Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Wieder CahtZum

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.10.2012, 23:13   #1
Tina666
 
Wieder CahtZum - Standard

Wieder CahtZum



Hallo,

ich habe mich heute hier angemeldet, da ich ebenfalls seit ein paar Tagen Probleme damit habe.
Aus anderen Beiträgen hab ich schon mitbekommen, daß das von Softonic kommt, wobei ich da schon seit Monaten nichts mehr gemacht habe.
Und ja, ich werde da schön die Finger davon lassen.

Wie soll ich nun vorgehen?

Noch etwas, ich bin da absolut doof, wenn es um sochle Dinge geht, hab da keine Ahnung, hoffe, ihr könnt mir trotzdem helfen.

Tina

Alt 11.10.2012, 15:08   #2
M-K-D-B
/// TB-Ausbilder
 
Wieder CahtZum - Standard

Wieder CahtZum






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden. Es können mehrere Analyse- und Bereinigungsschritte erforderlich sein.
    Abschließend entfernen wir wieder alle verwendeten Programme und ich gebe dir ein paar Tipps für die Zukunft mit auf den Weg.
  • Bei Anzeichen von illegaler Software wird der Support ohne Diskussion eingestellt.
  • Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Führe nur Scans durch, zu denen du von mir oder einem anderen Helfer aufgefordert wirst.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software außer du wirst dazu aufgefordert.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
    Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.





Schritt 1
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop (falls noch nicht vorhanden).
  • Starte bitte die OTL.exe.
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Standard Ausgabe.
  • Setze einen Haken bei Scanne alle Benutzer.
  • Unter Extra Registry, wähle bitte Use SafeList.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
drivers32
safebootminimal
safebootnetwork
CREATERESTOREPOINT
         
  • Schließe bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Scan Button.
  • Am Ende des Suchlaufs werden 2 Logdateien erstellt.
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread





Schritt 2
Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
  • Starte das Tool mit Doppelklick.
    Vista und Win7 User mit Rechtsklick "als Administrator starten".
  • Klicke nun auf den Disable Button, um die Treiber gewisser Emulatoren zu deaktivieren.
  • Wenn der Scan beendet wurde ( Finished ), klicke auf OK.
  • Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.
Sollte Defogger eine Fehlermeldung ausgeben, poste bitte die defogger_disable Log von deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung.





Schritt 3
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.





Schritt 4
Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
    Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.





Bitte poste mit deiner nächsten Antwort
  • die beiden Logdateien von OTL,
  • die Logdatei von aswMBR.
  • die Logdatei von TDSSKiller.
__________________

__________________

Alt 11.10.2012, 18:42   #3
Tina666
 
Wieder CahtZum - Standard

Wieder CahtZum



Hallo Matthias,

vielen Dank für Deine nette Antwort und die Unterstützung. Ich hoffe wirklich, daß ich es schaffe.
Ich warte aber noch etwas, will bei ebay noch was steigern und habe Bedenken, daß ich es dann verpasse, bzw. die Ersteigerung nicht klappt.

Tina
__________________

Alt 11.10.2012, 19:39   #4
M-K-D-B
/// TB-Ausbilder
 
Wieder CahtZum - Standard

Wieder CahtZum



Servus,


dann warte ich auf deine Antwort mit den Logdateien, um die ich gebeten habe.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.10.2012, 23:12   #5
Tina666
 
Wieder CahtZum - Standard

Wieder CahtZum



Hier OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.10.2012 22:57:36 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Bereinigung
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 65,10% Memory free
6,84 Gb Paging File | 5,47 Gb Available in Paging File | 80,02% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 465,76 Gb Total Space | 287,81 Gb Free Space | 61,79% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 399,23 Gb Free Space | 66,97% Space Free | Partition Type: NTFS
 
Computer Name: MOTIONSIGN | User Name: Hartmann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.11 22:51:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Bereinigung\OTL.exe
PRC - [2012.09.08 01:53:07 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.09.04 04:38:13 | 000,947,808 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
PRC - [2012.09.04 04:37:54 | 000,722,528 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012.05.29 08:32:03 | 001,823,184 | ---- | M] (iMesh, Inc) -- C:\Programme\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
PRC - [2012.01.18 18:36:46 | 001,452,680 | ---- | M] (SPAMfighter ApS) -- C:\Programme\Fighters\Tray\FightersTray.exe
PRC - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2010.10.10 19:15:46 | 001,265,664 | ---- | M] (www.bid-o-matic.org) -- C:\Programme\Biet-O-Matic\Biet-O-Matic.exe
PRC - [2010.03.03 19:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProTray.exe
PRC - [2010.03.03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProSvc.exe
PRC - [2010.02.11 02:34:14 | 001,964,528 | ---- | M] (Symantec) -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001.09.21 14:50:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe
PRC - [2001.07.09 15:38:10 | 000,356,352 | ---- | M] (Common Group) -- C:\WINDOWS\twain_32\A12U16KD\WATCH.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.09 17:39:51 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012.09.08 01:53:06 | 002,244,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.09.04 04:38:13 | 000,947,808 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
MOD - [2012.09.04 04:37:58 | 000,564,832 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012.09.04 04:37:55 | 000,132,704 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012.09.04 04:37:54 | 000,722,528 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.06.14 08:54:23 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll
MOD - [2012.06.14 08:50:09 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012.06.14 08:49:13 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.14 08:49:02 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.05.12 18:22:05 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.12 18:21:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
MOD - [2011.04.25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll
MOD - [2011.04.25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll
MOD - [2011.04.25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll
MOD - [2011.04.25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll
MOD - [2011.04.25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll
MOD - [2011.04.25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll
MOD - [2011.04.20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2010.04.24 23:30:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2010.02.11 02:34:38 | 001,727,472 | ---- | M] () -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapProviderXP.dll
MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2004.09.14 19:44:12 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxbxPP5C.DLL
MOD - [2002.10.30 09:58:36 | 000,143,360 | ---- | M] () -- C:\WINDOWS\twain_32\A12U16KD\A2dSpi.dll
MOD - [2001.12.06 20:55:18 | 000,135,168 | ---- | M] () -- C:\WINDOWS\system32\A2dusd.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
MOD - [2001.09.21 14:50:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012.10.09 17:39:52 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.08 01:53:07 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.04 04:37:54 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2010.03.03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2010.02.12 07:09:06 | 001,574,408 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service)
SRV - [2010.02.11 02:34:14 | 001,964,528 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService)
SRV - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.01.07 00:41:22 | 000,462,848 | ---- | M] (Lexmark International, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxbxcoms.exe -- (lxbx_device)
SRV - [2004.10.22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Adapter | On_Demand | Unknown] --  -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] --  -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\FTD2XX.sys -- (FTD2XX)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avfsfilter.sys -- (AVFSFilter)
DRV - [2012.09.04 04:37:56 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.07.08 22:52:59 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.07.08 22:52:59 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.03.01 14:51:11 | 000,565,552 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2012.01.18 15:55:56 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2012.01.18 15:55:54 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2011.08.10 16:39:48 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc3d.sys -- (dc3d)
DRV - [2011.06.28 13:15:20 | 006,363,752 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.03.22 09:58:42 | 000,065,136 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2011.03.10 19:34:46 | 000,034,608 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2011.03.04 14:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2011.03.04 14:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1)
DRV - [2010.03.03 19:59:22 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010.02.12 07:10:12 | 000,057,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GenericMount.sys -- (GenericMount)
DRV - [2010.02.11 02:34:46 | 000,138,592 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\symsnap.sys -- (symsnap)
DRV - [2009.11.18 01:17:00 | 001,395,800 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 01:16:00 | 001,691,480 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.11.02 21:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.09.21 20:40:14 | 000,015,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV - [2009.09.17 15:12:32 | 000,093,920 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SleeN17.sys -- (SLEE_17_DRIVER)
DRV - [2009.01.04 15:25:08 | 000,017,408 | ---- | M] (PassMark Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PMUSB.sys -- (PMUSB2G)
DRV - [2008.12.02 00:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.11.25 02:35:54 | 000,211,496 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3114r5.sys -- (Si3114r5)
DRV - [2008.11.25 02:35:54 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2008.11.25 02:35:54 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2008.07.10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008.05.16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic)
DRV - [2008.05.16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5)
DRV - [2008.05.16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008.05.16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008.02.13 13:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2008.01.14 17:29:17 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2007.12.06 10:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006.09.02 17:09:52 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2006.09.02 16:36:20 | 000,004,608 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006.09.02 15:49:55 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2006.07.24 04:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006.07.24 04:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005.05.17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2005.01.10 11:45:56 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K)
DRV - [2004.12.07 10:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2004.12.01 14:40:08 | 002,300,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004.11.24 11:42:48 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004.11.24 11:42:46 | 000,033,408 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.10.21 05:39:44 | 000,035,840 | R--- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.07.14 12:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004.04.26 08:10:00 | 000,038,081 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2004.04.26 08:09:52 | 000,054,657 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2004.04.26 08:09:42 | 000,071,405 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2004.04.26 08:09:24 | 000,024,605 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2003.05.14 14:42:56 | 000,021,216 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2003.05.14 14:42:50 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2003.05.14 14:42:48 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2003.05.14 14:42:44 | 000,044,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2003.03.25 10:55:04 | 000,027,136 | R--- | M] (Mobile Action Tech. Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma-620.sys -- (MA-620)
DRV - [2002.10.21 11:37:16 | 000,515,803 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca533av.sys -- (Ca533av)
DRV - [2002.07.25 11:19:48 | 000,010,986 | ---- | M] (USB BULK) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk533.sys -- (USBCamera)
DRV - [2002.05.31 10:35:02 | 000,076,976 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pnp680r.sys -- (Pnp680r)
DRV - [2001.11.08 08:53:54 | 000,018,120 | ---- | M] (   ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x)
DRV - [2001.08.17 13:49:38 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ativmdcd.sys -- (MVDCODEC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0504817B-F19C-4569-BF5F-14CA6DE4EFF1}
IE - HKLM\..\SearchScopes\{0504817B-F19C-4569-BF5F-14CA6DE4EFF1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1
 
 
IE - HKU\.DEFAULT\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={D9D526D9-B0A4-4083-9E0C-A1AE4BD1A28B}&mid=6e5fa980559247d1884bd1584f327592-06ce4fc639803a2e3563922518183d8e94088cb9&lang=de&ds=tt014&pr=sa&d=2012-03-01 12:18:12&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={D9D526D9-B0A4-4083-9E0C-A1AE4BD1A28B}&mid=6e5fa980559247d1884bd1584f327592-06ce4fc639803a2e3563922518183d8e94088cb9&lang=de&ds=tt014&pr=sa&d=2012-03-01 12:18:12&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Wirtschaft: Wirtschaftsnachrichten von t-online.de/wirtschaft
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{04324A13-C562-44B5-98C3-CB910B1B550C}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{0504817B-F19C-4569-BF5F-14CA6DE4EFF1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109980&tt=290312_bexdll&babsrc=SP_ss&mntrId=209027f10000000000005404a6d4fa58
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{131B38B1-CC5B-4A32-9914-62E0ED1FC19C}: "URL" = [String data over 1000 bytes]
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{342032E5-348C-48BE-BFB2-D336898928C9}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{3AA0DE0F-6691-4E93-A74E-D0A366421803}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{3D20C55B-1C6F-44BB-8B64-6EB4DA52524C}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{65B27F1C-B3AA-42A9-82CF-FF5ED3FED24F}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={D9D526D9-B0A4-4083-9E0C-A1AE4BD1A28B}&mid=6e5fa980559247d1884bd1584f327592-06ce4fc639803a2e3563922518183d8e94088cb9&lang=de&ds=tt014&pr=sa&d=2012-03-01 12:18:12&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://search.chatzum.com/?q={SearchTerms}
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{9F3786B8-EF7C-407E-AF2C-B49DAA6A0D1E}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = hxxp://search.iminent.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E696D696E656E742E636F6D2F3F61707049643D267265663D746F6F6C626F7826713D7B7365617263685465726D737D&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{D6481E63-37A6-44EA-802B-2BC182D0D96E}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost
 
========== FireFox ==========
 
FF - prefs.js..CT2319825.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: "4shared.com Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-ffpro"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "searchsafer.com"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.1.9
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: {ADFA33FD-16F5-4355-8504-DF4D664CFE83}:1.0.16
FF - prefs.js..extensions.enabledAddons: avg@toolbar:11.1.0.12
FF - prefs.js..extensions.enabledAddons: toolbar@web.de:2.3.3
FF - prefs.js..extensions.enabledAddons: {40c3cc16-7269-4b32-9531-17f2950fb06f}:10.10.27.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.7.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "hxxp://utils.chatzum.com/?url="
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.startup.homepage: "hxxp://www.google.com/"
FF - user.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q="
FF - user.js..browser.search.selectedEngine: "Google"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.08.30 19:24:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\linkfilter@kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.08.30 19:24:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\KavAntiBanner@Kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.08.30 19:24:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.08 01:53:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.09.08 01:52:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Programme\PriceGong\2.1.0\FF [2010.08.27 22:48:30 | 000,000,000 | ---D | M]
 
[2012.06.01 19:20:47 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions
[2008.11.13 03:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.10.11 14:27:37 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions
[2012.08.22 13:56:32 | 000,000,000 | ---D | M] (4shared.com Community Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
[2010.05.13 03:16:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.08.23 03:04:37 | 000,000,000 | ---D | M] (Winload) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2012.05.19 02:09:13 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.10.09 19:46:34 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012.07.26 12:46:10 | 000,000,000 | ---D | M] (ChatZum Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
[2012.02.29 21:46:43 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2011.12.23 19:32:32 | 000,000,000 | ---D | M] (DealPly) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2012.07.10 10:13:03 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\avg@toolbar
[2011.12.23 19:32:17 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\ffxtlbr@babylon.com
[2012.10.02 23:11:56 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\foxmarks@kei.com
[2012.03.01 14:22:25 | 000,000,000 | ---D | M] (Yontoo) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\plugin@yontoo.com
[2012.10.11 14:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\staged
[2012.01.11 08:43:12 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\toolbar@ask.com
[2012.10.11 01:27:04 | 000,565,762 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\toolbar@web.de.xpi
[2012.10.11 01:27:10 | 000,000,911 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\11-suche.xml
[2012.03.30 00:24:50 | 000,001,086 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\ask.xml
[2012.03.30 00:24:50 | 000,002,691 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\askcom.xml
[2012.03.30 22:00:10 | 000,000,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\conduit.xml
[2012.10.11 01:27:10 | 000,002,273 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\englische-ergebnisse.xml
[2012.10.11 01:27:10 | 000,010,563 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\gmx-suche.xml
[2012.03.30 00:24:50 | 000,002,492 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\google-und-download-suche.xml
[2012.10.11 01:27:10 | 000,002,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\lastminute.xml
[2012.06.19 21:47:55 | 000,000,641 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\search-web.xml
[2011.10.09 19:46:30 | 000,002,520 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\SearchResults.xml
[2012.03.30 00:24:50 | 000,002,420 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\SearchTheWeb.xml
[2012.06.01 19:20:40 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\Search_Results.xml
[2012.10.11 01:27:10 | 000,005,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\webde-suche.xml
[2012.03.30 00:24:51 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{044BA39C-AD89-4B4C-B2B0-3517499C48F2}.xml
[2012.03.30 00:24:52 | 000,002,079 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{06A29687-A639-4360-9088-A404C00556D1}.xml
[2012.03.30 00:24:52 | 000,002,190 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{A75239EF-069B-40AF-831D-CEA4E5C16540}.xml
[2012.09.08 01:52:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.08 01:52:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.09.08 01:52:53 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2012.09.08 01:52:54 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
[2012.09.08 01:52:54 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com
[2012.09.08 01:53:07 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.04.02 14:36:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.20 22:33:33 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.04 04:38:13 | 000,003,771 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.03.31 20:36:08 | 000,002,353 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
[2012.09.02 00:55:20 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.20 22:33:33 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.20 22:33:33 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.09 19:46:30 | 000,002,520 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchResults.xml
[2012.03.30 00:24:50 | 000,002,314 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchTheWeb.xml
[2012.06.01 19:20:40 | 000,002,515 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.20 22:33:33 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.20 22:33:33 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: Search
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.0_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.6_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
 
