Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PC plötzlich verlangsamt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.06.2012, 21:31   #1
ratsuchend
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Hallo Trojaner-Board-Forum-Leute =),

Problem
seit gestern habe ich ein Problem mit dem PC.
Ich habe Windows XP und schon der Anfangsbildschirm, wo "Windows XP" steht wird deutlich länger (~2 Minuten) angezeigt.
Beim online Video gucken ruckelt es und auch der Ton ist irgendwie verzerrt.
Aber auch wenn ich Audiodateien offline anhöre, klingen sie so seltsam.

Ursache?
Gestern hat eine Freundin grooveshark installiert (wollte was hören). Das habe ich aber mittlerweile mithilfe von "Mozilla -> Extras -> Add-ons -> Erweiterungen" entfernt.
Vor einer Weile, hatte ich einen Trojaner. Ich erinner mich nicht genau, habe ihn aber mit dem "Trojan Remover" irgendwie "beseitigt" (oder zum Stillschweigen gebracht )
Meine "Sicherheitsprogramme" sind
  • AVG Anti-Virus Free Edition 2012
  • Ad-Aware

Ich hoffe, ihr habt ein paar Tipps für mich, da ich mich leider nur sehr wenig mit solchen Sachen auskenne,

Gruß,
ratsuchend

Alt 19.06.2012, 09:23   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Zitat:
Vor einer Weile, hatte ich einen Trojaner.
Hast du da ncoh irgendwelche Logs über gefundene Schädlinge?
__________________

__________________

Alt 24.06.2012, 23:19   #3
ratsuchend
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Hey,
hab die letzten Tage viel gearbeitet, daher die Verzögerung.
Ich hab nach etwas Suchen folgendes gefunden- "Trojan Remover Logfile"- das müsste es ja sein, oder?
Freundliche Grüße

***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.8.3.2601. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 20:16:33 16 Jun 2012
Using Database v7899
Operating System: Windows XP Professional (SP3) [Build: 5.1.2600]
File System: NTFS
UserData directory: C:\Dokumente und Einstellungen\***\Anwendungsdaten\Simply Super Software\Trojan Remover\
Database directory: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software\Trojan Remover\Data\
Logfile directory: C:\Dokumente und Einstellungen\***\Eigene Dateien\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Programme\Trojan Remover\
Running with Administrator privileges

************************************************************
20:16:33: ----- CHECKING DEFAULT FILE ASSOCIATIONS -----
No modified default file associations detected

************************************************************
20:16:33: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
20:16:35: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [Explorer.exe]
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1036800 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\WINDOWS\system32\userinit.exe]
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
26624 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
Key value: [logonui.exe]
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
515072 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: Apoint
Value Data: C:\Programme\DellTPad\Apoint.exe
C:\Programme\DellTPad\Apoint.exe
159744 bytes
Created: 22.10.2008 11:14
Modified: 21.02.2008 23:24
Company: Alps Electric Co., Ltd.
--------------------
Value Name: DELL Webcam Manager
Value Data: "C:\Programme\Dell\Dell Webcam Manager\DellWMgr.exe" /s
C:\Programme\Dell\Dell Webcam Manager\DellWMgr.exe
118784 bytes
Created: 22.10.2008 02:31
Modified: 27.07.2007 17:43
Company: Creative Technology Ltd.
--------------------
Value Name: dellsupportcenter
Value Data: "C:\Programme\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
C:\Programme\Dell Support Center\bin\sprtcmd.exe
206064 bytes
Created: 21.05.2009 11:13
Modified: 21.05.2009 11:13
Company: SupportSoft, Inc.
--------------------
Value Name: AVG_TRAY
Value Data: "C:\Programme\AVG\AVG2012\avgtray.exe"
C:\Programme\AVG\AVG2012\avgtray.exe
2587008 bytes
Created: 05.04.2012 05:12
Modified: 05.04.2012 05:12
Company: AVG Technologies CZ, s.r.o.
--------------------
Value Name: vProt
Value Data: "C:\Programme\AVG Secure Search\vprot.exe"
C:\Programme\AVG Secure Search\vprot.exe
1104440 bytes
Created: 06.06.2012 21:43
Modified: 13.06.2012 16:59
Company:
--------------------
Value Name: Adobe Reader Speed Launcher
Value Data: "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
37296 bytes
Created: 27.03.2012 14:41
Modified: 27.03.2012 14:41
Company: Adobe Systems Incorporated
--------------------
Value Name: Adobe ARM
Value Data: "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
-R- 843712 bytes
Created: 02.01.2012 11:07
Modified: 02.01.2012 11:07
Company: Adobe Systems Incorporated
--------------------
Value Name: ROC_roc_dec12
Value Data: "C:\Programme\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
C:\Programme\AVG Secure Search\ROC_roc_dec12.exe - [file not found to scan]
--------------------
Value Name: SunJavaUpdateSched
Value Data: "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
254696 bytes
Created: 18.01.2012 14:02
Modified: 18.01.2012 14:02
Company: Sun Microsystems, Inc.
--------------------
Value Name: TrojanScanner
Value Data: C:\Programme\Trojan Remover\Trjscan.exe /boot
C:\Programme\Trojan Remover\Trjscan.exe
1238800 bytes
Created: 05.06.2012 10:00
Modified: 23.01.2012 14:12
Company: Simply Super Software
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: CTFMON.EXE
Value Data: C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
15360 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------
Value Name: ISUSPM
Value Data: "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" -scheduler
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe
205480 bytes
Created: 30.08.2007 11:50
Modified: 30.08.2007 11:50
Company: Macrovision Corporation
--------------------
Value Name: MSMSGS
Value Data: "C:\Programme\Messenger\msmsgs.exe" /background
C:\Programme\Messenger\msmsgs.exe
1695232 bytes
Created: 25.04.2008 16:57
Modified: 14.04.2008 21:52
Company: Microsoft Corporation
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty

************************************************************
20:16:43: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------

************************************************************
20:16:43: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
20:16:45: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\WINDOWS\system32\ssstars.scr
C:\WINDOWS\system32\ssstars.scr
14848 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------

************************************************************
20:16:46: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----

************************************************************
20:16:47: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
20:16:49: Scanning ----- SERVICES REGISTRY KEYS -----
Key: AdobeFlashPlayerUpdateSvc
ImagePath: C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
257224 bytes
Created: 01.04.2012 11:50
Modified: 16.06.2012 14:25
Company: Adobe Systems Incorporated
----------
Key: AegisP
ImagePath: system32\DRIVERS\AegisP.sys
C:\WINDOWS\system32\DRIVERS\AegisP.sys
21393 bytes
Created: 22.10.2008 02:29
Modified: 22.10.2008 02:29
Company: Cisco Systems, Inc.
----------
Key: atapi
ImagePath: system32\DRIVERS\atapi.sys
C:\WINDOWS\system32\DRIVERS\atapi.sys
96512 bytes
Created: 14.04.2008 02:10
Modified: 14.04.2008 14:10
Company: Microsoft Corporation
----------
Key: AVGIDSAgent
ImagePath: C:\Programme\AVG\AVG2012\AVGIDSAgent.exe
C:\Programme\AVG\AVG2012\AVGIDSAgent.exe
5106744 bytes
Created: 30.04.2012 09:44
Modified: 30.04.2012 09:44
Company: AVG Technologies CZ, s.r.o.
----------
Key: AVGIDSDriver
ImagePath: system32\DRIVERS\avgidsdriverx.sys
C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
139856 bytes
Created: 23.12.2011 13:32
Modified: 23.12.2011 13:32
Company: AVG Technologies CZ, s.r.o.
----------
Key: AVGIDSFilter
ImagePath: system32\DRIVERS\avgidsfilterx.sys
C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
24144 bytes
Created: 23.12.2011 13:32
Modified: 23.12.2011 13:32
Company: AVG Technologies CZ, s.r.o.
----------
Key: AVGIDSHX
ImagePath: system32\DRIVERS\avgidshx.sys
C:\WINDOWS\system32\DRIVERS\avgidshx.sys
24896 bytes
Created: 19.04.2012 04:50
Modified: 19.04.2012 04:50
Company: AVG Technologies CZ, s.r.o.
----------
Key: AVGIDSShim
ImagePath: system32\DRIVERS\avgidsshimx.sys
C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
17232 bytes
Created: 23.12.2011 13:32
Modified: 23.12.2011 13:32
Company: AVG Technologies CZ, s.r.o.
----------
Key: Avgldx86
ImagePath: system32\DRIVERS\avgldx86.sys
C:\WINDOWS\system32\DRIVERS\avgldx86.sys
235216 bytes
Created: 07.10.2011 07:23
Modified: 22.02.2012 05:25
Company: AVG Technologies CZ, s.r.o.
----------
Key: Avgmfx86
ImagePath: system32\DRIVERS\avgmfx86.sys
C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
41040 bytes
Created: 08.08.2011 07:08
Modified: 23.12.2011 13:32
Company: AVG Technologies CZ, s.r.o.
----------
Key: Avgrkx86
ImagePath: system32\DRIVERS\avgrkx86.sys
C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
31952 bytes
Created: 13.09.2011 07:30
Modified: 31.01.2012 04:46
Company: AVG Technologies CZ, s.r.o.
----------
Key: Avgtdix
ImagePath: system32\DRIVERS\avgtdix.sys
C:\WINDOWS\system32\DRIVERS\avgtdix.sys
301248 bytes
Created: 11.07.2011 02:14
Modified: 19.03.2012 05:17
Company: AVG Technologies CZ, s.r.o.
----------
Key: avgwd
ImagePath: C:\Programme\AVG\AVG2012\avgwdsvc.exe
C:\Programme\AVG\AVG2012\avgwdsvc.exe
193288 bytes
Created: 14.02.2012 04:53
Modified: 14.02.2012 04:53
Company: AVG Technologies CZ, s.r.o.
----------
Key: CVirtA
ImagePath: system32\DRIVERS\CVirtA.sys
C:\WINDOWS\system32\DRIVERS\CVirtA.sys
5275 bytes
Created: 18.01.2007 17:28
Modified: 18.01.2007 17:28
Company: Cisco Systems, Inc.
----------
Key: DLABMFSM
ImagePath: System32\Drivers\DLABMFSM.SYS
C:\WINDOWS\System32\Drivers\DLABMFSM.SYS
37360 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLABOIOM
ImagePath: System32\Drivers\DLABOIOM.SYS
C:\WINDOWS\System32\Drivers\DLABOIOM.SYS
32848 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLADResM
ImagePath: System32\Drivers\DLADResM.SYS
C:\WINDOWS\System32\Drivers\DLADResM.SYS
9104 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:05
Company: Roxio
----------
Key: DLAIFS_M
ImagePath: System32\Drivers\DLAIFS_M.SYS
C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS
108752 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLAOPIOM
ImagePath: System32\Drivers\DLAOPIOM.SYS
C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS
27216 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLAPoolM
ImagePath: System32\Drivers\DLAPoolM.SYS
C:\WINDOWS\System32\Drivers\DLAPoolM.SYS
16304 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLARTL_M
ImagePath: System32\Drivers\DLARTL_M.SYS
C:\WINDOWS\System32\Drivers\DLARTL_M.SYS
30064 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 15:49
Company: Roxio
----------
Key: DLAUDFAM
ImagePath: System32\Drivers\DLAUDFAM.SYS
C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS
93552 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLAUDF_M
ImagePath: System32\Drivers\DLAUDF_M.SYS
C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS
98448 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DRVNDDM
ImagePath: System32\Drivers\DRVNDDM.SYS
C:\WINDOWS\System32\Drivers\DRVNDDM.SYS
52000 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 15:43
Company: Roxio
----------
Key: EvtEng
ImagePath: C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
647168 bytes
Created: 25.07.2007 17:41
Modified: 25.07.2007 17:41
Company: Intel Corporation
----------
Key: ialm
ImagePath: system32\DRIVERS\igxpmp32.sys
C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
5776928 bytes
Created: 22.10.2008 11:14
Modified: 22.02.2008 02:06
Company: Intel Corporation
----------
Key: iaStor
ImagePath: system32\drivers\iaStor.sys
C:\WINDOWS\system32\drivers\iaStor.sys
305176 bytes
Created: 22.10.2008 11:14
Modified: 17.03.2008 23:59
Company: Intel Corporation
----------
Key: Lavasoft Ad-Aware Service
ImagePath: C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
2152720 bytes
Created: 28.10.2011 20:35
Modified: 07.06.2012 13:30
Company: Lavasoft Limited
----------
Key: Lavasoft Kernexplorer
ImagePath: \??\C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys
C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys
15232 bytes
Created: 28.10.2011 20:35
Modified: 28.10.2011 20:35
Company: [no info]
----------
Key: MozillaMaintenance
ImagePath: C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
129976 bytes
Created: 04.05.2012 23:23
Modified: 04.05.2012 23:23
Company: Mozilla Foundation
----------
Key: NETw4x32
ImagePath: system32\DRIVERS\NETw4x32.sys
C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
2211456 bytes
Created: 22.10.2008 11:13
Modified: 13.08.2007 03:05
Company: Intel Corporation
----------
Key: NETw5x32
ImagePath: system32\DRIVERS\NETw5x32.sys
C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
4221952 bytes
Created: 17.12.2009 21:12
Modified: 26.10.2009 06:47
Company: Intel Corporation
----------
Key: npggsvc
ImagePath: C:\WINDOWS\system32\GameMon.des -service
C:\WINDOWS\system32\GameMon.des
2784285 bytes
Created: 30.04.2009 22:36
Modified: 06.04.2009 05:07
Company: INCA Internet Co., Ltd.
----------
Key: O2FLASH
ImagePath: %SystemRoot%\system32\DRIVERS\o2flash.exe
C:\WINDOWS\system32\DRIVERS\o2flash.exe
71512 bytes
Created: 22.10.2008 11:13
Modified: 27.08.2008 02:39
Company: O2Micro International
----------
Key: O2MDRDR
ImagePath: system32\DRIVERS\o2media.sys
C:\WINDOWS\system32\DRIVERS\o2media.sys
51288 bytes
Created: 22.10.2008 11:13
Modified: 27.08.2008 02:39
Company: O2Micro
----------
Key: O2SDRDR
ImagePath: system32\DRIVERS\o2sd.sys
C:\WINDOWS\system32\DRIVERS\o2sd.sys
43608 bytes
Created: 22.10.2008 11:13
Modified: 27.08.2008 02:39
Company: O2Micro
----------
Key: OEM13Afx
ImagePath: \??\C:\WINDOWS\system32\Drivers\OEM13Afx.sys
C:\WINDOWS\system32\Drivers\OEM13Afx.sys
141376 bytes
Created: 22.10.2008 11:14
Modified: 16.07.2008 23:32
Company: Creative Technology Ltd.
----------
Key: OEM13Vfx
ImagePath: system32\DRIVERS\OEM13Vfx.sys
C:\WINDOWS\system32\DRIVERS\OEM13Vfx.sys
7424 bytes
Created: 22.10.2008 11:14
Modified: 16.07.2008 23:32
Company: EyePower Games Pte. Ltd.
----------
Key: OEM13Vid
ImagePath: system32\DRIVERS\OEM13Vid.sys
C:\WINDOWS\system32\DRIVERS\OEM13Vid.sys
235840 bytes
Created: 22.10.2008 11:14
Modified: 16.07.2008 23:32
Company: Creative Technology Ltd.
----------
Key: ose
ImagePath: "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE"
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
149352 bytes
Created: 09.01.2010 22:18
Modified: 09.01.2010 22:18
Company: Microsoft Corporation
----------
Key: osppsvc
ImagePath: "C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
4640000 bytes
Created: 09.01.2010 22:37
Modified: 09.01.2010 22:37
Company: Microsoft Corporation
----------
Key: RegSrvc
ImagePath: C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
327680 bytes
Created: 25.07.2007 17:22
Modified: 25.07.2007 17:22
Company: Intel Corporation
----------
Key: S24EventMonitor
ImagePath: C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
987136 bytes
Created: 25.07.2007 17:29
Modified: 25.07.2007 17:29
Company: Intel Corporation
----------
Key: sprtsvc_dellsupportcenter
ImagePath: C:\Programme\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter
C:\Programme\Dell Support Center\bin\sprtsvc.exe
201968 bytes
Created: 14.08.2008 01:04
Modified: 14.08.2008 01:04
Company: SupportSoft, Inc.
----------
Key: stllssvr
ImagePath: "C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe"
C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe
-R- 69632 bytes
Created: 11.07.2007 09:33
Modified: 11.07.2007 09:33
Company: MicroVision Development, Inc.
----------
Key: SwPrv
ImagePath: C:\WINDOWS\system32\dllhost.exe /Processid:{CD5BB325-1698-4C3A-8782-0923E72A4E6B}
C:\WINDOWS\system32\dllhost.exe
5120 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
----------
Key: tosporte
ImagePath: system32\DRIVERS\tosporte.sys
C:\WINDOWS\system32\DRIVERS\tosporte.sys
41600 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation
----------
Key: tosrfbd
ImagePath: system32\DRIVERS\tosrfbd.sys
C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
113920 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA CORPORATION
----------
Key: tosrfbnp
ImagePath: System32\Drivers\tosrfbnp.sys
C:\WINDOWS\System32\Drivers\tosrfbnp.sys
36480 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation
----------
Key: Tosrfcom
ImagePath: System32\Drivers\tosrfcom.sys
C:\WINDOWS\System32\Drivers\tosrfcom.sys
64896 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation
----------
Key: Tosrfhid
ImagePath: system32\DRIVERS\Tosrfhid.sys
C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
73600 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation.
----------
Key: tosrfnds
ImagePath: system32\DRIVERS\tosrfnds.sys
C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
18612 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation.
----------
Key: Tosrfusb
ImagePath: system32\DRIVERS\tosrfusb.sys
C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
41856 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA CORPORATION
----------
Key: usbvideo
ImagePath: System32\Drivers\usbvideo.sys
C:\WINDOWS\System32\Drivers\usbvideo.sys
121984 bytes
Created: 22.10.2008 15:18
Modified: 14.04.2008 14:16
Company: Microsoft Corporation
----------
Key: usnjsvc
ImagePath: "C:\Programme\Windows Live\Messenger\usnsvc.exe"
C:\Programme\Windows Live\Messenger\usnsvc.exe
98328 bytes
Created: 18.10.2007 12:31
Modified: 18.10.2007 12:31
Company: Microsoft Corporation
----------
Key: vsdatant
ImagePath: \??\C:\WINDOWS\system32\vsdatant.sys
C:\WINDOWS\system32\vsdatant.sys - [file not found to scan]
----------
Key: vToolbarUpdater11.1.0
ImagePath: C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
935480 bytes
Created: 13.06.2012 16:59
Modified: 13.06.2012 16:59
Company:
----------
Key: WLANKEEPER
ImagePath: C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
294912 bytes
Created: 25.07.2007 17:32
Modified: 25.07.2007 17:32
Company: Intel(R) Corporation
----------
Key: WLSetupSvc
ImagePath: "C:\Programme\Windows Live\installer\WLSetupSvc.exe"
C:\Programme\Windows Live\installer\WLSetupSvc.exe
266240 bytes
Created: 25.10.2007 16:27
Modified: 25.10.2007 16:27
Company: Microsoft Corporation
----------
Key: WpdUsb
ImagePath: System32\Drivers\wpdusb.sys
C:\WINDOWS\System32\Drivers\wpdusb.sys
18944 bytes
Created: 28.01.2005 14:44
Modified: 28.01.2005 02:36
Company: Microsoft Corporation
----------

