Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Sicherheitscenter bei Windows Vista lässt sich nicht starten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.02.2013, 11:29   #1
reginew
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Hallo,

das Sicherheitscenter von Windows Vista hat gemeldet, dass es inaktiv ist und lässt sich jetzt nicht mehr starten. Beim Googeln nach diesem Thema werden mir Ergebnisse von Microsoft-Seiten angezeigt, die Links führen aber auf merkwürdige kommerzielle Seiten. Mc Afee Security Scan hat nichts gefunden.

Wer kann mir bitte weiterhelfen? Und mir die Frage beantworten: Kann ich denn überhaupt mit dem Gerät weiterarbeiten? Z.B. Internetrecherche?
Fehlen noch Informationen?
Herzlichen Dank für eine baldige Antwort.

Gruß
Regine

Die Meldungen von OTL, OTL Extras und Gmer.exe sind so lang, das ich erstmal nur OTL logfile poste. Zum direkten Hochladen sind die Dateien zu groß.OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 06.02.2013 09:27:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hauptbenutzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,75 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 66,28% Memory free
5,73 Gb Paging File | 4,69 Gb Available in Paging File | 81,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,17 Gb Total Space | 81,62 Gb Free Space | 56,62% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 102,05 Gb Free Space | 70,79% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Hauptbenutzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.06 09:07:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hauptbenutzer\Desktop\OTL.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.26 19:16:12 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\3.0.313\SSScheduler.exe
PRC - [2012.09.21 09:59:18 | 000,537,240 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe
PRC - [2012.09.12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2012.08.13 10:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Programme\program\soffice.exe
PRC - [2012.08.13 10:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Programme\program\soffice.bin
PRC - [2012.04.06 13:12:55 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.04.11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 14:18:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
PRC - [2008.09.30 13:06:50 | 000,485,208 | ---- | M] (Nikon Corporation) -- C:\Programme\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008.09.15 18:27:34 | 000,165,144 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2008.09.15 18:27:30 | 000,554,264 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2008.09.15 18:21:30 | 004,353,088 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008.09.10 23:02:24 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2008.06.11 09:22:16 | 000,409,600 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.05.29 16:44:30 | 000,167,936 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008.05.29 16:44:22 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008.05.14 16:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.05.14 16:05:22 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.05.12 16:28:04 | 000,167,936 | ---- | M] (Acer Corp.) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2008.03.21 12:22:52 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.01.16 17:35:02 | 000,081,504 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2007.12.06 15:15:28 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.01.11 10:06:42 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e40fa3c6d2f2a4200ee4e11fce57e7\System.ServiceProcess.ni.dll
MOD - [2013.01.11 10:06:38 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll
MOD - [2013.01.11 10:06:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013.01.11 10:06:29 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\259f7342c8ebb1150db3df1bc4d3394c\System.Web.ni.dll
MOD - [2013.01.11 10:06:07 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013.01.11 10:06:03 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013.01.11 10:05:41 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll
MOD - [2013.01.11 10:05:30 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013.01.11 10:04:19 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013.01.11 10:04:05 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012.09.21 10:00:08 | 004,467,864 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wauff12.dll
MOD - [2012.09.21 10:00:05 | 002,017,432 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wfvie12.dll
MOD - [2012.09.21 09:59:58 | 007,956,120 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wgui12.dll
MOD - [2012.09.21 09:59:37 | 001,649,816 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wreli12.dll
MOD - [2012.09.21 09:59:36 | 003,001,496 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wcore12.dll
MOD - [2012.09.21 09:59:31 | 001,548,952 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\wsteu12.dll
MOD - [2012.09.21 09:59:28 | 000,319,640 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\rsguiwinapi47.dll
MOD - [2012.09.21 09:59:26 | 000,275,096 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\rscorewinapi47.dll
MOD - [2012.09.21 09:59:18 | 000,537,240 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe
MOD - [2012.09.21 09:59:09 | 000,135,832 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\rsodbc47.dll
MOD - [2012.09.21 09:59:07 | 000,028,672 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\rsdcom47.dll
MOD - [2012.08.10 15:51:32 | 000,985,088 | ---- | M] () -- C:\Programme\program\libxml2.dll
MOD - [2012.02.07 11:37:06 | 000,865,280 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtcluceners47.dll
MOD - [2012.02.07 11:37:06 | 000,271,872 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\phononrs47.dll
MOD - [2012.02.07 11:37:04 | 011,163,648 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtwebkitrs47.dll
MOD - [2012.02.07 11:37:02 | 000,108,544 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qttestrs47.dll
MOD - [2012.02.07 11:37:00 | 001,340,416 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtscriptrs47.dll
MOD - [2012.02.07 11:36:58 | 002,395,648 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qt3supportrs47.dll
MOD - [2012.02.07 11:36:58 | 000,720,896 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtsqlrs47.dll
MOD - [2012.02.07 11:36:58 | 000,281,088 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtsvgrs47.dll
MOD - [2012.02.07 11:36:56 | 000,358,400 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtxmlrs47.dll
MOD - [2012.02.07 11:36:54 | 008,934,400 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtguirs47.dll