O1 HOSTS File: ([2009.10.10 13:27:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - c:\Programme\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - c:\Programme\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Programme\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (DataMngr) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\Programme\iMesh Applications\MediaBar\Datamngr\BrowserConnection.dll (iMesh, Inc)
O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\Softonic\1.5.24.3\bh\Softonic.dll (Softonic.com)
O2 - BHO: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWis0.dll (Conduit Ltd.)
O2 - BHO: (XBTBPos00 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\ChatZum Toolbar\tbunsj4D.tmp\tbcore3.dll ()
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (ChatZum Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Programme\ChatZum Toolbar\tbunsj4D.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - c:\Programme\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWis0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Programme\Winload\prxtbWinl.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\Toolbar\WebBrowser: (WiseConvert Toolbar) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - C:\Programme\WiseConvert\prxtbWis0.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CommonToolkitTray] c:\Programme\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [Gtwatch] C:\WINDOWS\Gtwatch.exe ()
O4 - HKLM..\Run: [HF_G_Jul] C:\Programme\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Programme\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [Ocs_SM] C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Programme\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [vProt] C:\Programme\AVG Secure Search\vprot.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Watch.lnk = C:\WINDOWS\twain_32\A12U16KD\WATCH.exe (Common Group)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 351
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ADAB9D3-1DB3-49B2-89FC-F454CD73AD07}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FC1575C-73E5-4A35-B75A-769B11439EBC}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Programme\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Programme\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.29 14:53:12 | 000,000,087 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell - "" = AutoRun
O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell - "" = AutoRun
O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell - "" = AutoRun
O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\Auto\command - "" = G:\sxs.exe
O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe
O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell\AutoRun\command - "" = E:\camera.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package - 
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Watch.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpReg: 1und1Dispatcher - hkey= - key= - C:\Programme\1und1Softwareaktualisierung\SchedDispatcher.exe (1&1 Mail & Media GmbH)
MsConfig - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: AcronisTimounterMonitor - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ApnUpdater - hkey= - key= - c:\Programme\Ask.com\Updater\Updater.exe (Ask)
MsConfig - StartUpReg: avast - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: CommonToolkitTray - hkey= - key= - C:\Programme\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
MsConfig - StartUpReg: DATAMNGR - hkey= - key= - C:\Programme\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc)
MsConfig - StartUpReg: FreePDF Assistant - hkey= - key= - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
MsConfig - StartUpReg: Gtwatch - hkey= - key= - C:\WINDOWS\Gtwatch.exe ()
MsConfig - StartUpReg: Iminent - hkey= - key= - c:\Programme\Iminent\Iminent.exe (Iminent)
MsConfig - StartUpReg: IminentMessenger - hkey= - key= - c:\Programme\Iminent\Iminent.Messengers.exe (Iminent)
MsConfig - StartUpReg: itype - hkey= - key= - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
MsConfig - StartUpReg: LDM - hkey= - key= - C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
MsConfig - StartUpReg: Logitech Hardware Abstraction Layer - hkey= - key= - C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
MsConfig - StartUpReg: MMTray - hkey= - key= - C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (MUSICMATCH, Inc.)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= -  File not found
MsConfig - StartUpReg: OM2_Monitor - hkey= - key= - C:\Programme\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
MsConfig - StartUpReg: OM2_Monitor1 - hkey= - key= - C:\Programme\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: QuickTime Task1 - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: QuickTime Task2 - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: Sony Ericsson PC Companion - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Sony PC Companion - hkey= - key= - C:\Programme\Sony\Sony PC Companion\PCCompanion.exe (Sony)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: swg1 - hkey= - key= - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: SWPROguard - hkey= - key= -  File not found
MsConfig - StartUpReg: TrueImageMonitor.exe - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: vProt - hkey= - key= - C:\Programme\AVG Secure Search\vprot.exe ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\mcmjpg32.dll (MainConcept)
Drivers32: VIDC.SP54 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: VIDC.SP55 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: VIDC.SP56 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: VIDC.SP57 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: VIDC.SP58 - C:\WINDOWS\System32\SP5X_32.DLL (Sunplus)
Drivers32: vidc.VP31 - C:\WINDOWS\System32\vp31vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvid.dll ()
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.11 22:50:49 | 000,000,000 | ---D | C] -- C:\Bereinigung
[2012.09.12 06:43:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2012.09.12 06:43:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012.09.12 06:43:16 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2006.12.16 13:34:39 | 000,024,192 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Hartmann\usbsermptxp.sys
[2006.12.16 13:34:39 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Hartmann\usbsermpt.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.11 23:03:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.10.11 22:44:00 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.11 22:39:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.11 20:53:05 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Hartmann-Notification.job
[2012.10.11 16:36:17 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012.10.11 16:36:17 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012.10.11 13:30:25 | 000,000,402 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{44BE5EBB-6A99-4DE1-B962-E148184E8A04}.job
[2012.10.11 12:44:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.10 17:15:42 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Hartmann-Startup.job
[2012.10.10 17:14:57 | 000,012,682 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.10.10 17:12:08 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2012.10.10 17:11:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.10 17:11:49 | 000,069,112 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2012.10.10 17:05:21 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.10.09 17:39:52 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.10.09 17:39:52 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.10.08 13:07:36 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2012.10.07 15:26:30 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.09.12 23:27:07 | 000,039,936 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.12 06:43:17 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.11 16:36:17 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012.10.11 16:36:17 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012.09.12 06:43:17 | 000,001,872 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012.06.19 16:39:23 | 000,922,184 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2012.06.19 16:39:22 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2012.06.19 16:39:21 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2012.04.03 19:54:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI
[2012.04.03 18:32:39 | 000,018,120 | ---- | C] (   ) -- C:\WINDOWS\System32\drivers\gt680x.sys
[2012.03.30 22:54:46 | 000,117,035 | ---- | C] () -- C:\Programme\jquery.yoxview-2.21.zip
[2012.03.30 22:12:11 | 007,558,447 | ---- | C] () -- C:\Programme\aemf20.exe
[2012.03.29 21:52:18 | 000,015,416 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2012.03.29 21:17:29 | 000,982,196 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2012.03.29 21:17:29 | 000,417,344 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2012.03.29 21:16:21 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012.03.28 16:22:51 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\A2dusd.dll
[2012.03.28 14:44:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WATCH.INI
[2012.03.28 14:20:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\Gtwatch.exe
[2012.03.01 14:55:08 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2012.03.01 14:52:55 | 000,116,189 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2012.03.01 14:52:55 | 000,098,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2012.02.16 05:44:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.03 07:29:50 | 000,211,614 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.03.11 13:43:54 | 000,029,763 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2010.11.17 08:12:17 | 000,000,087 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\.octave_hist
[2010.10.15 14:38:24 | 000,000,244 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\varicad-work.ini
[2010.10.14 17:18:34 | 000,000,399 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2010.10.14 17:18:27 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2010.10.13 16:34:06 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.04.28 00:14:16 | 000,038,347 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\dsc2099.jpg
[2010.01.06 23:44:31 | 000,000,291 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\PropCalc Preferences
[2008.09.27 01:47:18 | 000,278,016 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\mdbu.bin
[2008.06.20 14:23:06 | 001,487,202 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\test
[2007.08.03 23:47:14 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.04.25 23:08:24 | 000,093,209 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\mdb.bin
[2006.12.16 13:34:39 | 000,007,195 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USBMOT2000.INF
[2006.12.16 13:34:39 | 000,005,891 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USBMOT2000XP.INF
[2006.12.16 13:34:39 | 000,005,877 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USB_CMCS_2000.INF
[2006.10.06 12:39:40 | 000,104,990 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\wtge61ge.HST
[2006.09.02 17:25:29 | 000,039,936 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.09.02 16:46:03 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2006.09.02 16:45:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
--- --- ---


HIer Extras:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11.10.2012 22:57:36 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Bereinigung
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 65,10% Memory free
6,84 Gb Paging File | 5,47 Gb Available in Paging File | 80,02% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 465,76 Gb Total Space | 287,81 Gb Free Space | 61,79% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 399,23 Gb Free Space | 66,97% Space Free | Partition Type: NTFS
 
Computer Name: MOTIONSIGN | User Name: Hartmann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung 
"80:TCP" = 80:TCP:*:Disabled:Windows-Remoteverwaltung - Kompatibilitätsmodus (HTTP eingehend) 
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\IPACS\easyFly\easyfly.exe" = C:\Programme\IPACS\easyFly\easyfly.exe:*:Enabled:easyfly -- (IPACS)
"C:\Programme\Pinnacle\Studio 10\programs\RM.exe" = C:\Programme\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.)
"C:\Programme\Pinnacle\Studio 10\programs\Studio.exe" = C:\Programme\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe:*:Enabled:Installationsprogramm für Kaspersky Internet Security 2009 -- (Kaspersky Lab)
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen -- (Microsoft Corporation)
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Disabled:backWeb-8876480 -- ()
"C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
"C:\Programme\Iminent\Iminent.exe" = C:\Programme\Iminent\Iminent.exe:*:Enabled:Iminent Firewall Rule -- (Iminent)
"C:\Programme\Iminent\Iminent.Messengers.exe" = C:\Programme\Iminent\Iminent.Messengers.exe:*:Enabled:Iminent.Messengers Firewall Rule -- (Iminent)
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"C:\Ubisoft\Silent Hunter 5\sh5.exe" = C:\Ubisoft\Silent Hunter 5\sh5.exe:*:Enabled:Silent Hunter 5 -- (Ubisoft)
"E:\DVD-Start.exe" = E:\DVD-Start.exe:*:Enabled:Schnellstart-DVD
"C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\C06YGF3E\cimatron_e10_german_downloader_142[1].exe" = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\C06YGF3E\cimatron_e10_german_downloader_142[1].exe:*:Enabled:ExpressFilesInstaller
"C:\Programme\ExpressFiles\ExpressFiles.exe" = C:\Programme\ExpressFiles\ExpressFiles.exe:*:Enabled:ExpressFiles
"C:\Programme\ExpressFiles\ExpressDL.exe" = C:\Programme\ExpressFiles\ExpressDL.exe:*:Enabled:ExpressFilesDL
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator 0.8.0
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0153A77C-A981-4A1F-BAA9-16A80FBC358A}" = Full Spectrum Warrior
"{03CDDD00-BD57-4326-9480-4C74449AF597}" = PhotoStitch
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{095659A2-739F-4D9A-A916-66C7CAD16F9E}" = Canon Camera WIA Driver
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{295EAB46-0541-497E-9520-83E5CCCDA2AC}" = CADsymbols
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1" = MiniTool Partition Wizard Home Edition 7.1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35B8CC58-F128-4169-82EB-0E6CB0C3AFE6}" = ArcSoft PhotoImpression
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser
"{4BD8E034-E0F4-4509-A753-467A8E854CD8}" = Iminent
"{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP
"{51DDFE79-3B2B-4AC7-8CAD-803D7D0DF6DD}" = MySQL Server 6.0
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{59CEACE1-2A1D-4CA7-908C-84CA8596E950}" = Cimatron E 6.0 Deutsche Benutzeroberfläche
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Camera Window
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5EF16AA8-597E-4779-AEF7-1589EA1A7EC4}" = Nokia 6230i Infrared-Handset Manager
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}" = Roxio PhotoSuite 5
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A506386-BF2E-4C8E-8BE7-751B028134D2}" = X1TLD-FB
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8CA071D3-A3DD-4EDD-A997-AFB178A181C7}" = DaViDeo ultimate
"{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}" = Microsoft Visual Basic 2008 Express Edition with SP1 - DEU
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9E9DC77E-045B-4A28-990A-30CC4E1E8D80}" = SLOW-PCfighter
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A166CC47-2B02-427D-9619-58A935C66794}" = Tilgungsplaner Professional  9
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI (Studio 10)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A979B2D8-E3EE-4523-A26C-4AF0A6809280}" = Sniper Elite
"{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B0255743-165B-4BD5-8DA8-37DFB9930015}" = Norton Ghost
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B3282FB8-874B-4054-8356-9EB391A826F9}" = OLYMPUS muvee theaterPack
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B651B3EC-1827-4CF5-8398-397B789E3151}" = File Viewer Utility 1.2.1
"{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload-Software
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1205500-2179-11D7-B0B9-0000E24D4B29}" = Digital Camera
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
"{C2490885-D566-405F-889B-670C6CF0F7F2}" = Steganos Live Encryption Engine 17
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam
"{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}" = RemoteCapture 2.7.1
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = CIG
"{DEF2E5A3-0317-4822-B930-8B721EB483E4}" = ArcSoft VideoImpression 1.6
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}" = Lock On: Modern Air Combat
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID (Studio 10)
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.079
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}" = mobile PhoneTools
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F40A958E-AABD-4D6F-A0FB-4D78DC02BEEF}" = Cimatron E 6.0
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch)
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer
"7-Zip" = 7-Zip 9.20
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 1.0" = Adobe Photoshop Elements
"Advanced Effect Maker Free Edition_is1" = Advanced Effect Maker Free Edition Version 2 (With VAC 2.0 B1)
"ATI Display Driver" = ATI Display Driver
"AVG Secure Search" = AVG Security Toolbar
"Avidemux 2.5" = Avidemux 2.5
"BabylonToolbar" = Babylon toolbar on IE
"BattleStrike_ger" = Battle Strike
"BearPaw 2400CS Plus v2.1" = BearPaw 2400CS Plus v2.1
"Biet-O-Matic v2.0.29" = Biet-O-Matic v2.0.29
"bs_thesiege_ger" = BattleStrike The Siege
"BVSSOL_is1" = BVS Solitaire Sammlung version 4.0
"CamStudio" = CamStudio
"CANONBJ_Deinstall_CNMCP61.DLL" = Canon PIXMA iP3000
"ChatZum Toolbar" = ChatZum Toolbar
"Cucusoft Ultimate DVD Converter_is1" = Cucusoft Ultimate DVD Converter 7.15
"DealPly" = DealPly
"DesktopIconAmazon" = Desktop Icon für Amazon
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter 3.0
"easyFly" = easyFly
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Evrsoft First Page 2006_is1" = Evrsoft First Page 2006
"Excel" = Microsoft Excel 97
"FEMM_is1" = femm 4.2 09Nov2010
"FileZilla" = FileZilla (remove only)
"FlightGear_is1" = FlightGear v1.0.0
"Foto-Mosaik_is1" = Foto-Mosaik 4.1.0
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.1
"Free FLV to AVI MP4 3GP WMV MP3 Converter_is1" = Free FLV to AVI MP4 3GP WMV MP3 Converter v2.2
"Free Video Converter_is1" = Free Video Converter V 3.0
"FreePDF_XP" = FreePDF XP (Remove only)
"ftp-uploader" = ftp-uploader
"GETrans" = GETrans 1.6
"Google Chrome" = Google Chrome
"GPL Ghostscript 8.60" = GPL Ghostscript 8.60
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IMBoosterARP" = Iminent
"Inno Setup 5_is1" = Inno Setup Version 5.4.2
"InstallShield_{03CDDD00-BD57-4326-9480-4C74449AF597}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{095659A2-739F-4D9A-A916-66C7CAD16F9E}" = Canon EOS 10D WIA-Treiber
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Canon Camera Window for ZoomBrowser EX
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"InstallShield_{B651B3EC-1827-4CF5-8398-397B789E3151}" = Canon Utilities File Viewer Utility 1.2
"InstallShield_{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}" = Canon Utilities RemoteCapture 2.7
"InstallShield_{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = Canon Internet Library for ZoomBrowser EX
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"Lexmark 7100 Series" = Lexmark 7100 Series
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2008 Express Edition with SP1 - DEU" = Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Movies" = Movies
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NetObjects Fusion Essentials" = NetObjects Fusion Essentials
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Nvu_is1" = Nvu 1.0
"Outlook" = Microsoft Outlook 97
"phase5" = phase5
"PhotoRecord" = Canon PhotoRecord
"Picasa 3" = Picasa 3
"PriceGong" = PriceGong 2.1.0
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Santa Claus in Trouble" = Santa Claus in Trouble
"SearchAnonymizer" = SearchAnonymizer
"Searchqu 414 MediaBar" = Windows Searchqu Toolbar
"Sid Meier's Railroad Tycoon" = Sid Meier's Railroad Tycoon
"SLOW-PCfighter" = SLOW-PCfighter
"Softonic" = Softonic toolbar  on IE
"Sunplus CA533A" = Icatch(IV) Camera Driver
"Switch" = Switch
"Take ONE 4" = Take ONE 4
"The Royal Marines Commando_is1" = The Royal Marines Commando (1.0)
"U-Boote: Schlacht im Mittelmeer" = U-Boote: Schlacht im Mittelmeer
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Engine" = Sony Ericsson Update Engine
"VariCAD_20100828_DE" = VariCAD 2010-3.00 DE
"VariCADViewer_20100828_DE" = VariCAD Viewer 2010-3.00 DE
"Verbose" = Verbose Uninstall
"VLC media player" = VLC media player 1.1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Web Diashow_is1" = Web Diashow
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.5
"WIC" = Windows Imaging Component
"Wincore MediaBar" = Wincore MediaBar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winload Toolbar" = Winload Toolbar
"WinRAR archiver" = WinRAR
"WiseConvert Toolbar" = WiseConvert Toolbar
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Word8.0" = Microsoft Word 97
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.10.2012 09:06:46 | Computer Name = MOTIONSIGN | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\HARTMANN\EIGENE DATEIEN\EIGENE
 BILDER\OLYMPUS MASTER 2\2012\10\06\ERSATZTEIL.JPG> in der Hash-Zuordnung kann nicht
 aktualisiert werden.  Kontext:  Anwendung, SystemIndex Katalog  Details:  Ein an das 
System angeschlossenes Gerät funktioniert nicht.   (0x8007001f) 
 
Error - 09.10.2012 10:23:26 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 09.10.2012 20:31:16 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 09.10.2012 20:32:54 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 09.10.2012 22:27:55 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 10.10.2012 07:51:22 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 10.10.2012 07:51:34 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 10.10.2012 19:26:55 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 11.10.2012 16:56:22 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.69.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 11.10.2012 16:56:28 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.69.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ OSession Events ]
Error - 15.10.2010 20:11:32 | Computer Name = MOTIONSIGN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session 
lasted 1087 seconds with 720 seconds of active time.  This session ended with a 
crash.
 
Error - 22.04.2011 13:51:10 | Computer Name = MOTIONSIGN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2643
 seconds with 2160 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 10.10.2012 11:02:34 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows
 Search.
 
Error - 10.10.2012 11:02:34 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 10.10.2012 11:03:01 | Computer Name = MOTIONSIGN | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1053" aufgetreten, als der Dienst "WSearch"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error - 10.10.2012 11:03:01 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows
 Search.
 
Error - 10.10.2012 11:03:01 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 10.10.2012 11:05:01 | Computer Name = MOTIONSIGN | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1053" aufgetreten, als der Dienst "WSearch"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error - 10.10.2012 11:05:02 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows
 Search.
 
Error - 10.10.2012 11:05:02 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 10.10.2012 11:14:34 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Acronis Scheduler2 Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%3
 
Error - 10.10.2012 11:14:34 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1058
 
 
< End of report >
         
--- --- ---


Habe nun das aswmbr ausführen wollen. Da meldet mir kapersky, daß eine hohe Gefahr besteht (Risikoindex 100 %), 0% der Benutzer vertrauen dem Programm.

Soll ich es dennoch ausführen?

Tina


Alt 12.10.2012, 19:34   #6
M-K-D-B
/// TB-Ausbilder
 
Wieder CahtZum - Standard

Wieder CahtZum



Servus,


ja, bitte wie beschrieben ausführen und die Logdatei posten.