************************************************************
20:17:32: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:

************************************************************
20:17:32: Scanning ----- WINLOGON\NOTIFY DLLS -----

************************************************************
20:17:32: Scanning ----- CONTEXTMENUHANDLERS -----
Key: AVG Shell Extension
CLSID: {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
Path: C:\Programme\AVG\AVG2012\avgse.dll
C:\Programme\AVG\AVG2012\avgse.dll
158560 bytes
Created: 14.02.2012 04:53
Modified: 14.02.2012 04:53
Company: AVG Technologies CZ, s.r.o.
----------
Key: LavasoftShellExt
CLSID: {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}
Path: C:\Programme\Lavasoft\Ad-Aware\ShellExt.dll
C:\Programme\Lavasoft\Ad-Aware\ShellExt.dll
493344 bytes
Created: 28.10.2011 20:35
Modified: 07.06.2012 13:30
Company: Lavasoft Limited
----------
Key: Notepad++
CLSID: {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}
File: [CLSID does not appear to reference a file]
----------

************************************************************
20:17:34: Scanning ----- FOLDER\COLUMNHANDLERS -----
Key: {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
File: C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
420864 bytes
Created: 17.01.2011 17:19
Modified: 17.01.2011 17:19
Company: OpenOffice.org
----------
Key: {F9DB5320-233E-11D1-9F84-707F02C10627}
File: C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
378264 bytes
Created: 26.03.2012 17:52
Modified: 26.03.2012 17:52
Company: Adobe Systems, Inc.
----------

************************************************************
20:17:34: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}
BHO: C:\Programme\AVG\AVG2012\avgdtiex.dll
C:\Programme\AVG\AVG2012\avgdtiex.dll
936528 bytes
Created: 20.04.2012 19:56
Modified: 20.04.2012 19:56
Company: AVG Technologies CZ, s.r.o.
----------
Key: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
BHO: C:\Programme\AVG\AVG2012\avgssie.dll
C:\Programme\AVG\AVG2012\avgssie.dll
1390672 bytes
Created: 13.04.2012 17:40
Modified: 13.04.2012 17:40
Company: AVG Technologies CZ, s.r.o.
----------
Key: {95B7759C-8C7F-4BF1-B163-73684A933233}
BHO: C:\Programme\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
C:\Programme\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
2068536 bytes
Created: 13.06.2012 16:59
Modified: 13.06.2012 16:59
Company:
----------
Key: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
BHO: C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
3834016 bytes
Created: 10.10.2011 12:09
Modified: 10.10.2011 12:09
Company: Skype Technologies S.A.
----------
Key: {B4F3A835-0E21-4959-BA22-42B3008E02FF}
BHO: C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
561552 bytes
Created: 21.12.2010 02:05
Modified: 21.12.2010 02:05
Company: Microsoft Corporation
----------

************************************************************
20:17:36: Scanning ----- SHELLSERVICEOBJECTS -----

************************************************************
20:17:36: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----

************************************************************
20:17:37: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
20:17:37: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank or does not exist

************************************************************
20:17:38: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
20:17:38: Scanning ------ COMMON STARTUP GROUP ------
[C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart]
The Common Startup Group attempts to load the following file(s) at boot time:
Bluetooth Manager.lnk - links to C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe
2150400 bytes
Created: 11.01.2007 21:43
Modified: 11.01.2007 21:43
Company: TOSHIBA CORPORATION.
--------------------
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-HS- 84 bytes
Created: 25.04.2008 03:52
Modified: 25.04.2008 17:00
Company: [no info]
--------------------

************************************************************
No User Startup Groups were located to check

************************************************************
20:17:38: Scanning ----- SCHEDULED TASKS -----
Taskname: Ad-Aware Update (Weekly)
File: C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
1744312 bytes
Created: 28.10.2011 20:35
Modified: 07.06.2012 13:30
Company: Lavasoft Limited
Parameters: update all silent repair
Schedule: Um 13:18 wöchentlich jeden Mo, Do, ab dem 12.03.2012
Next Run Time: 18.06.2012 13:18:00
Status: Has not run
Creator: SYSTEM
Comments: This will perform a scheduled update with Ad-Aware
----------
Taskname: Adobe Flash Player Updater
File: C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
257224 bytes
Created: 01.04.2012 11:50
Modified: 16.06.2012 14:25
Company: Adobe Systems Incorporated
Schedule: Alle 1 Stunde(n) ab 00:26. Dauer: 24 Stunde(n) täglich, ab dem 01.01.2000
Next Run Time: 16.06.2012 20:26:00
Status: Ready
Creator: Adobe Systems Incorporated
Comments: Mit diesem Task ist Ihre Flash Player-Installation immer aktuell und verwendet die neuesten Verbesserungen und Sicherheits-Fixes. Wenn dieser Task deaktiviert oder entfernt wird, kann Adobe Flash Player Ihren Computer nicht automatisch mit den neuesten Sicherheits-Fixes sichern.
----------

************************************************************
20:17:40: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
20:17:40: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: msacm.voxacm160
File: vct3216.acm
C:\WINDOWS\system32\vct3216.acm
82944 bytes
Created: 26.10.2008 17:32
Modified: 22.05.2003 01:50
Company: Voxware, Inc.
----------
Value: msacm.alf2cd
File: alf2cd.acm
C:\WINDOWS\system32\alf2cd.acm
38912 bytes
Created: 26.10.2008 17:32
Modified: 22.05.2003 01:50
Company: NCT Company
----------
Value: msacm.ac3acm
File: AC3ACM.acm
C:\WINDOWS\system32\AC3ACM.acm
81920 bytes
Created: 26.10.2008 17:32
Modified: 04.02.2004 23:11
Company: fccHandler
----------
Value: vidc.dvsd
File: mcdvd_32.dll
C:\WINDOWS\system32\mcdvd_32.dll
261632 bytes
Created: 26.10.2008 17:32
Modified: 27.09.2007 16:22
Company: MainConcept
----------
Value: vidc.VP60
File: C:\WINDOWS\system32\vp6vfw.dll
C:\WINDOWS\system32\vp6vfw.dll
-R- 442368 bytes
Created: 14.12.2010 21:30
Modified: 26.02.2005 07:34
Company: On2.com
----------
Value: vidc.VP61
File: C:\WINDOWS\system32\vp6vfw.dll
C:\WINDOWS\system32\vp6vfw.dll - file already scanned
----------

************************************************************
20:17:44: ----- ADDITIONAL CHECKS -----
PE386 rootkit checks completed
----------
Winlogon registry rootkit checks completed
----------
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper entry is blank
----------
Web Desktop Wallpaper entry is blank
----------
DNS Server information:
Interface:
NameServers: 192.168.1.10 192.168.1.130
Checks for rogue DNS NameServers completed
----------
Additional checks completed

************************************************************
20:17:46: Scanning ----- RUNNING PROCESSES -----

C:\WINDOWS\System32\smss.exe
50688 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------
C:\WINDOWS\system32\csrss.exe
6144 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------
C:\WINDOWS\system32\winlogon.exe
513024 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------
C:\WINDOWS\system32\services.exe
111104 bytes
Created: 25.04.2008 11:45
Modified: 09.02.2009 13:21
Company: Microsoft Corporation
--------------------
C:\WINDOWS\system32\lsass.exe
13312 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------
C:\WINDOWS\system32\svchost.exe
14336 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------
C:\WINDOWS\system32\spoolsv.exe
58880 bytes
Created: 25.04.2008 11:45
Modified: 17.08.2010 15:17
Company: Microsoft Corporation
--------------------
C:\Programme\Java\jre6\bin\jqs.exe
153376 bytes
Created: 04.06.2012 09:07
Modified: 04.06.2012 09:07
Company: Sun Microsystems, Inc.
--------------------
C:\Programme\Dell Support Center\bin\sprtsvc.exe
201968 bytes
Created: 14.08.2008 01:04
Modified: 14.08.2008 01:04
Company: SupportSoft, Inc.
--------------------
C:\Programme\AVG\AVG2012\avgnsx.exe
1254992 bytes
Created: 19.04.2012 04:51
Modified: 19.04.2012 04:51
Company: AVG Technologies CZ, s.r.o.
--------------------
C:\Programme\AVG\AVG2012\avgemcx.exe
979840 bytes
Created: 19.03.2012 05:18
Modified: 19.03.2012 05:18
Company: AVG Technologies CZ, s.r.o.
--------------------
C:\WINDOWS\system32\wdfmgr.exe
38912 bytes
Created: 28.01.2005 14:44
Modified: 28.01.2005 02:36
Company: Microsoft Corporation
--------------------
C:\Programme\AVG\AVG2012\avgrsx.exe
758112 bytes
Created: 14.02.2012 04:53
Modified: 14.02.2012 04:53
Company: AVG Technologies CZ, s.r.o.
--------------------
C:\Programme\AVG\AVG2012\avgcsrvx.exe
338784 bytes
Created: 14.02.2012 04:52
Modified: 14.02.2012 04:52
Company: AVG Technologies CZ, s.r.o.
--------------------
C:\Programme\DellTPad\ApMsgFwd.exe
50736 bytes
Created: 22.10.2008 11:14
Modified: 21.02.2008 23:24
Company: Alps Electric Co., Ltd.
--------------------
C:\Programme\DellTPad\HidFind.exe
40960 bytes
Created: 22.10.2008 11:14
Modified: 21.02.2008 23:25
Company: Alps Electric Co., Ltd.
--------------------
C:\Programme\DellTPad\Apntex.exe
49152 bytes
Created: 22.10.2008 11:14
Modified: 21.02.2008 23:24
Company: Alps Electric Co., Ltd.
--------------------
C:\WINDOWS\system32\wbem\unsecapp.exe
16896 bytes
Created: 25.04.2008 16:57
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------
C:\WINDOWS\system32\wbem\wmiprvse.exe
227840 bytes
Created: 25.04.2008 16:56
Modified: 06.02.2009 12:10
Company: Microsoft Corporation
--------------------
C:\WINDOWS\system32\wbem\wmiapsrv.exe
126464 bytes
Created: 25.04.2008 16:56
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
2150400 bytes
Created: 11.01.2007 21:43
Modified: 11.01.2007 21:43
Company: TOSHIBA CORPORATION.
--------------------
C:\Programme\OpenOffice.org 3\program\soffice.exe
11322880 bytes
Created: 17.01.2011 19:50
Modified: 17.01.2011 19:50
Company: OpenOffice.org
--------------------
C:\Programme\OpenOffice.org 3\program\soffice.bin
11314688 bytes
Created: 17.01.2011 19:50
Modified: 17.01.2011 19:50
Company: OpenOffice.org
--------------------
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
1187072 bytes
Created: 28.10.2011 20:35
Modified: 07.06.2012 13:30
Company: Lavasoft Limited
--------------------
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
278528 bytes
Created: 18.12.2006 16:22
Modified: 18.12.2006 16:22
Company: TOSHIBA CORPORATION.
--------------------
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
69632 bytes
Created: 24.01.2006 00:14
Modified: 24.01.2006 00:14
Company: TOSHIBA CORPORATION.
--------------------
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
270336 bytes
Created: 27.10.2006 21:13
Modified: 27.10.2006 21:13
Company: TOSHIBA CORPORATION.
--------------------
C:\Programme\Mozilla Firefox\firefox.exe
924600 bytes
Created: 07.01.2012 13:17
Modified: 04.05.2012 23:23
Company: Mozilla Corporation
--------------------
C:\Programme\Mozilla Firefox\plugin-container.exe
16824 bytes
Created: 07.01.2012 13:17
Modified: 04.05.2012 23:23
Company: Mozilla Corporation
--------------------
C:\Programme\AVG\AVG2012\avgui.exe
4361296 bytes
Created: 13.04.2012 17:40
Modified: 13.04.2012 17:40
Company: AVG Technologies CZ, s.r.o.
--------------------
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Simply Super Software\Trojan Remover\due82.exe
FileSize: 4746488
[This is a Trojan Remover component]
--------------------
--------------------

************************************************************
20:17:57: Checking HOSTS file
No HOSTS file found to check

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
Dell Offizielle Seite | Dell Deutschland
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
Dell Offizielle Seite | Dell Deutschland
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
Dell-Suchseite
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
Personalisierte Startseite
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\WINDOWS\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
Dell-Suchseite
HKCU\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
Personalisierte Startseite

************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 20:17:57 16 Jun 2012
Total Scan time: 00:01:23
************************************************************


***** THE SYSTEM HAS BEEN RESTARTED *****
05.06.2012 10:24:33: Trojan Remover has been restarted
=======================================================
Removing the following registry keys:
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DLACDBHM.SYS - already removed (or did not exist)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DLACDBHM.SYS - already removed (or did not exist)
=======================================================
=======================================================
Deleting the following registry value(s):
HKLM\SYSTEM\CurrentControlSet\Services\DLACDBHM\[ImagePath] - already deleted
=======================================================
05.06.2012 10:24:33: Trojan Remover closed
************************************************************


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.8.3.2601. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 10:01:33 05 Jun 2012
Using Database v7899
Operating System: Windows XP Professional (SP3) [Build: 5.1.2600]
File System: NTFS
UserData directory: C:\Dokumente und Einstellungen\***\Anwendungsdaten\Simply Super Software\Trojan Remover\
Database directory: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software\Trojan Remover\Data\
Logfile directory: C:\Dokumente und Einstellungen\***\Eigene Dateien\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Programme\Trojan Remover\
Running with Administrator privileges

************************************************************
10:01:33: ----- CHECKING DEFAULT FILE ASSOCIATIONS -----
StartMenuInternet\IEXPLORE.EXE entry: ["C:\Programme\Internet Explorer\iexplore.exe"]
This entry loads the following file:
C:\Programme\Internet Explorer\iexplore.exe
638816 bytes
Created: 25.04.2008 16:58
Modified: 08.03.2009 15:09
Company: Microsoft Corporation
C:\Programme\Internet Explorer\iexplore.exe - process is either not running or could not be terminated
C:\Programme\Internet Explorer\iexplore.exe - file renamed to: C:\Programme\Internet Explorer\iexplore.exe.vir
The SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command registry entry has been reset to its default

