?

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.05.2012, 14:50   #21
FW313
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Ich habe im Startpost doch geschrieben, dass ich im anderen Forum nicht weiter gekommen bin und darum hier um Hilfe suche.
Ich habe noch nichts unternommen, außer die Scans mit Avira, MBAM, OTL und Tdsskiller.

Alt 01.05.2012, 16:25   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Ach im Startposting, naja, ist ja auch schon eine Woche her. Wäre nett gewesen, wenn du mal den Link zum anderen Thread gepostet hättest

Zitat:
Zitat von FW313
da ich in einem anderen Forum nur begrenzt Hilfe bekommen habe,
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 01.05.2012, 16:45   #23
FW313
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Zitat:
Zitat von cosinus Beitrag anzeigen
Ach im Startposting, naja, ist ja auch schon eine Woche her. Wäre nett gewesen, wenn du mal den Link zum anderen Thread gepostet hättest
Naja ich hab gedacht wenn ihr ein Problem damit hättet, würdet ihr es sofort sagen.
Der Grund, weshalb ich zu euch gekommen bin ist, dass ich dort innerhalb einer Woche nicht wirklich weiter gekommen bin.
Außerdem ist das hier ein Forum spezielle für Viren etc. und das andere war nur ein Unterforum.
Der Admin dort hat mich auch darauf aufmerksam gemacht, dass Crossposting nicht vorteilhaft ist aber ich hab es per PN mit ihm besprochen.
Wie gesagt, ich habe bis jetzt noch keine Schritte unternommen und ich werde auf jedenfall auf euren Rat hin handeln, euch funkt also ganz sicher niemand dazwischen.
hxxp://forum.chip.de/viren-trojaner-wuermer/hilfe-malware-fund-1629257.html
Wenn ihr wollt lasse ich den Thread auch schließen.
Geändert von FW313 (01.05.2012 um 16:55 Uhr)

Alt 04.05.2012, 16:16   #24
FW313
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Da nun schon 3 Tage seit der letzten Antwort vergangen sind, bitte ich nochmal freundlich um Hilfe.
Seit meinem Problem sind fast 2 Wochen vergangen und ich bin noch nicht weitergekommen
Ich würde mich wirklich sehr freuen, wenn ich meinen PC wieder verwenden könnte.