Das Gleiche gilt für TDSSKiller.
__________________
--> Wieder CahtZum

Alt 13.10.2012, 01:12   #7
Tina666
 
Wieder CahtZum - Standard

Wieder CahtZum



aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-13 00:06:19
-----------------------------
00:06:19.968 OS Version: Windows 5.1.2600 Service Pack 3
00:06:19.968 Number of processors: 2 586 0x605
00:06:19.968 ComputerName: MOTIONSIGN UserName: Hartmann
00:06:22.421 Initialize success
00:13:52.906 AVAST engine defs: 12101202
00:14:11.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-f
00:14:11.031 Disk 0 Vendor: SAMSUNG_HD501LJ CR100-13 Size: 476940MB BusType: 3
00:14:11.031 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-17
00:14:11.031 Disk 1 Vendor: SAMSUNG_HD642JJ 1AA01118 Size: 610480MB BusType: 3
00:14:11.046 Disk 0 MBR read successfully
00:14:11.046 Disk 0 MBR scan
00:14:11.062 Disk 0 Windows XP default MBR code
00:14:11.062 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476937 MB offset 63
00:14:11.062 Disk 0 scanning sectors +976768065
00:14:11.140 Disk 0 scanning C:\WINDOWS\system32\drivers
00:14:25.500 Service scanning
00:14:33.093 Service KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys **LOCKED** 5
00:14:33.453 Service kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys **LOCKED** 5
00:14:33.921 Service klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 5
00:14:33.937 Service klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 5
00:14:49.000 Modules scanning
00:14:54.546 Disk 0 trace - called modules:
00:14:54.562 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys pciide.sys PCIIDEX.SYS
00:14:54.562 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ac52ab8]
00:14:54.578 3 CLASSPNP.SYS[f7667fd7] -> nt!IofCallDriver -> \Device\00000081[0x8abbf9e8]
00:14:54.578 5 ACPI.sys[f75ad620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-f[0x8ac3cd98]
00:14:54.578 \Driver\atapi[0x8ac57d20] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> sfsync02.sys[0xf76388b4]
00:14:55.546 AVAST engine scan C:\WINDOWS
00:15:16.875 AVAST engine scan C:\WINDOWS\system32
00:19:44.781 AVAST engine scan C:\WINDOWS\system32\drivers
00:20:19.406 AVAST engine scan C:\Dokumente und Einstellungen\Hartmann
00:56:46.640 AVAST engine scan C:\Dokumente und Einstellungen\All Users
01:11:03.843 Scan finished successfully
01:11:23.140 Disk 0 MBR has been saved successfully to "C:\Bereinigung\MBR.dat"
01:11:23.140 The log file has been saved successfully to "C:\Bereinigung\aswMBR.txt"

