Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Internet extrem langsam

Internet extrem langsam


Plagegeister aller Art und deren Bekämpfung: Internet extrem langsam

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 04.06.2012, 19:49   #1
tgs83
 
Internet extrem langsam - Standard

Internet extrem langsam


Liebe Forenmitglieder.
Habe an meinem Laptop das Problem, dass mein Internet extrem ist, so dass ich ich hier kaum posten kann. Das liegt aber nicht an der Netzverbindung. Downloads sind meine ich nicht langsamer, aber surfen halt.
Ich poste jetzt mal den OTL File:

OTL logfile created on: 04.06.2012 20:40:42 - Run 2
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\Bärbel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,86 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 53,76% Memory free
7,72 Gb Paging File | 5,65 Gb Available in Paging File | 73,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 48,38 Gb Free Space | 32,46% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 134,76 Gb Free Space | 90,65% Space Free | Partition Type: NTFS

Computer Name: BÄRBEL_LAPTOP | User Name: Bärbel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.06.04 20:30:35 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bärbel\Desktop\OTL(1).exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bärbel\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.01.04 23:24:50 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012.01.04 23:24:50 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012.01.03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.08 12:54:25 | 000,554,160 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) -- C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe
PRC - [2011.07.29 13:50:46 | 000,480,880 | ---- | M] () -- C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.08.11 16:57:10 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Wuala Dokan\mounter.exe
PRC - [2010.05.02 22:25:44 | 000,498,096 | ---- | M] (REINER SCT) -- C:\Windows\SysWOW64\cjpcsc.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.03.17 08:48:28 | 000,541,080 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2010.03.17 08:48:26 | 006,952,344 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2010.03.17 08:48:26 | 001,141,144 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.03.03 12:47:38 | 004,581,280 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
PRC - [2010.02.22 13:23:50 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010.01.15 14:08:38 | 000,935,208 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.12.25 15:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2009.07.28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.05.01 17:57:50 | 000,077,032 | ---- | M] (Entriq, Inc.) -- C:\Program Files (x86)\maxdome\DCBin\DCService.exe
PRC - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2012.04.21 03:16:53 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.07.29 13:50:46 | 000,480,880 | ---- | M] () -- C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.03.17 08:15:54 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010.03.17 08:15:54 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010.03.17 08:15:54 | 000,610,816 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010.03.17 08:15:54 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010.03.17 08:05:10 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.11.20 15:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2010.11.20 15:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2010.03.15 09:56:20 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009.07.14 03:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009.07.14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV - [2012.05.05 17:38:15 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.26 23:32:45 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.04 23:24:50 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.08 12:54:25 | 000,554,160 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) [Auto | Running] -- C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney 7.0 OnlineUpdate)
SRV - [2011.07.31 14:53:06 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\Bärbel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2011.05.30 00:28:30 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.02.10 09:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010.11.20 14:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2010.08.11 16:57:10 | 000,011,776 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Wuala Dokan\mounter.exe -- (wDokanMounter)
SRV - [2010.05.02 22:25:44 | 000,498,096 | ---- | M] (REINER SCT) [Auto | Running] -- C:\Windows\SysWOW64\cjpcsc.exe -- (cjpcsc)
SRV - [2010.04.06 14:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.17 08:48:28 | 000,541,080 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.02.25 13:07:14 | 000,196,464 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010.02.23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2010.02.05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2010.01.28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.01.15 14:08:38 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009.10.06 09:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.05.01 17:57:50 | 000,077,032 | ---- | M] (Entriq, Inc.) [Auto | Running] -- C:\Program Files (x86)\maxdome\DCBin\DCService.exe -- (Prosieben)
SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.05.02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.04.27 10:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.04.25 00:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 12:19:08 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2011.11.29 04:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.07.19 11:35:00 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.12 21:15:10 | 000,157,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010.08.11 16:57:22 | 000,086,392 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wdokan.sys -- (wDokan)
DRV:64bit: - [2010.05.14 03:40:00 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.15 10:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.03.15 10:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.03.15 09:00:58 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.03.10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.02.10 15:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.08 09:55:02 | 000,029,184 | ---- | M] (REINER SCT) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cjusb.sys -- (cjusb)
DRV:64bit: - [2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.01.12 15:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.01.07 09:05:46 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.12.02 15:01:24 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009.07.14 01:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009.07.13 22:12:00 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009.06.22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.01.09 16:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008.05.20 18:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008.03.17 11:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2007.04.17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E7F1812D-46BA-43EC-B9FD-954D7B2462C8}
IE:64bit: - HKLM\..\SearchScopes\{E7F1812D-46BA-43EC-B9FD-954D7B2462C8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{58A0001C-330C-462F-A100-413B0E1ABC58}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {1D9DAABE-9F66-4E61-BD12-57E1A4053FC6}
IE - HKCU\..\SearchScopes\{08E37E8F-254E-443E-9C08-CFDC6A30DA75}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{0D62891F-6C3C-40BA-8A36-0D7564774398}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{14FB3A71-59A0-4414-B228-34326B588F4B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=18A058A5-EDCA-44B1-8AF5-0C5B132C6A33&apn_sauid=78F29A58-BE16-44BA-8DE3-A053A1501903
IE - HKCU\..\SearchScopes\{1D9DAABE-9F66-4E61-BD12-57E1A4053FC6}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{2885DCE8-8F98-4B4C-B42F-1E4A34080903}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{4CED9B60-5740-4D71-8D2C-8C8C3973802A}: "URL" = hxxp://rover.ebay.com.anonymize-me.de/?anonymto=687474703A2F2F726F7665722E656261792E636F6D2F726F7665722F312F3730372D34343535362D393430302D392F343F73617469746C653D7B7365617263685465726D737D &st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E636F6E647569742E636F6D2F526573756C74734578742E617370783F713D7B7365617263685465726D737D26536561726368536F75726365 3D3426637469643D435432373336343736&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKCU\..\SearchScopes\{B78A8751-41B5-4A08-A8C8-0027655B3677}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{F5B4BA7E-8E36-43B4-A0F0-8DAF71F028EF}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?anonymto=687474703A2F2F7777772E616D617A6F6E2E64652F67702F7365617263683F69653D55544638266B6579776F7264733D7B7365617263685465726D737D267461673D746F6368 69626164652D77696E372D69652D7365617263682D323126696E6465783D626C656E646564266C696E6B436F64653D757232&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Freeware.de Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.igoogle.de"
FF - prefs.js..extensions.enabledItems: {F3FC1841-48F0-49D3-A649-A2F21B7C3328}:1.9.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.10.24 08:29:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.01 18:17:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.17 16:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.17 16:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.05.17 16:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.05.17 16:43:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F3FC1841-48F0-49D3-A649-A2F21B7C3328}: C:\Users\Bärbel\AppData\Local\{F3FC1841-48F0-49D3-A649-A2F21B7C3328} [2011.01.13 22:42:06 | 000,000,000 | ---D | M]

[2010.08.11 09:03:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bärbel\AppData\Roaming\mozilla\Extensions
[2010.08.11 09:03:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bärbel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.05.03 00:05:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions
[2012.04.19 20:52:16 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\askcom.xml
[2011.06.22 14:15:48 | 000,000,925 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\conduit.xml
[2012.06.04 20:07:21 | 000,001,609 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\ixquick-http---deutsch.xml
[2011.07.31 14:53:09 | 000,002,188 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{C53EFBA3-1AB5-448A-8976-7F6E9934BBB5}.xml
[2011.07.31 14:53:09 | 000,001,870 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{CDCA9256-4FE5-4176-A963-BC0E62D314C0}.xml
[2011.07.31 14:53:09 | 000,002,077 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{E2CF7FDC-BC83-4B79-BAE8-70F59EEBA65B}.xml
[2012.05.01 23:16:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.05.03 00:12:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.19 20:41:20 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\B\u00E4rbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Bärbel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Programme\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Programme\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Google Updater] C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - Startup: C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bärbel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BD30CD0-5CB2-4F44-8A54-38798095746B}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6199934-6847-46AB-9C75-36386738D715}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\Shell - "" = AutoRun
O33 - MountPoints2\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\Shell - "" = AutoRun
O33 - MountPoints2\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\Shell - "" = AutoRun
O33 - MountPoints2\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.06.04 20:30:34 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Bärbel\Desktop\OTL(1).exe
[2012.05.17 16:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.05.17 16:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.05.14 08:59:43 | 000,000,000 | ---D | C] -- C:\Users\Bärbel\AppData\Roaming\Avira
[2012.05.14 08:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.05.14 08:55:41 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.05.14 08:55:41 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.05.14 08:55:41 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.05.14 08:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.05.14 08:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.05.09 08:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.05.09 08:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.05.09 08:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.06.04 20:37:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.04 20:37:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.04 20:30:35 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bärbel\Desktop\OTL(1).exe
[2012.06.04 20:26:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.04 20:22:20 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.06.04 20:09:53 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.04 20:09:53 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.04 20:09:53 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.04 20:09:53 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.04 20:09:53 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.04 20:06:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.03 14:22:30 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.03 14:22:30 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.01 21:00:00 | 000,000,294 | ---- | M] () -- C:\ProgramData\requested_apps.pbuf
[2012.06.01 20:58:41 | 3110,080,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.09 07:27:42 | 000,438,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.02.27 23:44:21 | 000,000,294 | ---- | C] () -- C:\ProgramData\requested_apps.pbuf
[2011.12.26 18:16:15 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.05.30 00:40:18 | 000,786,504 | ---- | C] () -- C:\Windows\SysWow64\CNQ9602N.DAT
[2011.05.30 00:40:18 | 000,296,064 | ---- | C] () -- C:\Windows\SysWow64\CNQ9602W.DAT
[2011.05.10 23:22:47 | 000,000,000 | ---- | C] () -- C:\Users\Bärbel\AppData\Roaming\AVSDVDPlayer.m3u
[2011.05.10 16:48:13 | 000,007,613 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\Resmon.ResmonCfg
[2011.04.10 08:25:22 | 000,005,115 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2011.03.27 20:24:03 | 000,003,584 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.13 16:10:10 | 000,000,470 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2011.02.13 16:07:55 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2011.01.14 08:42:36 | 000,000,120 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\Ecoqupomukimup.dat
[2011.01.14 08:42:36 | 000,000,000 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\Svucaziguq.bin
[2011.01.04 00:43:57 | 000,025,600 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\WebpageIcons.db
[2010.09.02 22:59:21 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\SerialXP.dll
[2010.09.02 22:59:21 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\win32com.dll
[2010.09.02 21:50:34 | 000,000,398 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2010.08.28 10:35:06 | 000,031,328 | ---- | C] () -- C:\Windows\SysWow64\Ctrsct16.dll
[2010.08.27 22:00:42 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.11 16:57:16 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\wdokannp.dll
[2010.08.11 16:57:06 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\wdokanusr.dll
[2010.08.10 21:52:31 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.08.10 21:52:31 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

========== LOP Check ==========

[2011.02.22 22:25:32 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Ahnenblatt
[2011.01.13 23:00:11 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Amazon
[2012.01.23 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\BitTorrent
[2011.07.23 14:25:22 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Blackberry Desktop
[2011.05.30 00:40:52 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Canon
[2011.04.10 08:25:22 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Carambis
[2012.06.03 14:17:25 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Dropbox
[2011.02.22 21:34:44 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Family Tree Pilot
[2012.01.23 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\FileZilla
[2011.10.04 22:42:05 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\IrfanView
[2011.02.13 16:15:32 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\MyHeritage
[2011.07.31 14:53:06 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\OCS
[2010.08.12 22:18:46 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\OpenOffice.org
[2011.07.31 14:53:09 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Opera
[2012.02.05 19:07:53 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Product_RM
[2011.07.23 13:57:48 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Research In Motion
[2011.08.22 20:31:55 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Simfy
[2011.03.02 22:54:03 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2010.08.11 09:03:35 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Thunderbird
[2010.08.10 09:20:42 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Toshiba
[2011.01.23 13:50:16 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Ulead Systems
[2011.08.07 13:48:16 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Vodafone
[2011.10.04 20:35:47 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\WinBatch
[2010.10.10 13:46:12 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Windows Live Writer
[2011.11.26 16:03:04 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Wuala
[2012.02.08 08:30:39 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP1B5B4F1

< End of report >

Viele Grüße, TGS

Alt 07.06.2012, 08:54   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet extrem langsam - Standard

Internet extrem langsam


Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
__________________

__________________
Alt 08.06.2012, 14:56   #3
tgs83
 
Internet extrem langsam - Standard

Internet extrem langsam


Ok, vielen Dank für die Instruktionen.

Zunächst Malwarebytes:

Code:
ATTFilter
 Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.08.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Bärbel :: BÄRBEL_LAPTOP [Administrator]

08.06.2012 11:18:22
mbam-log-2012-06-08 (11-18-22).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 425229
Laufzeit: 1 Stunde(n), 36 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Bärbel\Downloads\SoftonicDownloader_fuer_blackberry-desktop-software.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Bärbel\Downloads\SoftonicDownloader_fuer_scribus.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Dann noch ESET:

Code:
ATTFilter
 ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=d505fcfff053084396aa00fb1855dcd9
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-08 01:16:42
# local_time=2012-06-08 03:16:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 2176032 2176032 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 428654 90784419 0 0
# compatibility_mode=8192 67108863 100 0 100 100 0 0
# scanned=237597
# found=2
# cleaned=0
# scan_time=6833
C:\Users\Bärbel\Downloads\cnet_Install EclipseCrossword_exe.exe	a variant of Win32/InstallCore.D application (unable to clean)	00000000000000000000000000000000	I
C:\Users\Bärbel\Downloads\SoftonicDownloader_fuer_winx-dvd-player.exe	a variant of Win32/SoftonicDownloader.A application (unable to clean)	00000000000000000000000000000000	I
Vielen Dank, hoffe es ist richtig durchgeführt.

Gruß, TGS83
__________________
Alt 08.06.2012, 17:01   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet extrem langsam - Standard

Internet extrem langsam


Zitat:
C:\Users\Bärbel\Downloads\SoftonicDownloader_fuer_blackberry-desktop-software
Finger weg von Softonic!!