Danke

Alt 04.05.2012, 19:04   #25
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2012, 19:39   #26
FW313
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Combofix Logfile:
Code:
ATTFilter
ComboFix 12-05-04.03 - *** 04.05.2012  20:20:37.1.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3327.1654 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\system32\tmp319C.tmp
c:\windows\system32\tmp31CC.tmp
c:\windows\system32\tmpE4DC.tmp
c:\windows\system32\tmpE50B.tmp
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-04-04 bis 2012-05-04  ))))))))))))))))))))))))))))))
.
.
2072-04-03 11:13 . 2008-03-21 12:46	607296	------w-	c:\program files\Microsoft Games\Age of Empires III\deformerdllyD.dll
2012-04-27 18:42 . 2012-04-27 18:42	--------	d-----w-	c:\program files\Mozilla Maintenance Service
2012-04-27 18:42 . 2012-04-27 18:42	157352	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-27 18:42 . 2012-04-27 18:42	129976	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-04-27 18:34 . 2012-04-27 18:34	--------	d-----w-	c:\program files\ESET
2012-04-21 22:42 . 2012-04-21 22:42	--------	d-----w-	c:\users\***\AppData\Roaming\Malwarebytes
2012-04-21 22:42 . 2012-04-21 22:42	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-21 22:42 . 2012-04-21 22:42	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-04-21 22:42 . 2012-04-04 13:56	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-04-15 15:38 . 2012-04-16 19:43	--------	d-----w-	c:\users\***\AppData\Roaming\.minecraft
2012-04-12 19:44 . 2012-03-06 06:39	3602816	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-04-12 19:44 . 2012-03-06 06:39	3550080	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-04-12 17:59 . 2012-03-01 11:01	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2012-04-10 18:41 . 2012-04-10 18:41	--------	d-----w-	c:\users\***\AppData\Local\2K Games
2012-04-10 18:41 . 2012-04-10 18:41	--------	d-----w-	c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2012-04-10 15:26 . 2012-05-04 18:07	--------	d-----w-	c:\program files\Steam
2012-04-05 10:43 . 2012-04-13 19:46	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-13 19:46 . 2011-05-16 13:06	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-29 23:59 . 2012-03-15 18:12	7713088	----a-w-	c:\windows\system32\nvwgf2um.dll
2012-02-29 23:59 . 2012-03-15 18:12	61248	----a-w-	c:\windows\system32\OpenCL.dll
2012-02-29 23:59 . 2012-03-15 18:12	5892928	----a-w-	c:\windows\system32\nvcuda.dll
2012-02-29 23:59 . 2012-03-15 18:12	2517312	----a-w-	c:\windows\system32\nvcuvid.dll
2012-02-29 23:59 . 2012-03-15 18:12	2437440	----a-w-	c:\windows\system32\nvcuvenc.dll
2012-02-29 23:59 . 2012-03-15 18:12	19444544	----a-w-	c:\windows\system32\nvoglv32.dll
2012-02-29 23:59 . 2012-03-15 18:12	10819392	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2012-02-29 23:59 . 2012-03-15 18:12	17543488	----a-w-	c:\windows\system32\nvcompiler.dll
2012-02-29 23:59 . 2012-02-22 02:05	881984	----a-w-	c:\windows\system32\nvgenco32.dll
2012-02-29 23:59 . 2012-02-22 02:05	1000256	----a-w-	c:\windows\system32\nvdispco32.dll
2012-02-29 23:59 . 2008-11-10 16:34	15009600	----a-w-	c:\windows\system32\nvd3dum.dll
2012-02-29 23:59 . 2008-11-10 16:34	2301248	----a-w-	c:\windows\system32\nvapi.dll
2012-02-29 20:56 . 2009-03-27 22:03	3881792	----a-w-	c:\windows\system32\nvcpl.dll
2012-02-29 20:55 . 2008-11-10 16:34	2719040	----a-w-	c:\windows\system32\nvsvc.dll
2012-02-29 20:53 . 2008-11-10 16:34	108352	----a-w-	c:\windows\system32\nvmctray.dll
2012-02-29 20:53 . 2011-08-05 14:57	62272	----a-w-	c:\windows\system32\nvshext.dll
2012-02-29 20:53 . 2008-11-10 16:34	645440	----a-w-	c:\windows\system32\nvvsvc.exe
2012-02-29 20:53 . 2009-03-27 22:03	2561344	----a-w-	c:\windows\system32\nvsvcr.dll
2012-02-29 12:26 . 2012-02-29 12:26	416064	----a-w-	c:\windows\system32\nvStreaming.exe
2012-02-23 08:18 . 2009-10-02 15:47	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-02-22 02:15 . 2012-02-22 02:15	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2012-02-15 14:41 . 2011-10-14 17:02	137416	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-02-14 15:45 . 2012-03-13 23:33	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45 . 2012-03-13 23:33	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2012-02-13 14:12 . 2012-03-13 23:33	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2012-02-13 13:47 . 2012-03-13 23:33	683008	----a-w-	c:\windows\system32\d2d1.dll