************************************************************
10:02:09: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
10:02:10: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [Explorer.exe]
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1036800 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\WINDOWS\system32\userinit.exe]
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
26624 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
Key value: [logonui.exe]
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
515072 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: Apoint
Value Data: C:\Programme\DellTPad\Apoint.exe
C:\Programme\DellTPad\Apoint.exe
159744 bytes
Created: 22.10.2008 11:14
Modified: 21.02.2008 23:24
Company: Alps Electric Co., Ltd.
--------------------
Value Name: DELL Webcam Manager
Value Data: "C:\Programme\Dell\Dell Webcam Manager\DellWMgr.exe" /s
C:\Programme\Dell\Dell Webcam Manager\DellWMgr.exe
118784 bytes
Created: 22.10.2008 02:31
Modified: 27.07.2007 17:43
Company: Creative Technology Ltd.
--------------------
Value Name: dellsupportcenter
Value Data: "C:\Programme\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
C:\Programme\Dell Support Center\bin\sprtcmd.exe
206064 bytes
Created: 21.05.2009 11:13
Modified: 21.05.2009 11:13
Company: SupportSoft, Inc.
--------------------
Value Name: AVG_TRAY
Value Data: "C:\Programme\AVG\AVG2012\avgtray.exe"
C:\Programme\AVG\AVG2012\avgtray.exe
2416480 bytes
Created: 24.01.2012 18:24
Modified: 24.01.2012 18:24
Company: AVG Technologies CZ, s.r.o.
--------------------
Value Name: vProt
Value Data: "C:\Programme\AVG Secure Search\vprot.exe"
C:\Programme\AVG Secure Search\vprot.exe
982880 bytes
Created: 07.01.2012 15:51
Modified: 31.03.2012 18:17
Company:
--------------------
Value Name: Adobe Reader Speed Launcher
Value Data: "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
37296 bytes
Created: 27.03.2012 14:41
Modified: 27.03.2012 14:41
Company: Adobe Systems Incorporated
--------------------
Value Name: Adobe ARM
Value Data: "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
-R- 843712 bytes
Created: 02.01.2012 11:07
Modified: 02.01.2012 11:07
Company: Adobe Systems Incorporated
--------------------
Value Name: ROC_roc_dec12
Value Data: "C:\Programme\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
C:\Programme\AVG Secure Search\ROC_roc_dec12.exe
928096 bytes
Created: 19.01.2012 17:27
Modified: 19.01.2012 17:27
Company:
--------------------
Value Name: SunJavaUpdateSched
Value Data: "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
254696 bytes
Created: 18.01.2012 14:02
Modified: 18.01.2012 14:02
Company: Sun Microsystems, Inc.
--------------------
Value Name: TrojanScanner
Value Data: C:\Programme\Trojan Remover\Trjscan.exe /boot
C:\Programme\Trojan Remover\Trjscan.exe
1238800 bytes
Created: 05.06.2012 10:00
Modified: 23.01.2012 14:12
Company: Simply Super Software
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: CTFMON.EXE
Value Data: C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
15360 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------
Value Name: ISUSPM
Value Data: "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" -scheduler
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe
205480 bytes
Created: 30.08.2007 11:50
Modified: 30.08.2007 11:50
Company: Macrovision Corporation
--------------------
Value Name: MSMSGS
Value Data: "C:\Programme\Messenger\msmsgs.exe" /background
C:\Programme\Messenger\msmsgs.exe
1695232 bytes
Created: 25.04.2008 16:57
Modified: 14.04.2008 21:52
Company: Microsoft Corporation
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty

************************************************************
10:02:16: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------

************************************************************
10:02:16: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
10:02:17: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\WINDOWS\system32\ssstars.scr
C:\WINDOWS\system32\ssstars.scr
14848 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
--------------------

************************************************************
10:02:17: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----

************************************************************
10:02:18: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
10:02:20: Scanning ----- SERVICES REGISTRY KEYS -----
Key: AdobeFlashPlayerUpdateSvc
ImagePath: C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
257696 bytes
Created: 01.04.2012 11:50
Modified: 05.05.2012 11:35
Company: Adobe Systems Incorporated
----------
Key: AegisP
ImagePath: system32\DRIVERS\AegisP.sys
C:\WINDOWS\system32\DRIVERS\AegisP.sys
21393 bytes
Created: 22.10.2008 02:29
Modified: 22.10.2008 02:29
Company: Cisco Systems, Inc.
----------
Key: atapi
ImagePath: system32\DRIVERS\atapi.sys
C:\WINDOWS\system32\DRIVERS\atapi.sys
96512 bytes
Created: 14.04.2008 02:10
Modified: 14.04.2008 14:10
Company: Microsoft Corporation
----------
Key: AVGIDSAgent
ImagePath: C:\Programme\AVG\AVG2012\AVGIDSAgent.exe
C:\Programme\AVG\AVG2012\AVGIDSAgent.exe
4433248 bytes
Created: 12.10.2011 07:25
Modified: 12.10.2011 07:25
Company: AVG Technologies CZ, s.r.o.
----------
Key: AVGIDSDriver
ImagePath: system32\DRIVERS\AVGIDSDriver.Sys
C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
134608 bytes
Created: 11.07.2011 02:14
Modified: 11.07.2011 02:14
Company: AVG Technologies CZ, s.r.o.
----------
Key: AVGIDSEH
ImagePath: system32\DRIVERS\AVGIDSEH.Sys
C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
23120 bytes
Created: 11.07.2011 02:14
Modified: 11.07.2011 02:14
Company: AVG Technologies CZ, s.r.o.
----------
Key: AVGIDSFilter
ImagePath: system32\DRIVERS\AVGIDSFilter.Sys
C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
24272 bytes
Created: 11.07.2011 02:14
Modified: 11.07.2011 02:14
Company: AVG Technologies CZ, s.r.o.
----------
Key: AVGIDSShim
ImagePath: system32\DRIVERS\AVGIDSShim.Sys
C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
16720 bytes
Created: 04.10.2011 07:21
Modified: 04.10.2011 07:21
Company: AVG Technologies CZ, s.r.o.
----------
Key: Avgldx86
ImagePath: system32\DRIVERS\avgldx86.sys
C:\WINDOWS\system32\DRIVERS\avgldx86.sys
230608 bytes
Created: 07.10.2011 07:23
Modified: 07.10.2011 07:23
Company: AVG Technologies CZ, s.r.o.
----------
Key: Avgmfx86
ImagePath: system32\DRIVERS\avgmfx86.sys
C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
40016 bytes
Created: 08.08.2011 07:08
Modified: 08.08.2011 07:08
Company: AVG Technologies CZ, s.r.o.
----------
Key: Avgrkx86
ImagePath: system32\DRIVERS\avgrkx86.sys
C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
32592 bytes
Created: 13.09.2011 07:30
Modified: 13.09.2011 07:30
Company: AVG Technologies CZ, s.r.o.
----------
Key: Avgtdix
ImagePath: system32\DRIVERS\avgtdix.sys
C:\WINDOWS\system32\DRIVERS\avgtdix.sys
295248 bytes
Created: 11.07.2011 02:14
Modified: 11.07.2011 02:14
Company: AVG Technologies CZ, s.r.o.
----------
Key: avgwd
ImagePath: C:\Programme\AVG\AVG2012\avgwdsvc.exe
C:\Programme\AVG\AVG2012\avgwdsvc.exe
192776 bytes
Created: 02.08.2011 07:09
Modified: 02.08.2011 07:09
Company: AVG Technologies CZ, s.r.o.
----------
Key: CVirtA
ImagePath: system32\DRIVERS\CVirtA.sys
C:\WINDOWS\system32\DRIVERS\CVirtA.sys
5275 bytes
Created: 18.01.2007 17:28
Modified: 18.01.2007 17:28
Company: Cisco Systems, Inc.
----------
Key: DLABMFSM
ImagePath: System32\Drivers\DLABMFSM.SYS
C:\WINDOWS\System32\Drivers\DLABMFSM.SYS
37360 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLABOIOM
ImagePath: System32\Drivers\DLABOIOM.SYS
C:\WINDOWS\System32\Drivers\DLABOIOM.SYS
32848 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLACDBHM
ImagePath: System32\Drivers\DLACDBHM.SYS
C:\WINDOWS\System32\Drivers\DLACDBHM.SYS
14576 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 15:49
Company: Roxio
C:\WINDOWS\System32\Drivers\DLACDBHM.SYS appears to contain: TROJAN.TDSS
C:\WINDOWS\System32\Drivers\DLACDBHM.SYS - this registry value has been removed
C:\WINDOWS\System32\Drivers\DLACDBHM.SYS - file renamed to: C:\WINDOWS\System32\Drivers\DLACDBHM.SYS.vir
----------
Key: DLADResM
ImagePath: System32\Drivers\DLADResM.SYS
C:\WINDOWS\System32\Drivers\DLADResM.SYS
9104 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:05
Company: Roxio
----------
Key: DLAIFS_M
ImagePath: System32\Drivers\DLAIFS_M.SYS
C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS
108752 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLAOPIOM
ImagePath: System32\Drivers\DLAOPIOM.SYS
C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS
27216 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLAPoolM
ImagePath: System32\Drivers\DLAPoolM.SYS
C:\WINDOWS\System32\Drivers\DLAPoolM.SYS
16304 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLARTL_M
ImagePath: System32\Drivers\DLARTL_M.SYS
C:\WINDOWS\System32\Drivers\DLARTL_M.SYS
30064 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 15:49
Company: Roxio
----------
Key: DLAUDFAM
ImagePath: System32\Drivers\DLAUDFAM.SYS
C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS
93552 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DLAUDF_M
ImagePath: System32\Drivers\DLAUDF_M.SYS
C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS
98448 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 16:04
Company: Roxio
----------
Key: DRVNDDM
ImagePath: System32\Drivers\DRVNDDM.SYS
C:\WINDOWS\System32\Drivers\DRVNDDM.SYS
52000 bytes
Created: 22.10.2008 02:34
Modified: 23.07.2007 15:43
Company: Roxio
----------
Key: EvtEng
ImagePath: C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
647168 bytes
Created: 25.07.2007 17:41
Modified: 25.07.2007 17:41
Company: Intel Corporation
----------
Key: ialm
ImagePath: system32\DRIVERS\igxpmp32.sys
C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
5776928 bytes
Created: 22.10.2008 11:14
Modified: 22.02.2008 02:06
Company: Intel Corporation
----------
Key: iaStor
ImagePath: system32\drivers\iaStor.sys
C:\WINDOWS\system32\drivers\iaStor.sys
305176 bytes
Created: 22.10.2008 11:14
Modified: 17.03.2008 23:59
Company: Intel Corporation
----------
Key: Lavasoft Ad-Aware Service
ImagePath: C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
2152688 bytes
Created: 28.10.2011 20:35
Modified: 14.05.2012 18:12
Company: Lavasoft Limited
----------
Key: Lavasoft Kernexplorer
ImagePath: \??\C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys
C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys
15232 bytes
Created: 28.10.2011 20:35
Modified: 28.10.2011 20:35
Company: [no info]
----------
Key: MozillaMaintenance
ImagePath: C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
129976 bytes
Created: 04.05.2012 23:23
Modified: 04.05.2012 23:23
Company: Mozilla Foundation
----------
Key: NETw4x32
ImagePath: system32\DRIVERS\NETw4x32.sys
C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
2211456 bytes
Created: 22.10.2008 11:13
Modified: 13.08.2007 03:05
Company: Intel Corporation
----------
Key: NETw5x32
ImagePath: system32\DRIVERS\NETw5x32.sys
C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
4221952 bytes
Created: 17.12.2009 21:12
Modified: 26.10.2009 06:47
Company: Intel Corporation
----------
Key: npggsvc
ImagePath: C:\WINDOWS\system32\GameMon.des -service
C:\WINDOWS\system32\GameMon.des
2784285 bytes
Created: 30.04.2009 22:36
Modified: 06.04.2009 05:07
Company: INCA Internet Co., Ltd.
----------
Key: O2FLASH
ImagePath: %SystemRoot%\system32\DRIVERS\o2flash.exe
C:\WINDOWS\system32\DRIVERS\o2flash.exe
71512 bytes
Created: 22.10.2008 11:13
Modified: 27.08.2008 02:39
Company: O2Micro International
----------
Key: O2MDRDR
ImagePath: system32\DRIVERS\o2media.sys
C:\WINDOWS\system32\DRIVERS\o2media.sys
51288 bytes
Created: 22.10.2008 11:13
Modified: 27.08.2008 02:39
Company: O2Micro
----------
Key: O2SDRDR
ImagePath: system32\DRIVERS\o2sd.sys
C:\WINDOWS\system32\DRIVERS\o2sd.sys
43608 bytes
Created: 22.10.2008 11:13
Modified: 27.08.2008 02:39
Company: O2Micro
----------
Key: OEM13Afx
ImagePath: \??\C:\WINDOWS\system32\Drivers\OEM13Afx.sys
C:\WINDOWS\system32\Drivers\OEM13Afx.sys
141376 bytes
Created: 22.10.2008 11:14
Modified: 16.07.2008 23:32
Company: Creative Technology Ltd.
----------
Key: OEM13Vfx
ImagePath: system32\DRIVERS\OEM13Vfx.sys
C:\WINDOWS\system32\DRIVERS\OEM13Vfx.sys
7424 bytes
Created: 22.10.2008 11:14
Modified: 16.07.2008 23:32
Company: EyePower Games Pte. Ltd.
----------
Key: OEM13Vid
ImagePath: system32\DRIVERS\OEM13Vid.sys
C:\WINDOWS\system32\DRIVERS\OEM13Vid.sys
235840 bytes
Created: 22.10.2008 11:14
Modified: 16.07.2008 23:32
Company: Creative Technology Ltd.
----------
Key: ose
ImagePath: "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE"
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
149352 bytes
Created: 09.01.2010 22:18
Modified: 09.01.2010 22:18
Company: Microsoft Corporation
----------
Key: osppsvc
ImagePath: "C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
4640000 bytes
Created: 09.01.2010 22:37
Modified: 09.01.2010 22:37
Company: Microsoft Corporation
----------
Key: RegSrvc
ImagePath: C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
327680 bytes
Created: 25.07.2007 17:22
Modified: 25.07.2007 17:22
Company: Intel Corporation
----------
Key: S24EventMonitor
ImagePath: C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
987136 bytes
Created: 25.07.2007 17:29
Modified: 25.07.2007 17:29
Company: Intel Corporation
----------
Key: sprtsvc_dellsupportcenter
ImagePath: C:\Programme\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter
C:\Programme\Dell Support Center\bin\sprtsvc.exe
201968 bytes
Created: 14.08.2008 01:04
Modified: 14.08.2008 01:04
Company: SupportSoft, Inc.
----------
Key: stllssvr
ImagePath: "C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe"
C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe
-R- 69632 bytes
Created: 11.07.2007 09:33
Modified: 11.07.2007 09:33
Company: MicroVision Development, Inc.
----------
Key: SwPrv
ImagePath: C:\WINDOWS\system32\dllhost.exe /Processid:{CD5BB325-1698-4C3A-8782-0923E72A4E6B}
C:\WINDOWS\system32\dllhost.exe
5120 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
----------
Key: tosporte
ImagePath: system32\DRIVERS\tosporte.sys
C:\WINDOWS\system32\DRIVERS\tosporte.sys
41600 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation
----------
Key: tosrfbd
ImagePath: system32\DRIVERS\tosrfbd.sys
C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
113920 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA CORPORATION
----------
Key: tosrfbnp
ImagePath: System32\Drivers\tosrfbnp.sys
C:\WINDOWS\System32\Drivers\tosrfbnp.sys
36480 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation
----------
Key: Tosrfcom
ImagePath: System32\Drivers\tosrfcom.sys
C:\WINDOWS\System32\Drivers\tosrfcom.sys
64896 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation
----------
Key: Tosrfhid
ImagePath: system32\DRIVERS\Tosrfhid.sys
C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
73600 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation.
----------
Key: tosrfnds
ImagePath: system32\DRIVERS\tosrfnds.sys
C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
18612 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA Corporation.
----------
Key: Tosrfusb
ImagePath: system32\DRIVERS\tosrfusb.sys
C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
41856 bytes
Created: 22.10.2008 02:29
Modified: 26.04.2007 23:29
Company: TOSHIBA CORPORATION
----------
Key: usbvideo
ImagePath: System32\Drivers\usbvideo.sys
C:\WINDOWS\System32\Drivers\usbvideo.sys
121984 bytes
Created: 22.10.2008 15:18
Modified: 14.04.2008 14:16
Company: Microsoft Corporation
----------
Key: usnjsvc
ImagePath: "C:\Programme\Windows Live\Messenger\usnsvc.exe"
C:\Programme\Windows Live\Messenger\usnsvc.exe
98328 bytes
Created: 18.10.2007 12:31
Modified: 18.10.2007 12:31
Company: Microsoft Corporation
----------
Key: vsdatant
ImagePath: \??\C:\WINDOWS\system32\vsdatant.sys
C:\WINDOWS\system32\vsdatant.sys - [file not found to scan]
----------
Key: vToolbarUpdater10.2.0
ImagePath: C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
918880 bytes
Created: 31.03.2012 18:17
Modified: 31.03.2012 18:17
Company:
----------
Key: WLANKEEPER
ImagePath: C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
294912 bytes
Created: 25.07.2007 17:32
Modified: 25.07.2007 17:32
Company: Intel(R) Corporation
----------
Key: WLSetupSvc
ImagePath: "C:\Programme\Windows Live\installer\WLSetupSvc.exe"
C:\Programme\Windows Live\installer\WLSetupSvc.exe
266240 bytes
Created: 25.10.2007 16:27
Modified: 25.10.2007 16:27
Company: Microsoft Corporation
----------
Key: WpdUsb
ImagePath: System32\Drivers\wpdusb.sys
C:\WINDOWS\System32\Drivers\wpdusb.sys
18944 bytes
Created: 28.01.2005 14:44
Modified: 28.01.2005 02:36
Company: Microsoft Corporation
----------

