| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Dateien Verschlüsselt Bundestrojaner noch auf dem RechnerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.06.2012, 20:46
| #1 |
 |  Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner Ich habe seit gestern echt schiet problem mit meinem Rechner.. Habe ne email im Postfach gehabt Welche mit dem namen meiner Mutter gekommen ist. Dies war/ sollte eine rechung sein und ein anhang mit einer Zip datei war mit dran. die ich leider echt dummer neugieriger weise öffnen wollte. so richtig hatte ich nicht das gefühl das ich das geöffnet hatte.. naja dann hatte ich später als ich den rechner ausstellen wollte dieses Bild welches hier die seite schmückt auf dem rechner.. Habe dann rechner ausgemacht und hatte mir das heute erst angesehen was das genau war, und mit Malwarebytes gelöscht nun habe ich aber wie alle hier das problem das ich absolut KEINE Datein/ bilder lesen kann... Vll. kannst du mir schon helfen, ich Poste es aber noch einmal mit in den Theart mit hinnein... Habe XP auf dem Rechner, und laut Volker ist der Befall noch nicht runter da Taskmanager nicht angeht! Meine email die ich bekam sah so aus: im anhang eine Zipdatei (rechnung) Guten Tag Roswitha K?kelhahn, Danke für ihren Vertrag mit KronederSchoepfung.de, nachfolgend finden Sie Ihre Einkaufsbestätigung. Deine Antragsnummer: 661066735882 Bestellung: Canon 1622436517 9060,08 Euro Rechnung auf den Namen: Roswitha K?kelhahn Abrechnung erfolgt durch: Mastercard Danke im Voraus!!! Lieferadresse und genaue Vertragsdetails finden Sie wegen Vorsichtsmaßnahmen im zugefügten Ordner. Die Buchung wurde autorisiert und wird innerhalb 3 Tage entzogen. Kaufdetails und Widerspruch Erklärung finden Sie in beigefügter Datei. Dein Kunden-Support Roth Ltd. Derbyweg 49 28754 Stuttgart Tel.: (+49) 657 5906846 (Mo-Fr 9.00 - 18.00 Uhr, Sa 11.00 bis 16.00 Uhr) Gesellschaftssitz Altenberg Steuer-Nummer: CH450203701 Geschäftsfuehrer: Merle Schmid |
|
15.06.2012, 17:57
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner Ohne die Logs von Malwarebytes und Co wird das hier nichts.
__________________ Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
21.06.2012, 18:29
| #3 |
| | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner In malewarbytes wird nichts mehr angezeigt.. das hatte ich gleich am Tag als mir auffiel was passiert war drüber laufen lassen..
__________________Der sagt alles gelöscht nunsind keine einträge mehr da! Habe nun aber weil Undertaker sagte/ schrieb das wenn ich das Taskmenü nicht aufrufen kann da noch was an trojan/ virus sein soll... Ich habe nun KasperskyResceu laufen der fertig!! Der zeigt an das da 2Viren gefunden wurden und 1trojaner aber es zeigt nichts genaueres an, bei Quarantäne sehe ich nur ein weiße feld... Komme aber auch unter Terminalprogramm von Kaspersky nicht wirklich weiter.. Habe da doch was gefunden!! Logdatein!! Malwarebytes Anti-Malware (Test) 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.06.12.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Heike :: HEIKE-RECHNER [Administrator] Schutz: Aktiviert 12.06.2012 16:34:00 mbam-log-2012-06-12 (16-34-00).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 192573 Laufzeit: 8 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe (Security.Hijack) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegedit (Hijack.Regedit) -> Daten: 1 -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegedit (Hijack.Regedit) -> Daten: 1 -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 3 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools (PUM.Hijack.Regedit) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Malwarebytes Anti-Malware (Test) 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.06.12.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Heike :: HEIKE-RECHNER [Administrator] Schutz: Aktiviert 12.06.2012 16:51:47 mbam-log-2012-06-12 (16-51-47).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 193033 Laufzeit: 9 Minute(n), 3 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.06.12.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Heike :: HEIKE-RECHNER [Administrator] Schutz: Aktiviert 12.06.2012 21:27:21 mbam-log-2012-06-12 (21-27-21).txt Art des Suchlaufs: Benutzerdefinierter Suchlauf Aktivierte Suchlaufeinstellungen: Dateisystem | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Heuristiks/Extra | P2P Durchsuchte Objekte: 1 Laufzeit: 8 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.06.12.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Heike :: HEIKE-RECHNER [Administrator] Schutz: Aktiviert 12.06.2012 21:36:22 mbam-log-2012-06-12 (21-36-22).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 269073 Laufzeit: 59 Minute(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) 2012/06/12 16:33:56 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection 2012/06/12 16:34:02 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully 2012/06/12 16:34:05 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection 2012/06/12 16:34:06 +0200 HEIKE-RECHNER Heike MESSAGE Executing scheduled update: Daily 2012/06/12 16:34:07 +0200 HEIKE-RECHNER Heike MESSAGE Database already up-to-date 2012/06/12 16:34:14 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully 2012/06/12 16:45:10 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection 2012/06/12 16:45:19 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully 2012/06/12 16:45:22 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection 2012/06/12 16:45:30 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully 2012/06/12 17:24:01 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection 2012/06/12 17:24:15 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully 2012/06/12 17:24:18 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection 2012/06/12 17:24:27 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully 2012/06/12 21:05:25 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection 2012/06/12 21:05:44 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully 2012/06/12 21:05:47 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection 2012/06/12 21:05:55 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully 2012/06/14 14:26:08 +0200 HEIKE-RECHNER MESSAGE Executing scheduled update: Daily 2012/06/14 14:26:08 +0200 HEIKE-RECHNER ERROR Scheduled update failed: Host not found failed with error code 0 2012/06/14 14:26:37 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection 2012/06/14 14:26:52 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully 2012/06/14 14:26:55 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection 2012/06/14 14:26:56 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully 2012/06/21 18:22:46 +0200 HEIKE-RECHNER (null) MESSAGE Executing scheduled update: Daily 2012/06/21 18:22:56 +0200 HEIKE-RECHNER (null) MESSAGE Scheduled update executed successfully: database updated from version v2012.06.12.05 to version v2012.06.21.08 2012/06/21 19:40:12 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection 2012/06/21 19:40:29 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully 2012/06/21 19:40:33 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection 2012/06/21 19:40:33 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully hoffe das geht hoch.. |
|
21.06.2012, 19:34
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner Die Scans sind über ne Woche alt...aber gut, wir machen MBAM später nochmal zur Kontrolle Führ bitte auch ESET aus, danach sehen wir weiter. Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden. ESET Online Scanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
 + R Taste und kopiere folgenden Text in das Ausführen Fenster.Code:
ATTFilter "%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"
Code:
ATTFilter "%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.06.2012, 21:35
| #5 |
| | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=bf9b8b90b5e54841b45863d15d0d0a94 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-06-21 08:23:43 # local_time=2012-06-21 10:23:43 (+0100, Westeuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=8192 67108863 100 0 279 279 0 0 # scanned=90994 # found=10 # cleaned=0 # scan_time=3434 C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\Update_d7d4.exe probably a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\7zO526.tmp\Tabelle Abrechnung.zip Win32/Trustezeb.C trojan (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\ICReinstall\Update_d7d4.exe probably a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\is887590510\MyBabylonTB.exe a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\msgpl_9efc.tmp\MsgPlusSetup.exe a variant of Win32/MessengerPlus.A application (unable to clean) 00000000000000000000000000000000 I C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\msgpl_9efc.tmp\PlusPlusSetup.dat a variant of Win32/MessengerPlus.A application (unable to clean) 00000000000000000000000000000000 I C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I D:\Heike\Eigene Dateien\Downloads\Tabelle.zip Win32/Trustezeb.C trojan (unable to clean) 00000000000000000000000000000000 I ${Memory} probably a variant of Win32/Toolbar.Babylon application 00000000000000000000000000000000 I Ich hoffe du kannst so etwas damit anfangen.. hxxp://s1.directupload.net/file/d/2928/n8xkb8fe_jpg.htm |
|
22.06.2012, 08:55
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ --> Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner |
|
22.06.2012, 10:34
| #7 |
| | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner Ich meine zu glauben das alles da ist... Der rechner läuft zwar bissel schwerfällig in der Geschwindigkeit aber es scheint alles zu funtionieren.. Ausser der ganzen verschlüsselten Datein, und bilder etc.. Die jpg. lassen sich auch nicht über simples umbenennen wieder herstellen.. meinst du es ist gut wenn ich ne anzeige gegen diese mail/ gegen den absender mache? Was passiert wenn ich ganz normal Tuneup mal zum aufräumen drüber schicke löscht das programm unter umständen alles was verschlüsselt ist? weil würde gerne den rechner mal so sauber machen bin mir aber unsicher... |
|
22.06.2012, 11:53
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner Leute, lasst du die Finger von diesem TuneUp-Müll! Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.06.2012, 14:20
| #9 |
| | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.06.2012 14:36:51 - Run 1 OTL by OldTimer - Version 3.2.51.0 Folder = D:\Heike\Eigene Dateien\Downloads Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1022,48 Mb Total Physical Memory | 175,46 Mb Available Physical Memory | 17,16% Memory free 2,40 Gb Paging File | 1,41 Gb Available in Paging File | 58,77% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 78,13 Gb Total Space | 46,83 Gb Free Space | 59,94% Space Free | Partition Type: NTFS Drive D: | 219,95 Gb Total Space | 208,06 Gb Free Space | 94,59% Space Free | Partition Type: NTFS Computer Name: HEIKE-RECHNER | User Name: Heike | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.22 14:36:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Heike\Eigene Dateien\Downloads\OTL.exe PRC - [2012.06.07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2012.05.13 18:24:20 | 000,019,272 | ---- | M] (Smartbar) -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.02.27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe PRC - [2012.01.18 15:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2011.12.16 08:55:44 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Programme\BrowserCompanion\BCHelper.exe PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.11.07 11:22:00 | 000,286,720 | ---- | M] (Babylon Ltd.) -- C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.08.21 10:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe PRC - [2009.08.14 17:51:52 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe PRC - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.01.31 18:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe PRC - [1999.08.06 09:53:00 | 000,053,317 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe ========== Modules (No Company Name) ========== MOD - [2012.06.21 18:18:57 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012.06.14 15:37:31 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012.06.14 15:37:16 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012.06.14 15:25:23 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2012.06.14 15:23:12 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll MOD - [2012.06.12 17:07:26 | 000,171,520 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll MOD - [2012.06.12 16:28:44 | 000,097,072 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\chromeNPAPI.dll MOD - [2012.06.07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll MOD - [2012.06.07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\pdf.dll MOD - [2012.06.07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\libglesv2.dll MOD - [2012.06.07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\libegl.dll MOD - [2012.06.07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\avutil-51.dll MOD - [2012.06.07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\avformat-54.dll MOD - [2012.06.07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll MOD - [2012.06.07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\gcswf32.dll MOD - [2012.05.13 18:25:00 | 000,024,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll MOD - [2012.05.13 18:24:56 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll MOD - [2012.05.13 18:24:52 | 000,067,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll MOD - [2012.05.13 18:24:50 | 000,331,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.FilesManager.dll MOD - [2012.05.13 18:24:50 | 000,034,120 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll MOD - [2012.05.13 18:24:46 | 000,015,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.Common.dll MOD - [2012.05.13 18:24:44 | 000,078,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll MOD - [2012.05.13 18:24:38 | 000,017,736 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll MOD - [2012.05.13 18:24:30 | 000,011,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll MOD - [2012.05.13 18:24:28 | 000,027,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Core.dll MOD - [2012.05.13 18:24:26 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll MOD - [2012.05.13 18:24:26 | 000,011,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll MOD - [2012.05.13 18:24:24 | 001,217,864 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.MainClient.dll MOD - [2012.05.13 18:24:22 | 000,080,200 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Docking.dll MOD - [2012.05.13 18:24:20 | 000,541,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Controls.dll MOD - [2012.05.13 18:23:16 | 000,046,408 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\MACTrackBarLib.dll MOD - [2012.05.13 18:23:00 | 000,024,904 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\de\Smartbar.GUI.MainClient.resources.dll MOD - [2012.05.12 09:12:33 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012.05.12 09:12:07 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll MOD - [2012.05.11 21:50:21 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012.05.11 21:48:47 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012.05.11 21:48:39 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2011.08.07 14:54:16 | 000,004,096 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus!\Detour32.dll MOD - [2011.08.07 13:54:44 | 000,362,029 | ---- | M] () -- C:\Programme\BrowserCompanion\sqlite3.dll MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe MOD - [2011.02.04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2011.01.23 02:39:44 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2011.01.23 02:39:44 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2011.01.23 02:39:44 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2011.01.23 02:39:44 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2011.01.23 02:39:43 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2011.01.23 02:39:43 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2011.01.23 02:39:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2011.01.23 02:39:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2011.01.23 02:39:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2011.01.23 02:39:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2011.01.23 02:39:41 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2011.01.23 02:39:41 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2011.01.23 02:39:41 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2011.01.23 02:39:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:40 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:39 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:39 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll MOD - [2011.01.23 02:39:38 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2011.01.23 02:39:37 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2011.01.23 02:39:35 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:34 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll MOD - [2011.01.23 02:39:33 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:33 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2011.01.23 02:39:33 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2011.01.23 02:39:32 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:32 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:32 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2011.01.23 02:39:30 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:30 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:30 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2011.01.23 02:39:29 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:29 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:29 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:29 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2011.01.23 02:39:29 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2011.01.23 02:39:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2011.01.23 02:39:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll MOD - [2011.01.23 02:39:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2011.01.23 02:39:28 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2011.01.23 02:39:27 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll MOD - [2011.01.23 02:39:27 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2011.01.23 02:39:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2011.01.23 02:39:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2011.01.23 02:39:26 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2011.01.23 02:39:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2011.01.23 02:39:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll MOD - [2011.01.23 02:39:26 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2011.01.23 02:39:26 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2011.01.23 02:39:26 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2011.01.23 02:39:26 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2011.01.23 02:39:25 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2011.01.23 02:39:25 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2011.01.23 02:39:25 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll MOD - [2011.01.23 02:39:25 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2011.01.23 02:39:25 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2011.01.23 02:39:25 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2011.01.23 02:39:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2011.01.23 02:39:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2011.01.23 02:39:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2011.01.23 02:39:25 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2011.01.23 02:39:24 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2011.01.23 02:39:24 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll MOD - [2011.01.23 02:39:24 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2011.01.23 02:39:24 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2011.01.23 02:39:23 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll MOD - [2011.01.23 02:39:23 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll MOD - [2011.01.23 02:39:23 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe MOD - [2009.07.07 19:50:04 | 000,258,048 | ---- | M] () -- C:\WINDOWS\system32\wlanapp.dll Code:
ATTFilter OTL logfile created on: 22.06.2012 15:23:53 - Run 2 OTL by OldTimer - Version 3.2.51.0 Folder = D:\Heike\Eigene Dateien\Downloads Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1022,48 Mb Total Physical Memory | 444,83 Mb Available Physical Memory | 43,51% Memory free 2,40 Gb Paging File | 1,80 Gb Available in Paging File | 74,95% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 78,13 Gb Total Space | 46,83 Gb Free Space | 59,95% Space Free | Partition Type: NTFS Drive D: | 219,95 Gb Total Space | 208,06 Gb Free Space | 94,59% Space Free | Partition Type: NTFS Computer Name: HEIKE-RECHNER | User Name: Heike | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.22 14:36:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Heike\Eigene Dateien\Downloads\OTL.exe PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2012.05.13 18:24:20 | 000,019,272 | ---- | M] (Smartbar) -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.02.27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe PRC - [2012.01.18 15:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2011.12.16 08:55:44 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Programme\BrowserCompanion\BCHelper.exe PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.11.07 11:22:00 | 000,286,720 | ---- | M] (Babylon Ltd.) -- C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.08.21 10:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe PRC - [2009.08.14 17:51:52 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe PRC - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.01.31 18:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe PRC - [1999.08.06 09:53:00 | 000,053,317 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe ========== Modules (No Company Name) ========== MOD - [2012.06.21 18:18:57 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012.06.14 15:37:31 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012.06.14 15:37:16 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012.06.14 15:25:23 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2012.06.14 15:23:12 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll MOD - [2012.05.13 18:25:00 | 000,024,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll MOD - [2012.05.13 18:24:56 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll MOD - [2012.05.13 18:24:52 | 000,067,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll MOD - [2012.05.13 18:24:50 | 000,331,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.FilesManager.dll MOD - [2012.05.13 18:24:50 | 000,034,120 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll MOD - [2012.05.13 18:24:46 | 000,015,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.Common.dll MOD - [2012.05.13 18:24:44 | 000,078,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll MOD - [2012.05.13 18:24:38 | 000,017,736 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll MOD - [2012.05.13 18:24:30 | 000,011,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll MOD - [2012.05.13 18:24:28 | 000,027,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Core.dll MOD - [2012.05.13 18:24:26 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll MOD - [2012.05.13 18:24:26 | 000,011,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll MOD - [2012.05.13 18:24:24 | 001,217,864 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.MainClient.dll MOD - [2012.05.13 18:24:22 | 000,080,200 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Docking.dll MOD - [2012.05.13 18:24:20 | 000,541,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Controls.dll MOD - [2012.05.13 18:23:16 | 000,046,408 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\MACTrackBarLib.dll MOD - [2012.05.13 18:23:00 | 000,024,904 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\de\Smartbar.GUI.MainClient.resources.dll MOD - [2012.05.12 09:12:33 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012.05.12 09:12:07 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll MOD - [2012.05.11 21:50:21 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012.05.11 21:48:47 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012.05.11 21:48:39 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2011.08.07 14:54:16 | 000,004,096 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus!\Detour32.dll MOD - [2011.08.07 13:54:44 | 000,362,029 | ---- | M] () -- C:\Programme\BrowserCompanion\sqlite3.dll MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe MOD - [2011.02.04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2011.01.23 02:39:44 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2011.01.23 02:39:44 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2011.01.23 02:39:44 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2011.01.23 02:39:44 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2011.01.23 02:39:43 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2011.01.23 02:39:43 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2011.01.23 02:39:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2011.01.23 02:39:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2011.01.23 02:39:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2011.01.23 02:39:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2011.01.23 02:39:41 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2011.01.23 02:39:41 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2011.01.23 02:39:41 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2011.01.23 02:39:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:40 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:39 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:39 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll MOD - [2011.01.23 02:39:38 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2011.01.23 02:39:37 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2011.01.23 02:39:35 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:34 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll MOD - [2011.01.23 02:39:33 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:33 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2011.01.23 02:39:33 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2011.01.23 02:39:32 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:32 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:32 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2011.01.23 02:39:30 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:30 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:30 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2011.01.23 02:39:29 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:29 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:29 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:29 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2011.01.23 02:39:29 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2011.01.23 02:39:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2011.01.23 02:39:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll MOD - [2011.01.23 02:39:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2011.01.23 02:39:28 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2011.01.23 02:39:27 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll MOD - [2011.01.23 02:39:27 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2011.01.23 02:39:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2011.01.23 02:39:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2011.01.23 02:39:26 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2011.01.23 02:39:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2011.01.23 02:39:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll MOD - [2011.01.23 02:39:26 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2011.01.23 02:39:26 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2011.01.23 02:39:26 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2011.01.23 02:39:26 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2011.01.23 02:39:25 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2011.01.23 02:39:25 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2011.01.23 02:39:25 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll MOD - [2011.01.23 02:39:25 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2011.01.23 02:39:25 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2011.01.23 02:39:25 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2011.01.23 02:39:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2011.01.23 02:39:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2011.01.23 02:39:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2011.01.23 02:39:25 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2011.01.23 02:39:24 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2011.01.23 02:39:24 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll MOD - [2011.01.23 02:39:24 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2011.01.23 02:39:24 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2011.01.23 02:39:23 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll MOD - [2011.01.23 02:39:23 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll MOD - [2011.01.23 02:39:23 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe MOD - [2009.07.07 19:50:04 | 000,258,048 | ---- | M] () -- C:\WINDOWS\system32\wlanapp.dll MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\WINDOWS\system32\ANIOApi.dll MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\D-Link\DWL-G122_DWA-110\ANIOApi.dll MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll ========== Win32 Services (SafeList) ========== SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010.10.20 12:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2009.08.21 10:27:24 | 000,102,400 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService) SRV - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ANIWConnService.exe -- (ANIWConnService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\AmdPPM.sys -- (AmdPPM) DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.03.29 16:32:12 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011.01.25 16:52:25 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2011.01.25 16:52:25 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010.12.30 12:59:18 | 006,290,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.02.26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010.02.26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010.02.26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010.02.26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010.02.26 15:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010.02.26 15:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2010.02.11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009.11.18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009.11.18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009.08.26 12:44:44 | 001,025,920 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid) DRV - [2009.07.17 17:23:46 | 000,476,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73) DRV - [2009.02.09 19:10:04 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO) DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2006.07.02 00:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159 IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=hp&searchtype=hp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{1B615B66-288E-4219-BCF4-D5C6675CC182}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159 IE - HKCU\..\SearchScopes\{61660818-E0A9-48BB-952D-E5D9DB2943AC}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=7d792dac-7e4c-45aa-954a-380e89fe3cc2&apn_sauid=B1BDD0A6-45DA-4AAC-B69C-D93FB1E8F2C5 IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js - File not found FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.30 17:51:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.01.25 10:06:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.15 10:12:08 | 000,000,000 | ---D | M] [2011.01.23 01:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Extensions [2012.06.21 23:24:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions [2012.06.11 20:25:54 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.06.11 20:25:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2012.04.22 18:50:51 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\bbrs_002@blabbers.com [2011.03.27 09:33:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com [2012.01.25 22:14:29 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com [2012.05.15 19:47:53 | 000,000,000 | ---D | M] ("Messenger Plus! Community Smartbar") -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com [2012.05.15 19:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\staged [2012.06.21 23:25:03 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com [2012.06.21 23:25:03 | 000,002,344 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\askcom.xml [2012.05.14 13:14:23 | 000,002,422 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\rfoXrjnsuLdgegqxJ [2012.04.18 12:21:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.04.11 13:43:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2012.04.18 12:21:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2011.09.30 10:22:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions [2011.09.30 10:22:26 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\HEIKE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\AO783VXH.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI [2012.01.25 10:06:08 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.04.18 12:20:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2012.01.25 10:06:03 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.04.03 17:40:05 | 000,002,423 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml [2012.01.25 10:06:03 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.01.25 10:06:03 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.01.25 10:06:03 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.25 10:06:03 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.25 10:06:03 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programme\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.0_0\ CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\ CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Babylon Translator = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\ CHR - Extension: Browser Companion Helper = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2004.08.10 21:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( ) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( ) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service) O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BabylonToolbar] C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.) O4 - HKLM..\Run: [Browser companion helper] C:\Programme\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD) O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe (D-Link Corp.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WZCSLDR2] C:\Programme\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe File not found O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe (Smartbar) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1295737416552 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1295788851984 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C23FCC7-F4B9-46DA-97D1-DA6F4976879B}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{116D2D8C-D061-4ADE-B1EF-8E5219BD8CE2}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{680C4CA3-A1DD-4D88-8902-9BC975AD5800}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94AD21AF-90EE-4DE1-AFCC-2EFD61D49431}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C71271D2-D213-4F3D-A19F-85020B77EA8B}: NameServer = 192.168.2.1 O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.01.23 00:41:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378) ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904) ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042) ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066) ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378) ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295) ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3 ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.06.22 13:16:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2012.06.22 13:06:41 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\CRX_75DAF8CB7768 [2012.06.22 12:22:22 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\PRDecrypt [2012.06.22 12:00:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Desktop\Avira [2012.06.22 11:58:15 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\WPDNSE [2012.06.22 11:43:59 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir27688 [2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir6411 [2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir27684 [2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir12299 [2012.06.21 23:30:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Avira [2012.06.21 23:25:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira [2012.06.21 23:24:54 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\AskSearch [2012.06.21 23:24:50 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com [2012.06.21 23:24:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar [2012.06.21 23:24:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\APN [2012.06.21 23:24:23 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2012.06.21 23:24:21 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.06.21 23:24:21 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2012.06.21 23:24:20 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2012.06.21 23:24:19 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2012.06.21 23:24:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2012.06.21 21:21:50 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2012.06.21 20:48:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software [2012.06.21 20:03:27 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\{D02330D7-90EC-4CC7-8F3A-6C4E9205E424} [2012.06.21 20:03:03 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\{EF24BF7D-7AC1-4C33-B59D-62B4EEE1430E} [2012.06.17 22:55:21 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2012.06.14 14:46:57 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll [2012.06.14 14:45:13 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe [2012.06.14 14:45:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012 [2012.06.14 14:44:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software [2012.06.14 14:44:02 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012 [2012.06.14 14:43:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2012.06.14 14:31:00 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.06.14 14:31:00 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files [2012.06.12 17:28:59 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\APNLogs [2012.06.12 17:28:57 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\APN-Stub [2012.06.12 17:28:34 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219 [2012.06.12 16:33:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Malwarebytes [2012.06.12 16:32:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2012.06.12 16:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2012.06.12 16:32:49 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.06.12 16:32:49 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2012.06.12 16:28:43 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir_14528 [2012.06.12 16:28:42 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir_25004 [2012.06.11 20:02:14 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Btklhn [2012.06.11 08:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works [2012.06.11 08:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Clip Gallery [2012.06.11 08:28:17 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works [2012.06.08 03:35:04 | 000,909,104 | ---- | C] (Sun Microsystems, Inc.) -- C:\DOKUME~1\Heike\LOKALE~1\Temp\jre-6u33-windows-i586-iftw.exe [2012.05.31 14:34:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ALNO AG Küchenplaner [2012.05.31 14:34:37 | 000,000,000 | ---D | C] -- C:\Programme\ALNO [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1125 C:\DOKUME~1\Heike\LOKALE~1\Temp\*.tmp files -> C:\DOKUME~1\Heike\LOKALE~1\Temp\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.22 15:21:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.06.22 11:58:19 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{680C4CA3-A1DD-4D88-8902-9BC975AD5800} [2012.06.22 11:58:12 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME [2012.06.22 11:58:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.06.22 11:57:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.06.21 23:53:48 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job [2012.06.21 23:53:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job [2012.06.21 23:48:08 | 000,001,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Registry kostenlos entrümpeln!.lnk [2012.06.21 23:38:32 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012.06.21 23:25:11 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.06.21 22:36:34 | 000,179,653 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Eset.JPG [2012.06.21 19:50:10 | 000,116,761 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malware123.JPG [2012.06.21 19:40:36 | 000,000,546 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Download Assistant.lnk [2012.06.21 19:40:35 | 000,000,758 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Tetris Unlimited.lnk [2012.06.21 19:40:31 | 000,000,711 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Free YouTube to MP3 Converter.lnk [2012.06.21 18:12:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.06.14 15:32:09 | 003,548,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.06.14 15:25:39 | 000,463,080 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.06.14 15:25:39 | 000,444,638 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.06.14 15:25:39 | 000,085,962 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.06.14 15:25:39 | 000,072,514 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.06.14 15:20:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.06.14 14:45:09 | 000,001,726 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.06.14 14:45:09 | 000,001,722 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk [2012.06.12 22:36:53 | 000,118,077 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwareprotokoll.JPG [2012.06.12 21:30:34 | 000,132,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwardruck.JPG [2012.06.12 17:16:34 | 000,136,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\123456.JPG [2012.06.12 16:32:52 | 000,000,771 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.12 16:29:30 | 000,001,792 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk [2012.06.11 08:29:33 | 000,001,499 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Works.lnk [2012.06.11 08:29:33 | 000,000,921 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen für Microsoft Works-Kalender.lnk [2012.06.11 02:00:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HEIKE-RECHNER-Heike.job [2012.06.09 20:40:57 | 000,066,048 | ---- | M] () -- D:\Heike\Eigene Dateien\axAJuVVleELNOtsXaAyu [2012.06.07 12:29:02 | 000,011,741 | ---- | M] () -- D:\Heike\Eigene Dateien\qeNVjvToUsQsnNDAGTgdq [2012.05.30 17:04:17 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{680C4CA3-A1DD-4D88-8902-9BC975AD5800} [2012.05.30 16:06:27 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{C71271D2-D213-4F3D-A19F-85020B77EA8B} [2012.05.29 13:09:54 | 000,031,584 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll [2012.05.24 18:25:25 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{94AD21AF-90EE-4DE1-AFCC-2EFD61D49431} [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.21 23:25:11 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.06.21 23:24:57 | 000,000,226 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012.06.21 22:36:33 | 000,179,653 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Eset.JPG [2012.06.21 21:08:47 | 000,798,234 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AE.xml [2012.06.21 21:08:46 | 000,002,036 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AC.xml [2012.06.21 21:08:46 | 000,000,426 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AD.xml [2012.06.21 20:04:55 | 000,016,384 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Perflib_Perfdata_7bc.dat [2012.06.21 19:55:28 | 000,001,028 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_vqm8DkrJ2Il6zYr [2012.06.21 19:51:36 | 000,004,104 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_UqmOxuuKgGzjFBi [2012.06.21 19:51:07 | 000,002,052 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_ubcYH7dFuquEAUq [2012.06.21 19:50:09 | 000,116,761 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malware123.JPG [2012.06.21 19:45:10 | 000,007,802 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\au-descriptor-1.6.0_33-b70.xml [2012.06.21 19:44:55 | 000,131,200 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_uWfBXM78BvaZwXR [2012.06.21 19:44:53 | 000,004,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_KFHHjyadzjchfKs [2012.06.21 19:44:38 | 000,053,300 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_b0mBLe0qP7tWAjQ [2012.06.21 19:44:29 | 000,020,500 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_2lC7H1Kh2WKvZwb [2012.06.14 14:45:09 | 000,001,726 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.06.14 14:45:09 | 000,001,722 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk [2012.06.14 14:45:05 | 000,001,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk [2012.06.12 22:36:53 | 000,118,077 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwareprotokoll.JPG [2012.06.12 21:30:34 | 000,132,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwardruck.JPG [2012.06.12 17:28:33 | 000,074,796 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20120612_172834000.html [2012.06.12 17:16:33 | 000,136,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\123456.JPG [2012.06.12 16:32:52 | 000,000,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.11 20:10:44 | 003,354,153 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D45.$02 [2012.06.11 20:04:58 | 000,000,017 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Desk.$00 [2012.06.11 20:04:55 | 000,840,596 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D45.$$0 [2012.06.11 20:04:55 | 000,001,048 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D456548 [2012.06.11 19:52:52 | 000,000,004 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_gBSVxxRhHWx9m2e [2012.06.11 14:13:41 | 000,002,056 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_c0Bg3wSakG3ijB2 [2012.06.11 14:12:11 | 000,006,156 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_bmo05ICrhJPABb5 [2012.06.11 14:11:43 | 000,028,704 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_IGITGhfleuVFeIw [2012.06.11 13:43:42 | 000,004,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_eEReopmPo1KRHG1 [2012.06.11 13:33:12 | 000,045,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_PAFMepr5t5O311Q [2012.06.11 13:32:13 | 000,024,600 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_i9tdrKjY7FyPp1R [2012.06.11 08:29:33 | 000,001,906 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works.lnk [2012.06.11 08:29:33 | 000,001,499 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Works.lnk [2012.06.11 08:29:33 | 000,000,921 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen für Microsoft Works-Kalender.lnk [2012.02.16 15:37:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.09.23 08:13:58 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.25 21:26:21 | 000,000,943 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2011.01.25 21:26:21 | 000,000,149 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2011.01.25 21:26:02 | 000,000,464 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2011.01.25 21:26:02 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2011.01.25 21:24:43 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat [2011.01.25 21:24:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat [2011.01.25 16:52:25 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011.01.25 16:52:25 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2011.01.24 16:55:31 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ANIWConnService.exe [2011.01.24 16:55:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AQCKGen.dll [2011.01.24 16:55:22 | 000,045,115 | ---- | C] () -- C:\WINDOWS\System32\ANICtl.dll [2011.01.24 16:55:21 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\wlanapp.dll [2011.01.24 16:55:21 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\aIPH.dll [2011.01.24 16:55:06 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANIOApi.dll [2011.01.24 16:55:06 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANIO64.sys [2011.01.24 16:55:06 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANIO.sys [2011.01.24 16:54:49 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\ANIOWPS.dll [2011.01.24 16:54:49 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\ANIWPS.exe [2011.01.24 16:54:25 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\rt73.bin [2011.01.23 02:18:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011.01.23 02:16:44 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2011.01.23 01:54:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011.01.23 01:43:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.01.23 00:56:09 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2011.01.23 00:49:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011.01.23 00:44:26 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2011.01.23 00:37:56 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011.01.23 00:27:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011.01.23 00:26:36 | 003,548,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [1601.02.13 10:28:18 | 000,112,763 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\xGyAJQffDsEnrgssXTjy [1601.02.13 10:28:18 | 000,075,485 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\jlOUyupLflvxoOsyspNfj [1601.02.13 10:28:18 | 000,004,942 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\TdqNpnxDOdEQeqfpJ ========== LOP Check ========== [2012.06.14 14:31:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files [2012.06.11 20:23:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular [2011.01.23 03:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fujitsu [2011.01.23 14:05:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Innovative Solutions [2011.03.17 16:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations [2012.04.23 09:29:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus! [2011.03.17 16:54:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia [2011.03.17 16:58:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite [2011.05.21 15:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe [2011.01.29 07:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Solidshield [2012.06.14 14:45:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2012.06.14 14:31:00 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2011.04.04 06:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\BabylonToolbar [2011.11.20 17:14:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011.05.21 14:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.06.11 20:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DVDVideoSoftIEHelpers [2011.03.07 10:22:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\elsterformular [2011.11.20 18:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\gtk-2.0 [2012.06.12 21:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ICQ [2011.01.24 21:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\OpenOffice.org [2011.03.17 16:58:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC Suite [2011.01.25 21:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC-FAX TX [2012.04.07 15:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PriceGong [2011.11.20 17:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.04.11 13:42:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Systweak [2012.06.11 20:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TeamViewer [2012.06.21 23:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software [2011.01.26 22:38:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Ubisoft [2012.06.21 23:53:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job [2012.06.21 23:53:48 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job [2012.06.21 23:38:32 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.05.21 15:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Adobe [2012.06.11 20:25:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Adobe Mini Bridge CS5.1 [2011.01.23 02:39:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ATI [2012.06.21 23:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Avira [2011.04.04 06:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\BabylonToolbar [2011.01.30 15:09:04 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Brother [2011.11.20 17:14:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011.05.21 14:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant [2011.09.23 08:12:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DivX [2012.06.11 20:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DVDVideoSoftIEHelpers [2011.03.07 10:22:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\elsterformular [2011.03.18 20:43:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Google [2011.11.20 18:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\gtk-2.0 [2012.06.12 21:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ICQ [2011.01.23 01:00:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Identities [2011.01.23 15:24:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\InstallShield [2011.01.23 01:08:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Macromedia [2012.06.12 16:33:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Malwarebytes [2012.05.14 13:14:15 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Microsoft [2011.01.23 01:54:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla [2011.01.24 21:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\OpenOffice.org [2011.03.17 16:58:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC Suite [2011.01.25 21:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC-FAX TX [2012.04.07 15:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PriceGong [2011.11.20 17:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011.01.23 01:41:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Sun [2012.04.11 13:42:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Systweak [2012.06.11 20:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TeamViewer [2012.06.21 23:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software [2011.01.26 22:38:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Ubisoft < %APPDATA%\*.exe /s > [2011.05.21 14:36:29 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004.08.10 21:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004.08.10 21:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004.08.10 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll [2004.08.10 21:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: IASTOR.SYS > [2005.10.12 13:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\system32\drivers\iaStor.sys < MD5 for: NETLOGON.DLL > [2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll [2004.08.10 21:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll [2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_0$\netlogon.dll < MD5 for: NVATABUS.SYS > [2005.08.18 17:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvatabus.sys < MD5 for: SCECLI.DLL > [2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll [2004.08.10 21:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: USER32.DLL > [2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll [2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.10 21:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: VIAMRAID.SYS > [2005.04.08 11:43:26 | 000,060,928 | ---- | M] (VIA Technologies inc,.ltd) MD5=0363E216E4EB5052969C96608934DBDE -- C:\WINDOWS\system32\drivers\viamraid.sys < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2004.08.10 21:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2004.08.10 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2004.08.10 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2011.01.23 01:25:31 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2011.01.23 01:25:31 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2011.01.23 01:25:31 | 000,462,848 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < End of report > |
|
22.06.2012, 14:38
| #10 |
| | Dateien Verschlüsselt Bundestrojaner noch auf dem RechnerCode:
ATTFilter OTL logfile created on: 22.06.2012 15:23:53 - Run 2 OTL by OldTimer - Version 3.2.51.0 Folder = D:\Heike\Eigene Dateien\Downloads Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1022,48 Mb Total Physical Memory | 444,83 Mb Available Physical Memory | 43,51% Memory free 2,40 Gb Paging File | 1,80 Gb Available in Paging File | 74,95% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 78,13 Gb Total Space | 46,83 Gb Free Space | 59,95% Space Free | Partition Type: NTFS Drive D: | 219,95 Gb Total Space | 208,06 Gb Free Space | 94,59% Space Free | Partition Type: NTFS Computer Name: HEIKE-RECHNER | User Name: Heike | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.22 14:36:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Heike\Eigene Dateien\Downloads\OTL.exe PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2012.05.13 18:24:20 | 000,019,272 | ---- | M] (Smartbar) -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.02.27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe PRC - [2012.01.18 15:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2011.12.16 08:55:44 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Programme\BrowserCompanion\BCHelper.exe PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.11.07 11:22:00 | 000,286,720 | ---- | M] (Babylon Ltd.) -- C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.08.21 10:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe PRC - [2009.08.14 17:51:52 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe PRC - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.01.31 18:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe PRC - [1999.08.06 09:53:00 | 000,053,317 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe ========== Modules (No Company Name) ========== MOD - [2012.06.21 18:18:57 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012.06.14 15:37:31 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012.06.14 15:37:16 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012.06.14 15:25:23 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2012.06.14 15:23:12 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll MOD - [2012.05.13 18:25:00 | 000,024,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll MOD - [2012.05.13 18:24:56 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll MOD - [2012.05.13 18:24:52 | 000,067,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll MOD - [2012.05.13 18:24:50 | 000,331,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.FilesManager.dll MOD - [2012.05.13 18:24:50 | 000,034,120 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll MOD - [2012.05.13 18:24:46 | 000,015,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.Common.dll MOD - [2012.05.13 18:24:44 | 000,078,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll MOD - [2012.05.13 18:24:38 | 000,017,736 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll MOD - [2012.05.13 18:24:30 | 000,011,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll MOD - [2012.05.13 18:24:28 | 000,027,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Core.dll MOD - [2012.05.13 18:24:26 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll MOD - [2012.05.13 18:24:26 | 000,011,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll MOD - [2012.05.13 18:24:24 | 001,217,864 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.MainClient.dll MOD - [2012.05.13 18:24:22 | 000,080,200 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Docking.dll MOD - [2012.05.13 18:24:20 | 000,541,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Controls.dll MOD - [2012.05.13 18:23:16 | 000,046,408 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\MACTrackBarLib.dll MOD - [2012.05.13 18:23:00 | 000,024,904 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\de\Smartbar.GUI.MainClient.resources.dll MOD - [2012.05.12 09:12:33 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012.05.12 09:12:07 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll MOD - [2012.05.11 21:50:21 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012.05.11 21:48:47 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012.05.11 21:48:39 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2011.08.07 14:54:16 | 000,004,096 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus!\Detour32.dll MOD - [2011.08.07 13:54:44 | 000,362,029 | ---- | M] () -- C:\Programme\BrowserCompanion\sqlite3.dll MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe MOD - [2011.02.04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll MOD - [2011.01.23 02:39:44 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2011.01.23 02:39:44 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2011.01.23 02:39:44 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2011.01.23 02:39:44 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2011.01.23 02:39:43 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2011.01.23 02:39:43 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2011.01.23 02:39:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2011.01.23 02:39:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2011.01.23 02:39:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2011.01.23 02:39:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2011.01.23 02:39:41 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2011.01.23 02:39:41 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2011.01.23 02:39:41 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2011.01.23 02:39:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:40 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:39 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:39 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll MOD - [2011.01.23 02:39:38 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2011.01.23 02:39:37 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2011.01.23 02:39:35 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:34 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll MOD - [2011.01.23 02:39:33 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:33 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2011.01.23 02:39:33 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2011.01.23 02:39:32 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:32 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:32 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2011.01.23 02:39:30 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:30 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:30 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2011.01.23 02:39:29 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:29 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:29 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2011.01.23 02:39:29 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2011.01.23 02:39:29 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2011.01.23 02:39:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2011.01.23 02:39:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll MOD - [2011.01.23 02:39:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2011.01.23 02:39:28 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2011.01.23 02:39:27 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll MOD - [2011.01.23 02:39:27 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2011.01.23 02:39:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2011.01.23 02:39:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2011.01.23 02:39:26 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2011.01.23 02:39:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2011.01.23 02:39:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll MOD - [2011.01.23 02:39:26 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2011.01.23 02:39:26 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2011.01.23 02:39:26 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2011.01.23 02:39:26 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2011.01.23 02:39:25 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2011.01.23 02:39:25 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2011.01.23 02:39:25 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll MOD - [2011.01.23 02:39:25 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2011.01.23 02:39:25 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2011.01.23 02:39:25 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2011.01.23 02:39:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2011.01.23 02:39:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2011.01.23 02:39:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2011.01.23 02:39:25 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2011.01.23 02:39:24 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2011.01.23 02:39:24 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll MOD - [2011.01.23 02:39:24 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2011.01.23 02:39:24 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2011.01.23 02:39:23 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll MOD - [2011.01.23 02:39:23 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll MOD - [2011.01.23 02:39:23 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe MOD - [2009.07.07 19:50:04 | 000,258,048 | ---- | M] () -- C:\WINDOWS\system32\wlanapp.dll MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\WINDOWS\system32\ANIOApi.dll MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\D-Link\DWL-G122_DWA-110\ANIOApi.dll MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll ========== Win32 Services (SafeList) ========== SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010.10.20 12:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2009.08.21 10:27:24 | 000,102,400 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService) SRV - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ANIWConnService.exe -- (ANIWConnService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\AmdPPM.sys -- (AmdPPM) DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.03.29 16:32:12 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011.01.25 16:52:25 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2011.01.25 16:52:25 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010.12.30 12:59:18 | 006,290,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.02.26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010.02.26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010.02.26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010.02.26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010.02.26 15:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010.02.26 15:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2010.02.11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009.11.18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009.11.18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009.08.26 12:44:44 | 001,025,920 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid) DRV - [2009.07.17 17:23:46 | 000,476,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73) DRV - [2009.02.09 19:10:04 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO) DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2006.07.02 00:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159 IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=hp&searchtype=hp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{1B615B66-288E-4219-BCF4-D5C6675CC182}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159 IE - HKCU\..\SearchScopes\{61660818-E0A9-48BB-952D-E5D9DB2943AC}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=7d792dac-7e4c-45aa-954a-380e89fe3cc2&apn_sauid=B1BDD0A6-45DA-4AAC-B69C-D93FB1E8F2C5 IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js - File not found FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.30 17:51:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.01.25 10:06:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.15 10:12:08 | 000,000,000 | ---D | M] [2011.01.23 01:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Extensions [2012.06.21 23:24:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions [2012.06.11 20:25:54 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.06.11 20:25:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2012.04.22 18:50:51 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\bbrs_002@blabbers.com [2011.03.27 09:33:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com [2012.01.25 22:14:29 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com [2012.05.15 19:47:53 | 000,000,000 | ---D | M] ("Messenger Plus! Community Smartbar") -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com [2012.05.15 19:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\staged [2012.06.21 23:25:03 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com [2012.06.21 23:25:03 | 000,002,344 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\askcom.xml [2012.05.14 13:14:23 | 000,002,422 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\rfoXrjnsuLdgegqxJ [2012.04.18 12:21:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.04.11 13:43:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2012.04.18 12:21:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2011.09.30 10:22:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions [2011.09.30 10:22:26 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\HEIKE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\AO783VXH.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI [2012.01.25 10:06:08 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.04.18 12:20:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2012.01.25 10:06:03 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.04.03 17:40:05 | 000,002,423 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml [2012.01.25 10:06:03 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.01.25 10:06:03 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.01.25 10:06:03 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.25 10:06:03 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.25 10:06:03 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programme\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.0_0\ CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\ CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Babylon Translator = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\ CHR - Extension: Browser Companion Helper = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2004.08.10 21:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( ) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( ) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service) O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BabylonToolbar] C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.) O4 - HKLM..\Run: [Browser companion helper] C:\Programme\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD) O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe (D-Link Corp.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [WZCSLDR2] C:\Programme\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe File not found O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe (Smartbar) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1295737416552 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1295788851984 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C23FCC7-F4B9-46DA-97D1-DA6F4976879B}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{116D2D8C-D061-4ADE-B1EF-8E5219BD8CE2}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{680C4CA3-A1DD-4D88-8902-9BC975AD5800}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94AD21AF-90EE-4DE1-AFCC-2EFD61D49431}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C71271D2-D213-4F3D-A19F-85020B77EA8B}: NameServer = 192.168.2.1 O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.01.23 00:41:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378) ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904) ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042) ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066) ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378) ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295) ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3 ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.06.22 13:16:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2012.06.22 13:06:41 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\CRX_75DAF8CB7768 [2012.06.22 12:22:22 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\PRDecrypt [2012.06.22 12:00:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Desktop\Avira [2012.06.22 11:58:15 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\WPDNSE [2012.06.22 11:43:59 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir27688 [2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir6411 [2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir27684 [2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir12299 [2012.06.21 23:30:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Avira [2012.06.21 23:25:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira [2012.06.21 23:24:54 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\AskSearch [2012.06.21 23:24:50 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com [2012.06.21 23:24:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar [2012.06.21 23:24:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\APN [2012.06.21 23:24:23 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2012.06.21 23:24:21 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.06.21 23:24:21 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2012.06.21 23:24:20 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2012.06.21 23:24:19 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2012.06.21 23:24:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2012.06.21 21:21:50 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2012.06.21 20:48:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software [2012.06.21 20:03:27 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\{D02330D7-90EC-4CC7-8F3A-6C4E9205E424} [2012.06.21 20:03:03 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\{EF24BF7D-7AC1-4C33-B59D-62B4EEE1430E} [2012.06.17 22:55:21 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2012.06.14 14:46:57 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll [2012.06.14 14:45:13 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe [2012.06.14 14:45:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012 [2012.06.14 14:44:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software [2012.06.14 14:44:02 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012 [2012.06.14 14:43:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2012.06.14 14:31:00 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.06.14 14:31:00 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files [2012.06.12 17:28:59 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\APNLogs [2012.06.12 17:28:57 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\APN-Stub [2012.06.12 17:28:34 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_10.0.40219 [2012.06.12 16:33:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Malwarebytes [2012.06.12 16:32:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2012.06.12 16:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2012.06.12 16:32:49 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.06.12 16:32:49 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2012.06.12 16:28:43 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir_14528 [2012.06.12 16:28:42 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir_25004 [2012.06.11 20:02:14 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Btklhn [2012.06.11 08:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works [2012.06.11 08:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Clip Gallery [2012.06.11 08:28:17 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works [2012.06.08 03:35:04 | 000,909,104 | ---- | C] (Sun Microsystems, Inc.) -- C:\DOKUME~1\Heike\LOKALE~1\Temp\jre-6u33-windows-i586-iftw.exe [2012.05.31 14:34:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ALNO AG Küchenplaner [2012.05.31 14:34:37 | 000,000,000 | ---D | C] -- C:\Programme\ALNO [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1125 C:\DOKUME~1\Heike\LOKALE~1\Temp\*.tmp files -> C:\DOKUME~1\Heike\LOKALE~1\Temp\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.22 15:21:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.06.22 11:58:19 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{680C4CA3-A1DD-4D88-8902-9BC975AD5800} [2012.06.22 11:58:12 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME [2012.06.22 11:58:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.06.22 11:57:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.06.21 23:53:48 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job [2012.06.21 23:53:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job [2012.06.21 23:48:08 | 000,001,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Registry kostenlos entrümpeln!.lnk [2012.06.21 23:38:32 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012.06.21 23:25:11 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.06.21 22:36:34 | 000,179,653 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Eset.JPG [2012.06.21 19:50:10 | 000,116,761 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malware123.JPG [2012.06.21 19:40:36 | 000,000,546 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Download Assistant.lnk [2012.06.21 19:40:35 | 000,000,758 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Tetris Unlimited.lnk [2012.06.21 19:40:31 | 000,000,711 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Free YouTube to MP3 Converter.lnk [2012.06.21 18:12:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.06.14 