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.06.2012, 09:55   #5
tgs83
 
Internet extrem langsam - Standard

Internet extrem langsam


Ok, habe es nun durchgeführt. anbei der Code:

Code:
ATTFilter
OTL logfile created on: 11.06.2012 10:33:38 - Run 3
OTL by OldTimer - Version 3.2.46.0     Folder = C:\Users\Bärbel\Desktop\Reparatur
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 57,36% Memory free
7,72 Gb Paging File | 5,68 Gb Available in Paging File | 73,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 42,58 Gb Free Space | 28,57% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 134,76 Gb Free Space | 90,65% Space Free | Partition Type: NTFS
 
Computer Name: BÄRBEL_LAPTOP | User Name: Bärbel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.04 20:30:35 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bärbel\Desktop\Reparatur\OTL(1).exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bärbel\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.01.04 23:24:50 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012.01.04 23:24:50 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012.01.03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.08 12:54:25 | 000,554,160 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) -- C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe
PRC - [2011.07.29 13:50:46 | 000,480,880 | ---- | M] () -- C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.08.11 16:57:10 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Wuala Dokan\mounter.exe
PRC - [2010.05.02 22:25:44 | 000,498,096 | ---- | M] (REINER SCT) -- C:\Windows\SysWOW64\cjpcsc.exe
PRC - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.03.17 08:48:28 | 000,541,080 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2010.03.17 08:48:26 | 006,952,344 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2010.03.17 08:48:26 | 001,141,144 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.03.03 12:47:38 | 004,581,280 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
PRC - [2010.02.24 16:54:04 | 002,721,120 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2010.02.22 13:23:50 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010.02.04 15:06:00 | 000,427,416 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010.01.15 14:08:38 | 000,935,208 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.12.25 15:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2009.12.08 10:39:00 | 000,275,888 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtAvAC.exe
PRC - [2009.11.18 15:10:00 | 000,664,904 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2009.07.28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.05.01 17:57:50 | 000,077,032 | ---- | M] (Entriq, Inc.) -- C:\Program Files (x86)\maxdome\DCBin\DCService.exe
PRC - [2009.04.03 18:17:00 | 000,447,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008.07.24 11:24:00 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.07.29 13:50:46 | 000,480,880 | ---- | M] () -- C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.03.17 08:15:54 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010.03.17 08:15:54 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010.03.17 08:15:54 | 000,610,816 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010.03.17 08:15:54 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010.03.17 08:05:10 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.11.20 15:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2010.11.20 15:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2010.03.15 09:56:20 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009.07.14 03:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009.07.14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV - [2012.06.09 08:31:23 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.26 23:32:45 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.04 23:24:50 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.08 12:54:25 | 000,554,160 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) [Auto | Running] -- C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney 7.0 OnlineUpdate)
SRV - [2011.07.31 14:53:06 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\Bärbel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2011.05.30 00:28:30 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.02.10 09:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010.11.20 14:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2010.08.11 16:57:10 | 000,011,776 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Wuala Dokan\mounter.exe -- (wDokanMounter)
SRV - [2010.05.02 22:25:44 | 000,498,096 | ---- | M] (REINER SCT) [Auto | Running] -- C:\Windows\SysWOW64\cjpcsc.exe -- (cjpcsc)
SRV - [2010.04.06 14:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2010.03.23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.17 08:48:28 | 000,541,080 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010.03.03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.03.03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.02.25 13:07:14 | 000,196,464 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010.02.23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2010.02.05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2010.01.28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.01.15 14:08:38 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009.10.06 09:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.05.01 17:57:50 | 000,077,032 | ---- | M] (Entriq, Inc.) [Auto | Running] -- C:\Program Files (x86)\maxdome\DCBin\DCService.exe -- (Prosieben)
SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008.07.04 12:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.04.27 10:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.04.25 00:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 12:19:08 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2011.11.29 04:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.07.19 11:35:00 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.12 21:15:10 | 000,157,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010.08.11 16:57:22 | 000,086,392 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wdokan.sys -- (wDokan)
DRV:64bit: - [2010.05.14 03:40:00 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.23 13:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010.03.15 10:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.03.15 10:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.03.15 09:00:58 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.03.10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.02.10 15:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.08 09:55:02 | 000,029,184 | ---- | M] (REINER SCT) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cjusb.sys -- (cjusb)
DRV:64bit: - [2010.02.08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2010.02.03 11:04:00 | 000,060,408 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.01.12 15:37:34 | 000,325,152 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.01.07 09:05:46 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.12.02 15:01:24 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.09.24 17:55:00 | 000,212,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.08.05 12:56:00 | 000,063,856 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV:64bit: - [2009.07.30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.28 20:02:00 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2009.07.24 11:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:64bit: - [2009.07.14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009.07.14 01:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009.07.13 22:12:00 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009.06.22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.19 10:00:00 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2009.06.19 09:59:00 | 000,050,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:64bit: - [2009.06.17 12:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.01.09 16:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008.11.16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008.05.20 18:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008.03.17 11:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2007.04.17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E7F1812D-46BA-43EC-B9FD-954D7B2462C8}
IE:64bit: - HKLM\..\SearchScopes\{E7F1812D-46BA-43EC-B9FD-954D7B2462C8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{58A0001C-330C-462F-A100-413B0E1ABC58}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes,DefaultScope = {1D9DAABE-9F66-4E61-BD12-57E1A4053FC6}
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{08E37E8F-254E-443E-9C08-CFDC6A30DA75}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{0D62891F-6C3C-40BA-8A36-0D7564774398}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{14FB3A71-59A0-4414-B228-34326B588F4B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=18A058A5-EDCA-44B1-8AF5-0C5B132C6A33&apn_sauid=78F29A58-BE16-44BA-8DE3-A053A1501903
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{1D9DAABE-9F66-4E61-BD12-57E1A4053FC6}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{2885DCE8-8F98-4B4C-B42F-1E4A34080903}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{4CED9B60-5740-4D71-8D2C-8C8C3973802A}: "URL" = hxxp://rover.ebay.com.anonymize-me.de/?anonymto=687474703A2F2F726F7665722E656261792E636F6D2F726F7665722F312F3730372D34343535362D393430302D392F343F73617469746C653D7B7365617263685465726D737D&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E636F6E647569742E636F6D2F526573756C74734578742E617370783F713D7B7365617263685465726D737D26536561726368536F757263653D3426637469643D435432373336343736&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{B78A8751-41B5-4A08-A8C8-0027655B3677}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{F5B4BA7E-8E36-43B4-A0F0-8DAF71F028EF}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?anonymto=687474703A2F2F7777772E616D617A6F6E2E64652F67702F7365617263683F69653D55544638266B6579776F7264733D7B7365617263685465726D737D267461673D746F636869626164652D77696E372D69652D7365617263682D323126696E6465783D626C656E646564266C696E6B436F64653D757232&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Freeware.de Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.igoogle.de"
FF - prefs.js..extensions.enabledItems: {F3FC1841-48F0-49D3-A649-A2F21B7C3328}:1.9.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.10.24 08:29:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.01 18:17:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.17 16:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.17 16:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.05.17 16:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.05.17 16:43:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F3FC1841-48F0-49D3-A649-A2F21B7C3328}: C:\Users\Bärbel\AppData\Local\{F3FC1841-48F0-49D3-A649-A2F21B7C3328} [2011.01.13 22:42:06 | 000,000,000 | ---D | M]
 
[2010.08.11 09:03:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bärbel\AppData\Roaming\mozilla\Extensions
[2010.08.11 09:03:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bärbel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.05.03 00:05:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions
[2012.04.19 20:52:16 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\askcom.xml
[2011.06.22 14:15:48 | 000,000,925 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\conduit.xml
[2012.06.09 16:19:05 | 000,001,609 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\ixquick-http---deutsch.xml
[2011.07.31 14:53:09 | 000,002,188 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{C53EFBA3-1AB5-448A-8976-7F6E9934BBB5}.xml
[2011.07.31 14:53:09 | 000,001,870 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{CDCA9256-4FE5-4176-A963-BC0E62D314C0}.xml
[2011.07.31 14:53:09 | 000,002,077 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{E2CF7FDC-BC83-4B79-BAE8-70F59EEBA65B}.xml
[2012.05.01 23:16:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.05.03 00:12:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.19 20:41:20 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\B\u00E4rbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Bärbel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Bärbel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Programme\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Programme\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Google Updater] C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-357113597-3366176197-1571371492-1000..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bärbel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6199934-6847-46AB-9C75-36386738D715}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\Shell - "" = AutoRun
O33 - MountPoints2\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\Shell - "" = AutoRun
O33 - MountPoints2\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\Shell - "" = AutoRun
O33 - MountPoints2\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^maxdome Download Manager.lnk - C:\Program Files (x86)\maxdome\DCBin\DCTrayApp.exe - ()
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= - c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - 
ActiveX:64bit: >{D6650514-E1E0-46B1-9512-63063248A6CF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\Windows\SysWow64\alf2cd.acm (NCT Company)
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mpegacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.scg726 - C:\Windows\SysWow64\Scg726.acm (SHARP Corporation)
Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: msacm.voxacm160 - C:\Windows\SysWow64\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\Windows\SysWow64\mcdvd_32.dll (MainConcept)
Drivers32: vidc.mp42 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.09 08:33:11 | 000,000,000 | ---D | C] -- C:\Users\Bärbel\AppData\Local\Macromedia
[2012.06.08 19:44:52 | 000,000,000 | ---D | C] -- C:\Users\Bärbel\Documents\Bluetooth
[2012.06.08 15:53:36 | 000,000,000 | ---D | C] -- C:\Users\Bärbel\Desktop\Reparatur
[2012.06.08 13:21:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.06.08 11:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
[2012.06.08 11:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Deterministic Networks
[2012.06.08 11:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2012.05.17 16:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.05.17 16:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.05.14 08:59:43 | 000,000,000 | ---D | C] -- C:\Users\Bärbel\AppData\Roaming\Avira
[2012.05.14 08:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.05.14 08:55:41 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.05.14 08:55:41 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.05.14 08:55:41 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.05.14 08:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.05.14 08:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.11 10:37:04 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.11 10:33:10 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.06.11 10:26:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.11 10:24:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.11 09:29:18 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.11 09:29:18 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.11 09:29:18 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.11 09:29:18 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.11 09:29:18 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.11 09:00:18 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.11 09:00:18 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.11 08:55:19 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Bärbel.job
[2012.06.10 21:06:52 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.10 09:51:25 | 000,000,294 | ---- | M] () -- C:\ProgramData\requested_apps.pbuf
[2012.06.10 09:50:16 | 3110,080,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.08 19:49:42 | 000,000,252 | ---- | M] () -- C:\Users\Bärbel\Desktop\Bluetooth Local COM - Verknüpfung.lnk
[2012.06.08 19:44:31 | 000,000,956 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2012.06.08 11:16:42 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF
[2012.06.08 11:16:08 | 000,002,687 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
[2012.06.08 11:11:31 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.08 19:49:42 | 000,000,252 | ---- | C] () -- C:\Users\Bärbel\Desktop\Bluetooth Local COM - Verknüpfung.lnk
[2012.06.08 19:44:26 | 000,000,956 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2012.06.08 11:16:08 | 000,002,687 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
[2012.06.08 11:16:01 | 000,001,594 | ---- | C] () -- C:\Windows\VPNInstall.MIF
[2012.06.08 11:11:31 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.27 23:44:21 | 000,000,294 | ---- | C] () -- C:\ProgramData\requested_apps.pbuf
[2011.12.26 18:16:15 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.05.30 00:40:18 | 000,786,504 | ---- | C] () -- C:\Windows\SysWow64\CNQ9602N.DAT
[2011.05.30 00:40:18 | 000,296,064 | ---- | C] () -- C:\Windows\SysWow64\CNQ9602W.DAT
[2011.05.10 23:22:47 | 000,000,000 | ---- | C] () -- C:\Users\Bärbel\AppData\Roaming\AVSDVDPlayer.m3u
[2011.05.10 16:48:13 | 000,007,613 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\Resmon.ResmonCfg
[2011.04.10 08:25:22 | 000,005,115 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2011.03.27 20:24:03 | 000,003,584 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.13 16:10:10 | 000,000,470 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2011.02.13 16:07:55 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2011.01.14 08:42:36 | 000,000,120 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\Ecoqupomukimup.dat
[2011.01.14 08:42:36 | 000,000,000 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\Svucaziguq.bin
[2011.01.04 00:43:57 | 000,025,600 | ---- | C] () -- C:\Users\Bärbel\AppData\Local\WebpageIcons.db
[2010.09.02 22:59:21 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\SerialXP.dll
[2010.09.02 22:59:21 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\win32com.dll
[2010.09.02 21:50:34 | 000,000,398 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2010.08.28 10:35:06 | 000,031,328 | ---- | C] () -- C:\Windows\SysWow64\Ctrsct16.dll
[2010.08.27 22:00:42 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.11 16:57:16 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\wdokannp.dll
[2010.08.11 16:57:06 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\wdokanusr.dll
[2010.08.10 21:52:31 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.08.10 21:52:31 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
 