************************************************************
10:05:50: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:

************************************************************
10:05:50: Scanning ----- WINLOGON\NOTIFY DLLS -----

************************************************************
10:05:51: Scanning ----- CONTEXTMENUHANDLERS -----
Key: AVG Shell Extension
CLSID: {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
Path: C:\Programme\AVG\AVG2012\avgse.dll
C:\Programme\AVG\AVG2012\avgse.dll
156512 bytes
Created: 02.08.2011 07:08
Modified: 02.08.2011 07:08
Company: AVG Technologies CZ, s.r.o.
----------
Key: LavasoftShellExt
CLSID: {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}
Path: C:\Programme\Lavasoft\Ad-Aware\ShellExt.dll
C:\Programme\Lavasoft\Ad-Aware\ShellExt.dll
493344 bytes
Created: 28.10.2011 20:35
Modified: 14.05.2012 18:12
Company: Lavasoft Limited
----------
Key: Notepad++
CLSID: {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}
File: [CLSID does not appear to reference a file]
----------

************************************************************
10:05:52: Scanning ----- FOLDER\COLUMNHANDLERS -----
Key: {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
File: C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
420864 bytes
Created: 17.01.2011 17:19
Modified: 17.01.2011 17:19
Company: OpenOffice.org
----------
Key: {F9DB5320-233E-11D1-9F84-707F02C10627}
File: C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
378264 bytes
Created: 26.03.2012 17:52
Modified: 26.03.2012 17:52
Company: Adobe Systems, Inc.
----------

************************************************************
10:05:53: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
BHO: C:\Programme\AVG\AVG2012\avgssie.dll
C:\Programme\AVG\AVG2012\avgssie.dll
1378144 bytes
Created: 11.11.2011 03:29
Modified: 11.11.2011 03:29
Company: AVG Technologies CZ, s.r.o.
----------
Key: {95B7759C-8C7F-4BF1-B163-73684A933233}
BHO: C:\Programme\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
C:\Programme\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
1869152 bytes
Created: 31.03.2012 18:17
Modified: 31.03.2012 18:17
Company:
----------
Key: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
BHO: C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
3834016 bytes
Created: 10.10.2011 12:09
Modified: 10.10.2011 12:09
Company: Skype Technologies S.A.
----------
Key: {B4F3A835-0E21-4959-BA22-42B3008E02FF}
BHO: C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
561552 bytes
Created: 21.12.2010 02:05
Modified: 21.12.2010 02:05
Company: Microsoft Corporation
----------

************************************************************
10:05:55: Scanning ----- SHELLSERVICEOBJECTS -----

************************************************************
10:05:55: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----

************************************************************
10:05:55: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
10:05:55: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank or does not exist

************************************************************
10:05:55: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
10:05:56: Scanning ------ COMMON STARTUP GROUP ------
[C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart]
The Common Startup Group attempts to load the following file(s) at boot time:
Bluetooth Manager.lnk - links to C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe
2150400 bytes
Created: 11.01.2007 21:43
Modified: 11.01.2007 21:43
Company: TOSHIBA CORPORATION.
--------------------
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-HS- 84 bytes
Created: 25.04.2008 03:52
Modified: 25.04.2008 17:00
Company: [no info]
--------------------

************************************************************
No User Startup Groups were located to check

************************************************************
10:05:57: Scanning ----- SCHEDULED TASKS -----
Taskname: Ad-Aware Update (Weekly)
File: C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
1743288 bytes
Created: 28.10.2011 20:35
Modified: 14.05.2012 18:12
Company: Lavasoft Limited
Parameters: update all silent repair
Schedule: Um 13:18 wöchentlich jeden Mo, Do, ab dem 12.03.2012
Next Run Time: 07.06.2012 13:18:00
Status: Has not run
Creator: SYSTEM
Comments: This will perform a scheduled update with Ad-Aware
----------
Taskname: Adobe Flash Player Updater
File: C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
257696 bytes
Created: 01.04.2012 11:50
Modified: 05.05.2012 11:35
Company: Adobe Systems Incorporated
Schedule: Alle 1 Stunde(n) ab 01:35. Dauer: 24 Stunde(n) täglich, ab dem 01.01.2000
Next Run Time: 05.06.2012 10:35:00
Status: Ready
Creator: Adobe Systems Incorporated
Comments: Mit diesem Task ist Ihre Flash Player-Installation immer aktuell und verwendet die neuesten Verbesserungen und Sicherheits-Fixes. Wenn dieser Task deaktiviert oder entfernt wird, kann Adobe Flash Player Ihren Computer nicht automatisch mit den neuesten Sicherheits-Fixes sichern.
----------

************************************************************
10:05:58: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
10:05:58: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: msacm.voxacm160
File: vct3216.acm
C:\WINDOWS\system32\vct3216.acm
82944 bytes
Created: 26.10.2008 17:32
Modified: 22.05.2003 01:50
Company: Voxware, Inc.
----------
Value: msacm.alf2cd
File: alf2cd.acm
C:\WINDOWS\system32\alf2cd.acm
38912 bytes
Created: 26.10.2008 17:32
Modified: 22.05.2003 01:50
Company: NCT Company
----------
Value: msacm.ac3acm
File: AC3ACM.acm
C:\WINDOWS\system32\AC3ACM.acm
81920 bytes
Created: 26.10.2008 17:32
Modified: 04.02.2004 23:11
Company: fccHandler
----------
Value: vidc.dvsd
File: mcdvd_32.dll
C:\WINDOWS\system32\mcdvd_32.dll
261632 bytes
Created: 26.10.2008 17:32
Modified: 27.09.2007 16:22
Company: MainConcept
----------
Value: vidc.VP60
File: C:\WINDOWS\system32\vp6vfw.dll
C:\WINDOWS\system32\vp6vfw.dll
-R- 442368 bytes
Created: 14.12.2010 21:30
Modified: 26.02.2005 07:34
Company: On2.com
----------
Value: vidc.VP61
File: C:\WINDOWS\system32\vp6vfw.dll
C:\WINDOWS\system32\vp6vfw.dll - file already scanned
----------

************************************************************
10:06:00: ----- ADDITIONAL CHECKS -----
PE386 rootkit checks completed
----------
Winlogon registry rootkit checks completed
----------
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper entry is blank
----------
Web Desktop Wallpaper entry is blank
----------
DNS Server information:
Interface:
NameServers: 192.168.1.10 192.168.1.130
Checks for rogue DNS NameServers completed
----------
Additional checks completed

************************************************************
10:06:01: Scanning ----- RUNNING PROCESSES -----

C:\WINDOWS\System32\smss.exe
50688 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
[1 loaded module]
--------------------
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
743264 bytes
Created: 08.09.2011 21:53
Modified: 08.09.2011 21:53
Company: AVG Technologies CZ, s.r.o.
[8 loaded modules in total]
--------------------
C:\WINDOWS\system32\csrss.exe
6144 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
[13 loaded modules in total]
--------------------
C:\WINDOWS\system32\winlogon.exe
513024 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
[69 loaded modules in total]
--------------------
C:\WINDOWS\system32\services.exe
111104 bytes
Created: 25.04.2008 11:45
Modified: 09.02.2009 13:21
Company: Microsoft Corporation
[25 loaded modules in total]
--------------------
C:\WINDOWS\system32\lsass.exe
13312 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
[56 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
14336 bytes
Created: 25.04.2008 11:46
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
[47 loaded modules in total]
--------------------
[37 loaded modules in total]
[163 loaded modules in total]
[59 loaded modules in total]
[39 loaded modules in total]
[36 loaded modules in total]
[94 loaded modules in total]
C:\WINDOWS\system32\spoolsv.exe
58880 bytes
Created: 25.04.2008 11:45
Modified: 17.08.2010 15:17
Company: Microsoft Corporation
[60 loaded modules in total]
--------------------
[69 loaded modules in total]
C:\Programme\Java\jre6\bin\jqs.exe
153376 bytes
Created: 04.06.2012 09:07
Modified: 04.06.2012 09:07
Company: Sun Microsystems, Inc.
[75 loaded modules in total]
--------------------
[22 loaded modules in total]
C:\Programme\Dell Support Center\bin\sprtsvc.exe
201968 bytes
Created: 14.08.2008 01:04
Modified: 14.08.2008 01:04
Company: SupportSoft, Inc.
[52 loaded modules in total]
--------------------
[39 loaded modules in total]
C:\WINDOWS\system32\wdfmgr.exe
38912 bytes
Created: 28.01.2005 14:44
Modified: 28.01.2005 02:36
Company: Microsoft Corporation
[13 loaded modules in total]
--------------------
[23 loaded modules in total]
[79 loaded modules in total]
C:\Programme\AVG\AVG2012\avgnsx.exe
1229664 bytes
Created: 28.11.2011 02:19
Modified: 28.11.2011 02:19
Company: AVG Technologies CZ, s.r.o.
[30 loaded modules in total]
--------------------
C:\Programme\AVG\AVG2012\avgemcx.exe
973664 bytes
Created: 10.10.2011 07:23
Modified: 10.10.2011 07:23
Company: AVG Technologies CZ, s.r.o.
[22 loaded modules in total]
--------------------
C:\WINDOWS\system32\wbem\unsecapp.exe
16896 bytes
Created: 25.04.2008 16:57
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
[34 loaded modules in total]
--------------------
C:\WINDOWS\System32\alg.exe
44544 bytes
Created: 25.04.2008 11:45
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
[31 loaded modules in total]
--------------------
C:\WINDOWS\system32\wbem\wmiprvse.exe
227840 bytes
Created: 25.04.2008 16:56
Modified: 06.02.2009 12:10
Company: Microsoft Corporation
[40 loaded modules in total]
--------------------
C:\WINDOWS\system32\wbem\wmiapsrv.exe
126464 bytes
Created: 25.04.2008 16:56
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
[43 loaded modules in total]
--------------------
[112 loaded modules in total]
[29 loaded modules in total]
[55 loaded modules in total]
C:\Programme\DellTPad\ApMsgFwd.exe
50736 bytes
Created: 22.10.2008 11:14
Modified: 21.02.2008 23:24
Company: Alps Electric Co., Ltd.
[12 loaded modules in total]
--------------------
C:\Programme\DellTPad\HidFind.exe
40960 bytes
Created: 22.10.2008 11:14
Modified: 21.02.2008 23:25
Company: Alps Electric Co., Ltd.
[16 loaded modules in total]
--------------------
C:\Programme\DellTPad\Apntex.exe
49152 bytes
Created: 22.10.2008 11:14
Modified: 21.02.2008 23:24
Company: Alps Electric Co., Ltd.
[17 loaded modules in total]
--------------------
[30 loaded modules in total]
[19 loaded modules in total]
[22 loaded modules in total]
[21 loaded modules in total]
[41 loaded modules in total]
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
1191728 bytes
Created: 28.10.2011 20:35
Modified: 14.05.2012 18:12
Company: Lavasoft Limited
[19 loaded modules in total]
--------------------
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
2150400 bytes
Created: 11.01.2007 21:43
Modified: 11.01.2007 21:43
Company: TOSHIBA CORPORATION.
[41 loaded modules in total]
--------------------
C:\Programme\OpenOffice.org 3\program\soffice.exe
11322880 bytes
Created: 17.01.2011 19:50
Modified: 17.01.2011 19:50
Company: OpenOffice.org
[14 loaded modules in total]
--------------------
C:\Programme\OpenOffice.org 3\program\soffice.bin
11314688 bytes
Created: 17.01.2011 19:50
Modified: 17.01.2011 19:50
Company: OpenOffice.org
[79 loaded modules in total]
--------------------
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
278528 bytes
Created: 18.12.2006 16:22
Modified: 18.12.2006 16:22
Company: TOSHIBA CORPORATION.
[21 loaded modules in total]
--------------------
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
69632 bytes
Created: 24.01.2006 00:14
Modified: 24.01.2006 00:14
Company: TOSHIBA CORPORATION.
[10 loaded modules in total]
--------------------
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
270336 bytes
Created: 27.10.2006 21:13
Modified: 27.10.2006 21:13
Company: TOSHIBA CORPORATION.
[27 loaded modules in total]
--------------------
C:\Programme\Outlook Express\msimn.exe
60416 bytes
Created: 25.04.2008 16:58
Modified: 14.04.2008 14:00
Company: Microsoft Corporation
[91 loaded modules in total]
--------------------
C:\Programme\AVG\AVG2012\avgcsrvx.exe
337760 bytes
Created: 15.08.2011 07:21
Modified: 15.08.2011 07:21
Company: AVG Technologies CZ, s.r.o.
[7 loaded modules in total]
--------------------
[7 loaded modules in total]
C:\WINDOWS\system32\wuauclt.exe
53472 bytes
Created: 25.04.2008 16:58
Modified: 06.08.2009 20:24
Company: Microsoft Corporation
[34 loaded modules in total]
--------------------
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Simply Super Software\Trojan Remover\syrE7.exe
FileSize: 4746488
[This is a Trojan Remover component]
[23 loaded modules in total]
--------------------

************************************************************
10:08:08: Checking HOSTS file
No HOSTS file found to check

************************************************************
10:08:08: Scanning ------ %TEMP% DIRECTORY ------
************************************************************
10:08:25: Scanning ------ C:\WINDOWS\Temp DIRECTORY ------
************************************************************
10:08:29: Scanning ------ ROOT DIRECTORY ------

************************************************************
10:08:30: ------ Scan for other files to remove ------
No malware-related files found to remove

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
Dell Offizielle Seite | Dell Deutschland
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
Dell Offizielle Seite | Dell Deutschland
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
Dell-Suchseite
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
Personalisierte Startseite
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\WINDOWS\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
Dell-Suchseite
HKCU\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
Personalisierte Startseite

************************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
=== ONE OR MORE FILES WERE RENAMED OR REMOVED ===
Scan completed at: 10:08:30 05 Jun 2012
Total Scan time: 00:06:57
-------------------------------------------------------------------------
Trojan Remover needs to restart the system to complete operations
05.06.2012 10:08:38: restart commenced
************************************************************
__________________

Alt 25.06.2012, 10:58   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Bitte erstmal routinemäßig einen neuen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         

Alt 26.06.2012, 01:46   #5
ratsuchend
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Ok danke erstmal für die schnelle Antwort und ausführliche Beschreibung der Schritte, die ich noch machen muss.
Hier der Log vom Malwarebyte:


Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.06.25.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Anne :: HANNSEN [Administrator]

25.06.2012 18:34:58
mbam-log-2012-06-25 (18-34-58).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 317860
Laufzeit: 5 Stunde(n), 29 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\WINDOWS\system32\xmldm (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 5
C:\System Volume Information\_restore{D9FA3B3D-319C-4796-896B-52C04E52EBC8}\RP518\A0102339.exe (PUP.Passwordtool.Cain) -> Keine Aktion durchgeführt.
C:\System Volume Information\_restore{D9FA3B3D-319C-4796-896B-52C04E52EBC8}\RP518\A0102340.exe (PUP.PasswordTool.Hydra) -> Keine Aktion durchgeführt.
C:\System Volume Information\_restore{D9FA3B3D-319C-4796-896B-52C04E52EBC8}\RP518\A0102347.exe (PUP.PasswordTool.Hydra) -> Keine Aktion durchgeführt.
C:\WINDOWS\system32\xmldm\msimn.exe_UAs001.dat (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\WINDOWS\system32\xmldm\serial.dbg (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Und hier der Eset Online Scan Logbericht:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c137d765e2b09449a4c25865f079cf44
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-26 07:56:13
# local_time=2012-06-26 09:56:13 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1024 16777191 100 0 14731565 14731565 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=74426
# found=2
# cleaned=0
# scan_time=25371
C:\Dokumente und Einstellungen\Anne\Eigene Dateien\Downloads\PDFCreator-1_2_3_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\Programme\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe	Win32/Toolbar.Widgi application (unable to clean)
         
Zitat:
Zitat von ratsuchend Beitrag anzeigen
Ok danke erstmal für die schnelle Antwort und ausführliche Beschreibung der Schritte, die ich noch machen muss.
Hier der Log vom Malwarebyte:


Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.06.25.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Anne :: HANNSEN [Administrator]

25.06.2012 18:34:58
mbam-log-2012-06-25 (18-34-58).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 317860
Laufzeit: 5 Stunde(n), 29 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\WINDOWS\system32\xmldm (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 5
C:\System Volume Information\_restore{D9FA3B3D-319C-4796-896B-52C04E52EBC8}\RP518\A0102339.exe (PUP.Passwordtool.Cain) -> Keine Aktion durchgeführt.
C:\System Volume Information\_restore{D9FA3B3D-319C-4796-896B-52C04E52EBC8}\RP518\A0102340.exe (PUP.PasswordTool.Hydra) -> Keine Aktion durchgeführt.
C:\System Volume Information\_restore{D9FA3B3D-319C-4796-896B-52C04E52EBC8}\RP518\A0102347.exe (PUP.PasswordTool.Hydra) -> Keine Aktion durchgeführt.
C:\WINDOWS\system32\xmldm\msimn.exe_UAs001.dat (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\WINDOWS\system32\xmldm\serial.dbg (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Und hier der Eset Online Scan Logbericht:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c137d765e2b09449a4c25865f079cf44
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-26 07:56:13
# local_time=2012-06-26 09:56:13 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1024 16777191 100 0 14731565 14731565 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=74426
# found=2
# cleaned=0
# scan_time=25371
C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\PDFCreator-1_2_3_setup.exe	Win32/Toolbar.Widgi application (unable to clean)	00000000000000000000000000000000	I
C:\Programme\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe	Win32/Toolbar.Widgi application (unable to clean)
         
Freundliche Grüße


Geändert von ratsuchend (26.06.2012 um 01:52 Uhr)

Alt 26.06.2012, 11:46   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Zitat:
Keine Aktion durchgeführt.
-> No action taken.
Alle Funde müssen mit Malwarebytes entfernt waren! Bitte nachholen falls noch nicht getan!
__________________
--> PC plötzlich verlangsamt

Alt 26.06.2012, 17:22   #7
ratsuchend
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Bin mir nicht sicher, ob ich das richtig verstehe.