15:32:09 | 003,548,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.06.14 15:25:39 | 000,463,080 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.06.14 15:25:39 | 000,444,638 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.06.14 15:25:39 | 000,085,962 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.06.14 15:25:39 | 000,072,514 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.06.14 15:20:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.06.14 14:45:09 | 000,001,726 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.06.14 14:45:09 | 000,001,722 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk [2012.06.12 22:36:53 | 000,118,077 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwareprotokoll.JPG [2012.06.12 21:30:34 | 000,132,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwardruck.JPG [2012.06.12 17:16:34 | 000,136,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\123456.JPG [2012.06.12 16:32:52 | 000,000,771 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.12 16:29:30 | 000,001,792 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk [2012.06.11 08:29:33 | 000,001,499 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Works.lnk [2012.06.11 08:29:33 | 000,000,921 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen für Microsoft Works-Kalender.lnk [2012.06.11 02:00:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HEIKE-RECHNER-Heike.job [2012.06.09 20:40:57 | 000,066,048 | ---- | M] () -- D:\Heike\Eigene Dateien\axAJuVVleELNOtsXaAyu [2012.06.07 12:29:02 | 000,011,741 | ---- | M] () -- D:\Heike\Eigene Dateien\qeNVjvToUsQsnNDAGTgdq [2012.05.30 17:04:17 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{680C4CA3-A1DD-4D88-8902-9BC975AD5800} [2012.05.30 16:06:27 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{C71271D2-D213-4F3D-A19F-85020B77EA8B} [2012.05.29 13:09:54 | 000,031,584 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll [2012.05.24 18:25:25 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{94AD21AF-90EE-4DE1-AFCC-2EFD61D49431} [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.21 23:25:11 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.06.21 23:24:57 | 000,000,226 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012.06.21 22:36:33 | 000,179,653 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Eset.JPG [2012.06.21 21:08:47 | 000,798,234 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AE.xml [2012.06.21 21:08:46 | 000,002,036 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AC.xml [2012.06.21 21:08:46 | 000,000,426 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AD.xml [2012.06.21 20:04:55 | 000,016,384 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Perflib_Perfdata_7bc.dat [2012.06.21 19:55:28 | 000,001,028 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_vqm8DkrJ2Il6zYr [2012.06.21 19:51:36 | 000,004,104 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_UqmOxuuKgGzjFBi [2012.06.21 19:51:07 | 000,002,052 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_ubcYH7dFuquEAUq [2012.06.21 19:50:09 | 000,116,761 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malware123.JPG [2012.06.21 19:45:10 | 000,007,802 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\au-descriptor-1.6.0_33-b70.xml [2012.06.21 19:44:55 | 000,131,200 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_uWfBXM78BvaZwXR [2012.06.21 19:44:53 | 000,004,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_KFHHjyadzjchfKs [2012.06.21 19:44:38 | 000,053,300 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_b0mBLe0qP7tWAjQ [2012.06.21 19:44:29 | 000,020,500 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_2lC7H1Kh2WKvZwb [2012.06.14 14:45:09 | 000,001,726 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.06.14 14:45:09 | 000,001,722 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk [2012.06.14 14:45:05 | 000,001,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk [2012.06.12 22:36:53 | 000,118,077 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwareprotokoll.JPG [2012.06.12 21:30:34 | 000,132,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwardruck.JPG [2012.06.12 17:28:33 | 000,074,796 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20120612_172834000.html [2012.06.12 17:16:33 | 000,136,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\123456.JPG [2012.06.12 16:32:52 | 000,000,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.11 20:10:44 | 003,354,153 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D45.$02 [2012.06.11 20:04:58 | 000,000,017 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Desk.$00 [2012.06.11 20:04:55 | 000,840,596 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D45.$$0 [2012.06.11 20:04:55 | 000,001,048 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D456548 [2012.06.11 19:52:52 | 000,000,004 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_gBSVxxRhHWx9m2e [2012.06.11 14:13:41 | 000,002,056 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_c0Bg3wSakG3ijB2 [2012.06.11 14:12:11 | 000,006,156 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_bmo05ICrhJPABb5 [2012.06.11 14:11:43 | 000,028,704 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_IGITGhfleuVFeIw [2012.06.11 13:43:42 | 000,004,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_eEReopmPo1KRHG1 [2012.06.11 13:33:12 | 000,045,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_PAFMepr5t5O311Q [2012.06.11 13:32:13 | 000,024,600 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_i9tdrKjY7FyPp1R [2012.06.11 08:29:33 | 000,001,906 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works.lnk [2012.06.11 08:29:33 | 000,001,499 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Works.lnk [2012.06.11 08:29:33 | 000,000,921 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen für Microsoft Works-Kalender.lnk [2012.02.16 15:37:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.09.23 08:13:58 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.25 21:26:21 | 000,000,943 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2011.01.25 21:26:21 | 000,000,149 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2011.01.25 21:26:02 | 000,000,464 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2011.01.25 21:26:02 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2011.01.25 21:24:43 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat [2011.01.25 21:24:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat [2011.01.25 16:52:25 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011.01.25 16:52:25 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2011.01.24 16:55:31 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ANIWConnService.exe [2011.01.24 16:55:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AQCKGen.dll [2011.01.24 16:55:22 | 000,045,115 | ---- | C] () -- C:\WINDOWS\System32\ANICtl.dll [2011.01.24 16:55:21 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\wlanapp.dll [2011.01.24 16:55:21 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\aIPH.dll [2011.01.24 16:55:06 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANIOApi.dll [2011.01.24 16:55:06 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANIO64.sys [2011.01.24 16:55:06 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANIO.sys [2011.01.24 16:54:49 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\ANIOWPS.dll [2011.01.24 16:54:49 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\ANIWPS.exe [2011.01.24 16:54:25 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\rt73.bin [2011.01.23 02:18:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011.01.23 02:16:44 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2011.01.23 01:54:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011.01.23 01:43:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.01.23 00:56:09 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2011.01.23 00:49:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011.01.23 00:44:26 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2011.01.23 00:37:56 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011.01.23 00:27:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011.01.23 00:26:36 | 003,548,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [1601.02.13 10:28:18 | 000,112,763 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\xGyAJQffDsEnrgssXTjy [1601.02.13 10:28:18 | 000,075,485 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\jlOUyupLflvxoOsyspNfj [1601.02.13 10:28:18 | 000,004,942 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\TdqNpnxDOdEQeqfpJ ========== LOP Check ========== [2012.06.14 14:31:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files [2012.06.11 20:23:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular [2011.01.23 03:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fujitsu [2011.01.23 14:05:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Innovative Solutions [2011.03.17 16:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations [2012.04.23 09:29:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus! [2011.03.17 16:54:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia [2011.03.17 16:58:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite [2011.05.21 15:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe [2011.01.29 07:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Solidshield [2012.06.14 14:45:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2012.06.14 14:31:00 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2011.04.04 06:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\BabylonToolbar [2011.11.20 17:14:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011.05.21 14:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.06.11 20:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DVDVideoSoftIEHelpers [2011.03.07 10:22:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\elsterformular [2011.11.20 18:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\gtk-2.0 [2012.06.12 21:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ICQ [2011.01.24 21:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\OpenOffice.org [2011.03.17 16:58:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC Suite [2011.01.25 21:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC-FAX TX [2012.04.07 15:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PriceGong [2011.11.20 17:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.04.11 13:42:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Systweak [2012.06.11 20:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TeamViewer [2012.06.21 23:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software [2011.01.26 22:38:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Ubisoft [2012.06.21 23:53:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job [2012.06.21 23:53:48 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job [2012.06.21 23:38:32 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.05.21 15:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Adobe [2012.06.11 20:25:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Adobe Mini Bridge CS5.1 [2011.01.23 02:39:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ATI [2012.06.21 23:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Avira [2011.04.04 06:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\BabylonToolbar [2011.01.30 15:09:04 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Brother [2011.11.20 17:14:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011.05.21 14:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant [2011.09.23 08:12:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DivX [2012.06.11 20:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DVDVideoSoftIEHelpers [2011.03.07 10:22:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\elsterformular [2011.03.18 20:43:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Google [2011.11.20 18:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\gtk-2.0 [2012.06.12 21:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ICQ [2011.01.23 01:00:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Identities [2011.01.23 15:24:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\InstallShield [2011.01.23 01:08:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Macromedia [2012.06.12 16:33:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Malwarebytes [2012.05.14 13:14:15 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Microsoft [2011.01.23 01:54:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla [2011.01.24 21:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\OpenOffice.org [2011.03.17 16:58:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC Suite [2011.01.25 21:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC-FAX TX [2012.04.07 15:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PriceGong [2011.11.20 17:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011.01.23 01:41:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Sun [2012.04.11 13:42:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Systweak [2012.06.11 20:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TeamViewer [2012.06.21 23:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software [2011.01.26 22:38:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Ubisoft < %APPDATA%\*.exe /s > [2011.05.21 14:36:29 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004.08.10 21:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004.08.10 21:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004.08.10 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll [2004.08.10 21:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: IASTOR.SYS > [2005.10.12 13:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\system32\drivers\iaStor.sys < MD5 for: NETLOGON.DLL > [2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll [2004.08.10 21:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll [2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_0$\netlogon.dll < MD5 for: NVATABUS.SYS > [2005.08.18 17:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvatabus.sys < MD5 for: SCECLI.DLL > [2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll [2004.08.10 21:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: USER32.DLL > [2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll [2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004.08.10 21:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: VIAMRAID.SYS > [2005.04.08 11:43:26 | 000,060,928 | ---- | M] (VIA Technologies inc,.ltd) MD5=0363E216E4EB5052969C96608934DBDE -- C:\WINDOWS\system32\drivers\viamraid.sys < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2004.08.10 21:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2004.08.10 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2004.08.10 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2011.01.23 01:25:31 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2011.01.23 01:25:31 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2011.01.23 01:25:31 | 000,462,848 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < End of report > Naja kanns ja auch net, lesen.. hihi.. Und was genau haben wir nun mit diesen zwei programmen gemacht? Vielen vielen dank... schon einmal im voraus...!! Dank für deine hilfe... |
|
24.06.2012, 15:08
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=hp&searchtype=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159
IE - HKCU\..\SearchScopes\{61660818-E0A9-48BB-952D-E5D9DB2943AC}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=7d792dac-7e4c-45aa-954a-380e89fe3cc2&apn_sauid=B1BDD0A6-45DA-4AAC-B69C-D93FB1E8F2C5
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
FF - prefs.js - File not found
FF - user.js - File not found
[2011.03.27 09:33:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com
[2012.01.25 22:14:29 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com
[2012.05.15 19:47:53 | 000,000,000 | ---D | M] ("Messenger Plus! Community Smartbar") -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com
[2012.06.21 23:25:03 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com
[2012.06.21 23:25:03 | 000,002,344 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\askcom.xml
[2012.05.14 13:14:23 | 000,002,422 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\rfoXrjnsuLdgegqxJ
[2011.09.30 10:22:26 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\HEIKE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\AO783VXH.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2011.04.03 17:40:05 | 000,002,423 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.0_0\
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\
CHR - Extension: Babylon Translator = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BabylonToolbar] C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [WZCSLDR2] C:\Programme\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe (Smartbar)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.23 00:41:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
:Files
C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar
C:\Programme\Ask.com
C:\Programme\BabylonToolbar
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2012, 17:37
| #12 |
| | Dateien Verschlüsselt Bundestrojaner noch auf dem RechnerCode:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{61660818-E0A9-48BB-952D-E5D9DB2943AC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61660818-E0A9-48BB-952D-E5D9DB2943AC}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com\components folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com\chrome\PublisherImages folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com\chrome\images folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\askcom.xml moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\rfoXrjnsuLdgegqxJ moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\search\engine folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\newtab\initial-thumbs folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\homebutton folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\brand folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\help\page folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\util folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\tracking folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\search\mcollect folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\hotnews folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\components folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de folder moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
File C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.0_0 not found.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\tb_ux folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\lib folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\content_script\hack folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\content_script folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\skin\js folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\skin\images folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\skin\css folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\skin folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\locales\en folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\locales folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\background folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0 folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BabylonToolbar deleted successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WZCSLDR2 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Infrastructure Helper deleted successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
========== FILES ==========
C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job moved successfully.