========== LOP Check ==========
 
[2011.02.22 22:25:32 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Ahnenblatt
[2011.01.13 23:00:11 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Amazon
[2012.01.23 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\BitTorrent
[2011.07.23 14:25:22 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Blackberry Desktop
[2011.05.30 00:40:52 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Canon
[2011.04.10 08:25:22 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Carambis
[2012.06.10 09:51:02 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Dropbox
[2011.02.22 21:34:44 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Family Tree Pilot
[2012.01.23 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\FileZilla
[2011.10.04 22:42:05 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\IrfanView
[2011.02.13 16:15:32 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\MyHeritage
[2011.07.31 14:53:06 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\OCS
[2010.08.12 22:18:46 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\OpenOffice.org
[2011.07.31 14:53:09 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Opera
[2012.02.05 19:07:53 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Product_RM
[2011.07.23 13:57:48 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Research In Motion
[2011.08.22 20:31:55 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Simfy
[2011.03.02 22:54:03 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2010.08.11 09:03:35 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Thunderbird
[2010.08.10 09:20:42 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Toshiba
[2011.01.23 13:50:16 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Ulead Systems
[2011.08.07 13:48:16 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Vodafone
[2011.10.04 20:35:47 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\WinBatch
[2010.10.10 13:46:12 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Windows Live Writer
[2011.11.26 16:03:04 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Wuala
[2012.02.08 08:30:39 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.02.15 16:23:49 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Adobe
[2011.02.22 22:25:32 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Ahnenblatt
[2011.01.13 23:00:11 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Amazon
[2010.08.23 11:34:19 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Apple Computer
[2011.05.30 00:37:24 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\ArcSoft
[2010.08.10 09:05:48 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\ATI
[2012.05.14 08:59:43 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Avira
[2012.01.23 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\BitTorrent
[2011.07.23 14:25:22 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Blackberry Desktop
[2011.05.30 00:40:52 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Canon
[2011.04.10 08:25:22 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Carambis
[2011.12.26 18:16:26 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Corel
[2011.04.23 12:18:35 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\DivX
[2012.06.10 09:51:02 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Dropbox
[2011.02.22 21:34:44 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Family Tree Pilot
[2012.01.23 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\FileZilla
[2010.08.10 09:05:11 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Identities
[2011.10.04 20:35:50 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\InstallShield
[2011.10.04 22:42:05 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\IrfanView
[2010.11.02 09:57:48 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Macromedia
[2011.04.24 09:55:35 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Media Center Programs
[2012.02.15 16:23:49 | 000,000,000 | --SD | M] -- C:\Users\Bärbel\AppData\Roaming\Microsoft
[2010.08.10 09:40:57 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Mozilla
[2011.02.13 16:15:32 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\MyHeritage
[2010.08.25 21:07:50 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Nero
[2011.07.31 14:53:06 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\OCS
[2010.08.12 22:18:46 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\OpenOffice.org
[2011.07.31 14:53:09 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Opera
[2012.02.05 19:07:53 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Product_RM
[2011.06.24 11:45:40 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Real
[2011.07.23 13:57:48 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Research In Motion
[2011.08.22 20:31:55 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Simfy
[2012.05.03 00:13:26 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Skype
[2011.10.05 19:25:34 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\skypePM
[2011.03.02 22:54:03 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2010.08.11 09:03:35 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Thunderbird
[2010.08.10 09:20:42 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Toshiba
[2011.01.23 13:50:16 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Ulead Systems
[2011.11.13 00:15:58 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\vlc
[2011.08.07 13:48:16 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Vodafone
[2011.10.04 20:35:47 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\WinBatch
[2010.10.10 13:46:12 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Windows Live Writer
[2011.11.26 16:03:04 | 000,000,000 | ---D | M] -- C:\Users\Bärbel\AppData\Roaming\Wuala
 
< %APPDATA%\*.exe /s >
[2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bärbel\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.02.15 01:03:44 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\Bärbel\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.04.26 15:35:02 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Bärbel\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.02.24 13:19:28 | 000,058,896 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\MyHeritage\Bin\Detect\Detect.exe
[2011.07.31 14:53:06 | 000,106,496 | ---- | M] (OCS) -- C:\Users\Bärbel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
[2011.07.31 14:53:06 | 000,040,960 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
[2011.01.29 14:02:29 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bärbel\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.10.21 07:47:14 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bärbel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
[2011.10.21 10:49:25 | 026,533,840 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bärbel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_data\RealPlayer_de.exe
[2011.10.21 10:47:20 | 000,676,624 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Bärbel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_exe\RealPlayer_de.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.01.15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_5d42c6448888c5bd\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.06.24 23:12:01 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.06.24 23:12:01 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
Vielen Dank!
TGS83


Alt 11.06.2012, 12:39   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet extrem langsam - Standard

Internet extrem langsam


Zitat:
O2 - BHO: (DivX Plus Web Player HTML5 <video>)
Sagmal gehörst du auch zur der Fraktion, die sich Serien und Kinofilme über dubiose Portale anschaut?
Wenn ja: in Zukunft Finger weg, diese illegalen Portale verbreiten Malware und wenn du in Zukunft malwarefrei sein wilst, musst du auf legale Alternativen ausweichen und auf solche riskanten Streamingseiten verzichten!
Gerade solche Streamingseiten sind für die aktuelle Welle der Erpresserschädlinge verantwortlich, die Windows blockieren und 50 oder 100 EUR erpressen wollen!!


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E7F1812D-46BA-43EC-B9FD-954D7B2462C8}
IE:64bit: - HKLM\..\SearchScopes\{E7F1812D-46BA-43EC-B9FD-954D7B2462C8}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{58A0001C-330C-462F-A100-413B0E1ABC58}: "URL" = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes,DefaultScope = {1D9DAABE-9F66-4E61-BD12-57E1A4053FC6}
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{08E37E8F-254E-443E-9C08-CFDC6A30DA75}: "URL" = http://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{0D62891F-6C3C-40BA-8A36-0D7564774398}: "URL" = http://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{14FB3A71-59A0-4414-B228-34326B588F4B}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=18A058A5-EDCA-44B1-8AF5-0C5B132C6A33&apn_sauid=78F29A58-BE16-44BA-8DE3-A053A1501903
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{1D9DAABE-9F66-4E61-BD12-57E1A4053FC6}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{2885DCE8-8F98-4B4C-B42F-1E4A34080903}: "URL" = http://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{4CED9B60-5740-4D71-8D2C-8C8C3973802A}: "URL" = http://rover.ebay.com.anonymize-me.de/?anonymto=687474703A2F2F726F7665722E656261792E636F6D2F726F7665722F312F3730372D34343535362D393430302D392F343F73617469746C653D7B7365617263685465726D737D&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E636F6E647569742E636F6D2F526573756C74734578742E617370783F713D7B7365617263685465726D737D26536561726368536F757263653D3426637469643D435432373336343736&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{B78A8751-41B5-4A08-A8C8-0027655B3677}: "URL" = http://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&mode=bounce&k=0
IE - HKU\S-1-5-21-357113597-3366176197-1571371492-1000\..\SearchScopes\{F5B4BA7E-8E36-43B4-A0F0-8DAF71F028EF}: "URL" = http://www.amazon.de.anonymize-me.de/?anonymto=687474703A2F2F7777772E616D617A6F6E2E64652F67702F7365617263683F69653D55544638266B6579776F7264733D7B7365617263685465726D737D267461673D746F636869626164652D77696E372D69652D7365617263682D323126696E6465783D626C656E646564266C696E6B436F64653D757232&st={searchTerms}&clid=ea78bf70-d264-4474-8a91-ebfa49f33034&pid=freewarede&k=0
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Freeware.de Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
[2012.04.19 20:52:16 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com
[2012.01.03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\askcom.xml
[2011.06.22 14:15:48 | 000,000,925 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\conduit.xml
[2012.06.09 16:19:05 | 000,001,609 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\ixquick-http---deutsch.xml
[2011.07.31 14:53:09 | 000,002,188 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{C53EFBA3-1AB5-448A-8976-7F6E9934BBB5}.xml
[2011.07.31 14:53:09 | 000,001,870 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{CDCA9256-4FE5-4176-A963-BC0E62D314C0}.xml
[2011.07.31 14:53:09 | 000,002,077 | ---- | M] () -- C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{E2CF7FDC-BC83-4B79-BAE8-70F59EEBA65B}.xmlO2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - No CLSID value found.
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Program Files (x86)\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\Shell - "" = AutoRun
O33 - MountPoints2\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\Shell - "" = AutoRun
O33 - MountPoints2\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\Shell - "" = AutoRun
O33 - MountPoints2\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
:Files
C:\Program Files (x86)\ConduitEngine
C:\Program Files (x86)\Freeware.de
C:\ProgramData\mtbjfghn.xbe
C:\Program Files (x86)\Ask.com
C:\Users\Bärbel\AppData\Local\Ecoqupomukimup.dat
C:\Users\Bärbel\AppData\Local\Svucaziguq.bin
C:\Users\Bärbel\AppData\Roaming\OCS
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
--> Internet extrem langsam

Alt 12.06.2012, 09:22   #7
tgs83
 
Internet extrem langsam - Standard

Internet extrem langsam


Hallo Arne,
das kann gut sein, ist ein Computer eines Familienmitgliedes. Werde dieses aber darauf hinweisen, dass sie das unterlassen soll. Also hier anbei der Logfile

Code:
ATTFilter
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E7F1812D-46BA-43EC-B9FD-954D7B2462C8}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7F1812D-46BA-43EC-B9FD-954D7B2462C8}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7e111a5c-3d11-4f56-9463-5310c3c69025} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ deleted successfully.
C:\Program Files (x86)\Freeware.de\prxtbFree.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{58A0001C-330C-462F-A100-413B0E1ABC58}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58A0001C-330C-462F-A100-413B0E1ABC58}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-357113597-3366176197-1571371492-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7e111a5c-3d11-4f56-9463-5310c3c69025} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ not found.
File C:\Program Files (x86)\Freeware.de\prxtbFree.dll not found.
HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{08E37E8F-254E-443E-9C08-CFDC6A30DA75}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08E37E8F-254E-443E-9C08-CFDC6A30DA75}\ not found.
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D62891F-6C3C-40BA-8A36-0D7564774398}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D62891F-6C3C-40BA-8A36-0D7564774398}\ not found.
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{14FB3A71-59A0-4414-B228-34326B588F4B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14FB3A71-59A0-4414-B228-34326B588F4B}\ not found.
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1D9DAABE-9F66-4E61-BD12-57E1A4053FC6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D9DAABE-9F66-4E61-BD12-57E1A4053FC6}\ not found.
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2885DCE8-8F98-4B4C-B42F-1E4A34080903}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2885DCE8-8F98-4B4C-B42F-1E4A34080903}\ not found.
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4CED9B60-5740-4D71-8D2C-8C8C3973802A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4CED9B60-5740-4D71-8D2C-8C8C3973802A}\ not found.
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found.
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B78A8751-41B5-4A08-A8C8-0027655B3677}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B78A8751-41B5-4A08-A8C8-0027655B3677}\ not found.
Registry key HKEY_USERS\S-1-5-21-357113597-3366176197-1571371492-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F5B4BA7E-8E36-43B4-A0F0-8DAF71F028EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5B4BA7E-8E36-43B4-A0F0-8DAF71F028EF}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Freeware.de Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\Bärbel\AppData\Roaming\mozilla\Firefox\Profiles\0rvutfq7.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\askcom.xml moved successfully.
C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\conduit.xml moved successfully.
C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\ixquick-http---deutsch.xml moved successfully.
C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{C53EFBA3-1AB5-448A-8976-7F6E9934BBB5}.xml moved successfully.
C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{CDCA9256-4FE5-4176-A963-BC0E62D314C0}.xml moved successfully.
C:\Users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\searchplugins\{E2CF7FDC-BC83-4B79-BAE8-70F59EEBA65B}.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5FF49FE8-B332-4CB9-B102-FB6951629E55}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5FF49FE8-B332-4CB9-B102-FB6951629E55}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ not found.
File C:\Program Files (x86)\Freeware.de\prxtbFree.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7e111a5c-3d11-4f56-9463-5310c3c69025} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7e111a5c-3d11-4f56-9463-5310c3c69025}\ not found.
File C:\Program Files (x86)\Freeware.de\prxtbFree.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files (x86)\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLinkedConnections deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d250239-c0e0-11e0-bb37-705ab6c3d224}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c5728bc2-c252-11e0-8f29-705ab6c3d224}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c5728bc6-c252-11e0-8f29-705ab6c3d224}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
C:\Program Files (x86)\ConduitEngine folder moved successfully.
C:\Program Files (x86)\Freeware.de folder moved successfully.
C:\ProgramData\mtbjfghn.xbe moved successfully.
C:\Program Files (x86)\Ask.com\Updater folder moved successfully.
C:\Program Files (x86)\Ask.com\assets\oobe folder moved successfully.
C:\Program Files (x86)\Ask.com\assets folder moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
C:\Users\Bärbel\AppData\Local\Ecoqupomukimup.dat moved successfully.
C:\Users\Bärbel\AppData\Local\Svucaziguq.bin moved successfully.
C:\Users\Bärbel\AppData\Roaming\OCS\SM\IO folder moved successfully.
C:\Users\Bärbel\AppData\Roaming\OCS\SM folder moved successfully.
C:\Users\Bärbel\AppData\Roaming\OCS folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Bärbel
->Temp folder emptied: 157154609 bytes
->Temporary Internet Files folder emptied: 286596331 bytes
->Java cache emptied: 4145982 bytes
->FireFox cache emptied: 127745348 bytes
->Google Chrome cache emptied: 6174721 bytes
->Flash cache emptied: 61728 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 114997272 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67899 bytes
RecycleBin emptied: 4412182668 bytes
 
Total Files Cleaned = 4.873,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Bärbel
->Flash cache emptied: 0 bytes
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.46.0 log created on 06122012_101307

Files\Folders moved on Reboot...
C:\Users\Bärbel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
Vielen Dank, tgs 83

Alt 12.06.2012, 11:04   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet extrem langsam - Standard

Internet extrem langsam


Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.06.2012, 15:54   #9
tgs83
 
Internet extrem langsam - Standard

Internet extrem langsam


Ok, hier ist der Report aus dem Kaspersky Tool:

Code:
ATTFilter
16:50:14.0021 1364	TDSS rootkit removing tool 2.7.39.0 Jun 14 2012 08:11:46
16:50:16.0034 1364	============================================================
16:50:16.0034 1364	Current date / time: 2012/06/14 16:50:16.0034
16:50:16.0034 1364	SystemInfo:
16:50:16.0034 1364	
16:50:16.0034 1364	OS Version: 6.1.7601 ServicePack: 1.0
16:50:16.0034 1364	Product type: Workstation
16:50:16.0034 1364	ComputerName: BÄRBEL_LAPTOP
16:50:16.0034 1364	UserName: Bärbel
16:50:16.0034 1364	Windows directory: C:\Windows
16:50:16.0034 1364	System windows directory: C:\Windows
16:50:16.0034 1364	Running under WOW64
16:50:16.0034 1364	Processor architecture: Intel x64
16:50:16.0034 1364	Number of processors: 4
16:50:16.0034 1364	Page size: 0x1000
16:50:16.0034 1364	Boot type: Normal boot
16:50:16.0034 1364	============================================================
16:50:16.0751 1364	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:50:16.0767 1364	============================================================
16:50:16.0767 1364	\Device\Harddisk0\DR0:
16:50:16.0767 1364	MBR partitions:
16:50:16.0767 1364	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x12A17000
16:50:16.0767 1364	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12ADF800, BlocksNum 0x1294F000
16:50:16.0767 1364	============================================================
16:50:16.0783 1364	C: <-> \Device\Harddisk0\DR0\Partition0
16:50:16.0829 1364	D: <-> \Device\Harddisk0\DR0\Partition1
16:50:16.0829 1364	============================================================
16:50:16.0829 1364	Initialize success
16:50:16.0845 1364	============================================================
16:50:41.0914 5836	============================================================
16:50:41.0914 5836	Scan started
16:50:41.0914 5836	Mode: Manual; SigCheck; TDLFS; 
16:50:41.0914 5836	============================================================
16:50:42.0414 5836	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:50:42.0554 5836	1394ohci - ok
16:50:42.0679 5836	ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:50:42.0710 5836	ACDaemon - ok
16:50:42.0819 5836	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:50:42.0850 5836	ACPI - ok
16:50:42.0897 5836	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:50:43.0038 5836	AcpiPmi - ok
16:50:43.0162 5836	AdobeActiveFileMonitor8.0 (34400005de52842c4d6d4ee978b4d7ce) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
16:50:43.0178 5836	AdobeActiveFileMonitor8.0 - ok
16:50:43.0272 5836	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:50:43.0287 5836	AdobeARMservice - ok
16:50:43.0490 5836	AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:50:43.0506 5836	AdobeFlashPlayerUpdateSvc - ok
16:50:43.0599 5836	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:50:43.0630 5836	adp94xx - ok
16:50:43.0662 5836	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:50:43.0693 5836	adpahci - ok
16:50:43.0740 5836	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:50:43.0771 5836	adpu320 - ok
16:50:43.0786 5836	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:50:43.0958 5836	AeLookupSvc - ok
16:50:44.0036 5836	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:50:44.0130 5836	AFD - ok
16:50:44.0270 5836	AffinegyService (10816c326423e5e660a4b2bb4f023b3f) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
16:50:44.0301 5836	AffinegyService - ok
16:50:44.0348 5836	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:50:44.0379 5836	agp440 - ok
16:50:44.0426 5836	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:50:44.0504 5836	ALG - ok
16:50:44.0551 5836	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:50:44.0566 5836	aliide - ok
16:50:44.0629 5836	AMD External Events Utility (57b773d82e8cc3c6d7e02cc8a6632043) C:\Windows\system32\atiesrxx.exe
16:50:44.0707 5836	AMD External Events Utility - ok
16:50:44.0754 5836	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:50:44.0769 5836	amdide - ok
16:50:44.0816 5836	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:50:44.0878 5836	AmdK8 - ok
16:50:45.0331 5836	amdkmdag        (aefaf27f1b7e52c705df4fb6c96732f6) C:\Windows\system32\DRIVERS\atipmdag.sys
16:50:45.0596 5836	amdkmdag - ok
16:50:45.0752 5836	amdkmdap        (8149db73be27950ec72767a1193153a6) C:\Windows\system32\DRIVERS\atikmpag.sys
16:50:45.0799 5836	amdkmdap - ok
16:50:45.0830 5836	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:50:45.0892 5836	AmdPPM - ok
16:50:45.0939 5836	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:50:45.0970 5836	amdsata - ok
16:50:46.0002 5836	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:50:46.0033 5836	amdsbs - ok
16:50:46.0080 5836	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:50:46.0095 5836	amdxata - ok
16:50:46.0189 5836	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:50:46.0220 5836	AntiVirSchedulerService - ok
16:50:46.0267 5836	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:50:46.0282 5836	AntiVirService - ok
16:50:46.0329 5836	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:50:46.0501 5836	AppID - ok
16:50:46.0548 5836	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:50:46.0641 5836	AppIDSvc - ok
16:50:46.0704 5836	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:50:46.0797 5836	Appinfo - ok
16:50:46.0906 5836	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:50:46.0922 5836	Apple Mobile Device - ok
16:50:46.0969 5836	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:50:47.0000 5836	arc - ok
16:50:47.0016 5836	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:50:47.0031 5836	arcsas - ok
16:50:47.0062 5836	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:50:47.0156 5836	AsyncMac - ok
16:50:47.0218 5836	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:50:47.0234 5836	atapi - ok
16:50:47.0718 5836	atikmdag        (aefaf27f1b7e52c705df4fb6c96732f6) C:\Windows\system32\DRIVERS\atikmdag.sys
16:50:47.0936 5836	atikmdag - ok
16:50:48.0108 5836	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:50:48.0217 5836	AudioEndpointBuilder - ok
16:50:48.0232 5836	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:50:48.0310 5836	AudioSrv - ok
16:50:48.0404 5836	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
16:50:48.0435 5836	avgntflt - ok
16:50:48.0498 5836	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
16:50:48.0529 5836	avipbb - ok
16:50:48.0560 5836	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
16:50:48.0576 5836	avkmgr - ok
16:50:48.0638 5836	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:50:48.0716 5836	AxInstSV - ok
16:50:48.0794 5836	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:50:48.0856 5836	b06bdrv - ok
16:50:48.0919 5836	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:50:48.0966 5836	b57nd60a - ok
16:50:49.0215 5836	BCM43XX         (5b5c36b2ec500462a715db6bcbaf5da7) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:50:49.0340 5836	BCM43XX - ok
16:50:49.0449 5836	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:50:49.0512 5836	BDESVC - ok
16:50:49.0558 5836	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:50:49.0652 5836	Beep - ok
16:50:49.0761 5836	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:50:49.0855 5836	BFE - ok
16:50:49.0933 5836	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:50:50.0058 5836	BITS - ok
16:50:50.0120 5836	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:50:50.0151 5836	blbdrive - ok
16:50:50.0292 5836	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:50:50.0323 5836	Bonjour Service - ok
16:50:50.0370 5836	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:50:50.0432 5836	bowser - ok
16:50:50.0479 5836	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:50:50.0572 5836	BrFiltLo - ok
16:50:50.0588 5836	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:50:50.0604 5836	BrFiltUp - ok
16:50:50.0666 5836	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:50:50.0760 5836	Browser - ok
16:50:50.0806 5836	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:50:50.0900 5836	Brserid - ok
16:50:50.0947 5836	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:50:50.0994 5836	BrSerWdm - ok
16:50:51.0009 5836	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:50:51.0056 5836	BrUsbMdm - ok
16:50:51.0103 5836	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:50:51.0134 5836	BrUsbSer - ok
16:50:51.0165 5836	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:50:51.0196 5836	BTHMODEM - ok
16:50:51.0243 5836	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:50:51.0321 5836	bthserv - ok
16:50:51.0368 5836	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:50:51.0462 5836	cdfs - ok
16:50:51.0524 5836	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:50:51.0571 5836	cdrom - ok
16:50:51.0633 5836	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:50:51.0727 5836	CertPropSvc - ok
16:50:51.0852 5836	cfWiMAXService  (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
16:50:51.0883 5836	cfWiMAXService - ok
16:50:51.0914 5836	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:50:51.0961 5836	circlass - ok
16:50:52.0117 5836	cjpcsc          (ebf03db02cdb10724498aa1660047138) C:\Windows\SysWOW64\cjpcsc.exe
16:50:52.0148 5836	cjpcsc - ok
16:50:52.0195 5836	cjusb           (167498e54ac4b6eef4951546134bd9ab) C:\Windows\system32\DRIVERS\cjusb.sys
16:50:52.0242 5836	cjusb - ok
16:50:52.0288 5836	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:50:52.0320 5836	CLFS - ok
16:50:52.0413 5836	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:50:52.0429 5836	clr_optimization_v2.0.50727_32 - ok
16:50:52.0491 5836	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:50:52.0507 5836	clr_optimization_v2.0.50727_64 - ok
16:50:52.0600 5836	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:50:52.0632 5836	clr_optimization_v4.0.30319_32 - ok
16:50:52.0694 5836	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:50:52.0710 5836	clr_optimization_v4.0.30319_64 - ok
16:50:52.0756 5836	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:50:52.0788 5836	CmBatt - ok
16:50:52.0819 5836	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:50:52.0834 5836	cmdide - ok
16:50:52.0912 5836	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:50:52.0975 5836	CNG - ok
16:50:53.0006 5836	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:50:53.0037 5836	Compbatt - ok
16:50:53.0084 5836	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:50:53.0131 5836	CompositeBus - ok
16:50:53.0146 5836	COMSysApp - ok
16:50:53.0256 5836	ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
16:50:53.0271 5836	ConfigFree Service - ok
16:50:53.0302 5836	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:50:53.0318 5836	crcdisk - ok
16:50:53.0380 5836	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:50:53.0427 5836	CryptSvc - ok
16:50:53.0474 5836	CVirtA          (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
16:50:53.0490 5836	CVirtA - ok
16:50:53.0677 5836	CVPND           (66257cb4e4fb69887cddc71663741435) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
16:50:53.0739 5836	CVPND - ok
16:50:53.0864 5836	CVPNDRVA        (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys
16:50:53.0895 5836	CVPNDRVA - ok
16:50:53.0989 5836	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:50:54.0114 5836	DcomLaunch - ok
16:50:54.0160 5836	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:50:54.0270 5836	defragsvc - ok
16:50:54.0301 5836	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:50:54.0394 5836	DfsC - ok
16:50:54.0488 5836	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:50:54.0582 5836	Dhcp - ok
16:50:54.0628 5836	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:50:54.0722 5836	discache - ok
16:50:54.0753 5836	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:50:54.0784 5836	Disk - ok
16:50:54.0831 5836	DNE             (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
16:50:54.0847 5836	DNE - ok
16:50:54.0909 5836	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:50:54.0972 5836	Dnscache - ok
16:50:55.0034 5836	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:50:55.0112 5836	dot3svc - ok
16:50:55.0143 5836	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:50:55.0237 5836	DPS - ok
16:50:55.0284 5836	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:50:55.0330 5836	drmkaud - ok
16:50:55.0424 5836	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:50:55.0471 5836	DXGKrnl - ok
16:50:55.0502 5836	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:50:55.0596 5836	EapHost - ok
16:50:55.0830 5836	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:50:55.0954 5836	ebdrv - ok
16:50:56.0095 5836	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:50:56.0157 5836	EFS - ok
16:50:56.0251 5836	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:50:56.0329 5836	ehRecvr - ok
16:50:56.0376 5836	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:50:56.0438 5836	ehSched - ok
16:50:56.0532 5836	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:50:56.0563 5836	elxstor - ok
16:50:56.0610 5836	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:50:56.0656 5836	ErrDev - ok
16:50:56.0719 5836	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:50:56.0812 5836	EventSystem - ok
16:50:56.0859 5836	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:50:56.0953 5836	exfat - ok
16:50:56.0984 5836	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:50:57.0078 5836	fastfat - ok
16:50:57.0171 5836	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:50:57.0265 5836	Fax - ok
16:50:57.0296 5836	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:50:57.0327 5836	fdc - ok
16:50:57.0374 5836	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:50:57.0468 5836	fdPHost - ok
16:50:57.0483 5836	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:50:57.0577 5836	FDResPub - ok
16:50:57.0624 5836	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:50:57.0655 5836	FileInfo - ok
16:50:57.0670 5836	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:50:57.0764 5836	Filetrace - ok
16:50:57.0889 5836	FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:50:57.0920 5836	FLEXnet Licensing Service - ok
16:50:57.0967 5836	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:50:57.0998 5836	flpydisk - ok
16:50:58.0060 5836	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:50:58.0092 5836	FltMgr - ok
16:50:58.0201 5836	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:50:58.0279 5836	FontCache - ok
16:50:58.0372 5836	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:50:58.0388 5836	FontCache3.0.0.0 - ok
16:50:58.0435 5836	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:50:58.0450 5836	FsDepends - ok
16:50:58.0513 5836	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:50:58.0528 5836	Fs_Rec - ok
16:50:58.0591 5836	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:50:58.0622 5836	fvevol - ok
16:50:58.0653 5836	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:50:58.0669 5836	gagp30kx - ok
16:50:58.0700 5836	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:50:58.0716 5836	GEARAspiWDM - ok
16:50:58.0825 5836	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:50:58.0918 5836	gpsvc - ok
16:50:59.0059 5836	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:50:59.0074 5836	gupdate - ok
16:50:59.0121 5836	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:50:59.0137 5836	gupdatem - ok
16:50:59.0184 5836	gusvc           (00127e2e527ed8de07f3b5ac59028317) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:50:59.0199 5836	gusvc - ok
16:50:59.0230 5836	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:50:59.0308 5836	hcw85cir - ok
16:50:59.0386 5836	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:50:59.0449 5836	HdAudAddService - ok
16:50:59.0511 5836	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:50:59.0558 5836	HDAudBus - ok
16:50:59.0605 5836	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:50:59.0620 5836	HECIx64 - ok
16:50:59.0652 5836	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:50:59.0683 5836	HidBatt - ok
16:50:59.0714 5836	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:50:59.0761 5836	HidBth - ok
16:50:59.0792 5836	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:50:59.0839 5836	HidIr - ok
16:50:59.0854 5836	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:50:59.0948 5836	hidserv - ok
16:51:00.0026 5836	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:51:00.0057 5836	HidUsb - ok
16:51:00.0104 5836	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:51:00.0198 5836	hkmsvc - ok
16:51:00.0229 5836	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:51:00.0307 5836	HomeGroupListener - ok
16:51:00.0354 5836	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:51:00.0400 5836	HomeGroupProvider - ok
16:51:00.0463 5836	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:51:00.0494 5836	HpSAMD - ok
16:51:00.0588 5836	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:51:00.0666 5836	HTTP - ok
16:51:00.0728 5836	hwdatacard      (c8f3119ad72a507d12ef389df4c266ef) C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:51:00.0790 5836	hwdatacard - ok
16:51:00.0822 5836	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:51:00.0837 5836	hwpolicy - ok
16:51:00.0884 5836	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:51:00.0900 5836	i8042prt - ok
16:51:00.0962 5836	iaStor          (85977cd13fc16069ce0af7943a811775) C:\Windows\system32\DRIVERS\iaStor.sys
16:51:00.0993 5836	iaStor - ok
16:51:01.0071 5836	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:51:01.0102 5836	iaStorV - ok
16:51:01.0243 5836	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:51:01.0290 5836	idsvc - ok