Also ich hab bei Malwarebytes in der Quarantäne 2 mal "Trojan.Banker" und 3 mal "Stolen.Data". Ich dachte, in der Quarantäne soll ich erstmal nichts löschen oder doch?

Alt 26.06.2012, 18:16   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Von aus der Quarantäne also endültig löschen war auch garnicht die Rede!
Es geht darum, dass man in deinem Malwarebytes Logfile sieht, dass manche Einträge in die Quarantäne verschoben worden und manche nicht!

Alt 27.06.2012, 14:49   #9
ratsuchend
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



ok, mein PC ist zur Zeit super langsam (ja einer der Gründe, warum ich hier schreibe) und daher musst ich Malwarebites über 6 Stunden laufen lassen.
Hier der Log, jetzt ist wohl alles Gefundene in Quarantäne. Ich hatte anscheinend letztes mal einige Häkchen vergessen.

Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.26.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Anne :: HANNSEN [Administrator]

27.06.2012 09:00:30
mbam-log-2012-06-27 (09-00-30).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 312882
Laufzeit: 6 Stunde(n), 43 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\System Volume Information\_restore{D9FA3B3D-319C-4796-896B-52C04E52EBC8}\RP518\A0102339.exe (PUP.Passwordtool.Cain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\System Volume Information\_restore{D9FA3B3D-319C-4796-896B-52C04E52EBC8}\RP518\A0102340.exe (PUP.PasswordTool.Hydra) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\System Volume Information\_restore{D9FA3B3D-319C-4796-896B-52C04E52EBC8}\RP518\A0102347.exe (PUP.PasswordTool.Hydra) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Alt 28.06.2012, 09:42   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Alt 28.06.2012, 17:44   #11
ratsuchend
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



hier ist OTL.txt. Brauchst du auch noch Extras.Txt? (ist auch erschienen)

Code:
ATTFilter
OTL logfile created on: 28.06.2012 18:13:24 - Run 1
OTL by OldTimer - Version 3.2.53.0     Folder = C:\Dokumente und Einstellungen\Anne\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,34 Gb Available Physical Memory | 67,27% Memory free
3,84 Gb Paging File | 3,32 Gb Available in Paging File | 86,46% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 148,95 Gb Total Space | 58,82 Gb Free Space | 39,49% Space Free | Partition Type: NTFS
 
Computer Name: HANNSEN | User Name: Anne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.28 18:09:54 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.06.13 16:59:17 | 000,935,480 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012.06.13 16:59:13 | 001,104,440 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
PRC - [2012.06.12 16:35:04 | 006,029,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgmfapx.exe
PRC - [2012.04.19 04:51:54 | 001,254,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgnsx.exe
PRC - [2012.04.05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgtray.exe
PRC - [2012.03.19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgemcx.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe
PRC - [2012.02.14 04:53:14 | 000,758,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgrsx.exe
PRC - [2012.02.14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgcsrvx.exe
PRC - [2012.01.18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2012.01.13 19:18:07 | 000,527,312 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2012.01.13 19:17:40 | 000,476,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2009.05.21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtcmd.exe
PRC - [2008.08.14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtsvc.exe
PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.02.21 23:25:06 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe
PRC - [2008.02.21 23:24:56 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe
PRC - [2008.02.21 23:24:54 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe
PRC - [2008.02.21 23:24:54 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe
PRC - [2007.08.30 11:50:42 | 000,205,480 | ---- | M] (Macrovision Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe
PRC - [2007.07.25 17:32:34 | 000,294,912 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007.01.11 21:43:46 | 002,150,400 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2006.12.18 16:22:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006.10.27 21:13:48 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2006.01.24 00:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.13 16:59:19 | 000,132,664 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012.06.13 16:59:17 | 000,935,480 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
MOD - [2012.06.13 16:59:13 | 001,104,440 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
MOD - [2012.05.11 03:17:45 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 03:17:28 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 03:17:06 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2007.07.25 17:25:48 | 000,118,784 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005.07.22 22:30:20 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\TosCommAPI.dll
MOD - [2004.07.20 18:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
MOD - [2001.10.28 18:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.06.23 12:26:52 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.19 20:04:11 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.13 16:59:17 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012.06.07 13:30:15 | 002,152,720 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012.04.30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012.01.13 19:17:40 | 000,476,112 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2010.01.09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.04.06 05:07:00 | 002,784,285 | ---- | M] (INCA Internet Co., Ltd.) [Disabled | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2008.08.27 02:39:38 | 000,071,512 | ---- | M] (O2Micro International) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\o2flash.exe -- (O2FLASH)
SRV - [2008.08.14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Programme\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007.07.25 17:32:34 | 000,294,912 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2007.07.11 09:33:28 | 000,069,632 | R--- | M] (MicroVision Development, Inc.) [Disabled | Stopped] -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe -- (stllssvr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.04.19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.03.19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.02.22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.01.31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012.01.13 19:08:23 | 000,023,464 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2012.01.13 19:07:30 | 000,057,000 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsmux.sys -- (acsmux)
DRV - [2012.01.13 19:07:30 | 000,038,440 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsint.sys -- (acsint)
DRV - [2011.12.23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.12.23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.12.23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011.12.23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011.10.28 20:35:28 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2011.10.28 20:35:26 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2009.10.26 06:47:00 | 004,221,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008.08.27 02:39:48 | 000,043,608 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2008.08.27 02:39:42 | 000,051,288 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008.07.16 23:32:12 | 000,235,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM13Vid.sys -- (OEM13Vid)
DRV - [2008.07.16 23:32:10 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM13Vfx.sys -- (OEM13Vfx)
DRV - [2008.07.16 23:32:00 | 000,141,376 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OEM13Afx.sys -- (OEM13Afx)
DRV - [2008.02.22 02:28:14 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.02.21 23:24:52 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.02.21 23:21:58 | 004,625,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.08.13 03:05:34 | 002,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007.07.23 16:05:18 | 000,009,104 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLADResM.SYS -- (DLADResM)
DRV - [2007.07.23 16:04:58 | 000,037,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007.07.23 16:04:56 | 000,098,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007.07.23 16:04:56 | 000,093,552 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007.07.23 16:04:54 | 000,027,216 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007.07.23 16:04:52 | 000,032,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007.07.23 16:04:52 | 000,016,304 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007.07.23 16:04:50 | 000,108,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007.07.23 15:49:44 | 000,030,064 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007.07.23 15:49:44 | 000,014,576 | ---- | M] (Roxio) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS.vir -- (DLACDBHM)
DRV - [2007.05.29 16:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007.04.26 23:29:30 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.04.26 23:29:28 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007.04.26 23:29:28 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.04.26 23:29:28 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2007.04.26 23:29:26 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007.04.26 23:29:26 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.04.26 23:29:24 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2007.01.18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005.08.12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=4081022
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.de/hws/sb/dell-row/de/side.html?channel=de-smb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=4081022
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=4081022
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=4081022
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=4081022
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=4081022
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=4081022
IE - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.de/hws/sb/dell-row/de/side.html?channel=de-smb
IE - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de/hws/sb/dell-row/de/side.html?channel=de-smb
IE - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=4081022
IE - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\..\SearchScopes\{35323DAD-6B1A-4E3A-9A3C-442B62944124}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={2CC8BFA2-3AAD-47B2-96E6-144B48B86399}&mid=ea5eea5e6f4d47d194ded16836437a0a-b602d594afd2b0b327e07a06f36ca6a7e42546d0&lang=de&ds=AVG&pr=fr&d=2012-06-06 21:43:33&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Dokumente und Einstellungen\Line\Anwendungsdaten\Move Networks\plugins\071802000001\npqmp071802000001.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programme\AVG\AVG2012\Firefox4\ [2012.06.12 16:41:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\11.1.0.7\ [2012.06.13 16:59:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Programme\AVG\AVG2012\Firefox\DoNotTrack\ [2012.06.06 21:41:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.06.19 20:04:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.23 20:00:52 | 000,000,000 | ---D | M]
 
[2012.01.07 14:36:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Mozilla\Extensions
[2012.06.16 14:22:05 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Mozilla\Firefox\Profiles\z8eb27xd.default\extensions
[2012.06.19 20:05:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.01.21 14:28:12 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.13 16:59:32 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\AVG SECURE SEARCH\11.1.0.7
[2012.06.06 21:41:12 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAMME\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012.06.19 20:04:14 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll
[2012.06.19 20:03:58 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.13 16:59:09 | 000,003,766 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.06.19 20:03:58 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.19 20:03:58 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.19 20:03:58 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.19 20:03:58 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.19 20:03:58 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.06.25 12:48:58 | 000,000,043 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 131.220.224.202	unibn-vpn.uni-bonn.de
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programme\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Programme\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Programme\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Programme\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [vProt] C:\Programme\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-519679788-2892203428-1993165830-1006..\Run: [ISUSPM] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-519679788-2892203428-1993165830-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225030740633 (WUWebControl Class)
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} hxxp://www.acclaim.com/cabs/acclaim_v5.cab (GameLauncher Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.130 192.168.1.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{475C73E2-E40C-41A0-9F82-E58AF5EAD24D}: NameServer = 192.168.1.10 192.168.1.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2EC93FA-6BEA-48D3-9235-54C5D7FDDC93}: DhcpNameServer = 192.168.1.130 192.168.1.10
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.25 17:00:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "WLSetupSvc"
MsConfig - Services: "usnjsvc"
MsConfig - Services: "stllssvr"
MsConfig - Services: "O2FLASH"
MsConfig - Services: "npggsvc"
MsConfig - Services: "Lavasoft Ad-Aware Service"
MsConfig - Services: "gusvc"
MsConfig - Services: "GoogleDesktopManager-010708-104812"
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Audible Download Manager.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= -  File not found
MsConfig - StartUpReg: Dell QuickSet - hkey= - key= - C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
MsConfig - StartUpReg: DellSupportCenter - hkey= - key= - C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
MsConfig - StartUpReg: dscactivate - hkey= - key= - C:\Programme\Dell Support Center\gs_agent\custom\dsca.exe ( )
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= -  File not found
MsConfig - StartUpReg: HotKeysCmds - hkey= - key= -  File not found
MsConfig - StartUpReg: IgfxTray - hkey= - key= -  File not found
MsConfig - StartUpReg: IntelWireless - hkey= - key= - C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
MsConfig - StartUpReg: IntelZeroConfig - hkey= - key= - C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
MsConfig - StartUpReg: ISUSPM - hkey= - key= - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
MsConfig - StartUpReg: OEM13Mon.exe - hkey= - key= - C:\WINDOWS\OEM13Mon.exe (Creative Technology Ltd.)
MsConfig - StartUpReg: PDVDDXSrv - hkey= - key= -  File not found
MsConfig - StartUpReg: Persistence - hkey= - key= -  File not found
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= -  File not found
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.5.1
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.5.1
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - 
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.27 01:50:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Desktop\mail
[2012.06.26 02:49:47 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.06.25 18:30:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Malwarebytes
[2012.06.25 18:29:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.06.25 18:29:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.06.25 18:29:13 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.06.25 18:29:12 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.06.25 12:46:46 | 000,057,000 | R--- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\drivers\acsmux.sys
[2012.06.25 12:46:39 | 000,038,440 | R--- | C] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\drivers\acsint.sys
[2012.06.25 12:46:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Cisco
[2012.06.25 12:44:56 | 000,000,000 | ---D | C] -- C:\Programme\Cisco
[2012.06.25 12:44:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Lokale Einstellungen\Anwendungsdaten\Cisco
[2012.06.25 12:43:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Cisco
[2012.06.16 17:03:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Desktop\KliChi
[2012.06.16 16:45:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Desktop\Patho
[2012.06.16 14:25:40 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.06.16 14:25:40 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.14 22:50:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Desktop\hayes
[2012.06.14 22:33:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Desktop\präklinische dokus
[2012.06.14 12:15:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Desktop\Cisco
[2012.06.12 19:36:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Desktop\temporary
[2012.06.12 19:26:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Desktop\Hub
[2012.06.12 16:41:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
[2012.06.06 21:43:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Lokale Einstellungen\Anwendungsdaten\AVG Secure Search
[2012.06.06 21:43:19 | 000,000,000 | ---D | C] -- C:\Programme\AVG Secure Search
[2012.06.05 10:00:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Eigene Dateien\Simply Super Software
[2012.06.05 10:00:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Trojan Remover
[2012.06.05 10:00:20 | 000,598,528 | ---- | C] (Igor Pavlov) -- C:\WINDOWS\System32\ztv7z.dll
[2012.06.05 10:00:20 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
[2012.06.05 10:00:18 | 000,000,000 | ---D | C] -- C:\Programme\Trojan Remover
[2012.06.05 10:00:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Simply Super Software
[2012.06.05 10:00:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software
[2012.06.04 09:13:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.06.04 09:07:58 | 000,476,960 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012.06.04 09:07:58 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.06.04 09:07:58 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012.06.04 09:07:57 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.06.04 09:07:57 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012.06.04 09:07:05 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2012.06.03 23:33:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ad-Aware Antivirus
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Anne\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Anne\Eigene Dateien\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.28 18:14:14 | 100,776,178 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012.06.28 18:12:17 | 000,176,906 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012.06.28 17:26:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.06.28 15:16:22 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.06.28 15:16:07 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012.06.28 15:16:07 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012.06.28 09:05:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.28 09:01:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.28 09:01:00 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.27 08:06:40 | 000,019,012 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\wklnhst.dat
[2012.06.27 01:50:16 | 000,024,868 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\Dapagliflozin Ratten w.ods
[2012.06.27 01:50:13 | 000,025,310 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\Dapagliflozin Ratten m.ods
[2012.06.27 01:50:10 | 000,024,834 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\Dapagliflozin Mäuse W.ods
[2012.06.27 01:33:51 | 000,010,210 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\Abkürzungen.ods
[2012.06.27 01:32:03 | 000,024,262 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\Dapagliflozin Mäuse M.ods
[2012.06.26 23:31:33 | 000,025,317 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\Dapagliflozin Mäuse M2.ods
[2012.06.25 18:29:30 | 000,000,758 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.25 12:48:58 | 000,000,043 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.06.24 23:27:20 | 000,082,717 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Abrissflyer_its_too_dangerous-chef.jpg
[2012.06.24 19:53:46 | 000,017,913 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Entwurf Tabelle.ods
[2012.06.23 12:26:51 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.06.23 12:26:49 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.06.21 08:58:44 | 001,250,944 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\Excel.pdf
[2012.06.21 00:12:29 | 000,040,565 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\chic-surface-piercing-on-eyebrow_49.jpg
[2012.06.20 17:44:34 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.06.19 21:55:42 | 000,000,110 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\vor.URL
[2012.06.15 00:31:41 | 000,312,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.15 00:12:54 | 000,497,612 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.15 00:12:54 | 000,473,746 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.15 00:12:54 | 000,101,836 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.15 00:12:54 | 000,085,140 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.15 00:04:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.06.14 09:27:59 | 001,239,254 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\bb2.pdf
[2012.06.14 09:27:49 | 001,606,981 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\bb1.pdf
[2012.06.07 16:48:30 | 000,025,600 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.04 09:07:18 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.06.04 09:07:18 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.06.04 09:07:18 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012.06.04 09:07:18 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012.06.04 09:07:17 | 000,476,960 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012.06.04 09:07:17 | 000,472,864 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012.06.02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2012.06.02 15:19:38 | 000,329,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2012.06.02 15:19:38 | 000,219,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2012.06.02 15:19:38 | 000,210,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2012.06.02 15:19:38 | 000,015,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2012.06.02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2012.06.02 15:19:34 | 000,097,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2012.06.02 15:19:34 | 000,053,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2012.06.02 15:19:34 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2012.06.02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2012.06.02 15:19:34 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2012.06.02 15:19:28 | 000,023,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2012.06.02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2012.06.02 15:19:24 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2012.06.02 15:19:18 | 001,933,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2012.06.02 15:18:58 | 000,275,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012.06.02 15:18:58 | 000,018,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012.05.31 15:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.27 01:09:48 | 000,010,210 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Abkürzungen.ods
[2012.06.26 23:31:32 | 000,025,317 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Dapagliflozin Mäuse M2.ods
[2012.06.26 18:11:44 | 000,025,310 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Dapagliflozin Ratten m.ods
[2012.06.26 15:40:24 | 000,024,834 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Dapagliflozin Mäuse W.ods
[2012.06.26 13:22:47 | 000,024,262 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Dapagliflozin Mäuse M.ods
[2012.06.25 23:41:52 | 000,024,868 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Dapagliflozin Ratten w.ods
[2012.06.25 18:29:30 | 000,000,758 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.24 23:27:20 | 000,082,717 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Abrissflyer_its_too_dangerous-chef.jpg
[2012.06.21 19:21:04 | 000,017,913 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Entwurf Tabelle.ods
[2012.06.21 08:58:44 | 001,250,944 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Excel.pdf
[2012.06.21 00:12:29 | 000,040,565 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\chic-surface-piercing-on-eyebrow_49.jpg
[2012.06.19 21:55:42 | 000,000,110 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\vor.URL
[2012.06.16 14:25:47 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.06.14 09:27:59 | 001,239,254 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\bb2.pdf
[2012.06.14 09:27:49 | 001,606,981 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\bb1.pdf
[2012.06.05 10:00:20 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar39.dll
[2012.06.05 10:00:20 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2012.06.05 10:00:20 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2012.06.05 10:00:20 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2012.06.05 10:00:20 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2012.02.19 11:18:46 | 000,025,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.16 01:44:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.16 03:01:28 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.12.18 00:07:19 | 000,019,012 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\wklnhst.dat
[2011.12.07 20:12:02 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011.07.14 14:45:00 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.07.14 14:45:00 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009.04.17 18:40:35 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2008.10.27 16:20:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\SupportSoft
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.06.03 23:34:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Ad-Aware Antivirus
[2012.01.26 02:24:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Adobe
[2012.01.07 15:52:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\AVG Secure Search
[2012.01.07 16:06:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\AVG2012
[2011.12.13 23:44:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Creative
[2008.10.22 02:40:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\CyberLink
[2012.02.16 00:17:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Efzuew
[2008.04.25 17:04:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Identities
[2008.10.22 02:34:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InstallShield
[2008.10.22 02:29:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Intel
[2012.01.07 14:39:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia
[2012.06.25 18:30:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2012.02.19 11:26:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Media Player Classic
[2012.06.16 14:09:30 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft
[2012.01.07 14:36:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla
[2012.01.25 17:20:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenOffice.org
[2012.01.16 03:01:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\pdfforge
[2012.06.05 10:00:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Simply Super Software
[2012.05.25 13:18:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Skype
[2008.10.22 02:27:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Sun
[2012.02.16 00:22:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Veog
[2012.04.06 00:26:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Winamp
 