C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar\APNU folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar folder moved successfully.
C:\Programme\Ask.com\Updater folder moved successfully.
C:\Programme\Ask.com\assets\oobe folder moved successfully.
C:\Programme\Ask.com\assets folder moved successfully.
C:\Programme\Ask.com folder moved successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh folder moved successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19 folder moved successfully.
C:\Programme\BabylonToolbar\BabylonToolbar folder moved successfully.
C:\Programme\BabylonToolbar folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Heike
->Temp folder emptied: 1013374238 bytes
->Temporary Internet Files folder emptied: 23690855 bytes
->Java cache emptied: 469987 bytes
->FireFox cache emptied: 688465296 bytes
->Google Chrome cache emptied: 95200874 bytes
->Flash cache emptied: 251265 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33778 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1689384 bytes
%systemroot%\System32 .tmp files removed: 3264903 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14575053 bytes
RecycleBin emptied: 1244771 bytes
Total Files Cleaned = 1.757,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Heike
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.51.0 log created on 07012012_182442
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Sorry das es dauerte aber arbeit weist ja... Danke |
|
02.07.2012, 10:15
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.07.2012, 14:17
| #14 |
| | Dateien Verschlüsselt Bundestrojaner noch auf dem RechnerCode:
ATTFilter 15:11:15.0046 2964 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
15:11:15.0343 2964 ============================================================
15:11:15.0343 2964 Current date / time: 2012/07/02 15:11:15.0343
15:11:15.0343 2964 SystemInfo:
15:11:15.0343 2964
15:11:15.0343 2964 OS Version: 5.1.2600 ServicePack: 3.0
15:11:15.0343 2964 Product type: Workstation
15:11:15.0343 2964 ComputerName: HEIKE-RECHNER
15:11:15.0343 2964 UserName: Heike
15:11:15.0343 2964 Windows directory: C:\WINDOWS
15:11:15.0343 2964 System windows directory: C:\WINDOWS
15:11:15.0343 2964 Processor architecture: Intel x86
15:11:15.0343 2964 Number of processors: 2
15:11:15.0343 2964 Page size: 0x1000
15:11:15.0343 2964 Boot type: Normal boot
15:11:15.0343 2964 ============================================================
15:11:17.0250 2964 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:11:17.0265 2964 ============================================================
15:11:17.0265 2964 \Device\Harddisk0\DR0:
15:11:17.0265 2964 MBR partitions:
15:11:17.0265 2964 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8
15:11:17.0281 2964 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9C41B56, BlocksNum 0x1B7E7CAA
15:11:17.0281 2964 ============================================================
15:11:17.0375 2964 C: <-> \Device\Harddisk0\DR0\Partition0
15:11:17.0421 2964 D: <-> \Device\Harddisk0\DR0\Partition1
15:11:17.0421 2964 ============================================================
15:11:17.0421 2964 Initialize success
15:11:17.0421 2964 ============================================================
15:13:39.0437 1984 ============================================================
15:13:39.0437 1984 Scan started
15:13:39.0437 1984 Mode: Manual; SigCheck; TDLFS;
15:13:39.0437 1984 ============================================================
15:13:39.0718 1984 3xHybrid (50351ead98eecdad5d73eede94a86738) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
15:13:40.0671 1984 3xHybrid - ok
15:13:40.0687 1984 6to4 (d5a6658cbfbbf9a0f8827e83c9fde806) C:\WINDOWS\System32\6to4svc.dll
15:13:40.0750 1984 6to4 - ok
15:13:40.0750 1984 Abiosdsk - ok
15:13:40.0765 1984 abp480n5 - ok
15:13:40.0796 1984 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:13:41.0406 1984 ACPI - ok
15:13:41.0437 1984 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:13:41.0578 1984 ACPIEC - ok
15:13:41.0578 1984 adpu160m - ok
15:13:41.0828 1984 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:13:41.0921 1984 aec - ok
15:13:41.0968 1984 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:13:41.0984 1984 AFD - ok
15:13:42.0000 1984 Aha154x - ok
15:13:42.0000 1984 aic78u2 - ok
15:13:42.0000 1984 aic78xx - ok
15:13:42.0031 1984 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
15:13:42.0125 1984 Alerter - ok
15:13:42.0140 1984 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
15:13:42.0250 1984 ALG - ok
15:13:42.0250 1984 AliIde - ok
15:13:42.0328 1984 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
15:13:42.0468 1984 Ambfilt - ok
15:13:42.0531 1984 AmdK8 (58be3c2f1aa041ea56f7305a6463035c) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
15:13:42.0546 1984 AmdK8 - ok
15:13:42.0562 1984 AmdPPM - ok
15:13:42.0562 1984 amsint - ok
15:13:42.0593 1984 ANIO (2953a157a783bfc06f42f99fefa5eb07) C:\WINDOWS\system32\ANIO.SYS
15:13:42.0609 1984 ANIO ( UnsignedFile.Multi.Generic ) - warning
15:13:42.0609 1984 ANIO - detected UnsignedFile.Multi.Generic (1)
15:13:42.0640 1984 ANIWConnService (3c417a392ec51e601ac55b5e196549e7) C:\WINDOWS\system32\ANIWConnService.exe
15:13:42.0656 1984 ANIWConnService ( UnsignedFile.Multi.Generic ) - warning
15:13:42.0656 1984 ANIWConnService - detected UnsignedFile.Multi.Generic (1)
15:13:42.0687 1984 ANIWZCSdService (495874eb368dcbacb56591b5dcb7336f) C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
15:13:42.0718 1984 ANIWZCSdService ( UnsignedFile.Multi.Generic ) - warning
15:13:42.0718 1984 ANIWZCSdService - detected UnsignedFile.Multi.Generic (1)
15:13:42.0828 1984 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
15:13:42.0843 1984 AntiVirSchedulerService - ok
15:13:42.0875 1984 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:13:42.0890 1984 AntiVirService - ok
15:13:42.0921 1984 AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:13:42.0953 1984 AntiVirWebService - ok
15:13:42.0984 1984 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
15:13:43.0093 1984 AppMgmt - ok
15:13:43.0125 1984 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:13:43.0218 1984 Arp1394 - ok
15:13:43.0234 1984 asc - ok
15:13:43.0234 1984 asc3350p - ok
15:13:43.0234 1984 asc3550 - ok
15:13:43.0328 1984 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:13:43.0343 1984 aspnet_state - ok
15:13:43.0359 1984 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:13:43.0468 1984 AsyncMac - ok
15:13:43.0484 1984 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:13:43.0593 1984 atapi - ok
15:13:43.0593 1984 Atdisk - ok
15:13:43.0640 1984 Ati HotKey Poller (471087b5e1e01cc82604e81ea14781d8) C:\WINDOWS\system32\Ati2evxx.exe
15:13:43.0703 1984 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
15:13:43.0703 1984 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
15:13:43.0750 1984 ATI Smart (b979ba0120b6db757196a8e2e873fe3c) C:\WINDOWS\system32\ati2sgag.exe
15:13:43.0781 1984 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
15:13:43.0781 1984 ATI Smart - detected UnsignedFile.Multi.Generic (1)
15:13:43.0937 1984 ati2mtag (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:13:44.0125 1984 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
15:13:44.0125 1984 ati2mtag - detected UnsignedFile.Multi.Generic (1)
15:13:44.0203 1984 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
15:13:44.0234 1984 atksgt - ok
15:13:44.0265 1984 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:13:44.0359 1984 Atmarpc - ok
15:13:44.0390 1984 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
15:13:44.0500 1984 AudioSrv - ok
15:13:44.0515 1984 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:13:44.0640 1984 audstub - ok
15:13:44.0656 1984 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:13:44.0671 1984 avgntflt - ok
15:13:44.0703 1984 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:13:44.0718 1984 avipbb - ok
15:13:44.0734 1984 avkmgr (53e56450da16a1a7f0d002f511113f67) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:13:44.0750 1984 avkmgr - ok
15:13:44.0781 1984 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:13:44.0921 1984 Beep - ok
15:13:44.0953 1984 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
15:13:45.0109 1984 BITS - ok
15:13:45.0140 1984 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
15:13:45.0250 1984 Browser - ok
15:13:45.0265 1984 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
15:13:45.0296 1984 BrScnUsb - ok
15:13:45.0328 1984 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:13:45.0468 1984 cbidf2k - ok
15:13:45.0500 1984 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:13:45.0578 1984 CCDECODE - ok
15:13:45.0578 1984 cd20xrnt - ok
15:13:45.0609 1984 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:13:45.0750 1984 Cdaudio - ok
15:13:45.0765 1984 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:13:45.0859 1984 Cdfs - ok
15:13:45.0875 1984 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:13:45.0968 1984 Cdrom - ok
15:13:45.0984 1984 Changer - ok
15:13:46.0015 1984 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
15:13:46.0109 1984 CiSvc - ok
15:13:46.0109 1984 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
15:13:46.0203 1984 ClipSrv - ok
15:13:46.0281 1984 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:13:46.0296 1984 clr_optimization_v2.0.50727_32 - ok
15:13:46.0296 1984 CmdIde - ok
15:13:46.0312 1984 COMSysApp - ok
15:13:46.0312 1984 Cpqarray - ok
15:13:46.0343 1984 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
15:13:46.0437 1984 CryptSvc - ok
15:13:46.0437 1984 dac2w2k - ok
15:13:46.0453 1984 dac960nt - ok
15:13:46.0484 1984 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:13:46.0531 1984 DcomLaunch - ok
15:13:46.0562 1984 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
15:13:46.0671 1984 Dhcp - ok
15:13:46.0687 1984 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:13:46.0796 1984 Disk - ok
15:13:46.0796 1984 dmadmin - ok
15:13:46.0843 1984 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:13:46.0968 1984 dmboot - ok
15:13:46.0984 1984 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:13:47.0109 1984 dmio - ok
15:13:47.0140 1984 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:13:47.0265 1984 dmload - ok
15:13:47.0296 1984 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
15:13:47.0390 1984 dmserver - ok
15:13:47.0421 1984 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:13:47.0531 1984 DMusic - ok
15:13:47.0562 1984 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
15:13:47.0609 1984 Dnscache - ok
15:13:47.0640 1984 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
15:13:47.0750 1984 Dot3svc - ok
15:13:47.0750 1984 dpti2o - ok
15:13:47.0781 1984 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:13:47.0875 1984 drmkaud - ok
15:13:47.0890 1984 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
15:13:48.0000 1984 EapHost - ok
15:13:48.0328 1984 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
15:13:48.0375 1984 ehRecvr - ok
15:13:48.0390 1984 ehSched (e774bf24a6cb798dce67ad1c8e917152) C:\WINDOWS\eHome\ehSched.exe
15:13:48.0421 1984 ehSched - ok
15:13:48.0453 1984 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
15:13:48.0546 1984 ERSvc - ok
15:13:48.0578 1984 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:13:48.0593 1984 Eventlog - ok
15:13:48.0640 1984 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
15:13:48.0703 1984 EventSystem - ok
15:13:48.0734 1984 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:13:48.0828 1984 Fastfat - ok
15:13:48.0859 1984 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:13:48.0890 1984 FastUserSwitchingCompatibility - ok
15:13:48.0921 1984 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:13:49.0015 1984 Fdc - ok
15:13:49.0031 1984 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:13:49.0125 1984 Fips - ok