16:51:01.0352 5836	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:51:01.0368 5836	iirsp - ok
16:51:01.0461 5836	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:51:01.0586 5836	IKEEXT - ok
16:51:01.0648 5836	Impcd           (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
16:51:01.0695 5836	Impcd - ok
16:51:01.0882 5836	IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys
16:51:01.0976 5836	IntcAzAudAddService - ok
16:51:02.0085 5836	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:51:02.0116 5836	intelide - ok
16:51:02.0148 5836	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:51:02.0194 5836	intelppm - ok
16:51:02.0241 5836	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:51:02.0335 5836	IPBusEnum - ok
16:51:02.0366 5836	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:51:02.0444 5836	IpFilterDriver - ok
16:51:02.0538 5836	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:51:02.0616 5836	iphlpsvc - ok
16:51:02.0662 5836	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:51:02.0694 5836	IPMIDRV - ok
16:51:02.0740 5836	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:51:02.0834 5836	IPNAT - ok
16:51:02.0990 5836	iPod Service    (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:51:03.0037 5836	iPod Service - ok
16:51:03.0052 5836	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:51:03.0146 5836	IRENUM - ok
16:51:03.0177 5836	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:51:03.0193 5836	isapnp - ok
16:51:03.0255 5836	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:51:03.0271 5836	iScsiPrt - ok
16:51:03.0349 5836	IviRegMgr       (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
16:51:03.0364 5836	IviRegMgr - ok
16:51:03.0411 5836	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:51:03.0442 5836	kbdclass - ok
16:51:03.0474 5836	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:51:03.0505 5836	kbdhid - ok
16:51:03.0536 5836	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:51:03.0552 5836	KeyIso - ok
16:51:03.0583 5836	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:51:03.0598 5836	KSecDD - ok
16:51:03.0645 5836	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:51:03.0676 5836	KSecPkg - ok
16:51:03.0708 5836	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:51:03.0801 5836	ksthunk - ok
16:51:03.0832 5836	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:51:03.0926 5836	KtmRm - ok
16:51:03.0988 5836	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:51:04.0066 5836	LanmanServer - ok
16:51:04.0129 5836	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:51:04.0222 5836	LanmanWorkstation - ok
16:51:04.0269 5836	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:51:04.0363 5836	lltdio - ok
16:51:04.0425 5836	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:51:04.0519 5836	lltdsvc - ok
16:51:04.0550 5836	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:51:04.0612 5836	lmhosts - ok
16:51:04.0722 5836	LMS             (23de5b62b0445a6f874be633c95b483e) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:51:04.0753 5836	LMS - ok
16:51:04.0800 5836	LPCFilter       (41e122f6d1448c94cc05196bc41d6bfb) C:\Windows\system32\DRIVERS\LPCFilter.sys
16:51:04.0815 5836	LPCFilter - ok
16:51:04.0846 5836	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:51:04.0878 5836	LSI_FC - ok
16:51:04.0909 5836	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:51:04.0924 5836	LSI_SAS - ok
16:51:04.0971 5836	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:51:04.0987 5836	LSI_SAS2 - ok
16:51:05.0034 5836	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:51:05.0049 5836	LSI_SCSI - ok
16:51:05.0080 5836	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:51:05.0174 5836	luafv - ok
16:51:05.0252 5836	McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
16:51:05.0268 5836	McComponentHostService - ok
16:51:05.0314 5836	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:51:05.0361 5836	Mcx2Svc - ok
16:51:05.0392 5836	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:51:05.0408 5836	megasas - ok
16:51:05.0439 5836	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:51:05.0470 5836	MegaSR - ok
16:51:05.0502 5836	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:51:05.0595 5836	MMCSS - ok
16:51:05.0611 5836	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:51:05.0689 5836	Modem - ok
16:51:05.0720 5836	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:51:05.0767 5836	monitor - ok
16:51:05.0829 5836	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:51:05.0860 5836	mouclass - ok
16:51:05.0892 5836	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:51:05.0938 5836	mouhid - ok
16:51:06.0001 5836	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:51:06.0032 5836	mountmgr - ok
16:51:06.0094 5836	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:51:06.0110 5836	MozillaMaintenance - ok
16:51:06.0141 5836	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:51:06.0172 5836	mpio - ok
16:51:06.0204 5836	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:51:06.0282 5836	mpsdrv - ok
16:51:06.0360 5836	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:51:06.0469 5836	MpsSvc - ok
16:51:06.0500 5836	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:51:06.0547 5836	MRxDAV - ok
16:51:06.0594 5836	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:51:06.0640 5836	mrxsmb - ok
16:51:06.0703 5836	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:51:06.0750 5836	mrxsmb10 - ok
16:51:06.0781 5836	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:51:06.0812 5836	mrxsmb20 - ok
16:51:06.0859 5836	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:51:06.0874 5836	msahci - ok
16:51:06.0921 5836	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:51:06.0937 5836	msdsm - ok
16:51:06.0984 5836	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:51:07.0015 5836	MSDTC - ok
16:51:07.0046 5836	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:51:07.0124 5836	Msfs - ok
16:51:07.0155 5836	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:51:07.0233 5836	mshidkmdf - ok
16:51:07.0264 5836	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:51:07.0280 5836	msisadrv - ok
16:51:07.0327 5836	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:51:07.0420 5836	MSiSCSI - ok
16:51:07.0436 5836	msiserver - ok
16:51:07.0467 5836	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:51:07.0561 5836	MSKSSRV - ok
16:51:07.0576 5836	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:51:07.0670 5836	MSPCLOCK - ok
16:51:07.0717 5836	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:51:07.0795 5836	MSPQM - ok
16:51:07.0857 5836	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:51:07.0888 5836	MsRPC - ok
16:51:07.0935 5836	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:51:07.0951 5836	mssmbios - ok
16:51:07.0982 5836	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:51:08.0060 5836	MSTEE - ok
16:51:08.0060 5836	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:51:08.0107 5836	MTConfig - ok
16:51:08.0122 5836	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:51:08.0154 5836	Mup - ok
16:51:08.0216 5836	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:51:08.0310 5836	napagent - ok
16:51:08.0356 5836	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:51:08.0419 5836	NativeWifiP - ok
16:51:08.0528 5836	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:51:08.0575 5836	NDIS - ok
16:51:08.0606 5836	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:51:08.0700 5836	NdisCap - ok
16:51:08.0746 5836	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:51:08.0824 5836	NdisTapi - ok
16:51:08.0856 5836	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:51:08.0949 5836	Ndisuio - ok
16:51:08.0996 5836	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:51:09.0090 5836	NdisWan - ok
16:51:09.0105 5836	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:51:09.0199 5836	NDProxy - ok
16:51:09.0339 5836	Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
16:51:09.0386 5836	Nero BackItUp Scheduler 4.0 - ok
16:51:09.0417 5836	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:51:09.0495 5836	NetBIOS - ok
16:51:09.0558 5836	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:51:09.0636 5836	NetBT - ok
16:51:09.0667 5836	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:51:09.0682 5836	Netlogon - ok
16:51:09.0760 5836	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:51:09.0854 5836	Netman - ok
16:51:09.0901 5836	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:51:09.0994 5836	netprofm - ok
16:51:10.0088 5836	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:51:10.0104 5836	NetTcpPortSharing - ok
16:51:10.0135 5836	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:51:10.0166 5836	nfrd960 - ok
16:51:10.0213 5836	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:51:10.0322 5836	NlaSvc - ok
16:51:10.0338 5836	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:51:10.0400 5836	Npfs - ok
16:51:10.0447 5836	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:51:10.0525 5836	nsi - ok
16:51:10.0556 5836	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:51:10.0650 5836	nsiproxy - ok
16:51:10.0790 5836	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:51:10.0868 5836	Ntfs - ok
16:51:10.0977 5836	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:51:11.0040 5836	Null - ok
16:51:11.0102 5836	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:51:11.0133 5836	nvraid - ok
16:51:11.0149 5836	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:51:11.0164 5836	nvstor - ok
16:51:11.0227 5836	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:51:11.0258 5836	nv_agp - ok
16:51:11.0305 5836	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:51:11.0336 5836	ohci1394 - ok
16:51:11.0430 5836	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:51:11.0461 5836	ose - ok
16:51:11.0866 5836	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:51:12.0100 5836	osppsvc - ok
16:51:12.0225 5836	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:51:12.0288 5836	p2pimsvc - ok
16:51:12.0334 5836	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:51:12.0366 5836	p2psvc - ok
16:51:12.0428 5836	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:51:12.0459 5836	Parport - ok
16:51:12.0490 5836	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:51:12.0506 5836	partmgr - ok
16:51:12.0537 5836	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:51:12.0600 5836	PcaSvc - ok
16:51:12.0631 5836	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:51:12.0646 5836	pci - ok
16:51:12.0662 5836	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:51:12.0693 5836	pciide - ok
16:51:12.0724 5836	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:51:12.0756 5836	pcmcia - ok
16:51:12.0912 5836	PCToolsSSDMonitorSvc (8cb97ab9edc3db4e6723577e1d790353) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
16:51:12.0958 5836	PCToolsSSDMonitorSvc - ok
16:51:12.0974 5836	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:51:12.0990 5836	pcw - ok
16:51:13.0052 5836	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:51:13.0161 5836	PEAUTH - ok
16:51:13.0255 5836	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:51:13.0286 5836	PerfHost - ok
16:51:13.0348 5836	PGEffect        (663962900e7fea522126ba287715bb4a) C:\Windows\system32\DRIVERS\pgeffect.sys
16:51:13.0364 5836	PGEffect - ok
16:51:13.0489 5836	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:51:13.0614 5836	pla - ok
16:51:13.0676 5836	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:51:13.0738 5836	PlugPlay - ok
16:51:13.0801 5836	pneteth         (8ac5649c9070674d4607301c180ab10b) C:\Windows\system32\DRIVERS\pneteth.sys
16:51:13.0863 5836	pneteth - ok
16:51:13.0879 5836	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:51:13.0910 5836	PNRPAutoReg - ok
16:51:13.0957 5836	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:51:13.0988 5836	PNRPsvc - ok
16:51:14.0050 5836	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:51:14.0160 5836	PolicyAgent - ok
16:51:14.0206 5836	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:51:14.0300 5836	Power - ok
16:51:14.0347 5836	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:51:14.0425 5836	PptpMiniport - ok
16:51:14.0472 5836	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:51:14.0503 5836	Processor - ok
16:51:14.0550 5836	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:51:14.0628 5836	ProfSvc - ok
16:51:14.0721 5836	Prosieben       (9cc2c93394241e602da63826413055ff) C:\Program Files (x86)\maxdome\DCBin\DCService.exe
16:51:14.0752 5836	Prosieben - ok
16:51:14.0784 5836	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:51:14.0799 5836	ProtectedStorage - ok
16:51:14.0862 5836	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:51:14.0940 5836	Psched - ok
16:51:15.0018 5836	PSI_SVC_2       (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:51:15.0033 5836	PSI_SVC_2 - ok
16:51:15.0111 5836	PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:51:15.0127 5836	PxHlpa64 - ok
16:51:15.0267 5836	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:51:15.0330 5836	ql2300 - ok
16:51:15.0454 5836	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:51:15.0486 5836	ql40xx - ok
16:51:15.0517 5836	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:51:15.0564 5836	QWAVE - ok
16:51:15.0595 5836	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:51:15.0626 5836	QWAVEdrv - ok
16:51:15.0642 5836	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:51:15.0735 5836	RasAcd - ok
16:51:15.0782 5836	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:51:15.0844 5836	RasAgileVpn - ok
16:51:15.0876 5836	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:51:15.0969 5836	RasAuto - ok
16:51:16.0016 5836	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:51:16.0094 5836	Rasl2tp - ok
16:51:16.0156 5836	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:51:16.0250 5836	RasMan - ok
16:51:16.0281 5836	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:51:16.0359 5836	RasPppoe - ok
16:51:16.0390 5836	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:51:16.0468 5836	RasSstp - ok
16:51:16.0515 5836	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:51:16.0609 5836	rdbss - ok
16:51:16.0640 5836	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:51:16.0671 5836	rdpbus - ok
16:51:16.0702 5836	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:51:16.0796 5836	RDPCDD - ok
16:51:16.0827 5836	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:51:16.0905 5836	RDPENCDD - ok
16:51:16.0936 5836	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:51:16.0999 5836	RDPREFMP - ok
16:51:17.0046 5836	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:51:17.0108 5836	RDPWD - ok
16:51:17.0170 5836	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:51:17.0202 5836	rdyboost - ok
16:51:17.0233 5836	regi            (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
16:51:17.0248 5836	regi - ok
16:51:17.0280 5836	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:51:17.0373 5836	RemoteAccess - ok
16:51:17.0420 5836	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:51:17.0529 5836	RemoteRegistry - ok
16:51:17.0576 5836	RimUsb          (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:51:17.0607 5836	RimUsb - ok
16:51:17.0623 5836	RimVSerPort     (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:51:17.0670 5836	RimVSerPort - ok
16:51:17.0716 5836	ROOTMODEM       (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
16:51:17.0794 5836	ROOTMODEM - ok
16:51:17.0841 5836	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:51:17.0935 5836	RpcEptMapper - ok
16:51:17.0966 5836	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:51:18.0013 5836	RpcLocator - ok
16:51:18.0075 5836	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:51:18.0153 5836	RpcSs - ok
16:51:18.0184 5836	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:51:18.0278 5836	rspndr - ok
16:51:18.0356 5836	RSUSBSTOR       (907c4464381b5ebdfdc60f6c7d0dedfc) C:\Windows\system32\Drivers\RtsUStor.sys
16:51:18.0387 5836	RSUSBSTOR - ok
16:51:18.0434 5836	RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
16:51:18.0450 5836	RTHDMIAzAudService - ok
16:51:18.0512 5836	RTL8167         (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:51:18.0543 5836	RTL8167 - ok
16:51:18.0574 5836	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:51:18.0590 5836	SamSs - ok
16:51:18.0637 5836	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:51:18.0668 5836	sbp2port - ok
16:51:18.0699 5836	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:51:18.0777 5836	SCardSvr - ok
16:51:18.0824 5836	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:51:18.0918 5836	scfilter - ok
16:51:19.0011 5836	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:51:19.0136 5836	Schedule - ok
16:51:19.0167 5836	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:51:19.0245 5836	SCPolicySvc - ok
16:51:19.0261 5836	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:51:19.0339 5836	SDRSVC - ok
16:51:19.0401 5836	SearchAnonymizer - ok
16:51:19.0448 5836	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:51:19.0526 5836	secdrv - ok
16:51:19.0573 5836	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:51:19.0666 5836	seclogon - ok
16:51:19.0713 5836	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:51:19.0807 5836	SENS - ok
16:51:19.0822 5836	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:51:19.0885 5836	SensrSvc - ok
16:51:19.0916 5836	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:51:19.0932 5836	Serenum - ok