2012-02-13 13:44 . 2012-03-13 23:33	1068544	----a-w-	c:\windows\system32\DWrite.dll
2012-02-07 09:02 . 2012-02-07 09:02	1070352	----a-w-	c:\windows\system32\MSCOMCTL.OCX
2009-05-26 07:26 . 2009-05-26 07:26	97336	----a-w-	c:\program files\bass.dll
2009-05-26 07:26 . 2009-05-26 07:26	64000	----a-w-	c:\program files\vorbisenc.dll
2009-05-26 07:26 . 2009-05-26 07:26	623616	----a-w-	c:\program files\No23 Recorder.exe
2009-05-26 07:26 . 2009-05-26 07:26	29184	----a-w-	c:\program files\no23xwrapper.dll
2009-05-26 07:26 . 2009-05-26 07:26	19456	----a-w-	c:\program files\vorbisfile.dll
2009-05-26 07:26 . 2009-05-26 07:26	15872	----a-w-	c:\program files\ogg.dll
2009-05-26 07:26 . 2009-05-26 07:26	155136	----a-w-	c:\program files\lame_enc.dll
2009-05-26 07:26 . 2009-05-26 07:26	143872	----a-w-	c:\program files\vorbis.dll
2009-05-26 07:26 . 2009-05-26 07:26	13872	----a-w-	c:\program files\basscd.dll
2009-05-26 07:26 . 2009-05-26 07:26	102912	----a-w-	c:\program files\CDRip.dll
2012-04-27 18:42 . 2011-04-01 16:34	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2010-08-23 02:22 . 2009-11-14 23:11	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 08:32	279944	----a-w-	c:\program files\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-12 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"OscarEditor"="c:\program files\MOUSE Editor\MouseEditor.exe" [2010-12-23 3344384]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Steam"="c:\program files\Steam\Steam.exe" [2012-04-10 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EnergySettings"="c:\program files\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe" [2008-09-19 113664]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-23 30192]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-02-24 10025576]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Product Registration.lnk - c:\users\***\AppData\Local\Temp\is-78DGV.tmp\ATR1.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hama Wireless LAN Utility.lnk - c:\program files\Hama\Common\RaUI.exe [2011-4-1 974848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 253088]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 19:46]
.
2012-03-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-29 04:40]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-02 12:49]
.
2012-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-02 12:49]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1980743469-3674975028-2304663644-1000Core.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-14 18:48]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1980743469-3674975028-2304663644-1000UA.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2009-09-14 18:48]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: Interfaces\{A54F7D6E-F1C3-44BC-918E-3C1856CF6B09}: NameServer = 192.168.1.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\m4chw5b8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-AdobeBridge - (no file)
HKU-Default-Run-fsc-reg - c:\fsc-reg\fscreg.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-05-04 20:30
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,19,31,f6,ab,a3,65,45,ae,6c,7a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,19,31,f6,ab,a3,65,45,ae,6c,7a,\
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
.
[HKEY_USERS\S-1-5-21-1980743469-3674975028-2304663644-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:80,93,14,0a,0b,03,1c,f3,a0,4f,67,e2,98,93,ff,00,d4,6a,ac,74,5e,e6,d5,
   02,b1,52,d7,4a,6a,97,04,62,95,86,f8,f9,89,43,5d,ec,f6,2d,b3,3e,9c,08,25,b3,\
"??"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12
.
[HKEY_USERS\S-1-5-21-1980743469-3674975028-2304663644-1000\Software\SecuROM\License information*]
"datasecu"=hex:75,ad,7d,4a,61,3d,0d,98,35,e2,91,11,1f,a6,c2,b4,9c,09,bb,1e,5e,
   4a,1d,46,42,0a,6d,8e,db,68,a2,4d,f0,ca,fc,79,4d,87,13,d1,e0,a0,f6,81,c1,08,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-05-04  20:34:59
ComboFix-quarantined-files.txt  2012-05-04 18:34
.
Vor Suchlauf: 21 Verzeichnis(se), 76.677.812.224 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 76.081.582.080 Bytes frei
.
- - End Of File - - B77DBD2DEE1E89CE0CEC00BED176BCC9
--- --- ---