15:13:49.0125 1984 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:13:49.0218 1984 Flpydisk - ok
15:13:49.0265 1984 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:13:49.0375 1984 FltMgr - ok
15:13:49.0421 1984 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:13:49.0421 1984 FontCache3.0.0.0 - ok
15:13:49.0453 1984 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:13:49.0562 1984 Fs_Rec - ok
15:13:49.0593 1984 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:13:49.0750 1984 Ftdisk - ok
15:13:49.0781 1984 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:13:49.0875 1984 Gpc - ok
15:13:49.0953 1984 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
15:13:49.0968 1984 gupdate - ok
15:13:49.0968 1984 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
15:13:49.0984 1984 gupdatem - ok
15:13:50.0015 1984 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:13:50.0109 1984 HDAudBus - ok
15:13:50.0171 1984 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:13:50.0265 1984 helpsvc - ok
15:13:50.0281 1984 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
15:13:50.0390 1984 HidServ - ok
15:13:50.0406 1984 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:13:50.0515 1984 hidusb - ok
15:13:50.0546 1984 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
15:13:50.0640 1984 hkmsvc - ok
15:13:50.0656 1984 hpn - ok
15:13:50.0703 1984 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:13:50.0734 1984 HTTP - ok
15:13:50.0750 1984 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
15:13:50.0843 1984 HTTPFilter - ok
15:13:50.0843 1984 i2omgmt - ok
15:13:50.0843 1984 i2omp - ok
15:13:50.0875 1984 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\drivers\i8042prt.sys
15:13:50.0968 1984 i8042prt - ok
15:13:51.0031 1984 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:13:51.0109 1984 idsvc - ok
15:13:51.0125 1984 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:13:51.0234 1984 Imapi - ok
15:13:51.0265 1984 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
15:13:51.0359 1984 ImapiService - ok
15:13:51.0375 1984 ini910u - ok
15:13:51.0625 1984 IntcAzAudAddService (ed90e04f7a1e385e2ea956cad83f8070) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:13:51.0906 1984 IntcAzAudAddService - ok
15:13:51.0937 1984 IntelIde - ok
15:13:51.0968 1984 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:13:52.0062 1984 Ip6Fw - ok
15:13:52.0093 1984 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:13:52.0203 1984 IpFilterDriver - ok
15:13:52.0218 1984 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:13:52.0312 1984 IpInIp - ok
15:13:52.0343 1984 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:13:52.0437 1984 IpNat - ok
15:13:52.0453 1984 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:13:52.0546 1984 IPSec - ok
15:13:52.0578 1984 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:13:52.0687 1984 IRENUM - ok
15:13:52.0703 1984 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:13:52.0781 1984 isapnp - ok
15:13:52.0875 1984 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
15:13:52.0890 1984 JavaQuickStarterService - ok
15:13:52.0906 1984 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:13:53.0000 1984 Kbdclass - ok
15:13:53.0015 1984 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:13:53.0125 1984 kbdhid - ok
15:13:53.0156 1984 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:13:53.0250 1984 kmixer - ok
15:13:53.0281 1984 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:13:53.0359 1984 KSecDD - ok
15:13:53.0390 1984 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
15:13:53.0406 1984 lanmanserver - ok
15:13:53.0421 1984 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
15:13:53.0453 1984 lanmanworkstation - ok
15:13:53.0468 1984 lbrtfdc - ok
15:13:53.0500 1984 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
15:13:53.0515 1984 lirsgt - ok
15:13:53.0531 1984 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
15:13:53.0625 1984 LmHosts - ok
15:13:53.0656 1984 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
15:13:53.0656 1984 MBAMProtector - ok
15:13:53.0718 1984 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
15:13:53.0750 1984 MBAMService - ok
15:13:53.0812 1984 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
15:13:53.0843 1984 McComponentHostService - ok
15:13:53.0890 1984 McrdSvc (52404cc76e9d53843bdf97564bb16bed) C:\WINDOWS\ehome\mcrdsvc.exe
15:13:53.0921 1984 McrdSvc - ok
15:13:53.0937 1984 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
15:13:54.0046 1984 Messenger - ok
15:13:54.0078 1984 MHN (ded60230e3019c508769ec3c15bcda44) C:\WINDOWS\System32\mhn.dll
15:13:54.0093 1984 MHN ( UnsignedFile.Multi.Generic ) - warning
15:13:54.0093 1984 MHN - detected UnsignedFile.Multi.Generic (1)
15:13:54.0109 1984 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
15:13:54.0109 1984 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
15:13:54.0109 1984 MHNDRV - detected UnsignedFile.Multi.Generic (1)
15:13:54.0140 1984 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:13:54.0265 1984 mnmdd - ok
15:13:54.0296 1984 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
15:13:54.0375 1984 mnmsrvc - ok
15:13:54.0406 1984 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:13:54.0500 1984 Modem - ok
15:13:54.0578 1984 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
15:13:54.0671 1984 Monfilt - ok
15:13:54.0703 1984 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:13:54.0796 1984 Mouclass - ok
15:13:54.0828 1984 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:13:54.0968 1984 mouhid - ok
15:13:55.0000 1984 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:13:55.0093 1984 MountMgr - ok
15:13:55.0109 1984 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
15:13:55.0218 1984 MPE - ok
15:13:55.0218 1984 mraid35x - ok
15:13:55.0234 1984 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:13:55.0328 1984 MRxDAV - ok
15:13:55.0375 1984 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:13:55.0437 1984 MRxSmb - ok
15:13:55.0468 1984 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
15:13:55.0562 1984 MSDTC - ok
15:13:55.0578 1984 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:13:55.0656 1984 Msfs - ok
15:13:55.0656 1984 MSIServer - ok
15:13:55.0703 1984 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:13:55.0781 1984 MSKSSRV - ok
15:13:55.0781 1984 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:13:55.0890 1984 MSPCLOCK - ok
15:13:55.0890 1984 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:13:55.0984 1984 MSPQM - ok
15:13:56.0000 1984 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:13:56.0093 1984 mssmbios - ok
15:13:56.0109 1984 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
15:13:56.0203 1984 MSTEE - ok
15:13:56.0218 1984 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:13:56.0250 1984 Mup - ok
15:13:56.0281 1984 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:13:56.0390 1984 NABTSFEC - ok
15:13:56.0437 1984 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
15:13:56.0546 1984 napagent - ok
15:13:56.0578 1984 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:13:56.0687 1984 NDIS - ok
15:13:56.0718 1984 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:13:56.0812 1984 NdisIP - ok
15:13:56.0843 1984 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:13:56.0859 1984 NdisTapi - ok
15:13:56.0890 1984 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:13:56.0984 1984 Ndisuio - ok
15:13:57.0000 1984 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:13:57.0109 1984 NdisWan - ok
15:13:57.0140 1984 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:13:57.0203 1984 NDProxy - ok
15:13:57.0218 1984 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:13:57.0296 1984 NetBIOS - ok
15:13:57.0312 1984 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:13:57.0406 1984 NetBT - ok
15:13:57.0437 1984 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:13:57.0531 1984 NetDDE - ok
15:13:57.0546 1984 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:13:57.0625 1984 NetDDEdsdm - ok
15:13:57.0656 1984 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:13:57.0750 1984 Netlogon - ok
15:13:57.0781 1984 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
15:13:57.0875 1984 Netman - ok
15:13:57.0953 1984 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:13:57.0968 1984 NetTcpPortSharing - ok
15:13:58.0000 1984 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:13:58.0093 1984 NIC1394 - ok
15:13:58.0125 1984 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
15:13:58.0156 1984 Nla - ok
15:13:58.0187 1984 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
15:13:58.0281 1984 nm - ok
15:13:58.0312 1984 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
15:13:58.0468 1984 nmwcd - ok
15:13:58.0484 1984 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
15:13:58.0546 1984 nmwcdc - ok
15:13:58.0578 1984 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
15:13:58.0640 1984 nmwcdnsu - ok
15:13:58.0656 1984 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
15:13:58.0718 1984 nmwcdnsuc - ok
15:13:58.0750 1984 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:13:58.0843 1984 Npfs - ok
15:13:58.0890 1984 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:13:59.0000 1984 Ntfs - ok
15:13:59.0031 1984 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:13:59.0125 1984 NtLmSsp - ok
15:13:59.0171 1984 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
15:13:59.0281 1984 NtmsSvc - ok
15:13:59.0312 1984 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:13:59.0437 1984 Null - ok
15:13:59.0453 1984 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:13:59.0593 1984 NwlnkFlt - ok
15:13:59.0609 1984 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:13:59.0750 1984 NwlnkFwd - ok
15:13:59.0781 1984 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:13:59.0859 1984 ohci1394 - ok
15:13:59.0906 1984 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
15:13:59.0921 1984 ose - ok
15:14:00.0140 1984 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:14:00.0375 1984 osppsvc - ok
15:14:00.0453 1984 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
15:14:00.0546 1984 Parport - ok
15:14:00.0562 1984 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:14:00.0640 1984 PartMgr - ok
15:14:00.0671 1984 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:14:00.0796 1984 ParVdm - ok
15:14:00.0828 1984 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:14:00.0859 1984 pccsmcfd - ok
15:14:00.0890 1984 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
15:14:00.0968 1984 PCI - ok
15:14:00.0968 1984 PCIDump - ok
15:14:01.0000 1984 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:14:01.0140 1984 PCIIde - ok
15:14:01.0156 1984 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:14:01.0234 1984 Pcmcia - ok
15:14:01.0234 1984 PDCOMP - ok
15:14:01.0250 1984 PDFRAME - ok
15:14:01.0250 1984 PDRELI - ok
15:14:01.0265 1984 PDRFRAME - ok
15:14:01.0265 1984 perc2 - ok
15:14:01.0265 1984 perc2hib - ok
15:14:01.0328 1984 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:14:01.0343 1984 PlugPlay - ok
15:14:01.0375 1984 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:14:01.0453 1984 PolicyAgent - ok
15:14:01.0484 1984 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:14:01.0593 1984 PptpMiniport - ok
15:14:01.0609 1984 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
15:14:01.0703 1984 Processor - ok
15:14:01.0703 1984 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:14:01.0796 1984 ProtectedStorage - ok
15:14:01.0796 1984 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:14:01.0890 1984 PSched - ok
15:14:01.0906 1984 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:14:02.0031 1984 Ptilink - ok
15:14:02.0046 1984 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:14:02.0062 1984 PxHelp20 - ok
15:14:02.0062 1984 ql1080 - ok
15:14:02.0078 1984 Ql10wnt - ok