< %APPDATA%\*.exe /s >
[2012.02.24 16:22:54 | 004,746,488 | ---- | M] (Simply Super Software) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Simply Super Software\Trojan Remover\due82.exe
 
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
 
< MD5 for: AGP440.SYS  >
[2008.04.14 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 14:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
 
< MD5 for: ATAPI.SYS  >
[2008.04.14 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 14:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
 
< MD5 for: IASTOR.SYS  >
[2008.03.17 23:59:36 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\drivers\storage\R179638\iastor.sys
[2008.03.17 23:59:36 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\system32\drivers\iaStor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 14:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.04.14 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 14:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.04.14 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.04.25 04:50:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.04.25 04:50:48 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.04.25 04:50:48 | 000,446,464 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 146 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:CB0AACC9
@Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >
         

Alt 29.06.2012, 11:27   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Ja die Extras.txt wäre auch gut

Alt 01.07.2012, 14:57   #13
ratsuchend
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



ok hier noch das extras.txt (zum otl.txt)

Code:
ATTFilter
OTL Extras logfile created on: 28.06.2012 18:13:24 - Run 1
OTL by OldTimer - Version 3.2.53.0     Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,34 Gb Available Physical Memory | 67,27% Memory free
3,84 Gb Paging File | 3,32 Gb Available in Paging File | 86,46% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 148,95 Gb Total Space | 58,82 Gb Free Space | 39,49% Space Free | Partition Type: NTFS
 
Computer Name: HANNSEN | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-519679788-2892203428-1993165830-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Programme\Microsoft Office\Office14\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Programme\AVG\AVG2012\avgmfapx.exe" = C:\Programme\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG-Installationsprogramm -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG2012\avgnsx.exe" = C:\Programme\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG2012\avgdiagex.exe" = C:\Programme\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnose 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG2012\avgemcx.exe" = C:\Programme\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal eMail-Scanner -- (AVG Technologies CZ, s.r.o.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03440014-3975-4267-9F39-1DC4745090B7}" = Microsoft Encarta Enzyklopädie 2003
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{85BE320B-A37D-42DA-B9BE-20A40B6A05E3}" = Cisco AnyConnect Secure Mobility Client
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90140000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 14
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C6A09671-93A6-4548-9FAE-3BF21EB9C921}" = AVG 2012
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E43196CF-182A-4D9E-9CE7-69616DBEE3B0}" = Ad-Aware
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0 
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"AVG" = AVG 2012
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client 
"Creative OEM013" = Laptop Integrated Webcam Driver (1.01.01.0529)  
"DC++" = DC++ 0.782
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"ESET Online Scanner" = ESET Online Scanner v3
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Office14.SingleImage" = Microsoft Office Professional 2010
"ProInst" = Intel(R) PROSet/Wireless Software
"SearchAssist" = SearchAssist
"Shockwave" = Shockwave
"Trojan Remover_is1" = Trojan Remover 6.8.3
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Works2003Setup" = Microsoft Works 2003-Setup-Start
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-519679788-2892203428-1993165830-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.06.2012 23:26:06 | Computer Name = HANNSEN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
 fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
 
Error - 26.06.2012 05:43:00 | Computer Name = HANNSEN | Source = Microsoft Office 10 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Word.
 
Error - 26.06.2012 06:26:01 | Computer Name = HANNSEN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung , Version 0.0.0.0, fehlgeschlagenes Modul
 unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
 
Error - 26.06.2012 19:37:56 | Computer Name = HANNSEN | Source = Microsoft Office 10 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Word.
 
Error - 27.06.2012 02:26:02 | Computer Name = HANNSEN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
 fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
 
Error - 27.06.2012 06:26:09 | Computer Name = HANNSEN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
 fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
 
Error - 27.06.2012 08:26:06 | Computer Name = HANNSEN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
 fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
 
Error - 28.06.2012 05:26:02 | Computer Name = HANNSEN | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung FlashPlayerUpdateService.exe, Version 11.3.300.262,
 fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000113c0.
 
Error - 28.06.2012 09:16:21 | Computer Name = HANNSEN | Source = Lavasoft Ad-Aware Service | ID = 0
Description = 
 
Error - 28.06.2012 12:11:48 | Computer Name = HANNSEN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.53.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 28.06.2012 03:06:12 | Computer Name = HANNSEN | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 376 Invoked
 Function: IRunnable::Run Return Code: -32047093 (0xFE17000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE

 
Error - 28.06.2012 03:08:16 | Computer Name = HANNSEN | Source = acvpnagent | ID = 67108866
Description = Function: CTlsTransport::OnTransportInitiateComplete File: .\IP\TlsTransport.cpp
Line:
 357 Invoked Function: ISocketTransportCB::OnTransportInitiateComplete Return Code:
 -31522780 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 28.06.2012 03:08:16 | Computer Name = HANNSEN | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
 254 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31522780
 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 28.06.2012 03:08:16 | Computer Name = HANNSEN | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
 1194 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31522780
 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 28.06.2012 03:08:26 | Computer Name = HANNSEN | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
 254 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31522780
 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 28.06.2012 03:08:26 | Computer Name = HANNSEN | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
 1194 Invoked Function: CSocketTransport::postConnectProcessing Return Code: -31522780
 (0xFE1F0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT 
 
Error - 28.06.2012 03:08:26 | Computer Name = HANNSEN | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
 1024 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28901363
 (0xFE47000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
 not contact target 
 
Error - 28.06.2012 03:08:26 | Computer Name = HANNSEN | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
 860 Invoked Function: CNetEnvironment::TestAccessToSG Return Code: -28901363 (0xFE47000D)
Description:
 NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target 
 
Error - 28.06.2012 03:10:04 | Computer Name = HANNSEN | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4612
Invoked
 Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Es sind keine
 Daten mehr verfügbar.   
 
Error - 28.06.2012 03:10:11 | Computer Name = HANNSEN | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
 1084 NULL object. Cannot establish a connection at this time.
 
[ System Events ]
Error - 27.06.2012 02:47:10 | Computer Name = HANNSEN | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   Imapi
 
Error - 27.06.2012 12:03:20 | Computer Name = HANNSEN | Source = Dhcp | ID = 1000
Description = Die Lease dieses Computers zu der IP-Adresse 192.168.105.243 über 
die   Netzwerkkarte mit der Netzwerkadresse 002170A793F9 ist verloren gegangen.
 
Error - 27.06.2012 13:35:20 | Computer Name = HANNSEN | Source = Dhcp | ID = 1000
Description = Die Lease dieses Computers zu der IP-Adresse 192.168.105.243 über 
die   Netzwerkkarte mit der Netzwerkadresse 002170A793F9 ist verloren gegangen.
 
Error - 27.06.2012 17:11:11 | Computer Name = HANNSEN | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst AVGIDSAgent.
 
Error - 27.06.2012 17:11:11 | Computer Name = HANNSEN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AVGIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 27.06.2012 17:11:29 | Computer Name = HANNSEN | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   iaStor  Imapi
 
Error - 28.06.2012 03:05:02 | Computer Name = HANNSEN | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst AVGIDSAgent.
 
Error - 28.06.2012 03:05:02 | Computer Name = HANNSEN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AVGIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 28.06.2012 03:05:03 | Computer Name = HANNSEN | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
 von Dienst AudioSrv.
 
Error - 28.06.2012 03:06:04 | Computer Name = HANNSEN | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   Imapi
 
 
< End of report >
         

Alt 01.07.2012, 16:10   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!