16:51:19.0963 5836	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:51:19.0994 5836	Serial - ok
16:51:20.0072 5836	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:51:20.0088 5836	sermouse - ok
16:51:20.0134 5836	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:51:20.0228 5836	SessionEnv - ok
16:51:20.0259 5836	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:51:20.0306 5836	sffdisk - ok
16:51:20.0322 5836	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:51:20.0353 5836	sffp_mmc - ok
16:51:20.0368 5836	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:51:20.0415 5836	sffp_sd - ok
16:51:20.0446 5836	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:51:20.0478 5836	sfloppy - ok
16:51:20.0540 5836	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:51:20.0649 5836	SharedAccess - ok
16:51:20.0696 5836	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:51:20.0790 5836	ShellHWDetection - ok
16:51:20.0821 5836	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:51:20.0836 5836	SiSRaid2 - ok
16:51:20.0868 5836	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:51:20.0883 5836	SiSRaid4 - ok
16:51:20.0977 5836	SkypeUpdate     (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:51:20.0992 5836	SkypeUpdate - ok
16:51:21.0039 5836	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:51:21.0117 5836	Smb - ok
16:51:21.0164 5836	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:51:21.0195 5836	SNMPTRAP - ok
16:51:21.0226 5836	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:51:21.0242 5836	spldr - ok
16:51:21.0320 5836	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:51:21.0398 5836	Spooler - ok
16:51:21.0679 5836	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:51:21.0882 5836	sppsvc - ok
16:51:21.0991 5836	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:51:22.0084 5836	sppuinotify - ok
16:51:22.0178 5836	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:51:22.0256 5836	srv - ok
16:51:22.0318 5836	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:51:22.0350 5836	srv2 - ok
16:51:22.0396 5836	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:51:22.0428 5836	srvnet - ok
16:51:22.0490 5836	ssadbus         (d52282225d5bd73a9cbf420699d1a0fe) C:\Windows\system32\DRIVERS\ssadbus.sys
16:51:22.0537 5836	ssadbus ( UnsignedFile.Multi.Generic ) - warning
16:51:22.0537 5836	ssadbus - detected UnsignedFile.Multi.Generic (1)
16:51:22.0584 5836	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:51:22.0677 5836	SSDPSRV - ok
16:51:22.0708 5836	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:51:22.0786 5836	SstpSvc - ok
16:51:22.0942 5836	StarMoney 7.0 OnlineUpdate (e8606bf6be3b7481d95f1dd2e4f3fcba) C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe
16:51:22.0974 5836	StarMoney 7.0 OnlineUpdate - ok
16:51:23.0005 5836	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:51:23.0020 5836	stexstor - ok
16:51:23.0114 5836	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:51:23.0161 5836	stisvc - ok
16:51:23.0192 5836	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:51:23.0208 5836	swenum - ok
16:51:23.0270 5836	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:51:23.0379 5836	swprv - ok
16:51:23.0442 5836	SynTP           (470c47daba9ca3966f0ab3f835d7d135) C:\Windows\system32\DRIVERS\SynTP.sys
16:51:23.0473 5836	SynTP - ok
16:51:23.0613 5836	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:51:23.0707 5836	SysMain - ok
16:51:23.0832 5836	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:51:23.0894 5836	TabletInputService - ok
16:51:23.0925 5836	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:51:24.0019 5836	TapiSrv - ok
16:51:24.0097 5836	tbhsd           (4430e9b4c60aab672d16e801bad0555e) C:\Windows\system32\drivers\tbhsd.sys
16:51:24.0112 5836	tbhsd - ok
16:51:24.0159 5836	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:51:24.0253 5836	TBS - ok
16:51:24.0424 5836	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:51:24.0502 5836	Tcpip - ok
16:51:24.0768 5836	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:51:24.0846 5836	TCPIP6 - ok
16:51:24.0986 5836	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:51:25.0064 5836	tcpipreg - ok
16:51:25.0111 5836	tdcmdpst        (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys
16:51:25.0126 5836	tdcmdpst - ok
16:51:25.0158 5836	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:51:25.0189 5836	TDPIPE - ok
16:51:25.0220 5836	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:51:25.0267 5836	TDTCP - ok
16:51:25.0298 5836	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:51:25.0392 5836	tdx - ok
16:51:25.0672 5836	TeamViewer7     (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
16:51:25.0782 5836	TeamViewer7 - ok
16:51:25.0860 5836	TemproMonitoringService (1b709733a04dcc41a63f9cd1f76a4ebe) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
16:51:25.0875 5836	TemproMonitoringService - ok
16:51:26.0016 5836	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:51:26.0031 5836	TermDD - ok
16:51:26.0125 5836	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:51:26.0218 5836	TermService - ok
16:51:26.0250 5836	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:51:26.0296 5836	Themes - ok
16:51:26.0328 5836	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:51:26.0406 5836	THREADORDER - ok
16:51:26.0484 5836	TMachInfo       (28644b0523d64eff2fc7312a2ee74b0a) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
16:51:26.0499 5836	TMachInfo - ok
16:51:26.0546 5836	TODDSrv         (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe
16:51:26.0577 5836	TODDSrv - ok
16:51:26.0702 5836	TosCoSrv        (98c864481d62f86ec8af65be3419a95b) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:51:26.0733 5836	TosCoSrv - ok
16:51:26.0811 5836	TOSHIBA Bluetooth Service (895f6972480306cb2a2a246991e34c68) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
16:51:26.0827 5836	TOSHIBA Bluetooth Service - ok
16:51:26.0920 5836	TOSHIBA eco Utility Service (2ab7a4697462edb0c9dfafc529746ba9) C:\Program Files\TOSHIBA\TECO\TecoService.exe
16:51:26.0952 5836	TOSHIBA eco Utility Service - ok
16:51:26.0998 5836	TOSHIBA HDD SSD Alert Service (74c2fa8c3765ee71a9c22182ec108457) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
16:51:27.0014 5836	TOSHIBA HDD SSD Alert Service - ok
16:51:27.0061 5836	tosporte        (8021f63311797085949fa387f7c83583) C:\Windows\system32\DRIVERS\tosporte.sys
16:51:27.0076 5836	tosporte - ok
16:51:27.0123 5836	tosrfbd         (1b09357180034639e62cf745e77ac66e) C:\Windows\system32\DRIVERS\tosrfbd.sys
16:51:27.0139 5836	tosrfbd - ok
16:51:27.0170 5836	tosrfbnp        (62512b5277d88600f8bd4b7aec43569d) C:\Windows\system32\Drivers\tosrfbnp.sys
16:51:27.0186 5836	tosrfbnp - ok
16:51:27.0217 5836	Tosrfcom        (c523a9186c39d65cc9adebb2e1b93ccd) C:\Windows\system32\Drivers\tosrfcom.sys
16:51:27.0232 5836	Tosrfcom - ok
16:51:27.0279 5836	tosrfec         (11699d47b3491d86249c168496d55c92) C:\Windows\system32\DRIVERS\tosrfec.sys
16:51:27.0295 5836	tosrfec - ok
16:51:27.0342 5836	Tosrfhid        (451b8c1815c6cc39650af916c2a382cd) C:\Windows\system32\DRIVERS\Tosrfhid.sys
16:51:27.0357 5836	Tosrfhid - ok
16:51:27.0373 5836	tosrfnds        (b6fdc3c76ffe9c5171eea9c37ea367c2) C:\Windows\system32\DRIVERS\tosrfnds.sys
16:51:27.0388 5836	tosrfnds - ok
16:51:27.0435 5836	TosRfSnd        (e1e045240c1184fa6628f3c7e7ff85d8) C:\Windows\system32\drivers\tosrfsnd.sys
16:51:27.0451 5836	TosRfSnd - ok
16:51:27.0482 5836	Tosrfusb        (de44a2a2459d0504f146e599f4bd2074) C:\Windows\system32\DRIVERS\tosrfusb.sys
16:51:27.0498 5836	Tosrfusb - ok
16:51:27.0607 5836	TPCHSrv         (97687d094aa597da366e1194b218cc6c) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
16:51:27.0654 5836	TPCHSrv - ok
16:51:27.0669 5836	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:51:27.0778 5836	TrkWks - ok
16:51:27.0841 5836	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:51:27.0934 5836	TrustedInstaller - ok
16:51:27.0966 5836	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:51:28.0028 5836	tssecsrv - ok
16:51:28.0090 5836	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:51:28.0137 5836	TsUsbFlt - ok
16:51:28.0200 5836	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:51:28.0278 5836	tunnel - ok
16:51:28.0340 5836	TVALZ           (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
16:51:28.0356 5836	TVALZ - ok
16:51:28.0387 5836	TVALZFL         (9c7191f4b2e49bff47a6c1144b5923fa) C:\Windows\system32\DRIVERS\TVALZFL.sys
16:51:28.0402 5836	TVALZFL - ok
16:51:28.0434 5836	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:51:28.0449 5836	uagp35 - ok
16:51:28.0496 5836	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:51:28.0590 5836	udfs - ok
16:51:28.0621 5836	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:51:28.0668 5836	UI0Detect - ok
16:51:28.0714 5836	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:51:28.0730 5836	uliagpkx - ok
16:51:28.0777 5836	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:51:28.0824 5836	umbus - ok
16:51:28.0855 5836	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:51:28.0870 5836	UmPass - ok
16:51:29.0104 5836	UNS             (cc3775100aba633984f73dfae1f55cae) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:51:29.0198 5836	UNS - ok
16:51:29.0323 5836	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:51:29.0416 5836	upnphost - ok
16:51:29.0479 5836	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:51:29.0526 5836	usbccgp - ok
16:51:29.0588 5836	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:51:29.0604 5836	usbcir - ok
16:51:29.0650 5836	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:51:29.0666 5836	usbehci - ok
16:51:29.0713 5836	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:51:29.0760 5836	usbhub - ok
16:51:29.0791 5836	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:51:29.0822 5836	usbohci - ok
16:51:29.0869 5836	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:51:29.0916 5836	usbprint - ok
16:51:29.0994 5836	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:51:30.0025 5836	usbscan - ok
16:51:30.0072 5836	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:51:30.0118 5836	USBSTOR - ok
16:51:30.0134 5836	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:51:30.0165 5836	usbuhci - ok
16:51:30.0243 5836	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:51:30.0290 5836	usbvideo - ok
16:51:30.0321 5836	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:51:30.0415 5836	UxSms - ok
16:51:30.0446 5836	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:51:30.0477 5836	VaultSvc - ok
16:51:30.0524 5836	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:51:30.0555 5836	vdrvroot - ok
16:51:30.0618 5836	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:51:30.0711 5836	vds - ok
16:51:30.0758 5836	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:51:30.0789 5836	vga - ok
16:51:30.0805 5836	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:51:30.0898 5836	VgaSave - ok
16:51:30.0930 5836	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:51:30.0961 5836	vhdmp - ok
16:51:30.0976 5836	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:51:31.0008 5836	viaide - ok
16:51:31.0101 5836	VMCService      (6e021d6da429ad7288fe8322e2bba96b) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
16:51:31.0117 5836	VMCService ( UnsignedFile.Multi.Generic ) - warning
16:51:31.0117 5836	VMCService - detected UnsignedFile.Multi.Generic (1)
16:51:31.0148 5836	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:51:31.0179 5836	volmgr - ok
16:51:31.0226 5836	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:51:31.0257 5836	volmgrx - ok
16:51:31.0320 5836	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:51:31.0351 5836	volsnap - ok
16:51:31.0398 5836	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:51:31.0429 5836	vsmraid - ok
16:51:31.0569 5836	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:51:31.0694 5836	VSS - ok
16:51:31.0819 5836	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:51:31.0866 5836	vwifibus - ok
16:51:31.0881 5836	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:51:31.0912 5836	vwififlt - ok
16:51:31.0959 5836	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:51:31.0990 5836	vwifimp - ok
16:51:32.0053 5836	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:51:32.0131 5836	W32Time - ok
16:51:32.0146 5836	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:51:32.0193 5836	WacomPen - ok
16:51:32.0224 5836	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:51:32.0302 5836	WANARP - ok
16:51:32.0318 5836	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:51:32.0380 5836	Wanarpv6 - ok
16:51:32.0505 5836	WatAdminSvc     (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:51:32.0568 5836	WatAdminSvc - ok
16:51:32.0692 5836	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:51:32.0786 5836	wbengine - ok
16:51:32.0895 5836	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:51:32.0926 5836	WbioSrvc - ok
16:51:33.0004 5836	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:51:33.0036 5836	wcncsvc - ok
16:51:33.0067 5836	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:51:33.0129 5836	WcsPlugInService - ok
16:51:33.0176 5836	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:51:33.0192 5836	Wd - ok
16:51:33.0254 5836	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:51:33.0285 5836	Wdf01000 - ok
16:51:33.0316 5836	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:51:33.0441 5836	WdiServiceHost - ok
16:51:33.0441 5836	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:51:33.0488 5836	WdiSystemHost - ok
16:51:33.0535 5836	wDokan          (dcca6588651e970ff20bd3a38bbbd078) C:\Windows\system32\drivers\wdokan.sys
16:51:33.0566 5836	wDokan - ok
16:51:33.0644 5836	wDokanMounter   (ff0ff2bd32b6d39700810900cd6fd8e6) C:\Program Files (x86)\Wuala Dokan\mounter.exe
16:51:33.0660 5836	wDokanMounter ( UnsignedFile.Multi.Generic ) - warning
16:51:33.0660 5836	wDokanMounter - detected UnsignedFile.Multi.Generic (1)
16:51:33.0706 5836	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:51:33.0769 5836	WebClient - ok
16:51:33.0800 5836	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:51:33.0909 5836	Wecsvc - ok
16:51:33.0925 5836	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:51:34.0018 5836	wercplsupport - ok
16:51:34.0050 5836	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:51:34.0143 5836	WerSvc - ok
16:51:34.0174 5836	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:51:34.0252 5836	WfpLwf - ok
16:51:34.0284 5836	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:51:34.0299 5836	WIMMount - ok
16:51:34.0315 5836	WinDefend - ok
16:51:34.0330 5836	WinHttpAutoProxySvc - ok
16:51:34.0393 5836	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:51:34.0455 5836	Winmgmt - ok
16:51:34.0627 5836	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:51:34.0736 5836	WinRM - ok
16:51:34.0892 5836	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:51:34.0939 5836	WinUsb - ok
16:51:35.0017 5836	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:51:35.0095 5836	Wlansvc - ok
16:51:35.0282 5836	wlidsvc         (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:51:35.0376 5836	wlidsvc - ok
16:51:35.0500 5836	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:51:35.0547 5836	WmiAcpi - ok
16:51:35.0625 5836	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:51:35.0672 5836	wmiApSrv - ok
16:51:35.0703 5836	WMPNetworkSvc - ok
16:51:35.0734 5836	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:51:35.0781 5836	WPCSvc - ok
16:51:35.0828 5836	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:51:35.0875 5836	WPDBusEnum - ok
16:51:35.0906 5836	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:51:35.0984 5836	ws2ifsl - ok
16:51:36.0015 5836	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:51:36.0078 5836	wscsvc - ok
16:51:36.0078 5836	WSearch - ok
16:51:36.0280 5836	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:51:36.0421 5836	wuauserv - ok
16:51:36.0561 5836	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:51:36.0639 5836	WudfPf - ok
16:51:36.0717 5836	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:51:36.0795 5836	WUDFRd - ok
16:51:36.0826 5836	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:51:36.0904 5836	wudfsvc - ok
16:51:36.0936 5836	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:51:36.0982 5836	WwanSvc - ok
16:51:37.0060 5836	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:51:38.0152 5836	\Device\Harddisk0\DR0 - ok
16:51:38.0184 5836	Boot (0x1200)   (89eda927bedadb9a679c61e379466850) \Device\Harddisk0\DR0\Partition0
16:51:38.0184 5836	\Device\Harddisk0\DR0\Partition0 - ok
16:51:38.0215 5836	Boot (0x1200)   (82b30a42abb57acbe46708faf071db62) \Device\Harddisk0\DR0\Partition1
16:51:38.0215 5836	\Device\Harddisk0\DR0\Partition1 - ok
16:51:38.0215 5836	============================================================
16:51:38.0215 5836	Scan finished
16:51:38.0215 5836	============================================================
16:51:38.0230 5976	Detected object count: 3
16:51:38.0230 5976	Actual detected object count: 3
16:51:47.0403 5976	ssadbus ( UnsignedFile.Multi.Generic ) - skipped by user
16:51:47.0403 5976	ssadbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:51:47.0403 5976	VMCService ( UnsignedFile.Multi.Generic ) - skipped by user
16:51:47.0403 5976	VMCService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:51:47.0403 5976	wDokanMounter ( UnsignedFile.Multi.Generic ) - skipped by user
16:51:47.0403 5976	wDokanMounter ( UnsignedFile.Multi.Generic ) - User select action: Skip
Beste Grüsse. TGS83