Außerdem hab ich heute noch die Auswertung der bf.exe vom Avira-Lab bekommen:
hxxp://analysis.avira.com/samples/details.php?uniqueid=LONdK8ON1QAApcSbZAkkT3nWnAGTcZX5&incidentid=1127189

Alt 04.05.2012, 20:34   #27
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Zitat:
2072-04-03 11:13 . 2008-03-21 12:46 607296 ------w- c:\program files\Microsoft Games\Age of Empires III\deformerdllyD.dll
Ja was ist denn das für eine Datei aus der Zukunft vom 3. April 2072
Von wem hast du das Spiel Age Of Empires 3
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2012, 20:48   #28
FW313
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Von niemandem, es gehört mir und ich hab es auch gekauft

Alt 04.05.2012, 21:03   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


Bitte diese Datei bei Virustotal auswerten lassen und den Ergebnislink posten. Falls Du die Datei nicht siehst, musst Du sie evtl. vorher sichtbar machen.
Wenn die Datei schon ausgewertet sein sollte, bitte eine weitere Auswertung starten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2012, 21:15   #30
FW313
 
Avira meldet 4 Funde, was nun? - Standard

Avira meldet 4 Funde, was nun?


https://www.virustotal.com/file/2b2c8f5dd18ace9f9be47bf80509b8357dd09434e034c926a4378e4cab1e7ee8/analysis/1336162485/

Antwort
Seite 2 von 3 1 2 3

Themen zu Avira meldet 4 Funde, was nun?
.dll, anschluss, avg, avira, csrss.exe, datei, dateisystem, desktop, explorer.exe, forum, free, google, heuristiks/extra, heuristiks/shuriken, log, lsass.exe, modul, namen, nt.dll, programm, prozesse, registry, services.exe, spoolsv.exe, spyware.onlinegames, spyware.zeus, svchost.exe, verweise, windows, winlogon.exe, wmp


« Tabs werden automatisch geöffnet (Firefox) | Mein Rechner 'pumpt' plötzlich - so langsam, wie in Teer »

Ähnliche Themen: Avira meldet 4 Funde, was nun?


  1. Windows 7: Avira meldet am 09.03.15 zwei Funde: pua/downloadsponsor.gen
    Log-Analyse und Auswertung - 11.03.2015 (3)
  2. Win7: Avira meldet mehrere Funde und ich habe zwei mal explorer.exe im Task-Manager
    Plagegeister aller Art und deren Bekämpfung - 15.12.2014 (12)
  3. Avira meldet Funde (TR/Crypt.ZPACK.104691)
    Plagegeister aller Art und deren Bekämpfung - 28.11.2014 (11)
  4. Avira meldet bei Vollscan 33 Funde
    Plagegeister aller Art und deren Bekämpfung - 14.09.2014 (5)
  5. Windows 7: 30 Funde mbam, 2 Funde avira
    Log-Analyse und Auswertung - 30.08.2014 (12)
  6. Windows 8, Avira meldet 25 Funde, 3 wurden in Quarantäne verschoben, was muss ich noch tun?
    Log-Analyse und Auswertung - 22.02.2014 (7)
  7. Windows 7: System kompromittiert? (Avira meldet 25 Funde)
    Log-Analyse und Auswertung - 22.01.2014 (1)
  8. Verdacht auf Spamversand - Avira Boot CD meldet 3 Funde
    Plagegeister aller Art und deren Bekämpfung - 12.11.2013 (11)
  9. Win 7 64: Avira meldet diverse Funde, regelmäßige Floodings, geblockte Websiteaufrufe von "SYSTEM"
    Log-Analyse und Auswertung - 04.11.2013 (6)
  10. Win7: Avira Fund: Java/Dldr.Obfshlp.JC, Malwarbytes Funde: Hijack.SearchPage in Quarantäne - 35 Funde insgesamt
    Log-Analyse und Auswertung - 06.10.2013 (5)
  11. Windows 7: Avira hat 172 Viren gefunden, davor mehrer Funde einzel Funde bei Malwarebytes bzw. Avira
    Log-Analyse und Auswertung - 15.09.2013 (13)
  12. Avira meldet 5 Funde (TR/Agent.xkr.2; ADSPY/Cydoor; BDS/Offend.696372)
    Log-Analyse und Auswertung - 18.07.2013 (18)
  13. Malwarebytes meldet 8 PUP Funde
    Plagegeister aller Art und deren Bekämpfung - 27.01.2013 (27)
  14. Avira meldet plötzlich 10 Funde - TR/Boigy.4668921 - TR/Inject.cpwia - etc.
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (21)
  15. Anti Vir meldet HTML/Rce.Gen funde
    Log-Analyse und Auswertung - 08.04.2012 (10)
  16. avira meldet mehrere funde mit ADWARE im namen - gefährlich?
    Plagegeister aller Art und deren Bekämpfung - 13.04.2011 (15)
  17. Avira meldet Funde (Swizzor,Malware,...)
    Mülltonne - 11.08.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Avira meldet 4 Funde, was nun? - Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code: - Avira meldet 4 Funde, was nun?...
Archiv
Du betrachtest: Avira meldet 4 Funde, was nun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129