15:14:02.0078 1984 ql12160 - ok
15:14:02.0078 1984 ql1240 - ok
15:14:02.0093 1984 ql1280 - ok
15:14:02.0125 1984 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:14:02.0265 1984 RasAcd - ok
15:14:02.0296 1984 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
15:14:02.0390 1984 RasAuto - ok
15:14:02.0406 1984 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:14:02.0500 1984 Rasl2tp - ok
15:14:02.0531 1984 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
15:14:02.0640 1984 RasMan - ok
15:14:02.0656 1984 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:14:02.0734 1984 RasPppoe - ok
15:14:02.0765 1984 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:14:02.0906 1984 Raspti - ok
15:14:02.0921 1984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:14:03.0015 1984 Rdbss - ok
15:14:03.0031 1984 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:14:03.0156 1984 RDPCDD - ok
15:14:03.0187 1984 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:14:03.0296 1984 rdpdr - ok
15:14:03.0328 1984 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
15:14:03.0359 1984 RDPWD - ok
15:14:03.0390 1984 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
15:14:03.0484 1984 RDSessMgr - ok
15:14:03.0500 1984 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:14:03.0593 1984 redbook - ok
15:14:03.0625 1984 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
15:14:03.0718 1984 RemoteAccess - ok
15:14:03.0734 1984 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
15:14:03.0828 1984 RemoteRegistry - ok
15:14:03.0859 1984 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
15:14:03.0953 1984 RpcLocator - ok
15:14:03.0984 1984 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:14:04.0000 1984 RpcSs - ok
15:14:04.0031 1984 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
15:14:04.0187 1984 RSVP - ok
15:14:04.0234 1984 RT73 (4ef3f74439aa644bcd8ddc0ed88a5d01) C:\WINDOWS\system32\DRIVERS\Dr71WU.sys
15:14:04.0281 1984 RT73 - ok
15:14:04.0312 1984 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
15:14:04.0343 1984 rtl8139 - ok
15:14:04.0375 1984 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:14:04.0468 1984 SamSs - ok
15:14:04.0500 1984 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
15:14:04.0609 1984 SCardSvr - ok
15:14:04.0640 1984 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
15:14:04.0734 1984 Schedule - ok
15:14:04.0765 1984 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:14:04.0859 1984 Secdrv - ok
15:14:04.0875 1984 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
15:14:04.0968 1984 seclogon - ok
15:14:05.0000 1984 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
15:14:05.0078 1984 SENS - ok
15:14:05.0093 1984 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:14:05.0187 1984 serenum - ok
15:14:05.0203 1984 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
15:14:05.0296 1984 Serial - ok
15:14:05.0453 1984 ServiceLayer (d0d2ff6132db177a5192891a8cc9578c) C:\Programme\PC Connectivity Solution\ServiceLayer.exe
15:14:05.0531 1984 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
15:14:05.0531 1984 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
15:14:05.0546 1984 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:14:05.0640 1984 Sfloppy - ok
15:14:05.0671 1984 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
15:14:05.0781 1984 SharedAccess - ok
15:14:05.0812 1984 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:14:05.0828 1984 ShellHWDetection - ok
15:14:05.0843 1984 Simbad - ok
15:14:05.0875 1984 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:14:05.0953 1984 SLIP - ok
15:14:05.0968 1984 Sparrow - ok
15:14:05.0984 1984 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:14:06.0078 1984 splitter - ok
15:14:06.0109 1984 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:14:06.0125 1984 Spooler - ok
15:14:06.0140 1984 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
15:14:06.0234 1984 sr - ok
15:14:06.0281 1984 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
15:14:06.0375 1984 srservice - ok
15:14:06.0421 1984 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:14:06.0468 1984 Srv - ok
15:14:06.0484 1984 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
15:14:06.0578 1984 SSDPSRV - ok
15:14:06.0593 1984 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:14:06.0609 1984 ssmdrv - ok
15:14:06.0640 1984 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
15:14:06.0765 1984 stisvc - ok
15:14:06.0796 1984 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:14:06.0890 1984 streamip - ok
15:14:06.0921 1984 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:14:07.0015 1984 swenum - ok
15:14:07.0109 1984 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe
15:14:07.0171 1984 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:14:07.0171 1984 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:14:07.0203 1984 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:14:07.0296 1984 swmidi - ok
15:14:07.0296 1984 SwPrv - ok
15:14:07.0312 1984 symc810 - ok
15:14:07.0312 1984 symc8xx - ok
15:14:07.0328 1984 sym_hi - ok
15:14:07.0328 1984 sym_u3 - ok
15:14:07.0359 1984 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:14:07.0437 1984 sysaudio - ok
15:14:07.0468 1984 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
15:14:07.0578 1984 SysmonLog - ok
15:14:07.0593 1984 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
15:14:07.0703 1984 TapiSrv - ok
15:14:07.0750 1984 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:14:07.0781 1984 Tcpip - ok
15:14:07.0828 1984 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
15:14:07.0859 1984 Tcpip6 - ok
15:14:07.0890 1984 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:14:08.0000 1984 TDPIPE - ok
15:14:08.0031 1984 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:14:08.0109 1984 TDTCP - ok
15:14:08.0140 1984 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:14:08.0234 1984 TermDD - ok
15:14:08.0265 1984 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
15:14:08.0359 1984 TermService - ok
15:14:08.0390 1984 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:14:08.0406 1984 Themes - ok
15:14:08.0437 1984 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
15:14:08.0531 1984 TlntSvr - ok
15:14:08.0531 1984 TosIde - ok
15:14:08.0546 1984 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
15:14:08.0656 1984 TrkWks - ok
15:14:08.0796 1984 TuneUp.UtilitiesSvc (af5f31156ee89d35ad6ec3179a805d23) C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
15:14:08.0875 1984 TuneUp.UtilitiesSvc - ok
15:14:08.0906 1984 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
15:14:08.0921 1984 TuneUpUtilitiesDrv - ok
15:14:08.0968 1984 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
15:14:09.0062 1984 tunmp - ok
15:14:09.0093 1984 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
15:14:09.0109 1984 TVICHW32 ( UnsignedFile.Multi.Generic ) - warning
15:14:09.0109 1984 TVICHW32 - detected UnsignedFile.Multi.Generic (1)
15:14:09.0140 1984 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:14:09.0234 1984 Udfs - ok
15:14:09.0234 1984 ultra - ok
15:14:09.0281 1984 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:14:09.0375 1984 Update - ok
15:14:09.0406 1984 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
15:14:09.0515 1984 upnphost - ok
15:14:09.0546 1984 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
15:14:09.0593 1984 upperdev - ok
15:14:09.0609 1984 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
15:14:09.0703 1984 UPS - ok
15:14:09.0734 1984 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:14:09.0828 1984 usbccgp - ok
15:14:09.0859 1984 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:14:09.0968 1984 usbehci - ok
15:14:09.0984 1984 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:14:10.0062 1984 usbhub - ok
15:14:10.0093 1984 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:14:10.0171 1984 usbohci - ok
15:14:10.0203 1984 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:14:10.0281 1984 usbprint - ok
15:14:10.0312 1984 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
15:14:10.0406 1984 usbser - ok
15:14:10.0421 1984 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
15:14:10.0484 1984 UsbserFilt - ok
15:14:10.0515 1984 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:14:10.0593 1984 usbstor - ok
15:14:10.0625 1984 UxTuneUp (6275822ac454a8a831d063841a4dbb5d) C:\WINDOWS\System32\uxtuneup.dll
15:14:10.0625 1984 UxTuneUp - ok
15:14:10.0640 1984 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:14:10.0734 1984 VgaSave - ok
15:14:10.0734 1984 ViaIde - ok
15:14:10.0750 1984 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
15:14:10.0843 1984 VolSnap - ok
15:14:10.0890 1984 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
15:14:10.0984 1984 VSS - ok
15:14:11.0015 1984 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
15:14:11.0109 1984 W32Time - ok
15:14:11.0140 1984 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:14:11.0234 1984 Wanarp - ok
15:14:11.0281 1984 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
15:14:11.0312 1984 Wdf01000 - ok
15:14:11.0312 1984 WDICA - ok
15:14:11.0343 1984 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:14:11.0421 1984 wdmaud - ok
15:14:11.0453 1984 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
15:14:11.0546 1984 WebClient - ok
15:14:11.0609 1984 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:14:11.0718 1984 winmgmt - ok
15:14:11.0750 1984 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:14:11.0812 1984 WmdmPmSN - ok
15:14:11.0875 1984 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
15:14:11.0921 1984 Wmi - ok
15:14:11.0968 1984 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:14:12.0062 1984 WmiApSrv - ok
15:14:12.0156 1984 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
15:14:12.0250 1984 WMPNetworkSvc - ok
15:14:12.0281 1984 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
15:14:12.0375 1984 wscsvc - ok
15:14:12.0421 1984 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:14:12.0515 1984 WSTCODEC - ok
15:14:12.0546 1984 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
15:14:12.0625 1984 wuauserv - ok
15:14:12.0656 1984 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:14:12.0687 1984 WudfPf - ok
15:14:12.0703 1984 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:14:12.0734 1984 WudfRd - ok
15:14:12.0750 1984 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:14:12.0765 1984 WudfSvc - ok
15:14:12.0812 1984 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
15:14:12.0953 1984 WZCSVC - ok
15:14:12.0968 1984 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
15:14:13.0078 1984 xmlprov - ok
15:14:13.0109 1984 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:14:13.0546 1984 \Device\Harddisk0\DR0 - ok
15:14:13.0562 1984 Boot (0x1200) (cf07a900b7a7ad1ee3e64132dfbff9db) \Device\Harddisk0\DR0\Partition0
15:14:13.0562 1984 \Device\Harddisk0\DR0\Partition0 - ok
15:14:13.0578 1984 Boot (0x1200) (e18d3cb1de2c56d59d6b3f835bb5c4dc) \Device\Harddisk0\DR0\Partition1
15:14:13.0578 1984 \Device\Harddisk0\DR0\Partition1 - ok
15:14:13.0578 1984 ============================================================
15:14:13.0578 1984 Scan finished
15:14:13.0578 1984 ============================================================
15:14:13.0687 3528 Detected object count: 11
15:14:13.0687 3528 Actual detected object count: 11
|
|
02.07.2012, 14:35
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner Log ist unvollständig, die untere Zusammenfassung fehlt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner |
| anhang, befall, bild, bilder, bundestrojaner, canon, datei, dateien, email, erklärung, gelöscht, gestern, heute, kunde, malwarebytes, mas, namen, problem, rechner, rechnung, rechung, richtig, runter, seite, taskmanager, volker, zipdatei, öffnen |
Button.
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