MOD - [2012.02.07 11:36:54 | 002,356,736 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtcorers47.dll
MOD - [2012.02.07 11:36:54 | 000,990,208 | ---- | M] () -- C:\Programme\Buhl finance\tax Steuersoftware 2012\qtnetworkrs47.dll
MOD - [2011.05.26 22:11:51 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3097.37359__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.05.26 22:11:51 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3091.17956__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.05.26 22:11:51 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3091.17977__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.05.26 22:11:48 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3097.37356__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.05.26 22:11:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3091.17965__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.05.26 22:11:48 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3091.17954__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.05.26 22:11:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3091.17977__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.05.26 22:11:48 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3091.17963__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2011.05.26 22:11:47 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2011.05.26 22:11:47 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.05.26 22:11:47 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3097.37411__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2011.05.26 22:11:45 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
MOD - [2011.05.26 22:11:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2011.05.26 22:11:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.05.26 22:11:44 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3091.17981__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011.05.26 22:11:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3091.17980__90ba9c70f846762e\DEM.OS.dll
MOD - [2011.05.26 22:11:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.05.26 22:11:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3091.17981__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.05.26 22:11:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.05.26 22:11:43 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3091.17957__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.05.26 22:11:43 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3091.17961__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.05.26 22:11:43 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3091.18035__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.05.26 22:11:43 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3091.17978__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.05.26 22:11:43 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.05.26 22:11:42 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3097.37100__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.05.26 22:11:40 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3097.37062_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll
MOD - [2011.05.26 22:11:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3097.37062__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.05.26 22:11:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3097.37060__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.05.26 22:11:39 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3091.17979__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.05.26 22:11:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3091.17967__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.05.26 22:11:39 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3097.37059__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011.05.26 22:11:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3091.17977__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.05.26 22:11:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3091.17968__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.05.26 22:11:34 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3097.37077__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.05.26 22:11:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.05.26 22:11:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3091.17961__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.05.26 22:11:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3091.17987__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.05.26 22:11:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.05.26 22:11:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3097.37107__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.05.26 22:11:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3091.17993__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.05.26 22:11:32 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3097.37069__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.05.26 22:11:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.05.26 22:11:31 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3097.37084__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.05.26 22:11:30 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3097.37379__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.05.26 22:11:27 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3097.37372__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.05.26 22:11:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3091.18001__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.05.26 22:11:24 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3097.37306__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.05.26 22:11:24 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.05.26 22:11:14 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3097.37130__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.05.26 22:11:13 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3097.37137__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.05.26 22:11:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3091.17983__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.05.26 22:11:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3097.37090__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.05.26 22:11:11 | 001,687,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3097.37114__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.05.26 22:11:10 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3097.37093__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.05.26 