Alt 15.06.2012, 09:21   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet extrem langsam - Standard

Internet extrem langsam


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 18.06.2012, 18:58   #11
tgs83
 
Internet extrem langsam - Standard

Internet extrem langsam


Moin,
anbei der Logfile von Combofix:

[code]
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-06-16.02 - Bärbel 18.06.2012  19:05:37.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3955.2505 [GMT 2:00]
ausgeführt von:: c:\users\Bärbel\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Bärbel\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
c:\users\BRBEL~1\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
c:\windows\IsUn0407.exe
c:\windows\system32\drivers\etc\lmhosts
c:\windows\SysWow64\eventmgr.exe
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-05-18 bis 2012-06-18  ))))))))))))))))))))))))))))))
.
.
2012-06-18 17:24 . 2012-06-18 17:24	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-06-15 14:54 . 2012-05-08 17:02	8955792	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{71678C71-6934-4994-8A36-4056CC1A694D}\mpengine.dll
2012-06-13 09:43 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-13 09:43 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-13 09:43 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-13 09:43 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-06-13 09:43 . 2012-05-04 11:06	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-06-13 09:43 . 2012-05-04 10:03	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 09:43 . 2012-05-04 10:03	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 09:43 . 2012-05-15 01:32	3146752	----a-w-	c:\windows\system32\win32k.sys
2012-06-13 09:42 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-13 09:42 . 2012-04-07 12:31	3216384	----a-w-	c:\windows\system32\msi.dll
2012-06-13 09:42 . 2012-04-07 11:26	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2012-06-13 09:42 . 2012-04-24 05:37	1462272	----a-w-	c:\windows\system32\crypt32.dll
2012-06-13 09:42 . 2012-04-24 05:37	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2012-06-13 09:42 . 2012-04-24 05:37	140288	----a-w-	c:\windows\system32\cryptnet.dll
2012-06-13 09:42 . 2012-04-24 04:36	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2012-06-13 09:42 . 2012-04-24 04:36	1158656	----a-w-	c:\windows\SysWow64\crypt32.dll
2012-06-13 09:42 . 2012-04-24 04:36	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2012-06-12 08:13 . 2012-06-12 08:13	--------	d-----w-	C:\_OTL
2012-06-09 06:33 . 2012-06-09 06:33	--------	d-----w-	c:\users\Bärbel\AppData\Local\Macromedia
2012-06-08 11:21 . 2012-06-08 11:21	--------	d-----w-	c:\program files (x86)\ESET
2012-06-08 09:16 . 2012-06-08 09:16	--------	d-----w-	c:\program files\Common Files\Deterministic Networks
2012-06-08 09:16 . 2012-06-08 09:16	--------	d-----w-	c:\program files (x86)\Cisco Systems
2012-05-21 07:00 . 2012-05-21 07:00	163048	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-09 06:31 . 2012-05-03 06:07	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-09 06:31 . 2011-05-26 05:41	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 15:38 . 2012-05-03 06:26	8744608	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-02 13:24 . 2012-05-14 06:55	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-04-27 08:20 . 2012-05-14 06:55	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-04-24 22:32 . 2012-05-14 06:55	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-04-19 18:41 . 2011-07-18 15:38	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-04-18 18:56 . 2012-04-18 18:56	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2012-04-04 13:56 . 2011-04-24 07:55	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-30 11:35 . 2012-05-08 21:10	1918320	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-03-22 19:12 . 2012-03-22 19:12	4435968	----a-w-	c:\windows\SysWow64\GPhotos.scr
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Bärbel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Bärbel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Bärbel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-22 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-03-17 1141144]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-01-04 103896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Google Updater"="c:\program files (x86)\Google\Google Updater\GoogleUpdater.exe" [2012-02-27 161336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Bärbel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bärbel\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
PdaNet Desktop.lnk - c:\program files (x86)\PdaNet for Android\PdaNetPC.exe [2011-7-30 480880]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-9-15 110592]
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2010-2-24 2721120]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-19 136176]
R2 SearchAnonymizer;SearchAnonymizer;c:\users\Bärbel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 StarMoney 7.0 OnlineUpdate;StarMoney 7.0 OnlineUpdate;c:\program files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe [2011-11-08 554160]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-09 257224]
R3 cjusb;REINER SCT cyberJack USB Driver;c:\windows\system32\DRIVERS\cjusb.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-19 136176]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 cjpcsc;cyberJack PC/SC COM Service ;c:\windows\SysWOW64\cjpcsc.exe [2010-05-02 498096]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-01-04 793048]
S2 Prosieben;maxdome Download Manager;c:\program files (x86)\maxdome\DCBin\DCService.exe [2009-05-01 77032]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-07-04 14336]
S2 wDokan;wDokan;c:\windows\system32\drivers\wdokan.sys [x]
S2 wDokanMounter;wDokanMounter;c:\program files (x86)\Wuala Dokan\mounter.exe [2010-08-11 11776]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 06:31]
.
2012-06-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-08-10 20:48]
.
2012-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-19 18:28]
.
2012-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-19 18:28]
.
2012-06-11 c:\windows\Tasks\Norton Security Scan for Bärbel.job
- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-12-23 00:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Bärbel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Bärbel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Bärbel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-02-12 136136]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-11-02 2710856]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = 
uDefault_Search_URL = 
mLocal Page = 
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = 
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Bärbel\AppData\Roaming\Mozilla\Firefox\Profiles\0rvutfq7.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.startup.homepage - www.igoogle.de
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
ShellIconOverlayIdentifiers-{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} - (no file)
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-Ocs_SM - c:\users\Bärbel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
AddRemove-Adobe Photoshop Elements 2.0 - c:\windows\ISUN0407.EXE
AddRemove-conduitEngine - c:\progra~2\CONDUI~1\ConduitEngineUninstall.exe
AddRemove-Freeware.de Toolbar - c:\progra~2\Freeware.de\UNINST~1.EXE
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files (x86)\Ask.com\Updater\Updater.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Prosieben]
"ImagePath"="\"c:\program files (x86)\maxdome\DCBin\DCService.exe\" /accountid:Prosieben"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-18  19:48:16 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-06-18 17:48
.
Vor Suchlauf: 11 Verzeichnis(se), 55.875.932.160 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 55.282.446.336 Bytes frei
.
- - End Of File - - A4B87B18C28B3802E5DE7112A1BD8385
--- --- ---


Viele Grüße und vielen Dank,
TGS83

Alt 18.06.2012, 21:21   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet extrem langsam - Standard

Internet extrem langsam


Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.06.2012, 20:05   #13
tgs83
 
Internet extrem langsam - Standard

Internet extrem langsam


Hallo,
also GMER hat bei mir nichts gefunden. Dann zunächst OSAM:
OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 19:51:05 on 21.06.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit
Default Browser: Mozilla Corporation Firefox 12.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"Google Software Updater.job" - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
"Norton Security Scan for Bärbel.job" - "Symantec Corporation" - C:\PROGRA~2\NORTON~2\Engine\351~1.8\Nss.exe

[Control Panel Objects]
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Nero BackItUp and BurnRights" - "Nero AG" - c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BurnRights\NeroBurnRights_bb.cpl
"Nero BurnRights" - "Nero AG" - c:\Program Files (x86)\Nero\Nero 9\Nero BurnRights\NeroBurnRights_cpl.cpl
"QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - ? - C:\Windows\system32\Drivers\CVPNDRVA.sys  (File found, but it contains no detailed information)
"PxHlpa64" (PxHlpa64) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHlpa64.sys
"regi" (regi) - "InterVideo" - C:\Windows\system32\drivers\regi.sys
"SAMSUNG Android USB Composite Device driver (WDM)" (ssadbus) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\ssadbus.sys
"wDokan" (wDokan) - ? - C:\Windows\system32\drivers\wdokan.sys

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B} "Bluetooth" - ? -   (File not found | COM-object registry key not found)
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler )-----
{5FF49FE8-B332-4CB9-B102-FB6951629E55} "Virtual Storage Mount Notification" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files (x86)\7-Zip\7-zip.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? -   (File not found | COM-object registry key not found)
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
{D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll
{83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files (x86)\real\realplayer\rpshell.dll
{5FF49FE8-B332-4CB9-B102-FB6951629E55} "Virtual Storage Mount Notification" - ? -   (File not found | COM-object registry key not found)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----
{5FF49FE8-B332-4CB9-B102-FB6951629E55} "EldosMountNotificator" - ? -   (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
ITBar7Height64 "ITBar7Height64" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{C345E174-3E87-4F41-A01C-B066A90A49B4} "WRC Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\wrc32.ocx / hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -   (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{F3C88694-EFFA-4d78-B409-54B7B2535B14} "TOSHIBA Media Controller Plug-in" - "<TOSHIBA>" - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{30F9B915-B755-4826-820B-08FBA6BD249D} "{30F9B915-B755-4826-820B-08FBA6BD249D}" - ? -   (File not found | COM-object registry key not found)

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Bärbel\AppData\Roaming\Dropbox\bin\Dropbox.exe  (Shortcut exists | File exists)
"PdaNet Desktop.lnk" - ? - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"Adobe Gamma Loader.lnk" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe  (Shortcut exists | File exists)
"Bluetooth Manager.lnk" - "TOSHIBA CORPORATION." - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"TOSHIBA Online Product Information" - "TOSHIBA" - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"ArcSoft Connection Service" - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"Google Updater" - "Google" - "C:\Program Files (x86)\Google\Google Updater\GoogleUpdater.exe" -check_deprecation
"HWSetup" - "TOSHIBA Electronics, Inc." - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
"InstaLAN" - ? - "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
"iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"KeNotify" - "TOSHIBA CORPORATION" - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
"QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
"SSDMonitor" - "PC Tools" - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"SVPWUTIL" - "TOSHIBA CORPORATION" - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
"TWebCamera" - "TOSHIBA CORPORATION." - "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