01:13:09.0734 3608 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
01:13:09.0890 3608 ============================================================
01:13:09.0890 3608 Current date / time: 2012/10/13 01:13:09.0890
01:13:09.0890 3608 SystemInfo:
01:13:09.0890 3608
01:13:09.0890 3608 OS Version: 5.1.2600 ServicePack: 3.0
01:13:09.0890 3608 Product type: Workstation
01:13:09.0890 3608 ComputerName: MOTIONSIGN
01:13:09.0890 3608 UserName: Hartmann
01:13:09.0890 3608 Windows directory: C:\WINDOWS
01:13:09.0890 3608 System windows directory: C:\WINDOWS
01:13:09.0890 3608 Processor architecture: Intel x86
01:13:09.0890 3608 Number of processors: 2
01:13:09.0890 3608 Page size: 0x1000
01:13:09.0890 3608 Boot type: Normal boot
01:13:09.0890 3608 ============================================================
01:13:10.0968 3608 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:13:10.0984 3608 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:13:10.0984 3608 ============================================================
01:13:10.0984 3608 \Device\Harddisk0\DR0:
01:13:10.0984 3608 MBR partitions:
01:13:10.0984 3608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
01:13:10.0984 3608 \Device\Harddisk1\DR1:
01:13:10.0984 3608 MBR partitions:
01:13:10.0984 3608 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852FC1
01:13:10.0984 3608 ============================================================
01:13:11.0015 3608 C: <-> \Device\Harddisk0\DR0\Partition1
01:13:11.0031 3608 D: <-> \Device\Harddisk1\DR1\Partition1
01:13:11.0031 3608 ============================================================
01:13:11.0031 3608 Initialize success
01:13:11.0031 3608 ============================================================
01:13:19.0500 6096 ============================================================
01:13:19.0500 6096 Scan started
01:13:19.0500 6096 Mode: Manual;
01:13:19.0500 6096 ============================================================
01:13:21.0093 6096 ================ Scan system memory ========================
01:13:21.0093 6096 System memory - ok
01:13:21.0093 6096 ================ Scan services =============================
01:13:21.0218 6096 Abiosdsk - ok
01:13:21.0218 6096 abp480n5 - ok
01:13:21.0265 6096 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:13:21.0265 6096 ACPI - ok
01:13:21.0296 6096 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
01:13:21.0312 6096 ACPIEC - ok
01:13:21.0375 6096 AcrSch2Svc - ok
01:13:21.0453 6096 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:13:21.0468 6096 AdobeFlashPlayerUpdateSvc - ok
01:13:21.0468 6096 adpu160m - ok
01:13:21.0515 6096 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
01:13:21.0515 6096 aec - ok
01:13:21.0578 6096 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
01:13:21.0578 6096 Afc - ok
01:13:21.0625 6096 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
01:13:21.0625 6096 AFD - ok
01:13:21.0625 6096 Aha154x - ok
01:13:21.0625 6096 aic78u2 - ok
01:13:21.0640 6096 aic78xx - ok
01:13:21.0718 6096 [ 4E0ACA5290B2966F24C45250A56C2DA1 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
01:13:21.0750 6096 ALCXWDM - ok
01:13:21.0796 6096 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
01:13:21.0796 6096 Alerter - ok
01:13:21.0812 6096 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
01:13:21.0812 6096 ALG - ok
01:13:21.0828 6096 AliIde - ok
01:13:21.0906 6096 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
01:13:21.0921 6096 Ambfilt - ok
01:13:22.0000 6096 [ E6A2299284013EC4DE3419481A62069F ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
01:13:22.0000 6096 AmdK8 - ok
01:13:22.0000 6096 amsint - ok
01:13:22.0015 6096 AppMgmt - ok
01:13:22.0015 6096 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:13:22.0015 6096 Arp1394 - ok
01:13:22.0062 6096 [ 875F9079CABEE679D34B49E466B61701 ] ASAPIW2K C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
01:13:22.0062 6096 ASAPIW2K - ok
01:13:22.0062 6096 asc - ok
01:13:22.0062 6096 asc3350p - ok
01:13:22.0062 6096 asc3550 - ok
01:13:22.0109 6096 [ EB62FA6D7DA4E774E47D376E4D19CA5F ] Aspi32 C:\WINDOWS\system32\drivers\aspi32.sys
01:13:22.0125 6096 Aspi32 - ok
01:13:22.0234 6096 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:13:22.0250 6096 aspnet_state - ok
01:13:22.0281 6096 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:13:22.0281 6096 AsyncMac - ok
01:13:22.0312 6096 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
01:13:22.0312 6096 atapi - ok
01:13:22.0312 6096 Atdisk - ok
01:13:22.0359 6096 [ ECA673779ECD27D674953D692FE070F6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
01:13:22.0375 6096 Ati HotKey Poller - ok
01:13:22.0421 6096 [ 1428C586BB318E1404575834E428ADDD ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
01:13:22.0437 6096 ATI Smart - ok
01:13:22.0515 6096 [ 15B2FE76E2ECEB98C49ED52311A6F26F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
01:13:22.0562 6096 ati2mtag - ok
01:13:22.0593 6096 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:13:22.0593 6096 Atmarpc - ok
01:13:22.0625 6096 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
01:13:22.0625 6096 AudioSrv - ok
01:13:22.0656 6096 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
01:13:22.0656 6096 audstub - ok
01:13:22.0656 6096 AVFSFilter - ok
01:13:22.0687 6096 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
01:13:22.0687 6096 avgtp - ok
01:13:22.0765 6096 [ 2718DC27571BD1E37813F5759D2DC118 ] AVP C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
01:13:22.0765 6096 AVP - ok
01:13:22.0796 6096 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
01:13:22.0796 6096 Beep - ok
01:13:22.0843 6096 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
01:13:22.0843 6096 BITS - ok
01:13:22.0875 6096 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
01:13:22.0875 6096 Browser - ok
01:13:22.0890 6096 btaudio - ok
01:13:22.0890 6096 BTDriver - ok
01:13:22.0890 6096 BTKRNL - ok
01:13:22.0906 6096 BTWDNDIS - ok
01:13:22.0906 6096 BTWUSB - ok
01:13:22.0937 6096 [ A8EAE8E358DE3A21E6EB54F4FC7F65EC ] Ca533av C:\WINDOWS\system32\Drivers\Ca533av.sys
01:13:22.0953 6096 Ca533av - ok
01:13:22.0953 6096 catchme - ok
01:13:22.0984 6096 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
01:13:22.0984 6096 cbidf2k - ok
01:13:23.0015 6096 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:13:23.0015 6096 CCDECODE - ok
01:13:23.0015 6096 cd20xrnt - ok
01:13:23.0062 6096 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
01:13:23.0062 6096 Cdaudio - ok
01:13:23.0062 6096 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
01:13:23.0062 6096 Cdfs - ok
01:13:23.0093 6096 [ BF79E659C506674C0497CC9C61F1A165 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
01:13:23.0093 6096 Cdr4_xp - ok
01:13:23.0109 6096 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
01:13:23.0109 6096 Cdralw2k - ok
01:13:23.0125 6096 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:13:23.0125 6096 Cdrom - ok
01:13:23.0125 6096 Changer - ok
01:13:23.0171 6096 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
01:13:23.0171 6096 CiSvc - ok
01:13:23.0187 6096 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
01:13:23.0187 6096 ClipSrv - ok
01:13:23.0203 6096 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:13:23.0250 6096 clr_optimization_v2.0.50727_32 - ok
01:13:23.0343 6096 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:13:23.0343 6096 clr_optimization_v4.0.30319_32 - ok
01:13:23.0343 6096 CmdIde - ok
01:13:23.0343 6096 COMSysApp - ok
01:13:23.0359 6096 Cpqarray - ok
01:13:23.0390 6096 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
01:13:23.0390 6096 CryptSvc - ok
01:13:23.0406 6096 dac2w2k - ok
01:13:23.0406 6096 dac960nt - ok
01:13:23.0453 6096 [ B7EF38C2C22A7805DE919CFF5E16A372 ] dc3d C:\WINDOWS\system32\DRIVERS\dc3d.sys
01:13:23.0453 6096 dc3d - ok
01:13:23.0500 6096 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
01:13:23.0500 6096 DcomLaunch - ok
01:13:23.0515 6096 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
01:13:23.0515 6096 Dhcp - ok
01:13:23.0531 6096 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
01:13:23.0531 6096 Disk - ok
01:13:23.0546 6096 dmadmin - ok
01:13:23.0562 6096 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
01:13:23.0578 6096 dmboot - ok
01:13:23.0593 6096 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
01:13:23.0609 6096 dmio - ok
01:13:23.0625 6096 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
01:13:23.0625 6096 dmload - ok
01:13:23.0656 6096 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
01:13:23.0656 6096 dmserver - ok
01:13:23.0687 6096 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
01:13:23.0687 6096 DMusic - ok
01:13:23.0718 6096 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
01:13:23.0734 6096 Dnscache - ok
01:13:23.0765 6096 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
01:13:23.0765 6096 Dot3svc - ok
01:13:23.0765 6096 dpti2o - ok
01:13:23.0781 6096 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
01:13:23.0781 6096 drmkaud - ok
01:13:23.0812 6096 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
01:13:23.0812 6096 EapHost - ok
01:13:23.0859 6096 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
01:13:23.0859 6096 ERSvc - ok
01:13:23.0890 6096 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
01:13:23.0906 6096 Eventlog - ok
01:13:23.0953 6096 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
01:13:23.0953 6096 EventSystem - ok
01:13:23.0953 6096 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
01:13:23.0953 6096 Fastfat - ok
01:13:24.0000 6096 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:13:24.0000 6096 FastUserSwitchingCompatibility - ok
01:13:24.0031 6096 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
01:13:24.0031 6096 Fdc - ok
01:13:24.0062 6096 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
01:13:24.0062 6096 Fips - ok
01:13:24.0078 6096 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
01:13:24.0078 6096 Flpydisk - ok
01:13:24.0093 6096 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
01:13:24.0109 6096 FltMgr - ok
01:13:24.0187 6096 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:13:24.0187 6096 FontCache3.0.0.0 - ok
01:13:24.0203 6096 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:13:24.0203 6096 Fs_Rec - ok
01:13:24.0218 6096 FTD2XX - ok
01:13:24.0218 6096 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:13:24.0218 6096 Ftdisk - ok
01:13:24.0250 6096 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:13:24.0250 6096 GEARAspiWDM - ok
01:13:24.0281 6096 [ 69F8F310654D699C7E5BD5C67279980F ] GenericMount C:\WINDOWS\system32\DRIVERS\GenericMount.sys
01:13:24.0281 6096 GenericMount - ok
01:13:24.0406 6096 [ 5F0F786D91087C0A76C3EF689A51CA48 ] GenericMount Helper Service C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe
01:13:24.0421 6096 GenericMount Helper Service - ok
01:13:24.0468 6096 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\WINDOWS\system32\DRIVERS\ggflt.sys
01:13:24.0468 6096 ggflt - ok
01:13:24.0500 6096 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\WINDOWS\system32\DRIVERS\ggsemc.sys
01:13:24.0500 6096 ggsemc - ok
01:13:24.0500 6096 GMSIPCI - ok
01:13:24.0531 6096 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:13:24.0531 6096 Gpc - ok
01:13:24.0562 6096 [ 4A2102DDF08472527B4872FA68EE87D1 ] GT680x C:\WINDOWS\system32\Drivers\gt680x.sys
01:13:24.0562 6096 GT680x - ok
01:13:24.0671 6096 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
01:13:24.0671 6096 gupdate - ok
01:13:24.0687 6096 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
01:13:24.0687 6096 gupdatem - ok
01:13:24.0734 6096 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
01:13:24.0734 6096 gusvc - ok
01:13:24.0796 6096 [ ED32D389F8B0E74E400932E020BCFBDF ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys
01:13:24.0796 6096 Hardlock - ok
01:13:24.0859 6096 [ 2DD25F060DC9F79B5CDF33D90ED93669 ] Haspnt C:\WINDOWS\system32\drivers\Haspnt.sys
01:13:24.0859 6096 Haspnt - ok
01:13:24.0875 6096 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:13:24.0875 6096 HDAudBus - ok
01:13:24.0968 6096 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:13:24.0968 6096 helpsvc - ok
01:13:25.0000 6096 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
01:13:25.0015 6096 HidServ - ok
01:13:25.0015 6096 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:13:25.0015 6096 hidusb - ok
01:13:25.0062 6096 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
01:13:25.0062 6096 hkmsvc - ok
01:13:25.0062 6096 hpn - ok
01:13:25.0109 6096 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
01:13:25.0125 6096 HTTP - ok
01:13:25.0156 6096 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
01:13:25.0156 6096 HTTPFilter - ok
01:13:25.0171 6096 i2omgmt - ok
01:13:25.0171 6096 i2omp - ok
01:13:25.0187 6096 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:13:25.0187 6096 i8042prt - ok
01:13:25.0250 6096 [ 696A461DD24EA039E0521877CB944BE3 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:13:25.0281 6096 ialm - ok
01:13:25.0390 6096 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
01:13:25.0390 6096 IDriverT - ok
01:13:25.0453 6096 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:13:25.0468 6096 idsvc - ok
01:13:25.0500 6096 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
01:13:25.0500 6096 Imapi - ok
01:13:25.0546 6096 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
01:13:25.0546 6096 ImapiService - ok
01:13:25.0546 6096 ini910u - ok
01:13:25.0718 6096 [ 9D04EE981B9F2AD4AFEDD5CF376F3148 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:13:25.0796 6096 IntcAzAudAddService - ok
01:13:25.0796 6096 IntelIde - ok
01:13:25.0828 6096 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:13:25.0828 6096 intelppm - ok
01:13:25.0843 6096 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
01:13:25.0843 6096 Ip6Fw - ok
01:13:25.0875 6096 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:13:25.0875 6096 IpFilterDriver - ok
01:13:25.0890 6096 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:13:25.0890 6096 IpInIp - ok
01:13:25.0921 6096 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:13:25.0937 6096 IpNat - ok
01:13:25.0953 6096 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:13:25.0953 6096 IPSec - ok
01:13:26.0000 6096 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
01:13:26.0000 6096 irda - ok
01:13:26.0015 6096 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
01:13:26.0015 6096 IRENUM - ok
01:13:26.0046 6096 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
01:13:26.0046 6096 Irmon - ok
01:13:26.0078 6096 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:13:26.0078 6096 isapnp - ok
01:13:26.0187 6096 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
01:13:26.0203 6096 JavaQuickStarterService - ok
01:13:26.0218 6096 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:13:26.0234 6096 Kbdclass - ok
01:13:26.0234 6096 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:13:26.0234 6096 kbdhid - ok
01:13:26.0265 6096 [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys
01:13:26.0265 6096 KL1 - ok
01:13:26.0281 6096 [ BF485BFBA13C0AB116701FD9C55324D0 ] kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys
01:13:26.0281 6096 kl2 - ok
01:13:26.0328 6096 [ 5D92A03045A6A98708975B3D77B39A36 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
01:13:26.0328 6096 KLIF - ok
01:13:26.0375 6096 [ 96A7EC308A93DA26DFE481308BAAC2A2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
01:13:26.0375 6096 klim5 - ok
01:13:26.0375 6096 [ 3959530F69E19DA56F1F24F2C89F1E2C ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
01:13:26.0375 6096 klmouflt - ok
01:13:26.0406 6096 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
01:13:26.0406 6096 kmixer - ok
01:13:26.0406 6096 KodakCCS - ok
01:13:26.0437 6096 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
01:13:26.0437 6096 KSecDD - ok
01:13:26.0468 6096 [ 0A2E5A1963708AEE3BEE39D17726D736 ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
01:13:26.0468 6096 L1c - ok
01:13:26.0484 6096 [ FD1D572C705BD70953621DA8334F5A5C ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
01:13:26.0484 6096 L8042mou - ok
01:13:26.0531 6096 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
01:13:26.0531 6096 lanmanserver - ok
01:13:26.0578 6096 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:13:26.0578 6096 lanmanworkstation - ok
01:13:26.0593 6096 lbrtfdc - ok
01:13:26.0609 6096 [ 6F6FED015CD3D33A048F9FC40F42E076 ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
01:13:26.0609 6096 LHidKe - ok
01:13:26.0625 6096 [ C9FEEB4604C303CBD68E0A6780B5F50C ] LHidUsbK C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
01:13:26.0625 6096 LHidUsbK - ok
01:13:26.0734 6096 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
01:13:26.0765 6096 LiveUpdate - ok
01:13:26.0781 6096 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
01:13:26.0781 6096 LmHosts - ok
01:13:26.0796 6096 [ E424EB5F4FCF486490A17BEA3DFC64A9 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
01:13:26.0796 6096 LMouKE - ok
01:13:26.0796 6096 lxbx_device - ok
01:13:26.0859 6096 [ D57A920490362C89A0EF2A61FE249AFA ] MA-620 C:\WINDOWS\system32\DRIVERS\MA-620.sys
01:13:26.0859 6096 MA-620 - ok
01:13:26.0875 6096 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
01:13:26.0875 6096 Messenger - ok
01:13:26.0921 6096 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
01:13:26.0921 6096 mnmdd - ok
01:13:26.0953 6096 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
01:13:26.0953 6096 mnmsrvc - ok
01:13:27.0000 6096 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
01:13:27.0000 6096 Modem - ok
01:13:27.0062 6096 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
01:13:27.0078 6096 Monfilt - ok
01:13:27.0109 6096 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:13:27.0109 6096 Mouclass - ok
01:13:27.0109 6096 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:13:27.0109 6096 mouhid - ok
01:13:27.0140 6096 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
01:13:27.0140 6096 MountMgr - ok
01:13:27.0187 6096 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
01:13:27.0187 6096 MozillaMaintenance - ok
01:13:27.0187 6096 mraid35x - ok
01:13:27.0218 6096 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:13:27.0218 6096 MRxDAV - ok
01:13:27.0265 6096 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:13:27.0265 6096 MRxSmb - ok
01:13:27.0312 6096 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
01:13:27.0312 6096 MSDTC - ok
01:13:27.0343 6096 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
01:13:27.0343 6096 Msfs - ok
01:13:27.0359 6096 [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
01:13:27.0359 6096 MSIRCOMM - ok
01:13:27.0375 6096 MSIServer - ok
01:13:27.0375 6096 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:13:27.0375 6096 MSKSSRV - ok
01:13:27.0406 6096 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:13:27.0406 6096 MSPCLOCK - ok
01:13:27.0406 6096 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
01:13:27.0406 6096 MSPQM - ok
01:13:27.0437 6096 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:13:27.0437 6096 mssmbios - ok
01:13:27.0515 6096 MSSQL$SQLEXPRESS - ok
01:13:27.0593 6096 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Programme\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
01:13:27.0593 6096 MSSQLServerADHelper100 - ok
01:13:27.0609 6096 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
01:13:27.0609 6096 MSTEE - ok
01:13:27.0625 6096 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
01:13:27.0625 6096 Mup - ok
01:13:27.0656 6096 [ FC3EB08186946EB22370DE70F778DF08 ] MVDCODEC C:\WINDOWS\system32\DRIVERS\ativmdcd.sys
01:13:27.0656 6096 MVDCODEC - ok
01:13:27.0687 6096 [ E91FC8B52D21E38317DC61A3C7CCFA4B ] MxlW2k C:\WINDOWS\system32\drivers\MxlW2k.sys
01:13:27.0687 6096 MxlW2k - ok
01:13:27.0718 6096 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:13:27.0718 6096 NABTSFEC - ok
01:13:27.0750 6096 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
01:13:27.0750 6096 napagent - ok
01:13:27.0765 6096 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
01:13:27.0765 6096 NDIS - ok
01:13:27.0796 6096 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:13:27.0796 6096 NdisIP - ok
01:13:27.0843 6096 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:13:27.0843 6096 NdisTapi - ok
01:13:27.0843 6096 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:13:27.0859 6096 Ndisuio - ok
01:13:27.0875 6096 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:13:27.0875 6096 NdisWan - ok
01:13:27.0906 6096 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
01:13:27.0906 6096 NDProxy - ok
01:13:27.0953 6096 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
01:13:27.0953 6096 NetBIOS - ok
01:13:27.0968 6096 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
01:13:27.0984 6096 NetBT - ok
01:13:28.0015 6096 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
01:13:28.0015 6096 NetDDE - ok
01:13:28.0015 6096 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
01:13:28.0031 6096 NetDDEdsdm - ok
01:13:28.0046 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
01:13:28.0062 6096 Netlogon - ok
01:13:28.0093 6096 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
01:13:28.0109 6096 Netman - ok
01:13:28.0140 6096 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:13:28.0140 6096 NetTcpPortSharing - ok
01:13:28.0140 6096 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:13:28.0140 6096 NIC1394 - ok
01:13:28.0187 6096 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
01:13:28.0187 6096 Nla - ok
01:13:28.0375 6096 [ A1787754952A0B700E386DC7C5FA5726 ] Norton Ghost C:\Programme\Norton Ghost\Agent\VProSvc.exe
01:13:28.0437 6096 Norton Ghost - ok
01:13:28.0468 6096 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
01:13:28.0468 6096 Npfs - ok
01:13:28.0515 6096 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
01:13:28.0515 6096 Ntfs - ok
01:13:28.0531 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
01:13:28.0531 6096 NtLmSsp - ok
01:13:28.0578 6096 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
01:13:28.0593 6096 NtmsSvc - ok
01:13:28.0609 6096 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
01:13:28.0609 6096 Null - ok
01:13:28.0625 6096 [ E4F1F95A6BBBFBBFF9A713C6063AA2CB ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys
01:13:28.0640 6096 nvatabus - ok
01:13:28.0656 6096 [ 812F45DA883BDB87C5960B25295A7E9C ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
01:13:28.0656 6096 NVENETFD - ok
01:13:28.0687 6096 [ 507B332B431392ED37C23B7CFB66DCF7 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
01:13:28.0687 6096 nvnetbus - ok
01:13:28.0734 6096 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:13:28.0734 6096 NwlnkFlt - ok
01:13:28.0734 6096 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:13:28.0734 6096 NwlnkFwd - ok
01:13:28.0875 6096 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
01:13:28.0890 6096 odserv - ok
01:13:28.0906 6096 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:13:28.0906 6096 ohci1394 - ok
01:13:28.0937 6096 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
01:13:28.0937 6096 ose - ok
01:13:29.0000 6096 [ 4A410C7AEA51123519C20D43A20BCE96 ] PAC207 C:\WINDOWS\system32\DRIVERS\PFC027.SYS
01:13:29.0015 6096 PAC207 - ok
01:13:29.0031 6096 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
01:13:29.0031 6096 Parport - ok
01:13:29.0031 6096 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
01:13:29.0031 6096 PartMgr - ok
01:13:29.0078 6096 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
01:13:29.0078 6096 ParVdm - ok
01:13:29.0093 6096 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
01:13:29.0109 6096 PCI - ok
01:13:29.0109 6096 PCIDump - ok
01:13:29.0125 6096 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
01:13:29.0125 6096 PCIIde - ok
01:13:29.0156 6096 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys
01:13:29.0156 6096 PCLEPCI - ok
01:13:29.0156 6096 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
01:13:29.0156 6096 Pcmcia - ok
01:13:29.0171 6096 PDCOMP - ok
01:13:29.0171 6096 PDFRAME - ok
01:13:29.0171 6096 PDRELI - ok
01:13:29.0187 6096 PDRFRAME - ok
01:13:29.0187 6096 perc2 - ok
01:13:29.0187 6096 perc2hib - ok
01:13:29.0218 6096 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
01:13:29.0218 6096 PlugPlay - ok
01:13:29.0250 6096 [ 3ABDF04C0137F45568D5E960E7D5D73A ] PMUSB2G C:\WINDOWS\system32\Drivers\PMUSB.sys
01:13:29.0250 6096 PMUSB2G - ok
01:13:29.0265 6096 [ A1D7A9214B71EBBB6F31CB84AAC15525 ] Pnp680r C:\WINDOWS\system32\DRIVERS\pnp680r.sys
01:13:29.0265 6096 Pnp680r - ok
01:13:29.0265 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
01:13:29.0265 6096 PolicyAgent - ok
01:13:29.0312 6096 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:13:29.0312 6096 PptpMiniport - ok
01:13:29.0359 6096 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
01:13:29.0359 6096 Processor - ok
01:13:29.0359 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:13:29.0359 6096 ProtectedStorage - ok
01:13:29.0375 6096 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
01:13:29.0375 6096 PSched - ok
01:13:29.0390 6096 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:13:29.0390 6096 Ptilink - ok
01:13:29.0421 6096 [ 681AE4F1927FE0FDEEE2863F1684088D ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys
01:13:29.0421 6096 pwdrvio - ok
01:13:29.0468 6096 [ BC60895CE021309EBD887D2F22055654 ] pwdspio C:\WINDOWS\system32\pwdspio.sys
01:13:29.0468 6096 pwdspio - ok
01:13:29.0515 6096 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:13:29.0515 6096 PxHelp20 - ok
01:13:29.0515 6096 ql1080 - ok
01:13:29.0515 6096 Ql10wnt - ok
01:13:29.0531 6096 ql12160 - ok
01:13:29.0531 6096 ql1240 - ok
01:13:29.0531 6096 ql1280 - ok
01:13:29.0578 6096 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:13:29.0578 6096 RasAcd - ok
01:13:29.0593 6096 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
01:13:29.0593 6096 RasAuto - ok
01:13:29.0625 6096 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
01:13:29.0625 6096 Rasirda - ok
01:13:29.0625 6096 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:13:29.0625 6096 Rasl2tp - ok
01:13:29.0671 6096 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
01:13:29.0671 6096 RasMan - ok
01:13:29.0671 6096 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:13:29.0671 6096 RasPppoe - ok
01:13:29.0687 6096 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
01:13:29.0687 6096 Raspti - ok
01:13:29.0718 6096 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:13:29.0734 6096 Rdbss - ok
01:13:29.0750 6096 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:13:29.0750 6096 RDPCDD - ok