Alt 01.07.2012, 18:14   #15
ratsuchend
 
PC plötzlich verlangsamt - Standard

PC plötzlich verlangsamt



Report vom TDSS-Killer:
Code:
ATTFilter
19:04:57.0328 4988	TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
19:04:57.0406 4988	============================================================
19:04:57.0406 4988	Current date / time: 2012/07/01 19:04:57.0406
19:04:57.0406 4988	SystemInfo:
19:04:57.0406 4988	
19:04:57.0406 4988	OS Version: 5.1.2600 ServicePack: 3.0
19:04:57.0406 4988	Product type: Workstation
19:04:57.0421 4988	ComputerName: ***
19:04:57.0421 4988	UserName: ***
19:04:57.0421 4988	Windows directory: C:\WINDOWS
19:04:57.0421 4988	System windows directory: C:\WINDOWS
19:04:57.0421 4988	Processor architecture: Intel x86
19:04:57.0421 4988	Number of processors: 2
19:04:57.0421 4988	Page size: 0x1000
19:04:57.0421 4988	Boot type: Normal boot
19:04:57.0421 4988	============================================================
19:05:07.0093 4988	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:05:07.0093 4988	============================================================
19:05:07.0093 4988	\Device\Harddisk0\DR0:
19:05:07.0093 4988	MBR partitions:
19:05:07.0093 4988	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x129E5AF4
19:05:07.0093 4988	============================================================
19:05:07.0156 4988	C: <-> \Device\Harddisk0\DR0\Partition0
19:05:07.0156 4988	============================================================
19:05:07.0156 4988	Initialize success
19:05:07.0156 4988	============================================================
19:06:12.0734 1736	============================================================
19:06:12.0734 1736	Scan started
19:06:12.0734 1736	Mode: Manual; SigCheck; TDLFS; 
19:06:12.0734 1736	============================================================
19:06:13.0625 1736	Abiosdsk - ok
19:06:13.0718 1736	abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:06:18.0062 1736	abp480n5 - ok
19:06:18.0187 1736	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:06:18.0375 1736	ACPI - ok
19:06:18.0375 1736	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:06:18.0484 1736	ACPIEC - ok
19:06:18.0578 1736	acsint          (c0a9a0be382321a7a6adfcc4b305f062) C:\WINDOWS\system32\DRIVERS\acsint.sys
19:06:18.0625 1736	acsint - ok
19:06:18.0687 1736	acsmux          (9d4b043fa3a628c6f0d56954a71cd726) C:\WINDOWS\system32\DRIVERS\acsmux.sys
19:06:18.0734 1736	acsmux - ok
19:06:18.0953 1736	AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:06:18.0968 1736	AdobeFlashPlayerUpdateSvc - ok
19:06:19.0125 1736	adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:06:19.0312 1736	adpu160m - ok
19:06:19.0437 1736	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:06:19.0609 1736	aec - ok
19:06:19.0734 1736	AegisP          (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
19:06:19.0765 1736	AegisP - ok
19:06:19.0921 1736	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:06:20.0109 1736	AFD - ok
19:06:20.0187 1736	agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:06:20.0343 1736	agp440 - ok
19:06:20.0406 1736	agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:06:20.0515 1736	agpCPQ - ok
19:06:20.0531 1736	Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:06:20.0625 1736	Aha154x - ok
19:06:20.0687 1736	aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:06:20.0875 1736	aic78u2 - ok
19:06:20.0906 1736	aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:06:21.0015 1736	aic78xx - ok
19:06:21.0078 1736	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
19:06:21.0171 1736	Alerter - ok
19:06:21.0218 1736	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
19:06:21.0281 1736	ALG - ok
19:06:21.0312 1736	AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:06:21.0406 1736	AliIde - ok
19:06:21.0453 1736	alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:06:21.0593 1736	alim1541 - ok
19:06:21.0656 1736	amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:06:21.0796 1736	amdagp - ok
19:06:21.0812 1736	amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:06:21.0875 1736	amsint - ok
19:06:21.0968 1736	ApfiltrService  (350f19eb5fe4ec37a2414df56cde1aa8) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
19:06:22.0078 1736	ApfiltrService - ok
19:06:22.0140 1736	APPDRV          (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
19:06:22.0171 1736	APPDRV ( UnsignedFile.Multi.Generic ) - warning
19:06:22.0171 1736	APPDRV - detected UnsignedFile.Multi.Generic (1)
19:06:22.0312 1736	AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
19:06:22.0468 1736	AppMgmt - ok
19:06:22.0515 1736	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:06:22.0640 1736	Arp1394 - ok
19:06:22.0671 1736	asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:06:22.0812 1736	asc - ok
19:06:22.0843 1736	asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:06:22.0953 1736	asc3350p - ok
19:06:23.0015 1736	asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:06:23.0109 1736	asc3550 - ok
19:06:23.0296 1736	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:06:23.0375 1736	aspnet_state - ok
19:06:23.0421 1736	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:06:23.0531 1736	AsyncMac - ok
19:06:23.0671 1736	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:06:23.0781 1736	atapi - ok
19:06:23.0796 1736	Atdisk - ok
19:06:23.0843 1736	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:06:24.0000 1736	Atmarpc - ok
19:06:24.0093 1736	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
19:06:24.0218 1736	AudioSrv - ok
19:06:24.0296 1736	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:06:24.0390 1736	audstub - ok
19:06:27.0750 1736	AVGIDSAgent     (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Programme\AVG\AVG2012\AVGIDSAgent.exe
19:06:32.0625 1736	AVGIDSAgent - ok
19:06:33.0187 1736	AVGIDSDriver    (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
19:06:33.0296 1736	AVGIDSDriver - ok
19:06:33.0343 1736	AVGIDSFilter    (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
19:06:33.0375 1736	AVGIDSFilter - ok
19:06:33.0468 1736	AVGIDSHX        (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
19:06:33.0515 1736	AVGIDSHX - ok
19:06:33.0593 1736	AVGIDSShim      (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
19:06:33.0640 1736	AVGIDSShim - ok
19:06:33.0875 1736	Avgldx86        (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
19:06:34.0109 1736	Avgldx86 - ok
19:06:34.0140 1736	Avgmfx86        (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
19:06:34.0187 1736	Avgmfx86 - ok
19:06:34.0218 1736	Avgrkx86        (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
19:06:34.0265 1736	Avgrkx86 - ok
19:06:34.0484 1736	Avgtdix         (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
19:06:34.0703 1736	Avgtdix - ok
19:06:35.0109 1736	avgwd           (ea1145debcd508fd25bd1e95c4346929) C:\Programme\AVG\AVG2012\avgwdsvc.exe
19:06:35.0328 1736	avgwd - ok
19:06:35.0406 1736	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:06:35.0593 1736	Beep - ok
19:06:36.0125 1736	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
19:06:36.0687 1736	BITS - ok
19:06:37.0000 1736	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
19:06:37.0171 1736	Browser - ok
19:06:37.0234 1736	cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:06:37.0453 1736	cbidf - ok
19:06:37.0453 1736	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:06:37.0546 1736	cbidf2k - ok
19:06:37.0812 1736	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:06:37.0906 1736	CCDECODE - ok
19:06:37.0921 1736	cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:06:37.0968 1736	cd20xrnt - ok
19:06:38.0062 1736	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:06:38.0250 1736	Cdaudio - ok
19:06:38.0531 1736	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:06:38.0671 1736	Cdfs - ok
19:06:38.0703 1736	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:06:38.0828 1736	Cdrom - ok
19:06:38.0843 1736	Changer - ok
19:06:38.0937 1736	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
19:06:39.0015 1736	CiSvc - ok
19:06:39.0046 1736	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
19:06:39.0156 1736	ClipSrv - ok
19:06:39.0343 1736	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:06:39.0531 1736	clr_optimization_v2.0.50727_32 - ok
19:06:39.0609 1736	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:06:39.0703 1736	CmBatt - ok
19:06:39.0750 1736	CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:06:39.0890 1736	CmdIde - ok
19:06:39.0937 1736	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:06:40.0062 1736	Compbatt - ok
19:06:40.0062 1736	COMSysApp - ok
19:06:40.0109 1736	Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:06:40.0250 1736	Cpqarray - ok
19:06:40.0375 1736	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
19:06:40.0484 1736	CryptSvc - ok
19:06:40.0562 1736	CVirtA          (b5ecadf7708960f1818c7fa015f4c239) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
19:06:40.0625 1736	CVirtA - ok
19:06:40.0718 1736	dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:06:40.0953 1736	dac2w2k - ok
19:06:40.0984 1736	dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:06:41.0078 1736	dac960nt - ok
19:06:41.0265 1736	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:06:41.0625 1736	DcomLaunch - ok
19:06:41.0750 1736	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
19:06:41.0937 1736	Dhcp - ok
19:06:42.0015 1736	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:06:42.0125 1736	Disk - ok
19:06:42.0171 1736	DLABMFSM        (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
19:06:42.0203 1736	DLABMFSM - ok
19:06:42.0234 1736	DLABOIOM        (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
19:06:42.0265 1736	DLABOIOM - ok
19:06:42.0265 1736	DLACDBHM - ok
19:06:42.0281 1736	DLADResM        (f8b70d38845c4694b28adc4768676fd0) C:\WINDOWS\system32\Drivers\DLADResM.SYS
19:06:42.0296 1736	DLADResM - ok
19:06:42.0343 1736	DLAIFS_M        (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
19:06:42.0390 1736	DLAIFS_M - ok
19:06:42.0421 1736	DLAOPIOM        (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
19:06:42.0437 1736	DLAOPIOM - ok
19:06:42.0437 1736	DLAPoolM        (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
19:06:42.0453 1736	DLAPoolM - ok
19:06:42.0484 1736	DLARTL_M        (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
19:06:42.0500 1736	DLARTL_M - ok
19:06:42.0546 1736	DLAUDFAM        (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
19:06:42.0593 1736	DLAUDFAM - ok
19:06:42.0640 1736	DLAUDF_M        (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
19:06:42.0687 1736	DLAUDF_M - ok
19:06:42.0687 1736	dmadmin - ok
19:06:43.0046 1736	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
19:06:43.0718 1736	dmboot - ok
19:06:43.0812 1736	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
19:06:43.0984 1736	dmio - ok
19:06:44.0046 1736	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:06:44.0125 1736	dmload - ok
19:06:44.0187 1736	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
19:06:44.0281 1736	dmserver - ok
19:06:44.0406 1736	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:06:44.0531 1736	DMusic - ok
19:06:44.0625 1736	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
19:06:44.0765 1736	Dnscache - ok
19:06:44.0906 1736	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
19:06:45.0109 1736	Dot3svc - ok
19:06:45.0187 1736	dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:06:45.0296 1736	dpti2o - ok
19:06:45.0343 1736	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:06:45.0421 1736	drmkaud - ok
19:06:45.0546 1736	DRVMCDB         (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
19:06:45.0593 1736	DRVMCDB - ok
19:06:45.0625 1736	DRVNDDM         (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
19:06:45.0656 1736	DRVNDDM - ok
19:06:45.0718 1736	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
19:06:45.0953 1736	EapHost - ok
19:06:46.0000 1736	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
19:06:46.0093 1736	ERSvc - ok
19:06:46.0234 1736	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:06:46.0312 1736	Eventlog - ok
19:06:46.0484 1736	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
19:06:46.0640 1736	EventSystem - ok
19:06:47.0078 1736	EvtEng          (e71b03ff6b819ae1a286aa27e956d523) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
19:06:47.0593 1736	EvtEng ( UnsignedFile.Multi.Generic ) - warning
19:06:47.0593 1736	EvtEng - detected UnsignedFile.Multi.Generic (1)
19:06:47.0750 1736	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:06:47.0921 1736	Fastfat - ok
19:06:48.0031 1736	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:06:48.0203 1736	FastUserSwitchingCompatibility - ok
19:06:48.0359 1736	Fax             (08b8b302af0d1b3b8543429bbac8f21f) C:\WINDOWS\system32\fxssvc.exe
19:06:48.0671 1736	Fax - ok
19:06:49.0015 1736	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:06:49.0156 1736	Fdc - ok
19:06:49.0218 1736	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
19:06:49.0437 1736	Fips - ok
19:06:49.0453 1736	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:06:49.0796 1736	Flpydisk - ok
19:06:50.0140 1736	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:06:50.0484 1736	FltMgr - ok
19:06:50.0953 1736	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:06:50.0984 1736	FontCache3.0.0.0 - ok
19:06:51.0062 1736	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:06:51.0265 1736	Fs_Rec - ok
19:06:51.0859 1736	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:06:52.0218 1736	Ftdisk - ok
19:06:52.0468 1736	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:06:52.0593 1736	Gpc - ok
19:06:52.0671 1736	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:06:52.0937 1736	HDAudBus - ok
19:06:53.0093 1736	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:06:53.0203 1736	helpsvc - ok
19:06:53.0281 1736	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
19:06:53.0375 1736	HidServ - ok
19:06:53.0390 1736	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:06:53.0515 1736	hidusb - ok
19:06:53.0562 1736	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
19:06:53.0718 1736	hkmsvc - ok
19:06:54.0015 1736	hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:06:54.0156 1736	hpn - ok
19:06:54.0843 1736	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:06:55.0109 1736	HTTP - ok
19:06:55.0187 1736	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
19:06:55.0390 1736	HTTPFilter - ok
19:06:55.0640 1736	i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:06:55.0734 1736	i2omgmt - ok
19:06:55.0812 1736	i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:06:56.0093 1736	i2omp - ok
19:06:56.0437 1736	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:06:56.0562 1736	i8042prt - ok
19:07:00.0218 1736	ialm            (bffa387180121df1e4646c4ced3e16ca) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:07:06.0281 1736	ialm - ok
19:07:07.0171 1736	iaStor          (2358c53f30cb9dcd1d3843c4e2f299b2) C:\WINDOWS\system32\drivers\iaStor.sys
19:07:07.0390 1736	iaStor - ok
19:07:08.0093 1736	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:07:08.0843 1736	idsvc - ok
19:07:08.0921 1736	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:07:09.0062 1736	Imapi - ok
19:07:09.0187 1736	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
19:07:09.0359 1736	ImapiService - ok
19:07:09.0421 1736	ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:07:09.0562 1736	ini910u - ok
19:07:12.0218 1736	IntcAzAudAddService (613a2b00da1d4a80de1ec8cfb52c0d89) C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:07:17.0937 1736	IntcAzAudAddService - ok
19:07:18.0593 1736	IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:07:18.0828 1736	IntelIde - ok
19:07:19.0109 1736	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:07:19.0203 1736	intelppm - ok
19:07:19.0250 1736	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:07:19.0359 1736	Ip6Fw - ok
19:07:19.0375 1736	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:07:19.0531 1736	IpFilterDriver - ok
19:07:19.0546 1736	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:07:19.0640 1736	IpInIp - ok
19:07:19.0984 1736	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:07:20.0156 1736	IpNat - ok
19:07:20.0218 1736	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:07:20.0437 1736	IPSec - ok
19:07:20.0687 1736	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:07:20.0750 1736	IRENUM - ok
19:07:20.0828 1736	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:07:20.0968 1736	isapnp - ok
19:07:21.0343 1736	JavaQuickStarterService (a38441ed570f190cc041a7be49488fa7) C:\Programme\Java\jre6\bin\jqs.exe
19:07:21.0593 1736	JavaQuickStarterService - ok
19:07:21.0687 1736	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:07:21.0906 1736	Kbdclass - ok
19:07:22.0171 1736	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:07:22.0265 1736	kbdhid - ok
19:07:22.0406 1736	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:07:22.0687 1736	kmixer - ok
19:07:23.0015 1736	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:07:23.0250 1736	KSecDD - ok
19:07:23.0390 1736	LanmanServer    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
19:07:23.0593 1736	LanmanServer - ok
19:07:23.0781 1736	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
19:07:24.0031 1736	lanmanworkstation - ok
19:07:25.0515 1736	Lavasoft Ad-Aware Service (55afd4a9d5ed4ad40d5215ccdf4d65f3) C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
19:07:26.0546 1736	Lavasoft Ad-Aware Service - ok
19:07:27.0062 1736	Lbd             (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
19:07:27.0125 1736	Lbd - ok
19:07:27.0140 1736	lbrtfdc - ok
19:07:27.0234 1736	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
19:07:27.0437 1736	LmHosts - ok
19:07:27.0703 1736	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
19:07:27.0812 1736	Messenger - ok
19:07:27.0921 1736	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:07:28.0000 1736	mnmdd - ok
19:07:28.0062 1736	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
19:07:28.0156 1736	mnmsrvc - ok
19:07:28.0171 1736	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
19:07:28.0281 1736	Modem - ok
19:07:28.0359 1736	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:07:28.0468 1736	Mouclass - ok
19:07:28.0546 1736	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:07:28.0640 1736	mouhid - ok
19:07:28.0671 1736	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:07:28.0812 1736	MountMgr - ok
19:07:29.0187 1736	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:07:29.0312 1736	MozillaMaintenance - ok
19:07:29.0343 1736	mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:07:29.0578 1736	mraid35x - ok
19:07:30.0031 1736	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:07:30.0390 1736	MRxDAV - ok
19:07:31.0171 1736	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:07:31.0812 1736	MRxSmb - ok
19:07:31.0921 1736	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
19:07:32.0125 1736	MSDTC - ok
19:07:32.0437 1736	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:07:32.0531 1736	Msfs - ok
19:07:32.0531 1736	MSIServer - ok
19:07:32.0578 1736	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:07:32.0703 1736	MSKSSRV - ok
19:07:32.0765 1736	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:07:32.0859 1736	MSPCLOCK - ok
19:07:32.0968 1736	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:07:33.0109 1736	MSPQM - ok
19:07:33.0140 1736	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:07:33.0234 1736	mssmbios - ok
19:07:33.0281 1736	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:07:33.0406 1736	MSTEE - ok
19:07:33.0531 1736	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:07:33.0625 1736	Mup - ok
19:07:33.0687 1736	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:07:33.0859 1736	NABTSFEC - ok
19:07:34.0093 1736	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
19:07:34.0312 1736	napagent - ok
19:07:34.0453 1736	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:07:34.0625 1736	NDIS - ok
19:07:34.0671 1736	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:07:34.0796 1736	NdisIP - ok
19:07:34.0921 1736	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:07:35.0109 1736	NdisTapi - ok
19:07:35.0125 1736	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:07:35.0234 1736	Ndisuio - ok
19:07:35.0281 1736	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:07:35.0390 1736	NdisWan - ok
19:07:35.0484 1736	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:07:35.0546 1736	NDProxy - ok
19:07:35.0640 1736	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:07:35.0750 1736	NetBIOS - ok
19:07:35.0906 1736	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:07:36.0140 1736	NetBT - ok
19:07:36.0250 1736	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:07:36.0375 1736	NetDDE - ok
19:07:36.0390 1736	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:07:36.0484 1736	NetDDEdsdm - ok
19:07:36.0750 1736	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:07:36.0843 1736	Netlogon - ok
19:07:36.0953 1736	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
19:07:37.0343 1736	Netman - ok
19:07:37.0765 1736	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:07:37.0843 1736	NetTcpPortSharing - ok
19:07:38.0984 1736	NETw4x32        (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
19:07:41.0234 1736	NETw4x32 - ok
19:07:44.0515 1736	NETw5x32        (91f027c242d3ff6e5c09f92a0518297f) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
19:07:49.0031 1736	NETw5x32 - ok
19:07:49.0656 1736	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:07:49.0921 1736	NIC1394 - ok
19:07:50.0093 1736	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
19:07:50.0125 1736	Nla - ok
19:07:50.0156 1736	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:07:50.0265 1736	Npfs - ok
19:07:50.0265 1736	npggsvc - ok
19:07:50.0562 1736	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:07:51.0156 1736	Ntfs - ok
19:07:51.0453 1736	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:07:51.0546 1736	NtLmSsp - ok
19:07:51.0890 1736	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
19:07:52.0421 1736	NtmsSvc - ok
19:07:52.0656 1736	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:07:52.0796 1736	Null - ok
19:07:53.0093 1736	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:07:53.0359 1736	NwlnkFlt - ok
19:07:53.0609 1736	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:07:53.0859 1736	NwlnkFwd - ok
19:07:54.0156 1736	O2FLASH         (bbd5503999f331278db39046888d559c) C:\WINDOWS\system32\DRIVERS\o2flash.exe
19:07:54.0265 1736	O2FLASH - ok
19:07:54.0343 1736	O2MDRDR         (305e0ec480ebc7a24d4b691da76e008c) C:\WINDOWS\system32\DRIVERS\o2media.sys
19:07:54.0375 1736	O2MDRDR - ok
19:07:54.0406 1736	O2SDRDR         (6e590c91f97ae5e3408453c8ae9a3000) C:\WINDOWS\system32\DRIVERS\o2sd.sys
19:07:54.0468 1736	O2SDRDR - ok
19:07:54.0562 1736	OEM13Afx        (58f478fd0115012ceec75fb73628901c) C:\WINDOWS\system32\Drivers\OEM13Afx.sys
19:07:54.0765 1736	OEM13Afx - ok
19:07:54.0828 1736	OEM13Vfx        (86326062a90494bdd79ce383511d7d69) C:\WINDOWS\system32\DRIVERS\OEM13Vfx.sys
19:07:54.0906 1736	OEM13Vfx - ok
19:07:55.0109 1736	OEM13Vid        (12539b57ed05de7552403a12b3e0161c) C:\WINDOWS\system32\DRIVERS\OEM13Vid.sys
19:07:55.0312 1736	OEM13Vid - ok
19:07:55.0421 1736	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:07:55.0671 1736	ohci1394 - ok
19:07:56.0312 1736	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:07:56.0500 1736	ose - ok
19:07:59.0281 1736	osppsvc         (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:08:01.0968 1736	osppsvc - ok
19:08:02.0750 1736	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
19:08:03.0046 1736	Parport - ok
19:08:03.0296 1736	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:08:03.0406 1736	PartMgr - ok
19:08:03.0437 1736	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
19:08:03.0578 1736	ParVdm - ok
19:08:03.0671 1736	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
19:08:03.0906 1736	PCI - ok
19:08:03.0906 1736	PCIDump - ok
19:08:03.0937 1736	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:08:04.0031 1736	PCIIde - ok
19:08:04.0093 1736	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:08:04.0234 1736	Pcmcia - ok
19:08:04.0234 1736	PDCOMP - ok
19:08:04.0234 1736	PDFRAME - ok
19:08:04.0250 1736	PDRELI - ok
19:08:04.0250 1736	PDRFRAME - ok
19:08:04.0265 1736	perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:08:04.0375 1736	perc2 - ok
19:08:04.0625 1736	perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:08:04.0765 1736	perc2hib - ok
19:08:04.0906 1736	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:08:04.0921 1736	PlugPlay - ok
19:08:05.0031 1736	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:08:05.0218 1736	PolicyAgent - ok
19:08:05.0750 1736	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:08:06.0000 1736	PptpMiniport - ok
19:08:06.0000 1736	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:08:06.0093 1736	ProtectedStorage - ok
19:08:06.0375 1736	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:08:06.0812 1736	PSched - ok
19:08:06.0859 1736	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:08:07.0156 1736	Ptilink - ok
19:08:07.0234 1736	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:08:07.0250 1736	PxHelp20 - ok
19:08:07.0281 1736	ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:08:07.0390 1736	ql1080 - ok
19:08:07.0406 1736	Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:08:07.0562 1736	Ql10wnt - ok
19:08:07.0593 1736	ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:08:07.0703 1736	ql12160 - ok
19:08:07.0718 1736	ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:08:07.0859 1736	ql1240 - ok
19:08:08.0109 1736	ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:08:08.0218 1736	ql1280 - ok
19:08:08.0250 1736	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:08:08.0390 1736	RasAcd - ok
19:08:08.0984 1736	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
19:08:09.0203 1736	RasAuto - ok
19:08:09.0468 1736	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:08:09.0578 1736	Rasl2tp - ok
19:08:09.0671 1736	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
19:08:10.0000 1736	RasMan - ok
19:08:10.0015 1736	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:08:10.0125 1736	RasPppoe - ok
19:08:10.0125 1736	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:08:10.0218 1736	Raspti - ok
19:08:10.0796 1736	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:08:11.0015 1736	Rdbss - ok
19:08:11.0265 1736	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:08:11.0453 1736	RDPCDD - ok
19:08:11.0546 1736	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:08:11.0953 1736	rdpdr - ok
19:08:12.0109 1736	RDPWD           (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
19:08:12.0312 1736	RDPWD - ok
19:08:12.0453 1736	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
19:08:12.0734 1736	RDSessMgr - ok
19:08:13.0000 1736	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:08:13.0125 1736	redbook - ok
19:08:13.0515 1736	RegSrvc         (2cf574d0965f58e514a2dc94114d7eca) C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
19:08:13.0734 1736	RegSrvc ( UnsignedFile.Multi.Generic ) - warning
19:08:13.0734 1736	RegSrvc - detected UnsignedFile.Multi.Generic (1)
19:08:13.0890 1736	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
19:08:14.0156 1736	RemoteAccess - ok
19:08:14.0468 1736	RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
19:08:14.0578 1736	RemoteRegistry - ok
19:08:14.0640 1736	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
19:08:14.0890 1736	RpcLocator - ok
19:08:15.0312 1736	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:08:15.0500 1736	RpcSs - ok
19:08:15.0609 1736	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
19:08:15.0906 1736	RSVP - ok
19:08:16.0093 1736	RTLE8023xp      (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:08:16.0218 1736	RTLE8023xp - ok
19:08:16.0750 1736	S24EventMonitor (874173edbd4f2fe711f245855a2ffa23) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
19:08:17.0750 1736	S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
19:08:17.0750 1736	S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
19:08:17.0781 1736	s24trans        (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys
19:08:17.0796 1736	s24trans ( UnsignedFile.Multi.Generic ) - warning
19:08:17.0796 1736	s24trans - detected UnsignedFile.Multi.Generic (1)
19:08:17.0875 1736	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:08:17.0968 1736	SamSs - ok
19:08:18.0078 1736	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
19:08:18.0234 1736	SCardSvr - ok
19:08:18.0328 1736	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
19:08:18.0562 1736	Schedule - ok
19:08:18.0640 1736	sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:08:18.0765 1736	sdbus - ok
19:08:18.0781 1736	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:08:18.0875 1736	Secdrv - ok
19:08:18.0984 1736	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
19:08:19.0109 1736	seclogon - ok
19:08:19.0140 1736	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
19:08:19.0234 1736	SENS - ok
19:08:19.0296 1736	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
19:08:19.0421 1736	Serial - ok
19:08:19.0468 1736	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:08:19.0562 1736	Sfloppy - ok
19:08:19.0781 1736	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
19:08:20.0156 1736	SharedAccess - ok
19:08:20.0421 1736	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:08:20.0437 1736	ShellHWDetection - ok
19:08:20.0437 1736	Simbad - ok
19:08:20.0484 1736	sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:08:20.0671 1736	sisagp - ok
19:08:20.0734 1736	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:08:20.0859 1736	SLIP - ok
19:08:20.0921 1736	Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:08:20.0984 1736	Sparrow - ok
19:08:21.0031 1736	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:08:21.0109 1736	splitter - ok
19:08:21.0218 1736	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:08:21.0281 1736	Spooler - ok
19:08:21.0453 1736	sprtsvc_dellsupportcenter - ok
19:08:21.0562 1736	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
19:08:21.0671 1736	sr - ok
19:08:21.0828 1736	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
19:08:21.0984 1736	srservice - ok
19:08:22.0156 1736	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:08:22.0453 1736	Srv - ok
19:08:22.0562 1736	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
19:08:22.0640 1736	SSDPSRV - ok
19:08:22.0734 1736	StarOpen        (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
19:08:22.0750 1736	StarOpen ( UnsignedFile.Multi.Generic ) - warning
19:08:22.0750 1736	StarOpen - detected UnsignedFile.Multi.Generic (1)
19:08:22.0906 1736	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
19:08:23.0296 1736	stisvc - ok
19:08:23.0375 1736	stllssvr        (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe
19:08:23.0453 1736	stllssvr ( UnsignedFile.Multi.Generic ) - warning
19:08:23.0453 1736	stllssvr - detected UnsignedFile.Multi.Generic (1)
19:08:23.0515 1736	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:08:23.0656 1736	streamip - ok
19:08:23.0671 1736	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:08:23.0765 1736	swenum - ok
19:08:23.0812 1736	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:08:23.0968 1736	swmidi - ok
19:08:23.0968 1736	SwPrv - ok
19:08:24.0031 1736	symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:08:24.0125 1736	symc810 - ok
19:08:24.0203 1736	symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:08:24.0296 1736	symc8xx - ok
19:08:24.0312 1736	sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:08:24.0453 1736	sym_hi - ok
19:08:24.0468 1736	sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:08:24.0562 1736	sym_u3 - ok
19:08:24.0671 1736	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:08:24.0796 1736	sysaudio - ok
19:08:24.0968 1736	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
19:08:25.0125 1736	SysmonLog - ok
19:08:25.0250 1736	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
19:08:25.0437 1736	TapiSrv - ok
19:08:25.0671 1736	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:08:25.0937 1736	Tcpip - ok
19:08:26.0000 1736	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:08:26.0093 1736	TDPIPE - ok
19:08:26.0125 1736	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:08:26.0250 1736	TDTCP - ok
19:08:26.0296 1736	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:08:26.0406 1736	TermDD - ok
19:08:26.0593 1736	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
19:08:26.0812 1736	TermService - ok
19:08:27.0093 1736	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:08:27.0109 1736	Themes - ok
19:08:27.0187 1736	TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
19:08:27.0296 1736	TlntSvr - ok
19:08:27.0375 1736	TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys
19:08:27.0453 1736	TosIde - ok
19:08:27.0546 1736	tosporte        (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys
19:08:27.0656 1736	tosporte - ok
19:08:27.0718 1736	tosrfbd         (435ac6cc2abed508ac5a495658cbaf0f) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
19:08:27.0875 1736	tosrfbd - ok
19:08:27.0937 1736	tosrfbnp        (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
19:08:28.0031 1736	tosrfbnp - ok
19:08:28.0109 1736	Tosrfcom        (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
19:08:28.0187 1736	Tosrfcom - ok
19:08:28.0234 1736	Tosrfhid        (28099a4e52148319afa685d93a2244d0) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
19:08:28.0343 1736	Tosrfhid - ok
19:08:28.0390 1736	tosrfnds        (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
19:08:28.0437 1736	tosrfnds - ok
19:08:28.0468 1736	Tosrfusb        (6bc529c5eca0c7654943fd6fab21c5fa) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
19:08:28.0546 1736	Tosrfusb - ok
19:08:28.0656 1736	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
19:08:28.0796 1736	TrkWks - ok
19:08:28.0859 1736	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:08:29.0015 1736	Udfs - ok
19:08:29.0109 1736	ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:08:29.0203 1736	ultra - ok
19:08:29.0296 1736	UMWdf           (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
19:08:29.0390 1736	UMWdf - ok
19:08:29.0609 1736	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:08:30.0140 1736	Update - ok
19:08:30.0515 1736	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
19:08:30.0687 1736	upnphost - ok
19:08:30.0703 1736	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
19:08:30.0796 1736	UPS - ok
19:08:30.0828 1736	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:08:31.0000 1736	usbccgp - ok
19:08:31.0078 1736	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:08:31.0187 1736	usbehci - ok
19:08:31.0281 1736	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:08:31.0406 1736	usbhub - ok
19:08:31.0484 1736	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:08:31.0593 1736	usbprint - ok
19:08:31.0687 1736	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:08:31.0796 1736	USBSTOR - ok
19:08:31.0812 1736	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:08:31.0937 1736	usbuhci - ok
19:08:32.0093 1736	usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
19:08:32.0234 1736	usbvideo - ok
19:08:32.0468 1736	usnjsvc         (9d19b042a4fd5c02195071ea2fe0c821) C:\Programme\Windows Live\Messenger\usnsvc.exe
19:08:32.0531 1736	usnjsvc - ok
19:08:32.0609 1736	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:08:32.0718 1736	VgaSave - ok
19:08:32.0765 1736	viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:08:32.0875 1736	viaagp - ok
19:08:32.0937 1736	ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:08:33.0015 1736	ViaIde - ok
19:08:33.0078 1736	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
19:08:33.0171 1736	VolSnap - ok
19:08:33.0515 1736	vpnagent        (d9cc6202d8a3ec84f1516f6cc3e2e6ed) C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
19:08:33.0984 1736	vpnagent - ok
19:08:34.0093 1736	vpnva           (0d8df4058901616a4e716ab67d472581) C:\WINDOWS\system32\DRIVERS\vpnva.sys
19:08:34.0125 1736	vpnva - ok
19:08:34.0140 1736	vsdatant - ok
19:08:34.0390 1736	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
19:08:34.0671 1736	VSS - ok
19:08:35.0718 1736	vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
19:08:36.0812 1736	vToolbarUpdater11.1.0 - ok
19:08:37.0031 1736	w32time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
19:08:37.0437 1736	w32time - ok
19:08:37.0843 1736	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:08:37.0984 1736	Wanarp - ok
19:08:38.0265 1736	Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:08:38.0593 1736	Wdf01000 - ok
19:08:38.0593 1736	WDICA - ok
19:08:38.0687 1736	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:08:38.0859 1736	wdmaud - ok
19:08:38.0968 1736	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
19:08:39.0109 1736	WebClient - ok
19:08:39.0312 1736	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:08:39.0484 1736	winmgmt - ok
19:08:39.0781 1736	WLANKEEPER      (4307641ca3389a210295fdffd2a73dee) C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
19:08:39.0953 1736	WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
19:08:39.0953 1736	WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
19:08:40.0296 1736	WLSetupSvc      (94a85e956a065e23e0010a6a7826243b) C:\Programme\Windows Live\installer\WLSetupSvc.exe
19:08:40.0531 1736	WLSetupSvc - ok
19:08:40.0609 1736	WmdmPmSN        (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\MsPMSNSv.dll
19:08:40.0687 1736	WmdmPmSN - ok
19:08:41.0171 1736	Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
19:08:41.0546 1736	Wmi - ok
19:08:41.0703 1736	WmiAcpi         (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:08:41.0890 1736	WmiAcpi - ok
19:08:42.0312 1736	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:08:42.0468 1736	WmiApSrv - ok
19:08:42.0531 1736	WpdUsb          (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
19:08:42.0609 1736	WpdUsb - ok
19:08:42.0734 1736	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
19:08:42.0906 1736	wscsvc - ok
19:08:42.0953 1736	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:08:43.0046 1736	WSTCODEC - ok
19:08:43.0125 1736	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
19:08:43.0218 1736	wuauserv - ok
19:08:43.0484 1736	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
19:08:43.0906 1736	WZCSVC - ok
19:08:44.0015 1736	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
19:08:44.0218 1736	xmlprov - ok
19:08:44.0312 1736	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:08:45.0093 1736	\Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:08:45.0093 1736	\Device\Harddisk0\DR0 - detected TDSS File System (1)
19:08:45.0093 1736	Boot (0x1200)   (1d523dd709f6d9fbfce536ee5fbb881f) \Device\Harddisk0\DR0\Partition0
19:08:45.0109 1736	\Device\Harddisk0\DR0\Partition0 - ok
19:08:45.0109 1736	============================================================
19:08:45.0109 1736	Scan finished
19:08:45.0109 1736	============================================================
19:08:45.0218 7044	Detected object count: 9
19:08:45.0218 7044	Actual detected object count: 9
19:08:59.0421 7044	APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
19:08:59.0421 7044	APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:08:59.0437 7044	EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
19:08:59.0437 7044	EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:08:59.0437 7044	RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:08:59.0437 7044	RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:08:59.0437 7044	S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
19:08:59.0437 7044	S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:08:59.0437 7044	s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
19:08:59.0437 7044	s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:08:59.0437 7044	StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
19:08:59.0437 7044	StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:08:59.0437 7044	stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
19:08:59.0437 7044	stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:08:59.0453 7044	WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
19:08:59.0453 7044	WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:08:59.0453 7044	\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:08:59.0453 7044	\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
         