[Network Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )-----
"CbFs3" - ? - CbFs3,RDPNP,LanmanWorkstation,webclient,WualaDokan  (File not found)
"WDokanNP" - ? - C:\Windows\System32\wdokannp.dll

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Toshiba Bluetooth Monitor" - "TOSHIBA CORPORATION." - C:\Windows\system32\tbtmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll  (File not found)
"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe"  (File not found)
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Active File Monitor V8" (AdobeActiveFileMonitor8.0) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"AffinegyService" (AffinegyService) - "Affinegy, Inc." - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
"ConfigFree Service" (ConfigFree Service) - "TOSHIBA CORPORATION" - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
"ConfigFree WiMAX Service" (cfWiMAXService) - "TOSHIBA CORPORATION" - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
"cyberJack PC/SC COM Service " (cjpcsc) - "REINER SCT" - C:\Windows\SysWOW64\cjpcsc.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Acresso Software Inc." - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Intel(R) Management & Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
"Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
"maxdome Download Manager" (Prosieben) - "Entriq, Inc." - C:\Program Files (x86)\maxdome\DCBin\DCService.exe
"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
"Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
"Notebook Performance Tuning Service (TEMPRO)" (TemproMonitoringService) - "Toshiba Europe GmbH" - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"PC Tools Startup and Shutdown Monitor service" (PCToolsSSDMonitorSvc) - "PC Tools" - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
"Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
"SearchAnonymizer" (SearchAnonymizer) - ? - "C:\Users\Bärbel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe"  (File not found)
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe
"StarMoney 7.0 OnlineUpdate" (StarMoney 7.0 OnlineUpdate) - "Star Finanz - Software Entwicklung und Vertriebs GmbH" - C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe
"TeamViewer 7" (TeamViewer7) - "TeamViewer GmbH" - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
"TMachInfo" (TMachInfo) - "TOSHIBA Corporation" - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
"TOSHIBA Bluetooth Service" (TOSHIBA Bluetooth Service) - "TOSHIBA CORPORATION" - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
"TOSHIBA eco Utility Service" (TOSHIBA eco Utility Service) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\TECO\TecoService.exe
"TOSHIBA HDD SSD Alert Service" (TOSHIBA HDD SSD Alert Service) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
"TOSHIBA Optical Disc Drive Service" (TODDSrv) - "TOSHIBA Corporation" - C:\Windows\system32\TODDSrv.exe
"TOSHIBA Power Saver" (TosCoSrv) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
"TPCH Service" (TPCHSrv) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
"Vodafone Mobile Connect Service" (VMCService) - "Vodafone" - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
"wDokanMounter" (wDokanMounter) - ? - C:\Program Files (x86)\Wuala Dokan\mounter.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
[/code]

Dann ASWmbr
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-21 20:11:00
-----------------------------
20:11:00.952    OS Version: Windows x64 6.1.7601 Service Pack 1
20:11:00.952    Number of processors: 4 586 0x2502
20:11:00.952    ComputerName: BÄRBEL_LAPTOP  UserName: Bärbel
20:11:01.592    Initialize success
20:11:08.175    AVAST engine defs: 12062100
20:11:24.134    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:11:24.134    Disk 0 Vendor: TOSHIBA_ GJ00 Size: 305245MB BusType: 3
20:11:24.181    Disk 0 MBR read successfully
20:11:24.181    Disk 0 MBR scan
20:11:24.197    Disk 0 Windows 7 default MBR code
20:11:24.212    Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS          400 MB offset 2048
20:11:24.228    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       152622 MB offset 821248
20:11:24.275    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       152222 MB offset 313391104
20:11:24.321    Disk 0 scanning C:\Windows\system32\drivers
20:11:38.361    Service scanning
20:12:30.512    Modules scanning
20:12:30.528    Disk 0 trace - called modules:
20:12:30.543    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
20:12:30.543    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004caf060]
20:12:30.887    3 CLASSPNP.SYS[fffff88001b6f43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049d5050]
20:12:30.887    Scan finished successfully
20:57:40.016    Disk 0 MBR has been saved successfully to "C:\Users\Bärbel\Desktop\Reparatur\MBR.dat"
20:57:40.032    The log file has been saved successfully to "C:\Users\Bärbel\Desktop\Reparatur\aswMBR.txt"
Vielen Dank und Gruß,

TGS83

Alt 21.06.2012, 20:10   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet extrem langsam - Standard

Internet extrem langsam


Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.06.2012, 23:49   #15
tgs83
 
Internet extrem langsam - Standard

Internet extrem langsam


Moin,
anbei einmal Malwarebytes:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.21.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Bärbel :: BÄRBEL_LAPTOP [Administrator]

21.06.2012 21:17:53
mbam-log-2012-06-21 (21-17-53).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 425780
Laufzeit: 44 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Und einmal SuperASW:
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 06/21/2012 at 11:41 PM

Application Version : 5.1.1002

Core Rules Database Version : 8776
Trace Rules Database Version: 6588

Scan type       : Complete Scan
Total Scan Time : 01:22:05

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned      : 916
Memory threats detected   : 0
Registry items scanned    : 67928
Registry threats detected : 0
File items scanned        : 196874
File threats detected     : 218

Adware.Tracking Cookie
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\M23Z234Q.txt [ /tracking.quisma.com ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\XC1KKIIY.txt [ /questionmarket.com ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\QQ9DTD8D.txt [ /apmebf.com ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\IJDOFU4L.txt [ /atdmt.com ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\9TVBSKC5.txt [ /fastclick.net ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\IYVFLPJN.txt [ /adtech.de ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\JYK6VFLE.txt [ /unitymedia.de ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\0EOXLY1F.txt [ /a.revenuemax.de ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\YLVJ8V21.txt [ /smartadserver.com ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\QNP6RUSI.txt [ /doubleclick.net ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\4FGPE1SR.txt [ /mediaplex.com ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\W9P7KMDZ.txt [ /serving-sys.com ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\NRXII6HC.txt [ /c.atdmt.com ]
	C:\Users\Bärbel\AppData\Roaming\Microsoft\Windows\Cookies\HRA08GDB.txt [ /2o7.net ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\5P1TBDXD.txt [ Cookie:bärbel@ad.yieldmanager.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\COHODJ4S.txt [ Cookie:bärbel@tracking.quisma.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\G63BUGLG.txt [ Cookie:bärbel@adx.chip.de/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\NIOG3B4T.txt [ Cookie:bärbel@atdmt.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\TV4GVKCM.txt [ Cookie:bärbel@adfarm1.adition.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\NO7AZDSC.txt [ Cookie:bärbel@fastclick.net/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\VGSS10SR.txt [ Cookie:bärbel@ads.quartermedia.de/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\I2XXL2N6.txt [ Cookie:bärbel@adform.net/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\KCIR0H03.txt [ Cookie:bärbel@adtech.de/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\GLH0NF5C.txt [ Cookie:bärbel@overture.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\7O091ZQN.txt [ Cookie:bärbel@accounts.google.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\7C7V4ODO.txt [ Cookie:bärbel@unitymedia.de/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\KYCN6EKX.txt [ Cookie:bärbel@ad2.adfarm1.adition.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\1NEVBN4M.txt [ Cookie:bärbel@e-2dj6wjk4eodjokp.stats.esomniture.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\UZUCXLMS.txt [ Cookie:bärbel@smartadserver.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ZBGTGG8.txt [ Cookie:bärbel@ad.zanox.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\YJIPV25E.txt [ Cookie:bärbel@doubleclick.net/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\6ES8CSV5.txt [ Cookie:bärbel@imrworldwide.com/cgi-bin ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\11M1PBZW.txt [ Cookie:bärbel@eas.apm.emediate.eu/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\UDRFW6FN.txt [ Cookie:bärbel@webmasterplan.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\QWCBVYU5.txt [ Cookie:bärbel@esprit-adt.traffictrack.de/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\OY8ICI9N.txt [ Cookie:bärbel@revsci.net/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\YE6JAVM2.txt [ Cookie:bärbel@www.googleadservices.com/pagead/conversion/1071668411/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\NOKHHPLC.txt [ Cookie:bärbel@invitemedia.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\QCOW4OUO.txt [ Cookie:bärbel@track.adform.net/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\GPV28P10.txt [ Cookie:bärbel@www.etracker.de/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\W67TGJ0Y.txt [ Cookie:bärbel@c.atdmt.com/ ]
	C:\USERS\BäRBEL\AppData\Roaming\Microsoft\Windows\Cookies\Low\KCD1G3N8.txt [ Cookie:bärbel@2o7.net/ ]
	C:\USERS\BäRBEL\Cookies\M23Z234Q.txt [ Cookie:bärbel@tracking.quisma.com/ ]
	C:\USERS\BäRBEL\Cookies\QQ9DTD8D.txt [ Cookie:bärbel@apmebf.com/ ]
	C:\USERS\BäRBEL\Cookies\IJDOFU4L.txt [ Cookie:bärbel@atdmt.com/ ]
	C:\USERS\BäRBEL\Cookies\9TVBSKC5.txt [ Cookie:bärbel@fastclick.net/ ]
	C:\USERS\BäRBEL\Cookies\IYVFLPJN.txt [ Cookie:bärbel@adtech.de/ ]
	C:\USERS\BäRBEL\Cookies\JYK6VFLE.txt [ Cookie:bärbel@unitymedia.de/ ]
	C:\USERS\BäRBEL\Cookies\YLVJ8V21.txt [ Cookie:bärbel@smartadserver.com/ ]
	C:\USERS\BäRBEL\Cookies\QNP6RUSI.txt [ Cookie:bärbel@doubleclick.net/ ]
	C:\USERS\BäRBEL\Cookies\4FGPE1SR.txt [ Cookie:bärbel@mediaplex.com/ ]
	C:\USERS\BäRBEL\Cookies\W9P7KMDZ.txt [ Cookie:bärbel@serving-sys.com/ ]
	C:\USERS\BäRBEL\Cookies\NRXII6HC.txt [ Cookie:bärbel@c.atdmt.com/ ]
	C:\USERS\BäRBEL\Cookies\HRA08GDB.txt [ Cookie:bärbel@2o7.net/ ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wjkyqldzsbo.stats.esomniture.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.stats4free.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.stats4free.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.stats4free.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.stats4free.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.stats4free.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	adfarm1.adition.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.stats4free.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.stats4free.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.stats4free.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.bizrate.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.bizrate.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.bizrate.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	esprit-adt.traffictrack.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.esprit-adt.traffictrack.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.esprit-adt.traffictrack.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.tracking.3gnet.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wjmiakdjkfp.stats.esomniture.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.thefind.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	data.mediamarkt.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	statse.webtrendslive.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.guj.122.2o7.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.bshg.122.2o7.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.flightstats.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.flightstats.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.flightstats.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.usatoday1.112.2o7.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.flightstats.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.flightstats.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.flightstats.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.flightstats.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wnmywncjohp.stats.esomniture.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.paypal.112.2o7.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.www.multicounter.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	tracking.11880.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	tracking.11880.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.printfinders.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.printfinders.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.printfinders.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.printfinders.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.statcounter.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	api.skyscanner.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	api.skyscanner.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	api.skyscanner.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wjkocpd5sfq.stats.esomniture.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wmkoundpegq.stats.esomniture.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wgkiqndpafo.stats.esomniture.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	a.visualrevenue.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	.timeoutcommunications.122.2o7.net [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.mediamarkt.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.mediamarkt.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	insight.torbit.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\BäRBEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RVUTFQ7.DEFAULT\COOKIES.SQLITE ]

PUP.CNETInstaller
	C:\USERS\BäRBEL\DOWNLOADS\CNET_INSTALL ECLIPSECROSSWORD_EXE.EXE
Viele Grüße, TGS83

Antwort
Seite 1 von 2 1 2

Themen zu Internet extrem langsam
alert, alternate, antivir, autorun, avira, bho, bonjour, conduit, device driver, document, downloader, error, firefox, flash player, format, google earth, home, internet, langsam, logfile, mozilla, notification, performance, plug-in, problem, realtek, scan, searchscopes, security, security scan, senden, software, starmoney, usb, vodafone, windows


« Yahoo Toolbar laesst sich nicht entfernen | GVU Trojaner mit Webcam »


Ähnliche Themen: Internet extrem langsam


  1. PC/Internet extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 05.12.2013 (21)
  2. Rechner (Internet) extrem langsam langsam und hackelig!Leerlaufprozess Task Manager ständig zw. 70-98 %
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (17)
  3. Internet und PC extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 04.02.2013 (1)
  4. Internet extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 27.07.2011 (12)
  5. Internet extrem langsam!
    Log-Analyse und Auswertung - 19.04.2011 (1)
  6. Internet extrem langsam
    Log-Analyse und Auswertung - 08.06.2010 (1)
  7. Internet extrem langsam
    Log-Analyse und Auswertung - 02.06.2010 (0)
  8. Internet extrem langsam
    Netzwerk und Hardware - 31.03.2010 (1)
  9. Internet extrem langsam
    Log-Analyse und Auswertung - 10.01.2010 (0)
  10. Internet extrem langsam
    Log-Analyse und Auswertung - 30.10.2009 (15)
  11. Internet extrem langsam!
    Log-Analyse und Auswertung - 04.06.2009 (2)
  12. Internet extrem langsam
    Log-Analyse und Auswertung - 15.04.2009 (1)
  13. Internet extrem langsam
    Log-Analyse und Auswertung - 21.12.2008 (0)
  14. Internet extrem langsam
    Log-Analyse und Auswertung - 21.08.2008 (11)
  15. Internet EXTREM langsam
    Log-Analyse und Auswertung - 25.05.2008 (1)
  16. Internet extrem langsam
    Log-Analyse und Auswertung - 13.03.2008 (4)
  17. Internet extrem langsam!!!
    Log-Analyse und Auswertung - 02.02.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Internet extrem langsam - Liebe Forenmitglieder. Habe an meinem Laptop das Problem, dass mein Internet extrem ist, so dass ich ich hier kaum posten kann. Das liegt aber nicht an der Netzverbindung. Downloads sind - Internet extrem langsam...
Archiv
Du betrachtest: Internet extrem langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132