01:13:29.0796 6096 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
01:13:29.0796 6096 RDPWD - ok
01:13:29.0812 6096 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
01:13:29.0828 6096 RDSessMgr - ok
01:13:29.0859 6096 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
01:13:29.0859 6096 redbook - ok
01:13:29.0875 6096 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
01:13:29.0875 6096 RemoteAccess - ok
01:13:29.0906 6096 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
01:13:29.0906 6096 RpcLocator - ok
01:13:29.0937 6096 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
01:13:29.0937 6096 RpcSs - ok
01:13:30.0000 6096 [ FEDD2710B75BE3ECF078ADACE790C423 ] RsFx0102 C:\WINDOWS\system32\DRIVERS\RsFx0102.sys
01:13:30.0000 6096 RsFx0102 - ok
01:13:30.0031 6096 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
01:13:30.0031 6096 RSVP - ok
01:13:30.0062 6096 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\WINDOWS\system32\DRIVERS\s0016bus.sys
01:13:30.0062 6096 s0016bus - ok
01:13:30.0109 6096 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
01:13:30.0109 6096 s0016mdfl - ok
01:13:30.0140 6096 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
01:13:30.0156 6096 s0016mdm - ok
01:13:30.0187 6096 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
01:13:30.0187 6096 s0016mgmt - ok
01:13:30.0218 6096 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
01:13:30.0218 6096 s0016nd5 - ok
01:13:30.0250 6096 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\WINDOWS\system32\DRIVERS\s0016obex.sys
01:13:30.0250 6096 s0016obex - ok
01:13:30.0296 6096 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\WINDOWS\system32\DRIVERS\s0016unic.sys
01:13:30.0296 6096 s0016unic - ok
01:13:30.0312 6096 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
01:13:30.0312 6096 SamSs - ok
01:13:30.0343 6096 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
01:13:30.0359 6096 SCardSvr - ok
01:13:30.0390 6096 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
01:13:30.0390 6096 Schedule - ok
01:13:30.0515 6096 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
01:13:30.0515 6096 SearchAnonymizer - ok
01:13:30.0546 6096 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:13:30.0546 6096 Secdrv - ok
01:13:30.0578 6096 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
01:13:30.0578 6096 seclogon - ok
01:13:30.0593 6096 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
01:13:30.0593 6096 SENS - ok
01:13:30.0625 6096 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
01:13:30.0625 6096 serenum - ok
01:13:30.0625 6096 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
01:13:30.0640 6096 Serial - ok
01:13:30.0703 6096 [ 0B179A959FF6B6CA5927D4F255AB9F90 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
01:13:30.0703 6096 sfdrv01 - ok
01:13:30.0734 6096 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
01:13:30.0750 6096 sfhlp02 - ok
01:13:30.0765 6096 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
01:13:30.0765 6096 Sfloppy - ok
01:13:30.0796 6096 [ A62EFE6AA55C6A599DDBB6BD00E8FB9C ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
01:13:30.0796 6096 sfsync02 - ok
01:13:30.0828 6096 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
01:13:30.0843 6096 SharedAccess - ok
01:13:30.0859 6096 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:13:30.0859 6096 ShellHWDetection - ok
01:13:30.0890 6096 [ 09889D435EDC82435B18C7C311FE5721 ] Si3114r5 C:\WINDOWS\system32\DRIVERS\Si3114r5.sys
01:13:30.0890 6096 Si3114r5 - ok
01:13:30.0921 6096 [ 46B92189FE4DB53A09E3A0099AA3084C ] SiFilter C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
01:13:30.0921 6096 SiFilter - ok
01:13:30.0921 6096 Simbad - ok
01:13:30.0937 6096 [ B688378D258D1ECCE4768CDB55D48D92 ] SiRemFil C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
01:13:30.0937 6096 SiRemFil - ok
01:13:30.0984 6096 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
01:13:31.0000 6096 SkypeUpdate - ok
01:13:31.0031 6096 [ 6352FA01BD438E88250D534A1A6D22FF ] SLEE_17_DRIVER C:\WINDOWS\system32\drivers\Sleen17.sys
01:13:31.0031 6096 SLEE_17_DRIVER - ok
01:13:31.0031 6096 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:13:31.0031 6096 SLIP - ok
01:13:31.0156 6096 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Programme\Sony\Sony PC Companion\PCCService.exe
01:13:31.0156 6096 Sony PC Companion - ok
01:13:31.0156 6096 Sparrow - ok
01:13:31.0187 6096 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
01:13:31.0187 6096 splitter - ok
01:13:31.0218 6096 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
01:13:31.0234 6096 Spooler - ok
01:13:31.0265 6096 [ EB2FD937449B7ACEB39372F875EB8E78 ] SQLAgent$SQLEXPRESS c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
01:13:31.0296 6096 SQLAgent$SQLEXPRESS - ok
01:13:31.0375 6096 [ 99DE6ACFA5CA83FAD6A765C81C6F129F ] SQLBrowser c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
01:13:31.0390 6096 SQLBrowser - ok
01:13:31.0421 6096 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
01:13:31.0421 6096 SQLWriter - ok
01:13:31.0421 6096 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
01:13:31.0421 6096 sr - ok
01:13:31.0468 6096 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
01:13:31.0468 6096 srservice - ok
01:13:31.0515 6096 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
01:13:31.0515 6096 Srv - ok
01:13:31.0531 6096 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
01:13:31.0546 6096 SSDPSRV - ok
01:13:31.0562 6096 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
01:13:31.0562 6096 stisvc - ok
01:13:31.0609 6096 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:13:31.0609 6096 streamip - ok
01:13:31.0625 6096 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
01:13:31.0625 6096 swenum - ok
01:13:31.0656 6096 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
01:13:31.0656 6096 swmidi - ok
01:13:31.0656 6096 SwPrv - ok
01:13:31.0671 6096 Symantec SymSnap VSS Provider - ok
01:13:31.0671 6096 symc810 - ok
01:13:31.0671 6096 symc8xx - ok
01:13:31.0718 6096 [ 5220576EE29BEA7C18DFF9ECABF18BBC ] symlcbrd C:\WINDOWS\system32\drivers\symlcbrd.sys
01:13:31.0718 6096 symlcbrd - ok
01:13:31.0734 6096 [ A5CF31080E99718949BCC38C83F13452 ] symsnap C:\WINDOWS\system32\DRIVERS\symsnap.sys
01:13:31.0734 6096 symsnap - ok
01:13:31.0812 6096 [ 21FF886E6F679FC1EB352F231E846357 ] SymSnapService C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe
01:13:31.0843 6096 SymSnapService - ok
01:13:31.0843 6096 sym_hi - ok
01:13:31.0859 6096 sym_u3 - ok
01:13:31.0875 6096 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
01:13:31.0875 6096 sysaudio - ok
01:13:31.0906 6096 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
01:13:31.0906 6096 SysmonLog - ok
01:13:31.0921 6096 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
01:13:31.0937 6096 TapiSrv - ok
01:13:32.0000 6096 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:13:32.0000 6096 Tcpip - ok
01:13:32.0015 6096 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
01:13:32.0015 6096 TDPIPE - ok
01:13:32.0031 6096 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
01:13:32.0031 6096 TDTCP - ok
01:13:32.0031 6096 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
01:13:32.0031 6096 TermDD - ok
01:13:32.0062 6096 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
01:13:32.0078 6096 TermService - ok
01:13:32.0093 6096 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
01:13:32.0093 6096 Themes - ok
01:13:32.0109 6096 TosIde - ok
01:13:32.0125 6096 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
01:13:32.0125 6096 TrkWks - ok
01:13:32.0156 6096 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
01:13:32.0156 6096 Udfs - ok
01:13:32.0156 6096 ultra - ok
01:13:32.0187 6096 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
01:13:32.0203 6096 Update - ok
01:13:32.0218 6096 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
01:13:32.0234 6096 upnphost - ok
01:13:32.0250 6096 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
01:13:32.0250 6096 UPS - ok
01:13:32.0281 6096 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
01:13:32.0281 6096 usbaudio - ok
01:13:32.0296 6096 [ 0C28DD9EC68CCB6E95D49BFD24FD2C11 ] USBCamera C:\WINDOWS\system32\Drivers\Bulk533.sys
01:13:32.0296 6096 USBCamera - ok
01:13:32.0328 6096 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:13:32.0328 6096 usbccgp - ok
01:13:32.0343 6096 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:13:32.0343 6096 usbehci - ok
01:13:32.0343 6096 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:13:32.0343 6096 usbhub - ok
01:13:32.0359 6096 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
01:13:32.0359 6096 usbohci - ok
01:13:32.0390 6096 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:13:32.0390 6096 usbprint - ok
01:13:32.0406 6096 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:13:32.0406 6096 usbscan - ok
01:13:32.0421 6096 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys
01:13:32.0421 6096 usbser - ok
01:13:32.0421 6096 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:13:32.0437 6096 USBSTOR - ok
01:13:32.0437 6096 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:13:32.0437 6096 usbuhci - ok
01:13:32.0453 6096 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
01:13:32.0468 6096 VgaSave - ok
01:13:32.0468 6096 ViaIde - ok
01:13:32.0500 6096 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
01:13:32.0500 6096 VolSnap - ok
01:13:32.0531 6096 [ EF3506B04EB9124240B35148EAACBAA5 ] VProEventMonitor C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys
01:13:32.0531 6096 VProEventMonitor - ok
01:13:32.0562 6096 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
01:13:32.0578 6096 VSS - ok
01:13:32.0687 6096 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
01:13:32.0687 6096 vToolbarUpdater12.2.6 - ok
01:13:32.0718 6096 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
01:13:32.0734 6096 W32Time - ok
01:13:32.0781 6096 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:13:32.0781 6096 Wanarp - ok
01:13:32.0843 6096 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
01:13:32.0843 6096 Wdf01000 - ok
01:13:32.0843 6096 WDICA - ok
01:13:32.0875 6096 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
01:13:32.0875 6096 wdmaud - ok
01:13:32.0875 6096 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
01:13:32.0890 6096 WebClient - ok
01:13:32.0921 6096 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\WINDOWS\system32\DRIVERS\wimfltr.sys
01:13:32.0937 6096 WimFltr - ok
01:13:33.0000 6096 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
01:13:33.0015 6096 winmgmt - ok
01:13:33.0078 6096 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
01:13:33.0093 6096 WinRM - ok
01:13:33.0156 6096 [ 671DB6A9B772B807721147C28FAF760F ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
01:13:33.0156 6096 WmBEnum - ok
01:13:33.0171 6096 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
01:13:33.0171 6096 WmdmPmSN - ok
01:13:33.0203 6096 [ CFFE18DB8140B00335221907A694DD01 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
01:13:33.0203 6096 WmFilter - ok
01:13:33.0234 6096 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:13:33.0234 6096 WmiApSrv - ok
01:13:33.0312 6096 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
01:13:33.0328 6096 WMPNetworkSvc - ok
01:13:33.0359 6096 [ 2E17EA3B132963E3C07D50D68D2DF54E ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
01:13:33.0359 6096 WmVirHid - ok
01:13:33.0375 6096 [ 0ECE3BB49EB9EE42C411A0F1EC39DDA9 ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
01:13:33.0375 6096 WmXlCore - ok
01:13:33.0375 6096 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
01:13:33.0375 6096 WpdUsb - ok
01:13:33.0515 6096 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
01:13:33.0531 6096 WPFFontCache_v0400 - ok
01:13:33.0578 6096 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
01:13:33.0593 6096 wscsvc - ok
01:13:33.0593 6096 WSearch - ok
01:13:33.0640 6096 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:13:33.0640 6096 WSTCODEC - ok
01:13:33.0671 6096 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
01:13:33.0671 6096 wuauserv - ok
01:13:33.0718 6096 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:13:33.0718 6096 WudfPf - ok
01:13:33.0750 6096 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:13:33.0750 6096 WudfRd - ok
01:13:33.0765 6096 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
01:13:33.0781 6096 WudfSvc - ok
01:13:33.0812 6096 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
01:13:33.0828 6096 WZCSVC - ok
01:13:33.0843 6096 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
01:13:33.0843 6096 xmlprov - ok
01:13:33.0890 6096 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
01:13:33.0890 6096 yukonwxp - ok
01:13:33.0906 6096 ================ Scan global ===============================
01:13:33.0937 6096 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
01:13:33.0953 6096 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
01:13:33.0968 6096 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
01:13:34.0000 6096 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
01:13:34.0000 6096 [Global] - ok
01:13:34.0000 6096 ================ Scan MBR ==================================
01:13:34.0015 6096 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
01:13:34.0171 6096 \Device\Harddisk0\DR0 - ok
01:13:34.0187 6096 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
01:13:34.0453 6096 \Device\Harddisk1\DR1 - ok
01:13:34.0453 6096 ================ Scan VBR ==================================
01:13:34.0453 6096 [ 43E89A61C3AF49F8D624AA2DE4002AED ] \Device\Harddisk0\DR0\Partition1
01:13:34.0453 6096 \Device\Harddisk0\DR0\Partition1 - ok
01:13:34.0453 6096 [ 889D8DC8733C621E99545E859CABB2A9 ] \Device\Harddisk1\DR1\Partition1
01:13:34.0453 6096 \Device\Harddisk1\DR1\Partition1 - ok
01:13:34.0453 6096 ============================================================
01:13:34.0453 6096 Scan finished
01:13:34.0453 6096 ============================================================
01:13:34.0468 4880 Detected object count: 0
01:13:34.0468 4880 Actual detected object count: 0
01:15:08.0437 3480 ============================================================
01:15:08.0437 3480 Scan started
01:15:08.0437 3480 Mode: Manual;
01:15:08.0437 3480 ============================================================
01:15:10.0109 3480 ================ Scan system memory ========================
01:15:10.0125 3480 System memory - ok
01:15:10.0125 3480 ================ Scan services =============================
01:15:10.0218 3480 Abiosdsk - ok
01:15:10.0218 3480 abp480n5 - ok
01:15:10.0281 3480 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:15:10.0281 3480 ACPI - ok
01:15:10.0312 3480 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
01:15:10.0312 3480 ACPIEC - ok
01:15:10.0390 3480 AcrSch2Svc - ok
01:15:10.0453 3480 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:15:10.0453 3480 AdobeFlashPlayerUpdateSvc - ok
01:15:10.0453 3480 adpu160m - ok
01:15:10.0500 3480 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
01:15:10.0500 3480 aec - ok
01:15:10.0546 3480 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
01:15:10.0546 3480 Afc - ok
01:15:10.0593 3480 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
01:15:10.0593 3480 AFD - ok
01:15:10.0593 3480 Aha154x - ok
01:15:10.0609 3480 aic78u2 - ok
01:15:10.0609 3480 aic78xx - ok
01:15:10.0687 3480 [ 4E0ACA5290B2966F24C45250A56C2DA1 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
01:15:10.0703 3480 ALCXWDM - ok
01:15:10.0734 3480 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
01:15:10.0734 3480 Alerter - ok
01:15:10.0765 3480 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
01:15:10.0765 3480 ALG - ok
01:15:10.0765 3480 AliIde - ok
01:15:10.0843 3480 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
01:15:10.0843 3480 Ambfilt - ok
01:15:10.0890 3480 [ E6A2299284013EC4DE3419481A62069F ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
01:15:10.0890 3480 AmdK8 - ok
01:15:10.0890 3480 amsint - ok
01:15:10.0906 3480 AppMgmt - ok
01:15:10.0921 3480 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:15:10.0921 3480 Arp1394 - ok
01:15:10.0953 3480 [ 875F9079CABEE679D34B49E466B61701 ] ASAPIW2K C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
01:15:10.0953 3480 ASAPIW2K - ok
01:15:10.0953 3480 asc - ok
01:15:10.0968 3480 asc3350p - ok
01:15:10.0968 3480 asc3550 - ok
01:15:11.0000 3480 [ EB62FA6D7DA4E774E47D376E4D19CA5F ] Aspi32 C:\WINDOWS\system32\drivers\aspi32.sys
01:15:11.0015 3480 Aspi32 - ok
01:15:11.0125 3480 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:15:11.0125 3480 aspnet_state - ok
01:15:11.0156 3480 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:15:11.0156 3480 AsyncMac - ok
01:15:11.0171 3480 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
01:15:11.0171 3480 atapi - ok
01:15:11.0171 3480 Atdisk - ok
01:15:11.0250 3480 [ ECA673779ECD27D674953D692FE070F6 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
01:15:11.0250 3480 Ati HotKey Poller - ok
01:15:11.0296 3480 [ 1428C586BB318E1404575834E428ADDD ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
01:15:11.0296 3480 ATI Smart - ok
01:15:11.0390 3480 [ 15B2FE76E2ECEB98C49ED52311A6F26F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
01:15:11.0406 3480 ati2mtag - ok
01:15:11.0437 3480 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:15:11.0437 3480 Atmarpc - ok
01:15:11.0484 3480 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
01:15:11.0484 3480 AudioSrv - ok
01:15:11.0500 3480 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
01:15:11.0500 3480 audstub - ok
01:15:11.0515 3480 AVFSFilter - ok
01:15:11.0546 3480 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
01:15:11.0546 3480 avgtp - ok
01:15:11.0625 3480 [ 2718DC27571BD1E37813F5759D2DC118 ] AVP C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
01:15:11.0625 3480 AVP - ok
01:15:11.0656 3480 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
01:15:11.0656 3480 Beep - ok
01:15:11.0687 3480 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
01:15:11.0687 3480 BITS - ok
01:15:11.0718 3480 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
01:15:11.0718 3480 Browser - ok
01:15:11.0718 3480 btaudio - ok
01:15:11.0734 3480 BTDriver - ok
01:15:11.0734 3480 BTKRNL - ok
01:15:11.0734 3480 BTWDNDIS - ok
01:15:11.0750 3480 BTWUSB - ok
01:15:11.0796 3480 [ A8EAE8E358DE3A21E6EB54F4FC7F65EC ] Ca533av C:\WINDOWS\system32\Drivers\Ca533av.sys
01:15:11.0812 3480 Ca533av - ok
01:15:11.0812 3480 catchme - ok
01:15:11.0843 3480 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
01:15:11.0843 3480 cbidf2k - ok
01:15:11.0875 3480 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:15:11.0875 3480 CCDECODE - ok
01:15:11.0875 3480 cd20xrnt - ok
01:15:11.0906 3480 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
01:15:11.0906 3480 Cdaudio - ok
01:15:11.0906 3480 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
01:15:11.0906 3480 Cdfs - ok
01:15:11.0937 3480 [ BF79E659C506674C0497CC9C61F1A165 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
01:15:11.0937 3480 Cdr4_xp - ok
01:15:11.0968 3480 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
01:15:11.0968 3480 Cdralw2k - ok
01:15:11.0968 3480 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:15:11.0968 3480 Cdrom - ok
01:15:11.0968 3480 Changer - ok
01:15:12.0015 3480 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
01:15:12.0015 3480 CiSvc - ok
01:15:12.0031 3480 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
01:15:12.0031 3480 ClipSrv - ok
01:15:12.0046 3480 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:15:12.0046 3480 clr_optimization_v2.0.50727_32 - ok
01:15:12.0125 3480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:15:12.0125 3480 clr_optimization_v4.0.30319_32 - ok
01:15:12.0125 3480 CmdIde - ok
01:15:12.0125 3480 COMSysApp - ok
01:15:12.0140 3480 Cpqarray - ok
01:15:12.0171 3480 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
01:15:12.0171 3480 CryptSvc - ok
01:15:12.0187 3480 dac2w2k - ok
01:15:12.0187 3480 dac960nt - ok
01:15:12.0234 3480 [ B7EF38C2C22A7805DE919CFF5E16A372 ] dc3d C:\WINDOWS\system32\DRIVERS\dc3d.sys
01:15:12.0234 3480 dc3d - ok
01:15:12.0281 3480 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
01:15:12.0281 3480 DcomLaunch - ok
01:15:12.0296 3480 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
01:15:12.0296 3480 Dhcp - ok
01:15:12.0328 3480 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
01:15:12.0328 3480 Disk - ok
01:15:12.0328 3480 dmadmin - ok
01:15:12.0359 3480 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
01:15:12.0359 3480 dmboot - ok
01:15:12.0390 3480 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
01:15:12.0390 3480 dmio - ok
01:15:12.0406 3480 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
01:15:12.0406 3480 dmload - ok
01:15:12.0437 3480 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
01:15:12.0437 3480 dmserver - ok
01:15:12.0468 3480 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
01:15:12.0468 3480 DMusic - ok
01:15:12.0515 3480 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
01:15:12.0515 3480 Dnscache - ok
01:15:12.0546 3480 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
01:15:12.0546 3480 Dot3svc - ok
01:15:12.0546 3480 dpti2o - ok
01:15:12.0593 3480 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
01:15:12.0593 3480 drmkaud - ok
01:15:12.0625 3480 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
01:15:12.0640 3480 EapHost - ok
01:15:12.0687 3480 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
01:15:12.0687 3480 ERSvc - ok
01:15:12.0734 3480 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
01:15:12.0734 3480 Eventlog - ok
01:15:12.0781 3480 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
01:15:12.0781 3480 EventSystem - ok
01:15:12.0781 3480 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
01:15:12.0796 3480 Fastfat - ok
01:15:12.0828 3480 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:15:12.0843 3480 FastUserSwitchingCompatibility - ok
01:15:12.0859 3480 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
01:15:12.0859 3480 Fdc - ok
01:15:12.0906 3480 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
01:15:12.0906 3480 Fips - ok
01:15:12.0921 3480 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
01:15:12.0921 3480 Flpydisk - ok
01:15:12.0968 3480 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
01:15:12.0968 3480 FltMgr - ok
01:15:13.0078 3480 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:15:13.0078 3480 FontCache3.0.0.0 - ok
01:15:13.0093 3480 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:15:13.0093 3480 Fs_Rec - ok
01:15:13.0093 3480 FTD2XX - ok
01:15:13.0109 3480 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:15:13.0109 3480 Ftdisk - ok
01:15:13.0140 3480 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:15:13.0140 3480 GEARAspiWDM - ok
01:15:13.0171 3480 [ 69F8F310654D699C7E5BD5C67279980F ] GenericMount C:\WINDOWS\system32\DRIVERS\GenericMount.sys
01:15:13.0171 3480 GenericMount - ok
01:15:13.0296 3480 [ 5F0F786D91087C0A76C3EF689A51CA48 ] GenericMount Helper Service C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe
01:15:13.0296 3480 GenericMount Helper Service - ok
01:15:13.0328 3480 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\WINDOWS\system32\DRIVERS\ggflt.sys
01:15:13.0328 3480 ggflt - ok
01:15:13.0359 3480 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\WINDOWS\system32\DRIVERS\ggsemc.sys
01:15:13.0359 3480 ggsemc - ok
01:15:13.0359 3480 GMSIPCI - ok
01:15:13.0390 3480 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:15:13.0390 3480 Gpc - ok
01:15:13.0421 3480 [ 4A2102DDF08472527B4872FA68EE87D1 ] GT680x C:\WINDOWS\system32\Drivers\gt680x.sys
01:15:13.0421 3480 GT680x - ok
01:15:13.0546 3480 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
01:15:13.0546 3480 gupdate - ok
01:15:13.0546 3480 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
01:15:13.0546 3480 gupdatem - ok
01:15:13.0593 3480 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
01:15:13.0593 3480 gusvc - ok
01:15:13.0656 3480 [ ED32D389F8B0E74E400932E020BCFBDF ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys
01:15:13.0656 3480 Hardlock - ok
01:15:13.0703 3480 [ 2DD25F060DC9F79B5CDF33D90ED93669 ] Haspnt C:\WINDOWS\system32\drivers\Haspnt.sys
01:15:13.0703 3480 Haspnt - ok
01:15:13.0718 3480 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:15:13.0718 3480 HDAudBus - ok
01:15:13.0812 3480 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:15:13.0812 3480 helpsvc - ok
01:15:13.0843 3480 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
01:15:13.0843 3480 HidServ - ok
01:15:13.0859 3480 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:15:13.0859 3480 hidusb - ok
01:15:13.0906 3480 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
01:15:13.0906 3480 hkmsvc - ok
01:15:13.0906 3480 hpn - ok
01:15:13.0968 3480 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
01:15:13.0968 3480 HTTP - ok
01:15:13.0984 3480 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
01:15:14.0000 3480 HTTPFilter - ok
01:15:14.0000 3480 i2omgmt - ok
01:15:14.0000 3480 i2omp - ok
01:15:14.0015 3480 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:15:14.0015 3480 i8042prt - ok
01:15:14.0093 3480 [ 696A461DD24EA039E0521877CB944BE3 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:15:14.0093 3480 ialm - ok
01:15:14.0203 3480 [ 6F95324909B502E2651442C1548AB12F ] IDriverT c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
01:15:14.0203 3480 IDriverT - ok
01:15:14.0265 3480 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:15:14.0281 3480 idsvc - ok
01:15:14.0296 3480 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
01:15:14.0296 3480 Imapi - ok
01:15:14.0343 3480 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
01:15:14.0343 3480 ImapiService - ok
01:15:14.0343 3480 ini910u - ok
01:15:14.0531 3480 [ 9D04EE981B9F2AD4AFEDD5CF376F3148 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:15:14.0562 3480 IntcAzAudAddService - ok
01:15:14.0562 3480 IntelIde - ok
01:15:14.0593 3480 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:15:14.0609 3480 intelppm - ok
01:15:14.0625 3480 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
01:15:14.0625 3480 Ip6Fw - ok
01:15:14.0656 3480 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:15:14.0656 3480 IpFilterDriver - ok
01:15:14.0656 3480 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:15:14.0656 3480 IpInIp - ok
01:15:14.0703 3480 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:15:14.0703 3480 IpNat - ok