22:11:08 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3097.37332__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.05.26 22:11:08 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3091.17993__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.05.26 22:11:07 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3097.37237__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.05.26 22:11:07 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3091.17976__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.05.26 22:11:05 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3097.37153__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2011.05.26 22:11:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3097.37277__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.05.26 22:11:05 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.05.26 22:11:03 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3097.37278__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2011.05.26 22:11:03 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3097.37238__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.05.26 22:11:03 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.05.26 22:11:01 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3097.37287__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.05.26 22:11:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.05.26 22:11:00 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3097.37239__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.05.26 22:11:00 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.05.26 22:11:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3097.37239__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.05.26 22:11:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3091.17979__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.05.26 22:11:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3097.37358__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.05.26 22:11:00 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.05.26 22:10:59 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3097.37061__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011.05.26 22:10:59 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3097.37057__90ba9c70f846762e\APM.Server.dll
MOD - [2011.05.26 22:10:59 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3097.37058__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.05.26 22:10:59 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3097.37396__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.05.26 22:10:59 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011.05.26 22:10:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3091.17977__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.05.26 22:10:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.05.26 22:10:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3091.17961__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.05.26 22:10:59 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.05.26 22:10:59 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3091.17980__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011.05.26 22:10:59 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.05.26 22:10:59 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3091.17978__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.05.26 22:10:59 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.05.26 22:10:59 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.05.26 22:10:58 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.04.11 17:48:40 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.04.11 17:48:39 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.04.11 17:48:18 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.04.11 17:48:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2008.06.25 07:13:46 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.06.11 09:21:46 | 000,204,800 | ---- | M] () -- C:\Windows\System32\SysHook.dll
MOD - [2008.05.29 16:44:34 | 000,753,664 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008.05.29 16:44:28 | 000,007,680 | ---- | M] () -- C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
MOD - [2008.05.14 16:05:10 | 000,227,888 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008.04.28 08:49:20 | 000,003,072 | ---- | M] () -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
MOD - [2003.06.07 22:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.01.21 17:25:03 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.10 08:03:46 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.26 19:15:26 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.0.313\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.09.12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.09.15 18:27:30 | 000,554,264 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008.05.14 16:05:30 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.03.21 12:22:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.16 17:35:02 | 000,081,504 | ---- | M] () [Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2007.12.06 15:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.08.30 21:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2009.01.17 17:04:57 | 000,950,848 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tdrpm124.sys -- (tdrpman124)
DRV - [2009.01.17 16:56:44 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snman378.sys -- (snapman378)
DRV - [2008.08.15 03:37:08 | 000,921,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.06.25 07:53:34 | 003,844,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.05.28 16:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008.05.27 22:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.05.09 11:03:58 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.04.28 18:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2008.03.21 09:48:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.01.16 17:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2007.07.12 11:58:54 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2006.11.29 01:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 5F 19 63 A8 38 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?hl=de&tab=Xw"
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.313\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.04.06 13:13:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.21 17:25:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.21 17:24:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.21 17:25:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.21 17:24:07 | 000,000,000 | ---D | M]
 