Antwort

Themen zu PC plötzlich verlangsamt
avg, beseitigt, edition, erweiterungen, free, freundin, hochfahren, hören, installiert, länger, minute, minuten, mozilla, offline, online, plötzlich, problem, remover, ruckel, sachen, suche, tipps, video, windows, windows xp



Ähnliche Themen: PC plötzlich verlangsamt


  1. Win 7 extrem verlangsamt
    Log-Analyse und Auswertung - 21.09.2015 (22)
  2. Windows Defender plötzlich deaktiviert, Rechenleistung verlangsamt..
    Plagegeister aller Art und deren Bekämpfung - 19.12.2014 (21)
  3. Windows 7 : Internet plötzlich extrem verlangsamt
    Log-Analyse und Auswertung - 17.12.2013 (19)
  4. Verlangsamt
    Plagegeister aller Art und deren Bekämpfung - 15.11.2013 (15)
  5. LogFile: Pc verlangsamt + Start
    Log-Analyse und Auswertung - 19.06.2012 (1)
  6. gamerpc plötzlich extrem verlangsamt
    Log-Analyse und Auswertung - 24.12.2011 (1)
  7. Internet plötzlich stark verlangsamt
    Plagegeister aller Art und deren Bekämpfung - 26.11.2008 (0)
  8. Virus verlangsamt PC!
    Plagegeister aller Art und deren Bekämpfung - 20.08.2008 (2)
  9. IE verlangsamt den PC und öffnet pop ups!
    Log-Analyse und Auswertung - 31.07.2008 (12)
  10. Internet verlangsamt
    Log-Analyse und Auswertung - 18.04.2008 (12)
  11. AVK 05 Firewall verlangsamt
    Antiviren-, Firewall- und andere Schutzprogramme - 29.03.2008 (0)
  12. Internet verlangsamt
    Log-Analyse und Auswertung - 26.02.2008 (2)
  13. PC verlangsamt/cpu auslastun oft 100% ?!
    Log-Analyse und Auswertung - 13.11.2007 (3)
  14. W2000 Server verlangsamt plötzlich.
    Alles rund um Windows - 20.10.2007 (2)
  15. W2000 Server verlangsamt plötzlich.
    Mülltonne - 19.10.2007 (0)
  16. Programme verlangsamt
    Log-Analyse und Auswertung - 27.09.2007 (13)

Zum Thema PC plötzlich verlangsamt - Hallo Trojaner-Board-Forum-Leute =), Problem seit gestern habe ich ein Problem mit dem PC. Ich habe Windows XP und schon der Anfangsbildschirm, wo "Windows XP" steht wird deutlich länger (~2 Minuten) - PC plötzlich verlangsamt...
Archiv
Du betrachtest: PC plötzlich verlangsamt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.