01:15:14.0734 3480 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:15:14.0734 3480 IPSec - ok
01:15:14.0781 3480 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
01:15:14.0781 3480 irda - ok
01:15:14.0796 3480 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
01:15:14.0796 3480 IRENUM - ok
01:15:14.0828 3480 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
01:15:14.0843 3480 Irmon - ok
01:15:14.0859 3480 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:15:14.0859 3480 isapnp - ok
01:15:14.0984 3480 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
01:15:14.0984 3480 JavaQuickStarterService - ok
01:15:15.0015 3480 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:15:15.0015 3480 Kbdclass - ok
01:15:15.0031 3480 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:15:15.0031 3480 kbdhid - ok
01:15:15.0046 3480 [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys
01:15:15.0046 3480 KL1 - ok
01:15:15.0078 3480 [ BF485BFBA13C0AB116701FD9C55324D0 ] kl2 C:\WINDOWS\system32\DRIVERS\kl2.sys
01:15:15.0078 3480 kl2 - ok
01:15:15.0125 3480 [ 5D92A03045A6A98708975B3D77B39A36 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
01:15:15.0125 3480 KLIF - ok
01:15:15.0156 3480 [ 96A7EC308A93DA26DFE481308BAAC2A2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
01:15:15.0171 3480 klim5 - ok
01:15:15.0171 3480 [ 3959530F69E19DA56F1F24F2C89F1E2C ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
01:15:15.0171 3480 klmouflt - ok
01:15:15.0203 3480 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
01:15:15.0203 3480 kmixer - ok
01:15:15.0203 3480 KodakCCS - ok
01:15:15.0234 3480 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
01:15:15.0234 3480 KSecDD - ok
01:15:15.0250 3480 [ 0A2E5A1963708AEE3BEE39D17726D736 ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
01:15:15.0250 3480 L1c - ok
01:15:15.0281 3480 [ FD1D572C705BD70953621DA8334F5A5C ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
01:15:15.0281 3480 L8042mou - ok
01:15:15.0312 3480 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
01:15:15.0328 3480 lanmanserver - ok
01:15:15.0375 3480 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:15:15.0375 3480 lanmanworkstation - ok
01:15:15.0375 3480 lbrtfdc - ok
01:15:15.0406 3480 [ 6F6FED015CD3D33A048F9FC40F42E076 ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
01:15:15.0406 3480 LHidKe - ok
01:15:15.0421 3480 [ C9FEEB4604C303CBD68E0A6780B5F50C ] LHidUsbK C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
01:15:15.0421 3480 LHidUsbK - ok
01:15:15.0531 3480 [ A97EEB81F05BCE3D7AA6C81F04EF39A4 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
01:15:15.0546 3480 LiveUpdate - ok
01:15:15.0562 3480 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
01:15:15.0562 3480 LmHosts - ok
01:15:15.0578 3480 [ E424EB5F4FCF486490A17BEA3DFC64A9 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
01:15:15.0578 3480 LMouKE - ok
01:15:15.0578 3480 lxbx_device - ok
01:15:15.0609 3480 [ D57A920490362C89A0EF2A61FE249AFA ] MA-620 C:\WINDOWS\system32\DRIVERS\MA-620.sys
01:15:15.0609 3480 MA-620 - ok
01:15:15.0640 3480 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
01:15:15.0640 3480 Messenger - ok
01:15:15.0687 3480 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
01:15:15.0687 3480 mnmdd - ok
01:15:15.0750 3480 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
01:15:15.0750 3480 mnmsrvc - ok
01:15:15.0781 3480 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
01:15:15.0796 3480 Modem - ok
01:15:15.0859 3480 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
01:15:15.0859 3480 Monfilt - ok
01:15:15.0906 3480 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:15:15.0906 3480 Mouclass - ok
01:15:15.0906 3480 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:15:15.0906 3480 mouhid - ok
01:15:15.0937 3480 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
01:15:15.0937 3480 MountMgr - ok
01:15:15.0984 3480 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
01:15:15.0984 3480 MozillaMaintenance - ok
01:15:15.0984 3480 mraid35x - ok
01:15:16.0015 3480 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:15:16.0015 3480 MRxDAV - ok
01:15:16.0078 3480 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:15:16.0078 3480 MRxSmb - ok
01:15:16.0109 3480 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
01:15:16.0125 3480 MSDTC - ok
01:15:16.0140 3480 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
01:15:16.0140 3480 Msfs - ok
01:15:16.0171 3480 [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
01:15:16.0171 3480 MSIRCOMM - ok
01:15:16.0171 3480 MSIServer - ok
01:15:16.0171 3480 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:15:16.0171 3480 MSKSSRV - ok
01:15:16.0218 3480 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:15:16.0218 3480 MSPCLOCK - ok
01:15:16.0218 3480 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
01:15:16.0218 3480 MSPQM - ok
01:15:16.0250 3480 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:15:16.0250 3480 mssmbios - ok
01:15:16.0312 3480 MSSQL$SQLEXPRESS - ok
01:15:16.0390 3480 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Programme\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
01:15:16.0406 3480 MSSQLServerADHelper100 - ok
01:15:16.0406 3480 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
01:15:16.0421 3480 MSTEE - ok
01:15:16.0421 3480 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
01:15:16.0421 3480 Mup - ok
01:15:16.0468 3480 [ FC3EB08186946EB22370DE70F778DF08 ] MVDCODEC C:\WINDOWS\system32\DRIVERS\ativmdcd.sys
01:15:16.0468 3480 MVDCODEC - ok
01:15:16.0500 3480 [ E91FC8B52D21E38317DC61A3C7CCFA4B ] MxlW2k C:\WINDOWS\system32\drivers\MxlW2k.sys
01:15:16.0500 3480 MxlW2k - ok
01:15:16.0515 3480 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:15:16.0515 3480 NABTSFEC - ok
01:15:16.0546 3480 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
01:15:16.0546 3480 napagent - ok
01:15:16.0546 3480 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
01:15:16.0562 3480 NDIS - ok
01:15:16.0578 3480 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:15:16.0578 3480 NdisIP - ok
01:15:16.0625 3480 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:15:16.0625 3480 NdisTapi - ok
01:15:16.0640 3480 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:15:16.0640 3480 Ndisuio - ok
01:15:16.0656 3480 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:15:16.0656 3480 NdisWan - ok
01:15:16.0687 3480 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
01:15:16.0687 3480 NDProxy - ok
01:15:16.0703 3480 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
01:15:16.0703 3480 NetBIOS - ok
01:15:16.0734 3480 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
01:15:16.0734 3480 NetBT - ok
01:15:16.0765 3480 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
01:15:16.0765 3480 NetDDE - ok
01:15:16.0765 3480 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
01:15:16.0781 3480 NetDDEdsdm - ok
01:15:16.0796 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
01:15:16.0796 3480 Netlogon - ok
01:15:16.0843 3480 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
01:15:16.0843 3480 Netman - ok
01:15:16.0921 3480 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:15:16.0921 3480 NetTcpPortSharing - ok
01:15:16.0953 3480 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:15:16.0953 3480 NIC1394 - ok
01:15:17.0000 3480 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
01:15:17.0000 3480 Nla - ok
01:15:18.0187 3480 [ A1787754952A0B700E386DC7C5FA5726 ] Norton Ghost C:\Programme\Norton Ghost\Agent\VProSvc.exe
01:15:18.0218 3480 Norton Ghost - ok
01:15:18.0250 3480 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
01:15:18.0250 3480 Npfs - ok
01:15:18.0578 3480 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
01:15:18.0593 3480 Ntfs - ok
01:15:18.0625 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
01:15:18.0625 3480 NtLmSsp - ok
01:15:18.0937 3480 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
01:15:18.0937 3480 NtmsSvc - ok
01:15:18.0968 3480 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
01:15:18.0968 3480 Null - ok
01:15:19.0078 3480 [ E4F1F95A6BBBFBBFF9A713C6063AA2CB ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys
01:15:19.0078 3480 nvatabus - ok
01:15:19.0171 3480 [ 812F45DA883BDB87C5960B25295A7E9C ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
01:15:19.0171 3480 NVENETFD - ok
01:15:19.0203 3480 [ 507B332B431392ED37C23B7CFB66DCF7 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
01:15:19.0203 3480 nvnetbus - ok
01:15:19.0281 3480 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:15:19.0281 3480 NwlnkFlt - ok
01:15:19.0328 3480 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:15:19.0343 3480 NwlnkFwd - ok
01:15:19.0609 3480 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
01:15:19.0609 3480 odserv - ok
01:15:19.0656 3480 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:15:19.0656 3480 ohci1394 - ok
01:15:19.0718 3480 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
01:15:19.0718 3480 ose - ok
01:15:19.0781 3480 [ 4A410C7AEA51123519C20D43A20BCE96 ] PAC207 C:\WINDOWS\system32\DRIVERS\PFC027.SYS
01:15:19.0781 3480 PAC207 - ok
01:15:19.0796 3480 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
01:15:19.0796 3480 Parport - ok
01:15:19.0812 3480 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
01:15:19.0812 3480 PartMgr - ok
01:15:19.0859 3480 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
01:15:19.0859 3480 ParVdm - ok
01:15:19.0921 3480 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
01:15:19.0921 3480 PCI - ok
01:15:19.0921 3480 PCIDump - ok
01:15:19.0953 3480 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
01:15:19.0953 3480 PCIIde - ok
01:15:19.0984 3480 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys
01:15:20.0000 3480 PCLEPCI - ok
01:15:20.0000 3480 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
01:15:20.0000 3480 Pcmcia - ok
01:15:20.0000 3480 PDCOMP - ok
01:15:20.0015 3480 PDFRAME - ok
01:15:20.0015 3480 PDRELI - ok
01:15:20.0015 3480 PDRFRAME - ok
01:15:20.0031 3480 perc2 - ok
01:15:20.0031 3480 perc2hib - ok
01:15:20.0062 3480 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
01:15:20.0062 3480 PlugPlay - ok
01:15:20.0093 3480 [ 3ABDF04C0137F45568D5E960E7D5D73A ] PMUSB2G C:\WINDOWS\system32\Drivers\PMUSB.sys
01:15:20.0093 3480 PMUSB2G - ok
01:15:20.0093 3480 [ A1D7A9214B71EBBB6F31CB84AAC15525 ] Pnp680r C:\WINDOWS\system32\DRIVERS\pnp680r.sys
01:15:20.0093 3480 Pnp680r - ok
01:15:20.0125 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
01:15:20.0125 3480 PolicyAgent - ok
01:15:20.0171 3480 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:15:20.0171 3480 PptpMiniport - ok
01:15:20.0187 3480 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
01:15:20.0187 3480 Processor - ok
01:15:20.0187 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:15:20.0187 3480 ProtectedStorage - ok
01:15:20.0203 3480 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
01:15:20.0203 3480 PSched - ok
01:15:20.0218 3480 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:15:20.0218 3480 Ptilink - ok
01:15:20.0250 3480 [ 681AE4F1927FE0FDEEE2863F1684088D ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys
01:15:20.0250 3480 pwdrvio - ok
01:15:20.0296 3480 [ BC60895CE021309EBD887D2F22055654 ] pwdspio C:\WINDOWS\system32\pwdspio.sys
01:15:20.0296 3480 pwdspio - ok
01:15:20.0343 3480 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:15:20.0343 3480 PxHelp20 - ok
01:15:20.0343 3480 ql1080 - ok
01:15:20.0359 3480 Ql10wnt - ok
01:15:20.0359 3480 ql12160 - ok
01:15:20.0359 3480 ql1240 - ok
01:15:20.0359 3480 ql1280 - ok
01:15:20.0406 3480 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:15:20.0421 3480 RasAcd - ok
01:15:20.0437 3480 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
01:15:20.0437 3480 RasAuto - ok
01:15:20.0484 3480 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
01:15:20.0484 3480 Rasirda - ok
01:15:20.0484 3480 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:15:20.0484 3480 Rasl2tp - ok
01:15:20.0531 3480 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
01:15:20.0531 3480 RasMan - ok
01:15:20.0546 3480 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:15:20.0546 3480 RasPppoe - ok
01:15:20.0546 3480 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
01:15:20.0546 3480 Raspti - ok
01:15:20.0578 3480 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:15:20.0578 3480 Rdbss - ok
01:15:20.0593 3480 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:15:20.0593 3480 RDPCDD - ok
01:15:20.0640 3480 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
01:15:20.0640 3480 RDPWD - ok
01:15:20.0671 3480 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
01:15:20.0671 3480 RDSessMgr - ok
01:15:20.0718 3480 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
01:15:20.0718 3480 redbook - ok
01:15:20.0750 3480 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
01:15:20.0750 3480 RemoteAccess - ok
01:15:20.0765 3480 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
01:15:20.0765 3480 RpcLocator - ok
01:15:20.0796 3480 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
01:15:20.0812 3480 RpcSs - ok
01:15:20.0859 3480 [ FEDD2710B75BE3ECF078ADACE790C423 ] RsFx0102 C:\WINDOWS\system32\DRIVERS\RsFx0102.sys
01:15:20.0859 3480 RsFx0102 - ok
01:15:20.0890 3480 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
01:15:20.0890 3480 RSVP - ok
01:15:20.0921 3480 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\WINDOWS\system32\DRIVERS\s0016bus.sys
01:15:20.0921 3480 s0016bus - ok
01:15:20.0968 3480 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
01:15:20.0968 3480 s0016mdfl - ok
01:15:21.0000 3480 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
01:15:21.0000 3480 s0016mdm - ok
01:15:21.0031 3480 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
01:15:21.0031 3480 s0016mgmt - ok
01:15:21.0062 3480 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
01:15:21.0062 3480 s0016nd5 - ok
01:15:21.0093 3480 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\WINDOWS\system32\DRIVERS\s0016obex.sys
01:15:21.0109 3480 s0016obex - ok
01:15:21.0140 3480 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\WINDOWS\system32\DRIVERS\s0016unic.sys
01:15:21.0140 3480 s0016unic - ok
01:15:21.0171 3480 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
01:15:21.0171 3480 SamSs - ok
01:15:21.0203 3480 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
01:15:21.0203 3480 SCardSvr - ok
01:15:21.0234 3480 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
01:15:21.0250 3480 Schedule - ok
01:15:21.0375 3480 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
01:15:21.0375 3480 SearchAnonymizer - ok
01:15:21.0421 3480 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:15:21.0421 3480 Secdrv - ok
01:15:21.0453 3480 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
01:15:21.0453 3480 seclogon - ok
01:15:21.0500 3480 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
01:15:21.0500 3480 SENS - ok
01:15:21.0531 3480 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
01:15:21.0531 3480 serenum - ok
01:15:21.0531 3480 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
01:15:21.0546 3480 Serial - ok
01:15:21.0625 3480 [ 0B179A959FF6B6CA5927D4F255AB9F90 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
01:15:21.0625 3480 sfdrv01 - ok
01:15:21.0656 3480 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
01:15:21.0656 3480 sfhlp02 - ok
01:15:21.0671 3480 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
01:15:21.0671 3480 Sfloppy - ok
01:15:21.0703 3480 [ A62EFE6AA55C6A599DDBB6BD00E8FB9C ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
01:15:21.0703 3480 sfsync02 - ok
01:15:21.0718 3480 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
01:15:21.0718 3480 SharedAccess - ok
01:15:21.0750 3480 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:15:21.0750 3480 ShellHWDetection - ok
01:15:21.0781 3480 [ 09889D435EDC82435B18C7C311FE5721 ] Si3114r5 C:\WINDOWS\system32\DRIVERS\Si3114r5.sys
01:15:21.0781 3480 Si3114r5 - ok
01:15:21.0812 3480 [ 46B92189FE4DB53A09E3A0099AA3084C ] SiFilter C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
01:15:21.0812 3480 SiFilter - ok
01:15:21.0812 3480 Simbad - ok
01:15:21.0828 3480 [ B688378D258D1ECCE4768CDB55D48D92 ] SiRemFil C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
01:15:21.0828 3480 SiRemFil - ok
01:15:21.0859 3480 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
01:15:21.0859 3480 SkypeUpdate - ok
01:15:21.0906 3480 [ 6352FA01BD438E88250D534A1A6D22FF ] SLEE_17_DRIVER C:\WINDOWS\system32\drivers\Sleen17.sys
01:15:21.0906 3480 SLEE_17_DRIVER - ok
01:15:21.0906 3480 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:15:21.0906 3480 SLIP - ok
01:15:21.0984 3480 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Programme\Sony\Sony PC Companion\PCCService.exe
01:15:22.0000 3480 Sony PC Companion - ok
01:15:22.0000 3480 Sparrow - ok
01:15:22.0031 3480 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
01:15:22.0031 3480 splitter - ok
01:15:22.0062 3480 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
01:15:22.0062 3480 Spooler - ok
01:15:22.0109 3480 [ EB2FD937449B7ACEB39372F875EB8E78 ] SQLAgent$SQLEXPRESS c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
01:15:22.0109 3480 SQLAgent$SQLEXPRESS - ok
01:15:22.0187 3480 [ 99DE6ACFA5CA83FAD6A765C81C6F129F ] SQLBrowser c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
01:15:22.0203 3480 SQLBrowser - ok
01:15:22.0234 3480 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
01:15:22.0234 3480 SQLWriter - ok
01:15:22.0234 3480 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
01:15:22.0234 3480 sr - ok
01:15:22.0265 3480 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
01:15:22.0265 3480 srservice - ok
01:15:22.0312 3480 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
01:15:22.0312 3480 Srv - ok
01:15:22.0343 3480 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
01:15:22.0343 3480 SSDPSRV - ok
01:15:22.0359 3480 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
01:15:22.0359 3480 stisvc - ok
01:15:22.0406 3480 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:15:22.0406 3480 streamip - ok
01:15:22.0421 3480 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
01:15:22.0421 3480 swenum - ok
01:15:22.0453 3480 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
01:15:22.0453 3480 swmidi - ok
01:15:22.0453 3480 SwPrv - ok
01:15:22.0468 3480 Symantec SymSnap VSS Provider - ok
01:15:22.0468 3480 symc810 - ok
01:15:22.0468 3480 symc8xx - ok
01:15:22.0515 3480 [ 5220576EE29BEA7C18DFF9ECABF18BBC ] symlcbrd C:\WINDOWS\system32\drivers\symlcbrd.sys
01:15:22.0515 3480 symlcbrd - ok
01:15:22.0531 3480 [ A5CF31080E99718949BCC38C83F13452 ] symsnap C:\WINDOWS\system32\DRIVERS\symsnap.sys
01:15:22.0531 3480 symsnap - ok
01:15:22.0609 3480 [ 21FF886E6F679FC1EB352F231E846357 ] SymSnapService C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe
01:15:22.0625 3480 SymSnapService - ok
01:15:22.0625 3480 sym_hi - ok
01:15:22.0640 3480 sym_u3 - ok
01:15:22.0656 3480 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
01:15:22.0656 3480 sysaudio - ok
01:15:22.0687 3480 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
01:15:22.0687 3480 SysmonLog - ok
01:15:22.0718 3480 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
01:15:22.0718 3480 TapiSrv - ok
01:15:22.0765 3480 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:15:22.0765 3480 Tcpip - ok
01:15:22.0781 3480 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
01:15:22.0781 3480 TDPIPE - ok
01:15:22.0781 3480 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
01:15:22.0781 3480 TDTCP - ok
01:15:22.0796 3480 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
01:15:22.0796 3480 TermDD - ok
01:15:22.0812 3480 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
01:15:22.0828 3480 TermService - ok
01:15:22.0843 3480 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
01:15:22.0843 3480 Themes - ok
01:15:22.0859 3480 TosIde - ok
01:15:22.0875 3480 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
01:15:22.0875 3480 TrkWks - ok
01:15:22.0906 3480 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
01:15:22.0906 3480 Udfs - ok
01:15:22.0906 3480 ultra - ok
01:15:22.0937 3480 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
01:15:22.0937 3480 Update - ok
01:15:22.0968 3480 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
01:15:22.0984 3480 upnphost - ok
01:15:23.0000 3480 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
01:15:23.0000 3480 UPS - ok
01:15:23.0031 3480 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
01:15:23.0031 3480 usbaudio - ok
01:15:23.0046 3480 [ 0C28DD9EC68CCB6E95D49BFD24FD2C11 ] USBCamera C:\WINDOWS\system32\Drivers\Bulk533.sys
01:15:23.0046 3480 USBCamera - ok
01:15:23.0078 3480 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:15:23.0078 3480 usbccgp - ok
01:15:23.0078 3480 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:15:23.0078 3480 usbehci - ok
01:15:23.0093 3480 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:15:23.0093 3480 usbhub - ok
01:15:23.0109 3480 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
01:15:23.0109 3480 usbohci - ok
01:15:23.0125 3480 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:15:23.0125 3480 usbprint - ok
01:15:23.0140 3480 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:15:23.0140 3480 usbscan - ok
01:15:23.0156 3480 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys
01:15:23.0156 3480 usbser - ok
01:15:23.0171 3480 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:15:23.0171 3480 USBSTOR - ok
01:15:23.0187 3480 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:15:23.0187 3480 usbuhci - ok
01:15:23.0203 3480 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
01:15:23.0203 3480 VgaSave - ok
01:15:23.0203 3480 ViaIde - ok
01:15:23.0250 3480 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
01:15:23.0250 3480 VolSnap - ok
01:15:23.0296 3480 [ EF3506B04EB9124240B35148EAACBAA5 ] VProEventMonitor C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys
01:15:23.0296 3480 VProEventMonitor - ok
01:15:23.0312 3480 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
01:15:23.0328 3480 VSS - ok
01:15:23.0437 3480 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
01:15:23.0437 3480 vToolbarUpdater12.2.6 - ok
01:15:23.0468 3480 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
01:15:23.0468 3480 W32Time - ok
01:15:23.0546 3480 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:15:23.0546 3480 Wanarp - ok
01:15:23.0640 3480 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
01:15:23.0640 3480 Wdf01000 - ok
01:15:23.0640 3480 WDICA - ok
01:15:23.0671 3480 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
01:15:23.0671 3480 wdmaud - ok
01:15:23.0671 3480 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
01:15:23.0687 3480 WebClient - ok
01:15:23.0734 3480 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\WINDOWS\system32\DRIVERS\wimfltr.sys
01:15:23.0734 3480 WimFltr - ok
01:15:23.0796 3480 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
01:15:23.0796 3480 winmgmt - ok
01:15:23.0859 3480 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
01:15:23.0859 3480 WinRM - ok
01:15:23.0921 3480 [ 671DB6A9B772B807721147C28FAF760F ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
01:15:23.0921 3480 WmBEnum - ok
01:15:23.0937 3480 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
01:15:23.0937 3480 WmdmPmSN - ok
01:15:23.0968 3480 [ CFFE18DB8140B00335221907A694DD01 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys
01:15:23.0968 3480 WmFilter - ok
01:15:24.0000 3480 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:15:24.0000 3480 WmiApSrv - ok
01:15:24.0078 3480 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
01:15:24.0078 3480 WMPNetworkSvc - ok
01:15:24.0109 3480 [ 2E17EA3B132963E3C07D50D68D2DF54E ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
01:15:24.0109 3480 WmVirHid - ok
01:15:24.0125 3480 [ 0ECE3BB49EB9EE42C411A0F1EC39DDA9 ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
01:15:24.0125 3480 WmXlCore - ok
01:15:24.0140 3480 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
01:15:24.0140 3480 WpdUsb - ok
01:15:24.0250 3480 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
01:15:24.0250 3480 WPFFontCache_v0400 - ok
01:15:24.0312 3480 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
01:15:24.0312 3480 wscsvc - ok
01:15:24.0312 3480 WSearch - ok
01:15:24.0343 3480 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:15:24.0359 3480 WSTCODEC - ok
01:15:24.0390 3480 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
01:15:24.0390 3480 wuauserv - ok
01:15:24.0437 3480 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:15:24.0437 3480 WudfPf - ok
01:15:24.0468 3480 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:15:24.0468 3480 WudfRd - ok
01:15:24.0484 3480 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
01:15:24.0484 3480 WudfSvc - ok
01:15:24.0515 3480 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
01:15:24.0531 3480 WZCSVC - ok
01:15:24.0546 3480 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
01:15:24.0562 3480 xmlprov - ok
01:15:24.0593 3480 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
01:15:24.0593 3480 yukonwxp - ok
01:15:24.0609 3480 ================ Scan global ===============================
01:15:24.0671 3480 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
01:15:24.0687 3480 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
01:15:24.0703 3480 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
01:15:24.0718 3480 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
01:15:24.0718 3480 [Global] - ok
01:15:24.0718 3480 ================ Scan MBR ==================================
01:15:24.0750 3480 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
01:15:24.0921 3480 \Device\Harddisk0\DR0 - ok
01:15:24.0921 3480 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
01:15:25.0171 3480 \Device\Harddisk1\DR1 - ok
01:15:25.0171 3480 ================ Scan VBR ==================================
01:15:25.0187 3480 [ 43E89A61C3AF49F8D624AA2DE4002AED ] \Device\Harddisk0\DR0\Partition1
01:15:25.0203 3480 \Device\Harddisk0\DR0\Partition1 - ok
01:15:25.0203 3480 [ 889D8DC8733C621E99545E859CABB2A9 ] \Device\Harddisk1\DR1\Partition1
01:15:25.0203 3480 \Device\Harddisk1\DR1\Partition1 - ok
01:15:25.0203 3480 ============================================================
01:15:25.0203 3480 Scan finished
01:15:25.0203 3480 ============================================================
01:15:25.0218 3772 Detected object count: 0
01:15:25.0218 3772 Actual detected object count: 0