[2011.05.26 22:19:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\Extensions
[2013.01.18 20:38:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\Firefox\Profiles\66xu3ay9.default\extensions
[2011.05.26 22:19:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\Firefox\Profiles\66xu3ay9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.01.18 20:38:22 | 000,538,938 | ---- | M] () (No name found) -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\extensions\toolbar@web.de.xpi
[2013.01.18 20:38:26 | 000,000,911 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\searchplugins\11-suche.xml
[2013.01.18 20:38:27 | 000,002,273 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\searchplugins\englische-ergebnisse.xml
[2013.01.18 20:38:26 | 000,010,563 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\searchplugins\gmx-suche.xml
[2013.01.18 20:38:26 | 000,002,432 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\searchplugins\lastminute.xml
[2013.01.18 20:38:26 | 000,005,545 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\searchplugins\webde-suche.xml
[2013.01.21 17:23:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.01.21 17:23:41 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.01.21 17:25:05 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 12:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.04 19:05:59 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.16 12:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 12:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 12:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 12:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Programme\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Hauptbenutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\program\quickstart.exe ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.13.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.198 80.69.102.158
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FE02DFE-0767-48E6-96C2-F05D932B6E75}: DhcpNameServer = 80.69.100.198 80.69.102.158
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21A43059-8D0B-432B-B6BB-7427E6F51834}: DhcpNameServer = 192.168.182.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21A43059-8D0B-432B-B6BB-7427E6F51834}: NameServer = 145.253.2.11
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Hauptbenutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Hauptbenutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.06 09:07:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hauptbenutzer\Desktop\OTL.exe
[2013.02.05 17:58:06 | 000,000,000 | ---D | C] -- C:\Users\Hauptbenutzer\AppData\Local\Windows Live
[2013.01.28 17:33:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013.01.21 17:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.03.19 15:42:54 | 024,791,032 | ---- | C] (SiSoftware ) -- C:\Users\Hauptbenutzer\san2010-1626-BQR.exe
[2005.07.04 16:35:43 | 000,155,648 | ---- | C] (Illustrate) -- C:\Program Files\WMA8Connect.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.06 09:07:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hauptbenutzer\Desktop\OTL.exe
[2013.02.06 09:06:46 | 000,628,918 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.06 09:06:46 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.06 09:06:46 | 000,126,692 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.06 09:06:46 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.06 09:05:28 | 000,000,000 | ---- | M] () -- C:\Users\Hauptbenutzer\defogger_reenable
[2013.02.06 09:04:23 | 000,050,477 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\Defogger.exe
[2013.02.06 09:03:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.06 09:01:23 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2013.02.06 09:01:07 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\klkmpnrxv.job
[2013.02.06 09:01:00 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.06 09:01:00 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.06 09:00:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.05 18:08:07 | 000,610,364 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\msert.exe
[2013.02.05 14:28:05 | 000,098,304 | RHS- | M] () -- C:\Windows\System32\tquery8.dll
[2013.01.28 17:33:46 | 000,001,915 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.01.28 17:33:46 | 000,001,915 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.01.26 08:59:29 | 000,024,064 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.23 19:09:14 | 000,479,924 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\Fahrkarte Kornwestheim.pdf