Alt 13.10.2012, 02:53   #8
Tina666
 
Wieder CahtZum - Standard

Wieder CahtZum



Hoffe, daß soweit alles paßt.

LG

Tina

Alt 13.10.2012, 11:18   #9
M-K-D-B
/// TB-Ausbilder
 
Wieder CahtZum - Standard

Wieder CahtZum



Servus,



Auf deinem Rechner tummelt sich ziemlich viel Müll... wird Zeit, dass wir dagegen vorgehen.



Schritt 1
  • Folge folgendem Pfad: Start -> Systemsteuerung -> Software
  • Suche in der Liste Software mit dem folgenden Namen
    • Iminent
    • Ask Toolbar
    • Yontoo 1.10.02
    • IMinent Toolbar
    • AVG Security Toolbar
    • Babylon toolbar on IE
    • ChatZum Toolbar
    • DealPly
    • PriceGong
    • Windows Searchqu Toolbar
    • Softonic toolbar on IE
    • Wincore MediaBar
    • Winload Toolbar
    • WiseConvert Toolbar
    • Ask Toolbar Updater
    und deinstalliere das Programm.
  • Solltest du am Ende der Deinstallation zu einem Neustart aufgefordert werden, so führe diesen durch.
  • Sollte es Probleme mit der Deinstallation geben, so lass es mich bitte wissen.





Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.





Schritt 3
Starte bitte OTL.exe.
Wähle unter
Extra Registrierung: Benutze Safe List und klicke auf den Scan Button.
Poste die OTL.txt und die Extras.txt hier in deinen Thread.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die beiden Logdateien von OTL.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 13.10.2012, 13:39   #10
Tina666
 
Wieder CahtZum - Standard

Wieder CahtZum



Hallo Matthias,

Müll??? Weiß gar nicht, was Du meinst*gg*

ich habe nun fast alles von Schritt 1 entfernt.
Ein Problem gibt es jedoch, wenn ich Yontoo Desinstallieren will kommt folgende Meldung:

Setup initalization error.

Habe ich Schritt 2 richtig verstanden? Adwcleaner mit Doppelklick starten und dann löschen?

Einen Erfolg gibt es schon, ein Programm kann ich wieder öffnen!!!!!

Wenn ich aber bei Firefox einen neuen Reiter aufmache, kommt immer noch Babylon Search.

Tina

Geändert von Tina666 (13.10.2012 um 13:59 Uhr)

Alt 13.10.2012, 17:07   #11
M-K-D-B
/// TB-Ausbilder
 
Wieder CahtZum - Standard

Wieder CahtZum



Servus,




Downloade Dir bitte den Revo Uninstaller
  • Doppelklicke auf die revosetup.exe.
  • Installiere das Tool in den vorgegebenen Pfad.
  • Doppelklicke auf das Revo Uninstall Icon.
  • Suche Dir nun folgende Software aus der Code-Box.
    Code:
    ATTFilter
    Yontoo
             
    Klicke darauf und bestätige mit Ja.
  • Belasse die Einstellung der Deinstallationsroutine auf Moderat und klicke auf weiter.
  • Das Tool wird nun nach allen Einträgen auf dem Rechner suchen. Klick auf weiter
  • Klicke auf den Markiere alle Button und klicke auf löschen und bestätige mit Ja.
Bebilderte Anleitung

Starte den Rechner abschließend neu auf.



Führe anschließend AdwCleaner und OTL wie beschrieben aus und poste die drei Logdateien (1 von AdwCleaner, 2 von OTL).
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 14.10.2012, 01:32   #12
Tina666
 
Wieder CahtZum - Standard

Wieder CahtZum



Danke, werde es aber wahrscheinlich erst morgen machen.

Tina

Also doch noch heute Nacht...

Yantoo ist weg, super, danke.

Hier adwCleaner:

# AdwCleaner v2.004 - Datei am 14/10/2012 um 01:58:07 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Hartmann - MOTIONSIGN
# Bootmodus : Normal
# Ausgeführt unter : C:\Bereinigung\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Programme\Mozilla FireFox\Components\AskSearch.js
Datei Gelöscht : C:\Programme\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Programme\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Programme\Mozilla FireFox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Programme\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gelöscht : c:\temp\searchqutoolbar-manifest.xml
Datei Gelöscht : c:\temp\Uninstall.exe
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\WINDOWS\system32\conduitEngine.tmp
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
Ordner Gelöscht : C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Babylon
Ordner Gelöscht : C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\PriceGong
Ordner Gelöscht : C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\searchquband
Ordner Gelöscht : C:\Programme\Ask.com
Ordner Gelöscht : C:\Programme\ChatZum Toolbar
Ordner Gelöscht : C:\Programme\Conduit
Ordner Gelöscht : C:\Programme\PriceGong
Ordner Gelöscht : C:\Programme\Search Settings
Ordner Gelöscht : C:\Programme\Windows Searchqu Toolbar
Ordner Gelöscht : C:\Programme\Yontoo
Ordner Gelöscht : c:\temp\BabylonToolbar
Ordner Gelöscht : c:\temp\Iminent

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Babylon
Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6A87B991-A31F-4130-AE72-6D0C294BF082}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E908B145-C847-4E85-B315-07E2E70DECF8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E908B145-C847-4E85-B315-07E2E70DECF8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKCU\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskBarDis
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Schlüssel Gelöscht : HKLM\Software\Tarma Installer
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{8a9386b4-e958-4c4c-adf4-8f26db3e4829}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Die Registrierungsdatenbank ist sauber.

*************************

AdwCleaner[S1].txt - [18811 octets] - [14/10/2012 01:58:07]

########## EOF - C:\AdwCleaner[S1].txt - [18872 octets] ##########

Alt 14.10.2012, 13:41   #13
M-K-D-B
/// TB-Ausbilder
 
Wieder CahtZum - Standard

Wieder CahtZum



Servus,




Starte bitte OTL.exe.
Wähle unter
Extra Registrierung: Benutze Safe List und klicke auf den Scan Button.
Poste die OTL.txt und die Extras.txt hier in deinen Thread.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 14.10.2012, 23:18   #14
Tina666
 
Wieder CahtZum - Standard

Wieder CahtZum



Hallo,
ich habs nicht vergessen, aber beim Scannen gestern hat sich der Rechner aufgehängt.
Dann hatte ich keine Nerven mehr dazu....OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 14.10.2012 23:05:34 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Bereinigung
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,13% Memory free
6,84 Gb Paging File | 5,94 Gb Available in Paging File | 86,86% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 465,76 Gb Total Space | 288,54 Gb Free Space | 61,95% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 399,23 Gb Free Space | 66,97% Space Free | Partition Type: NTFS
 
Computer Name: MOTIONSIGN | User Name: Hartmann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.11 22:51:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Bereinigung\OTL.exe
PRC - [2012.09.08 01:53:07 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
PRC - [2012.01.18 18:36:46 | 001,452,680 | ---- | M] (SPAMfighter ApS) -- C:\Programme\Fighters\Tray\FightersTray.exe
PRC - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2010.03.03 19:39:40 | 002,598,760 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProTray.exe
PRC - [2010.03.03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) -- C:\Programme\Norton Ghost\Agent\VProSvc.exe
PRC - [2010.02.11 02:34:14 | 001,964,528 | ---- | M] (Symantec) -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001.09.21 14:50:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe
PRC - [2001.07.09 15:38:10 | 000,356,352 | ---- | M] (Common Group) -- C:\WINDOWS\twain_32\A12U16KD\WATCH.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.09 17:39:51 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012.09.08 01:53:06 | 002,244,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.06.14 08:54:23 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll
MOD - [2012.06.14 08:50:09 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012.06.14 08:49:13 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.14 08:49:02 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.05.12 18:22:05 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.12 18:21:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
MOD - [2011.04.25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll
MOD - [2011.04.25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll
MOD - [2011.04.25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll
MOD - [2011.04.25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll
MOD - [2011.04.25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll
MOD - [2011.04.25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll
MOD - [2011.04.20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2010.04.24 23:30:41 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2004.09.14 19:44:12 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxbxPP5C.DLL
MOD - [2002.10.30 09:58:36 | 000,143,360 | ---- | M] () -- C:\WINDOWS\twain_32\A12U16KD\A2dSpi.dll
MOD - [2001.12.06 20:55:18 | 000,135,168 | ---- | M] () -- C:\WINDOWS\system32\A2dusd.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
MOD - [2001.09.21 14:50:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\Gtwatch.exe
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012.10.09 17:39:52 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.08 01:53:07 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.30 00:24:32 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2010.03.03 19:39:38 | 004,590,432 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2010.02.12 07:09:06 | 001,574,408 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service)
SRV - [2010.02.11 02:34:14 | 001,964,528 | ---- | M] (Symantec) [On_Demand | Running] -- C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService)
SRV - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.01.07 00:41:22 | 000,462,848 | ---- | M] (Lexmark International, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxbxcoms.exe -- (lxbx_device)
SRV - [2004.10.22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Adapter | On_Demand | Unknown] --  -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] --  -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\FTD2XX.sys -- (FTD2XX)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avfsfilter.sys -- (AVFSFilter)
DRV - [2012.07.08 22:52:59 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.07.08 22:52:59 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.03.01 14:51:11 | 000,565,552 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2012.01.18 15:55:56 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2012.01.18 15:55:54 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2011.08.10 16:39:48 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc3d.sys -- (dc3d)
DRV - [2011.06.28 13:15:20 | 006,363,752 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.03.22 09:58:42 | 000,065,136 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2011.03.10 19:34:46 | 000,034,608 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2011.03.04 14:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2011.03.04 14:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (KL1)
DRV - [2010.03.03 19:59:22 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010.02.12 07:10:12 | 000,057,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GenericMount.sys -- (GenericMount)
DRV - [2010.02.11 02:34:46 | 000,138,592 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\symsnap.sys -- (symsnap)
DRV - [2009.11.18 01:17:00 | 001,395,800 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 01:16:00 | 001,691,480 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.11.02 21:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.09.21 20:40:14 | 000,015,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV - [2009.09.17 15:12:32 | 000,093,920 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt ) [Driver] [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SleeN17.sys -- (SLEE_17_DRIVER)
DRV - [2009.01.04 15:25:08 | 000,017,408 | ---- | M] (PassMark Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PMUSB.sys -- (PMUSB2G)
DRV - [2008.12.02 00:13:40 | 003,452,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.11.25 02:35:54 | 000,211,496 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Si3114r5.sys -- (Si3114r5)
DRV - [2008.11.25 02:35:54 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2008.11.25 02:35:54 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2008.07.10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008.05.16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic)
DRV - [2008.05.16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5)
DRV - [2008.05.16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008.05.16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008.02.13 13:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2008.01.14 17:29:17 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2007.12.06 10:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006.09.02 17:09:52 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2006.09.02 16:36:20 | 000,004,608 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006.09.02 15:49:55 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2006.07.24 04:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006.07.24 04:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2005.05.17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2005.01.10 11:45:56 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K)
DRV - [2004.12.07 10:15:54 | 000,087,936 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2004.12.01 14:40:08 | 002,300,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004.11.24 11:42:48 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004.11.24 11:42:46 | 000,033,408 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.10.21 05:39:44 | 000,035,840 | R--- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.07.14 12:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004.04.26 08:10:00 | 000,038,081 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2004.04.26 08:09:52 | 000,054,657 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2004.04.26 08:09:42 | 000,071,405 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2004.04.26 08:09:24 | 000,024,605 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2003.05.14 14:42:56 | 000,021,216 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2003.05.14 14:42:50 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2003.05.14 14:42:48 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2003.05.14 14:42:44 | 000,044,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2003.03.25 10:55:04 | 000,027,136 | R--- | M] (Mobile Action Tech. Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma-620.sys -- (MA-620)
DRV - [2002.10.21 11:37:16 | 000,515,803 | ---- | M] (Digital Camera) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Ca533av.sys -- (Ca533av)
DRV - [2002.07.25 11:19:48 | 000,010,986 | ---- | M] (USB BULK) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Bulk533.sys -- (USBCamera)
DRV - [2002.05.31 10:35:02 | 000,076,976 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pnp680r.sys -- (Pnp680r)
DRV - [2001.11.08 08:53:54 | 000,018,120 | ---- | M] (   ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gt680x.sys -- (GT680x)
DRV - [2001.08.17 13:49:38 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ativmdcd.sys -- (MVDCODEC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0504817B-F19C-4569-BF5F-14CA6DE4EFF1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 88 CC C8 01 08 05 C8 01 02 00 02 00 53 01 0C 00 98 CC C8 01 F8 04 C8 01 02 00 02 00 51 01 0C 00 00 00 00 00  [binary data]
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Wirtschaft: Wirtschaftsnachrichten von t-online.de/wirtschaft
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes,DefaultScope = {04324A13-C562-44B5-98C3-CB910B1B550C}
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{04324A13-C562-44B5-98C3-CB910B1B550C}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{0504817B-F19C-4569-BF5F-14CA6DE4EFF1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{131B38B1-CC5B-4A32-9914-62E0ED1FC19C}: "URL" = [String data over 1000 bytes]
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{342032E5-348C-48BE-BFB2-D336898928C9}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{3AA0DE0F-6691-4E93-A74E-D0A366421803}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{3D20C55B-1C6F-44BB-8B64-6EB4DA52524C}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{65B27F1C-B3AA-42A9-82CF-FF5ED3FED24F}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{9F3786B8-EF7C-407E-AF2C-B49DAA6A0D1E}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\SearchScopes\{D6481E63-37A6-44EA-802B-2BC182D0D96E}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=92c11ed6-2009-4333-8e8b-d71c8d99e855&pid=fotofreeware&mode=bounce&k=0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost
 
========== FireFox ==========
 
FF - prefs.js..CT2319825.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: "4shared.com Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-ffpro"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@babylon.com:1.1.9
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: toolbar@web.de:2.3.3
FF - prefs.js..extensions.enabledAddons: {40c3cc16-7269-4b32-9531-17f2950fb06f}:10.10.27.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.7.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q="
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.startup.homepage: "hxxp://www.google.com/"
FF - user.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q="
FF - user.js..browser.search.selectedEngine: "Google"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.08.30 19:24:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\linkfilter@kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.08.30 19:24:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\KavAntiBanner@Kaspersky.ru: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.08.30 19:24:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.10.14 01:58:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.09.08 01:52:58 | 000,000,000 | ---D | M]
 
[2012.10.13 13:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions
[2008.11.13 03:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.10.13 13:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions
[2012.08.22 13:56:32 | 000,000,000 | ---D | M] (4shared.com Community Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
[2010.05.13 03:16:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.08.23 03:04:37 | 000,000,000 | ---D | M] (Winload) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2012.10.12 00:29:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.02.29 21:46:43 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2011.12.23 19:32:17 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\ffxtlbr@babylon.com
[2012.10.02 23:11:56 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\foxmarks@kei.com
[2012.03.01 14:22:25 | 000,000,000 | ---D | M] (Yontoo) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\plugin@yontoo.com
[2012.10.11 01:27:04 | 000,565,762 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\toolbar@web.de.xpi
[2012.10.11 01:27:10 | 000,000,911 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\11-suche.xml
[2012.03.30 00:24:50 | 000,001,086 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\ask.xml
[2012.03.30 00:24:50 | 000,002,691 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\askcom.xml
[2012.03.30 22:00:10 | 000,000,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\conduit.xml
[2012.10.11 01:27:10 | 000,002,273 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\englische-ergebnisse.xml
[2012.10.11 01:27:10 | 000,010,563 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\gmx-suche.xml
[2012.03.30 00:24:50 | 000,002,492 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\google-und-download-suche.xml
[2012.10.11 01:27:10 | 000,002,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\lastminute.xml
[2012.06.19 21:47:55 | 000,000,641 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\search-web.xml
[2011.10.09 19:46:30 | 000,002,520 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\SearchResults.xml
[2012.06.01 19:20:40 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\Search_Results.xml
[2012.10.11 01:27:10 | 000,005,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\webde-suche.xml
[2012.03.30 00:24:51 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{044BA39C-AD89-4B4C-B2B0-3517499C48F2}.xml
[2012.03.30 00:24:52 | 000,002,079 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{06A29687-A639-4360-9088-A404C00556D1}.xml
[2012.03.30 00:24:52 | 000,002,190 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\{A75239EF-069B-40AF-831D-CEA4E5C16540}.xml
[2012.10.13 13:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.08 01:52:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.09.08 01:52:53 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2012.09.08 01:52:54 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
[2012.09.08 01:53:07 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.04.02 14:36:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.20 22:33:33 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.02 00:55:20 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.20 22:33:33 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.20 22:33:33 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.20 22:33:33 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.20 22:33:33 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: Search
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.0_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.6_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
 