[2013.01.14 18:47:11 | 000,006,836 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Local\d3d9caps.dat
[2013.01.11 10:02:32 | 000,339,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.06 09:05:28 | 000,000,000 | ---- | C] () -- C:\Users\Hauptbenutzer\defogger_reenable
[2013.02.06 09:04:22 | 000,050,477 | ---- | C] () -- C:\Users\Hauptbenutzer\Desktop\Defogger.exe
[2013.02.05 18:08:07 | 000,610,364 | ---- | C] () -- C:\Users\Hauptbenutzer\Desktop\msert.exe
[2013.02.05 14:28:05 | 000,098,304 | RHS- | C] () -- C:\Windows\System32\tquery8.dll
[2013.02.05 14:28:05 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\klkmpnrxv.job
[2013.01.28 17:33:46 | 000,001,915 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.08.13 10:08:08 | 000,014,217 | ---- | C] () -- C:\Program Files\readme.html
[2012.05.08 13:15:36 | 000,000,005 | ---- | C] () -- C:\Program Files\basis-link
[2011.10.30 12:16:47 | 000,000,931 | ---- | C] () -- C:\Windows\wiso.ini
[2011.07.25 16:12:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.07.19 18:41:06 | 000,024,064 | ---- | C] () -- C:\Users\Hauptbenutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.12 16:58:02 | 000,006,836 | ---- | C] () -- C:\Users\Hauptbenutzer\AppData\Local\d3d9caps.dat
[2011.07.01 15:27:21 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.06.29 17:08:31 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2011.05.26 22:40:17 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011.05.26 22:40:17 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.05.26 22:40:17 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011.05.26 22:40:17 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2011.05.26 22:40:13 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011.05.26 22:26:47 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011.05.26 21:51:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.20 19:48:46 | 000,000,268 | RH-- | C] () -- C:\Users\Hauptbenutzer\AppData\Roaming\Sounds
[2009.07.20 19:43:23 | 000,000,268 | RH-- | C] () -- C:\Users\Hauptbenutzer\AppData\Roaming\Solid Colors
[2005.07.04 16:35:43 | 001,309,668 | ---- | C] () -- C:\Program Files\Line-In.pdf
[2005.07.04 16:35:43 | 000,138,240 | ---- | C] () -- C:\Program Files\vorbis.dll
[2005.07.04 16:35:43 | 000,064,000 | ---- | C] () -- C:\Program Files\vorbisenc.dll
[2005.07.04 16:35:43 | 000,044,863 | ---- | C] () -- C:\Program Files\German.lng
[2005.07.04 16:35:43 | 000,043,771 | ---- | C] () -- C:\Program Files\Italian.lng
[2005.07.04 16:35:43 | 000,042,533 | ---- | C] () -- C:\Program Files\Spanish.lng
[2005.07.04 16:35:43 | 000,011,776 | ---- | C] () -- C:\Program Files\vorbisfile.dll
[2005.07.04 16:35:43 | 000,009,216 | ---- | C] () -- C:\Program Files\ogg.dll
[2005.07.04 16:35:42 | 000,899,072 | ---- | C] () -- C:\Program Files\audiograbber.exe
[2005.07.04 16:35:42 | 000,178,412 | ---- | C] () -- C:\Program Files\Erste_Schritte.pdf
[2005.07.04 16:35:42 | 000,046,092 | ---- | C] () -- C:\Program Files\French.lng
[2005.07.04 16:35:42 | 000,036,352 | ---- | C] () -- C:\Program Files\ag12full.dll
[2005.07.04 16:35:42 | 000,004,774 | ---- | C] () -- C:\Program Files\audiograbber.ini
[2005.07.04 16:35:42 | 000,000,760 | ---- | C] () -- C:\Program Files\audiograbber.apr
[2005.07.04 16:35:42 | 000,000,386 | ---- | C] () -- C:\Program Files\Auto.Nam
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 14:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 14:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.05.26 22:19:37 | 000,000,000 | ---D | M] -- C:\Users\Hauptbenutzer\AppData\Roaming\AAV
[2011.05.26 22:19:37 | 000,000,000 | ---D | M] -- C:\Users\Hauptbenutzer\AppData\Roaming\Acer GameZone Console
[2011.05.26 22:19:37 | 000,000,000 | ---D | M] -- C:\Users\Hauptbenutzer\AppData\Roaming\Amazon
[2012.03.05 18:22:06 | 000,000,000 | ---D | M] -- C:\Users\Hauptbenutzer\AppData\Roaming\AnvSoft
[2011.10.30 12:20:26 | 000,000,000 | ---D | M] -- C:\Users\Hauptbenutzer\AppData\Roaming\Buhl Data Service
[2011.05.26 22:19:37 | 000,000,000 | ---D | M] -- C:\Users\Hauptbenutzer\AppData\Roaming\fotobuch.de AG
[2011.05.26 22:19:51 | 000,000,000 | ---D | M] -- C:\Users\Hauptbenutzer\AppData\Roaming\Nikon
[2011.05.26 22:19:51 | 000,000,000 | ---D | M] -- C:\Users\Hauptbenutzer\AppData\Roaming\OpenOffice.org
 