O1 HOSTS File: ([2009.10.10 13:27:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{C424171E-592A-415a-9EB1-DFD6D95D3530} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CommonToolkitTray] c:\Programme\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [Gtwatch] C:\WINDOWS\Gtwatch.exe ()
O4 - HKLM..\Run: [HF_G_Jul] "C:\Programme\AVG Secure Search\HF_G_Jul.exe"  /DoAction File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Norton Ghost 15.0] C:\Programme\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [Ocs_SM] C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Programme\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Watch.lnk = C:\WINDOWS\twain_32\A12U16KD\WATCH.exe (Common Group)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 351
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ADAB9D3-1DB3-49B2-89FC-F454CD73AD07}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FC1575C-73E5-4A35-B75A-769B11439EBC}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.29 14:53:12 | 000,000,087 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell - "" = AutoRun
O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0ad7ffa2-5d23-11e0-aa85-001109d69c61}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell - "" = AutoRun
O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{35606a55-c8f8-11e1-aaa9-5404a6d4fa58}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell - "" = AutoRun
O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\Auto\command - "" = G:\sxs.exe
O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{37c76d92-a006-11df-98b3-001109d69c60}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe
O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fab17a3a-d9e5-11dd-96d5-806d6172696f}\Shell\AutoRun\command - "" = E:\camera.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.14 01:41:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme\Revo Uninstaller
[2012.10.14 01:38:32 | 000,000,000 | ---D | C] -- C:\Programme\VS Revo Group
[2012.10.11 22:50:49 | 000,000,000 | ---D | C] -- C:\Bereinigung
[2006.12.16 13:34:39 | 000,024,192 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Hartmann\usbsermptxp.sys
[2006.12.16 13:34:39 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Hartmann\usbsermpt.sys
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.14 22:50:07 | 000,000,402 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{44BE5EBB-6A99-4DE1-B962-E148184E8A04}.job
[2012.10.14 22:50:06 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Hartmann-Startup.job
[2012.10.14 22:47:53 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Hartmann-Notification.job
[2012.10.14 22:47:42 | 000,012,682 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.10.14 22:45:48 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.14 22:45:45 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2012.10.14 22:45:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.14 22:45:29 | 000,069,112 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2012.10.14 01:59:04 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2012.10.14 01:44:00 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.14 01:41:22 | 000,000,908 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\Desktop\Revo Uninstaller.lnk
[2012.10.14 01:39:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.13 13:24:01 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012.10.13 13:19:49 | 000,000,838 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2012.10.13 05:18:43 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012.10.11 23:41:42 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Hartmann\defogger_reenable
[2012.10.11 16:36:17 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2012.10.10 17:05:21 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.10.09 17:39:52 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.10.09 17:39:52 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.10.07 15:26:30 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
 
========== Files Created - No Company Name ==========
 
[2012.10.14 01:38:32 | 000,000,908 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Desktop\Revo Uninstaller.lnk
[2012.10.13 13:23:57 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2012.10.11 23:41:42 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\defogger_reenable
[2012.10.11 16:36:17 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2012.10.11 16:36:17 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2012.06.19 16:39:23 | 000,922,184 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2012.06.19 16:39:22 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2012.06.19 16:39:21 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2012.04.03 19:54:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI
[2012.04.03 18:32:39 | 000,018,120 | ---- | C] (   ) -- C:\WINDOWS\System32\drivers\gt680x.sys
[2012.03.30 22:54:46 | 000,117,035 | ---- | C] () -- C:\Programme\jquery.yoxview-2.21.zip
[2012.03.30 22:12:11 | 007,558,447 | ---- | C] () -- C:\Programme\aemf20.exe
[2012.03.29 21:52:18 | 000,015,416 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2012.03.29 21:17:29 | 000,982,196 | R--- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2012.03.29 21:17:29 | 000,417,344 | R--- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2012.03.29 21:16:21 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012.03.28 16:22:51 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\A2dusd.dll
[2012.03.28 14:44:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WATCH.INI
[2012.03.28 14:20:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\Gtwatch.exe
[2012.03.01 14:55:08 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2012.03.01 14:52:55 | 000,116,189 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2012.03.01 14:52:55 | 000,098,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2012.02.16 05:44:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.03 07:29:50 | 000,211,614 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.03.11 13:43:54 | 000,029,763 | ---- | C] () -- C:\WINDOWS\System32\drivers\klopp.dat
[2010.11.17 08:12:17 | 000,000,087 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\.octave_hist
[2010.10.15 14:38:24 | 000,000,244 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\varicad-work.ini
[2010.04.28 00:14:16 | 000,038,347 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\dsc2099.jpg
[2010.01.06 23:44:31 | 000,000,291 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\PropCalc Preferences
[2008.09.27 01:47:18 | 000,278,016 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\mdbu.bin
[2008.06.20 14:23:06 | 001,487,202 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\test
[2007.08.03 23:47:14 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.04.25 23:08:24 | 000,093,209 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\mdb.bin
[2006.12.16 13:34:39 | 000,007,195 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USBMOT2000.INF
[2006.12.16 13:34:39 | 000,005,891 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USBMOT2000XP.INF
[2006.12.16 13:34:39 | 000,005,877 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\USB_CMCS_2000.INF
[2006.10.06 12:39:40 | 000,104,990 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\wtge61ge.HST
[2006.09.02 17:25:29 | 000,039,936 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.09.02 16:46:03 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2006.09.02 16:45:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 14.10.2012 23:05:34 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Bereinigung
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,13% Memory free
6,84 Gb Paging File | 5,94 Gb Available in Paging File | 86,86% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 465,76 Gb Total Space | 288,54 Gb Free Space | 61,95% Space Free | Partition Type: NTFS
Drive D: | 596,16 Gb Total Space | 399,23 Gb Free Space | 66,97% Space Free | Partition Type: NTFS
 
Computer Name: MOTIONSIGN | User Name: Hartmann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-1292428093-776561741-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung 
"80:TCP" = 80:TCP:*:Disabled:Windows-Remoteverwaltung - Kompatibilitätsmodus (HTTP eingehend) 
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\IPACS\easyFly\easyfly.exe" = C:\Programme\IPACS\easyFly\easyfly.exe:*:Enabled:easyfly -- (IPACS)
"C:\Programme\Pinnacle\Studio 10\programs\RM.exe" = C:\Programme\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.)
"C:\Programme\Pinnacle\Studio 10\programs\Studio.exe" = C:\Programme\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe:*:Enabled:Installationsprogramm für Kaspersky Internet Security 2009 -- (Kaspersky Lab)
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen -- (Microsoft Corporation)
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Disabled:backWeb-8876480 -- ()
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"C:\Ubisoft\Silent Hunter 5\sh5.exe" = C:\Ubisoft\Silent Hunter 5\sh5.exe:*:Enabled:Silent Hunter 5 -- (Ubisoft)
"E:\DVD-Start.exe" = E:\DVD-Start.exe:*:Enabled:Schnellstart-DVD
"C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\C06YGF3E\cimatron_e10_german_downloader_142[1].exe" = C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\C06YGF3E\cimatron_e10_german_downloader_142[1].exe:*:Enabled:ExpressFilesInstaller
"C:\Programme\ExpressFiles\ExpressFiles.exe" = C:\Programme\ExpressFiles\ExpressFiles.exe:*:Enabled:ExpressFiles
"C:\Programme\ExpressFiles\ExpressDL.exe" = C:\Programme\ExpressFiles\ExpressDL.exe:*:Enabled:ExpressFilesDL
"C:\Programme\iMesh Applications\iMesh\iMesh.exe" = C:\Programme\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- ()
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator 0.8.0
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0153A77C-A981-4A1F-BAA9-16A80FBC358A}" = Full Spectrum Warrior
"{03CDDD00-BD57-4326-9480-4C74449AF597}" = PhotoStitch
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{095659A2-739F-4D9A-A916-66C7CAD16F9E}" = Canon Camera WIA Driver
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{295EAB46-0541-497E-9520-83E5CCCDA2AC}" = CADsymbols
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1" = MiniTool Partition Wizard Home Edition 7.1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35B8CC58-F128-4169-82EB-0E6CB0C3AFE6}" = ArcSoft PhotoImpression
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2
"{477415F5-93DA-46AA-85C5-640047825995}" = Microsoft SQL Server 2008 Database Engine Shared
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008-Browser
"{4E475FD4-4513-4B1D-8DDA-43912B068C99}" = HTML Slideshow Powertoy for Windows XP
"{51DDFE79-3B2B-4AC7-8CAD-803D7D0DF6DD}" = MySQL Server 6.0
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{59CEACE1-2A1D-4CA7-908C-84CA8596E950}" = Cimatron E 6.0 Deutsche Benutzeroberfläche
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Camera Window
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = Microsoft SQL Server 2008 Database Engine Services
"{5EF16AA8-597E-4779-AEF7-1589EA1A7EC4}" = Nokia 6230i Infrared-Handset Manager
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}" = Roxio PhotoSuite 5
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A506386-BF2E-4C8E-8BE7-751B028134D2}" = X1TLD-FB
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8CA071D3-A3DD-4EDD-A997-AFB178A181C7}" = DaViDeo ultimate
"{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8F714418-F3C3-3BF0-B548-E4BDA7AD41DE}" = Microsoft Visual Basic 2008 Express Edition with SP1 - DEU
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{93EC14D5-7AAA-4EAD-BB75-013817A96598}" = Logitech Gaming Software
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9E9DC77E-045B-4A28-990A-30CC4E1E8D80}" = SLOW-PCfighter
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A166CC47-2B02-427D-9619-58A935C66794}" = Tilgungsplaner Professional  9
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI (Studio 10)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A979B2D8-E3EE-4523-A26C-4AF0A6809280}" = Sniper Elite
"{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B0255743-165B-4BD5-8DA8-37DFB9930015}" = Norton Ghost
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B3282FB8-874B-4054-8356-9EB391A826F9}" = OLYMPUS muvee theaterPack
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B651B3EC-1827-4CF5-8398-397B789E3151}" = File Viewer Utility 1.2.1
"{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload-Software
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1205500-2179-11D7-B0B9-0000E24D4B29}" = Digital Camera
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
"{C2490885-D566-405F-889B-670C6CF0F7F2}" = Steganos Live Encryption Engine 17
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam
"{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}" = Microsoft SQL Server 2008 Native Client
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4BBCBA-89F6-47C3-9B0F-5CE5BB1C316C}" = WEB.DE Toolbar MSVC100 CRT x86
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}" = RemoteCapture 2.7.1
"{D074DC76-F6C9-440E-A1D0-1DE958417FDB}" = Microsoft SQL Server VSS Writer
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = CIG
"{DEF2E5A3-0317-4822-B930-8B721EB483E4}" = ArcSoft VideoImpression 1.6
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}" = Lock On: Modern Air Combat
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID (Studio 10)
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.079
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}" = mobile PhoneTools
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F40A958E-AABD-4D6F-A0FB-4D78DC02BEEF}" = Cimatron E 6.0
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch)
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}" = Microsoft SQL Server 2008 Common Files
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE Toolbar für Internet Explorer
"7-Zip" = 7-Zip 9.20
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 1.0" = Adobe Photoshop Elements
"Advanced Effect Maker Free Edition_is1" = Advanced Effect Maker Free Edition Version 2 (With VAC 2.0 B1)
"ATI Display Driver" = ATI Display Driver
"Avidemux 2.5" = Avidemux 2.5
"BattleStrike_ger" = Battle Strike
"BearPaw 2400CS Plus v2.1" = BearPaw 2400CS Plus v2.1
"Biet-O-Matic v2.0.29" = Biet-O-Matic v2.0.29
"bs_thesiege_ger" = BattleStrike The Siege
"BVSSOL_is1" = BVS Solitaire Sammlung version 4.0
"CamStudio" = CamStudio
"CANONBJ_Deinstall_CNMCP61.DLL" = Canon PIXMA iP3000
"Cucusoft Ultimate DVD Converter_is1" = Cucusoft Ultimate DVD Converter 7.15
"DesktopIconAmazon" = Desktop Icon für Amazon
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter 3.0
"easyFly" = easyFly
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Evrsoft First Page 2006_is1" = Evrsoft First Page 2006
"Excel" = Microsoft Excel 97
"FEMM_is1" = femm 4.2 09Nov2010
"FileZilla" = FileZilla (remove only)
"FlightGear_is1" = FlightGear v1.0.0
"Foto-Mosaik_is1" = Foto-Mosaik 4.1.0
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.1
"Free FLV to AVI MP4 3GP WMV MP3 Converter_is1" = Free FLV to AVI MP4 3GP WMV MP3 Converter v2.2
"Free Video Converter_is1" = Free Video Converter V 3.0
"FreePDF_XP" = FreePDF XP (Remove only)
"ftp-uploader" = ftp-uploader
"GETrans" = GETrans 1.6
"Google Chrome" = Google Chrome
"GPL Ghostscript 8.60" = GPL Ghostscript 8.60
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Inno Setup 5_is1" = Inno Setup Version 5.4.2
"InstallShield_{03CDDD00-BD57-4326-9480-4C74449AF597}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{095659A2-739F-4D9A-A916-66C7CAD16F9E}" = Canon EOS 10D WIA-Treiber
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{5ADA9741-0570-4096-B5FE-1D55E57537D4}" = Canon Camera Window for ZoomBrowser EX
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"InstallShield_{B651B3EC-1827-4CF5-8398-397B789E3151}" = Canon Utilities File Viewer Utility 1.2
"InstallShield_{CF6E4D8E-F6F3-40DF-B6C9-BA379F4E9FA3}" = Canon Utilities RemoteCapture 2.7
"InstallShield_{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = Canon Internet Library for ZoomBrowser EX
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"Lexmark 7100 Series" = Lexmark 7100 Series
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2008 Express Edition with SP1 - DEU" = Microsoft Visual Basic 2008 Express Edition mit SP1 - DEU
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Movies" = Movies
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NetObjects Fusion Essentials" = NetObjects Fusion Essentials
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Nvu_is1" = Nvu 1.0
"Outlook" = Microsoft Outlook 97
"phase5" = phase5
"PhotoRecord" = Canon PhotoRecord
"Picasa 3" = Picasa 3
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Revo Uninstaller" = Revo Uninstaller 1.94
"Santa Claus in Trouble" = Santa Claus in Trouble
"SearchAnonymizer" = SearchAnonymizer
"Sid Meier's Railroad Tycoon" = Sid Meier's Railroad Tycoon
"SLOW-PCfighter" = SLOW-PCfighter
"Sunplus CA533A" = Icatch(IV) Camera Driver
"Switch" = Switch
"Take ONE 4" = Take ONE 4
"The Royal Marines Commando_is1" = The Royal Marines Commando (1.0)
"U-Boote: Schlacht im Mittelmeer" = U-Boote: Schlacht im Mittelmeer
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Engine" = Sony Ericsson Update Engine
"VariCAD_20100828_DE" = VariCAD 2010-3.00 DE
"VariCADViewer_20100828_DE" = VariCAD Viewer 2010-3.00 DE
"Verbose" = Verbose Uninstall
"VLC media player" = VLC media player 1.1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Web Diashow_is1" = Web Diashow
"Webocton - Scriptly_is1" = Webocton - Scriptly 0.8.95.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Word8.0" = Microsoft Word 97
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.10.2012 09:06:46 | Computer Name = MOTIONSIGN | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\HARTMANN\EIGENE DATEIEN\EIGENE
 BILDER\OLYMPUS MASTER 2\2012\10\06\ERSATZTEIL.JPG> in der Hash-Zuordnung kann nicht
 aktualisiert werden.  Kontext:  Anwendung, SystemIndex Katalog  Details:  Ein an das 
System angeschlossenes Gerät funktioniert nicht.   (0x8007001f) 
 
Error - 09.10.2012 10:23:26 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 09.10.2012 20:31:16 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 09.10.2012 20:32:54 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 09.10.2012 22:27:55 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 10.10.2012 07:51:22 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 10.10.2012 07:51:34 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 15.0.1.4631, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 10.10.2012 19:26:55 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 11.10.2012 16:56:22 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.69.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 11.10.2012 16:56:28 | Computer Name = MOTIONSIGN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.69.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ OSession Events ]
Error - 15.10.2010 20:11:32 | Computer Name = MOTIONSIGN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session 
lasted 1087 seconds with 720 seconds of active time.  This session ended with a 
crash.
 
Error - 22.04.2011 13:51:10 | Computer Name = MOTIONSIGN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2643
 seconds with 2160 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 13.10.2012 07:26:44 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 13.10.2012 07:26:44 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 13.10.2012 07:26:45 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 13.10.2012 07:26:45 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 13.10.2012 19:49:28 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Acronis Scheduler2 Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%3
 
Error - 13.10.2012 19:49:28 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1058
 
Error - 13.10.2012 20:01:40 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Acronis Scheduler2 Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%3
 
Error - 13.10.2012 20:01:40 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1058
 
Error - 14.10.2012 16:47:02 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Acronis Scheduler2 Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%3
 
Error - 14.10.2012 16:47:02 | Computer Name = MOTIONSIGN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Icatch(IV) Video Camera Device" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1058
 
 
< End of report >
         
--- --- ---

Alt 14.10.2012, 23:20   #15
Tina666
 
Wieder CahtZum - Standard

Wieder CahtZum



Edit, weil Doppelpost.

Antwort

Themen zu Wieder CahtZum
absolut, ahnung, andere, anderen, angemeldet, beiträge, dinge, ebenfalls, finger, gemeldet, heute, hoffe, keine ahnung, monate, nichts, probleme, schön, softonic, tagen, vorgehen



Ähnliche Themen: Wieder CahtZum


  1. Leider wieder mal was bzw. schon wieder eingefangen
    Plagegeister aller Art und deren Bekämpfung - 06.04.2015 (9)
  2. your phone is infected install antivirus to delete - Nachricht erscheint wieder und wieder mit Weiterleitung in den play store
    Smartphone, Tablet & Handy Security - 12.03.2015 (9)
  3. Windows 7: Avira meldet immer wieder ADWARE/Adware.Gen4 bzw. .Gen7, zudem taucht Optimizer Pro immer wieder auf
    Log-Analyse und Auswertung - 14.12.2014 (9)
  4. Pup wieder da
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (31)
  5. Pc wieder sehr langsam, Firefox stürzt immer wieder ab.
    Log-Analyse und Auswertung - 21.08.2013 (9)
  6. PC fährt immer wieder von alleine runter und wieder hoch
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (13)
  7. und wieder BKA
    Plagegeister aller Art und deren Bekämpfung - 12.10.2012 (14)
  8. Internet immer wieder langsam, dann wieder normal usw.
    Log-Analyse und Auswertung - 20.10.2010 (1)
  9. IE öffnet immer wieder werbefenster sowie geht immer wieder der ton aus
    Plagegeister aller Art und deren Bekämpfung - 15.07.2010 (2)
  10. Windows Vista startet nicht, fährt sofort wieder runter und gleich wieder hoch...
    Alles rund um Windows - 03.04.2010 (3)
  11. externe festplatte wieder unter xp wieder herstellen
    Alles rund um Windows - 15.01.2009 (3)
  12. trojaner meldet sich wieder und wieder
    Plagegeister aller Art und deren Bekämpfung - 27.06.2007 (4)
  13. Imer wieder Trojan.small hin und wieder werbe pop-ups..
    Log-Analyse und Auswertung - 30.05.2006 (4)
  14. Mal wieder ....[help me please!]
    Plagegeister aller Art und deren Bekämpfung - 22.05.2006 (6)
  15. wieder mal ich
    Log-Analyse und Auswertung - 21.06.2005 (1)
  16. Mal wieder ein Log
    Log-Analyse und Auswertung - 26.03.2005 (3)

Zum Thema Wieder CahtZum - Hallo, ich habe mich heute hier angemeldet, da ich ebenfalls seit ein paar Tagen Probleme damit habe. Aus anderen Beiträgen hab ich schon mitbekommen, daß das von Softonic kommt, wobei - Wieder CahtZum...
Archiv
Du betrachtest: Wieder CahtZum auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.