========== Purity Check ==========
 
 
< End of report >
         
--- --- ---

Alt 06.02.2013, 11:50   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Hallo und

Zitat:
Die Meldungen von OTL, OTL Extras und Gmer.exe sind so lang, das ich erstmal nur OTL logfile poste. Zum direkten Hochladen sind die Dateien zu groß.
Bei zu großen Logs bitte ausnahmsweise alle Logs in eine ZIP-Datei packen (also eine ZIP-Datei, die alle Logs enthält) und diese dann hier bitte anhängen.
__________________

__________________

Alt 06.02.2013, 12:39   #3
reginew
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Sorry, aber wo hänge ich die Zip-Datei an?
__________________

Alt 06.02.2013, 12:53   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Hinweise mal wieder nicht gelesen?
Diese hier => http://www.trojaner-board.de/69886-a...tml#post566999
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.02.2013, 12:58   #5
reginew
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Schäm! Jetzt hab ich's. Sorry, bin wohl etwas nervös.

Die Zip-Datei folgt also hier.

Gruß
Regine


Alt 06.02.2013, 14:13   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Code:
ATTFilter
[2013.02.05 14:28:05 | 000,098,304 | RHS- | C] () -- C:\Windows\System32\tquery8.dll
[2013.02.05 14:28:05 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\klkmpnrxv.job
         
Hier seh ich schonmal zwei Zecken

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
--> Sicherheitscenter bei Windows Vista lässt sich nicht starten

Alt 06.02.2013, 20:52   #7
reginew
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Ich denke, ich habe bisher alles verstanden. Mbar hat beim ersten Durchlauf 8 malware gefunden, beim zweiten Mal keines mehr.

Logfile des ersten Durchgangs:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org

Database version: v2013.02.06.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Hauptbenutzer :: NOTEBOOK [administrator]

06.02.2013 20:21:42
mbar-log-2013-02-06 (20-21-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28440
Time elapsed: 13 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 4
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\OGG.DLL (Spyware.OnlineGames) -> Data: 1 -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\VORBIS.DLL (Spyware.OnlineGames) -> Data: 1 -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\VORBISENC.DLL (Spyware.OnlineGames) -> Data: 1 -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES\VORBISFILE.DLL (Spyware.OnlineGames) -> Data: 1 -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
c:\Program Files\ogg.dll (Spyware.OnlineGames) -> Delete on reboot.
c:\Program Files\vorbis.dll (Spyware.OnlineGames) -> Delete on reboot.
c:\Program Files\vorbisenc.dll (Spyware.OnlineGames) -> Delete on reboot.
c:\Program Files\vorbisfile.dll (Spyware.OnlineGames) -> Delete on reboot.

(end)
         
Logfile des zweiten Durchgangs:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org

Database version: v2013.02.06.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Hauptbenutzer :: NOTEBOOK [administrator]

06.02.2013 20:41:33
mbar-log-2013-02-06 (20-41-33).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28417
Time elapsed: 12 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Sicherlich ist damit erst der erste Schritt getan, dennoch bin ich schon mal etwas erleichtert! Danke!
Schönen Abend!
Regine

Alt 06.02.2013, 21:51   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.02.2013, 12:16   #9
reginew
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Hier das aswMBR-Log:

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-07 11:38:04
-----------------------------
11:38:04.734    OS Version: Windows 6.0.6002 Service Pack 2
11:38:04.734    Number of processors: 2 586 0x301
11:38:04.750    ComputerName: NOTEBOOK  UserName: 
11:38:13.876    Initialize success
11:39:50.682    AVAST engine defs: 13020700
11:40:26.780    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
11:40:26.796    Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 8
11:40:26.811    Disk 0 MBR read successfully
11:40:26.811    Disk 0 MBR scan
11:40:26.842    Disk 0 Windows VISTA default MBR code
11:40:26.842    Disk 0 Partition 1 00     27 Hidden NTFS WinRE MSDOS5.0    10000 MB offset 2048
11:40:26.874    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       147630 MB offset 20482048
11:40:26.936    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       147613 MB offset 322828288
11:40:26.967    Disk 0 scanning sectors +625139712
11:40:27.076    Disk 0 scanning C:\Windows\system32\drivers
11:40:56.108    Service scanning
11:41:17.698    Service MpKsl433aa42e C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{48F9D230-E394-472E-A4A5-D165F618A4F8}\MpKsl433aa42e.sys **LOCKED** 32
11:41:48.711    Modules scanning
11:41:53.781    Disk 0 trace - called modules:
11:41:53.812    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys ahcix86s.sys tcpip.sys NETIO.SYS 
11:41:53.828    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a3fac8]
11:41:53.844    3 CLASSPNP.SYS[8a1cc8b3] -> nt!IofCallDriver -> [0x86102850]
11:41:53.859    5 acpi.sys[806106bc] -> nt!IofCallDriver -> \Device\0000005d[0x85b0cb08]
11:41:55.794    AVAST engine scan C:\Windows
11:42:07.603    AVAST engine scan C:\Windows\system32
11:51:17.409    AVAST engine scan C:\Windows\system32\drivers
11:51:58.858    AVAST engine scan C:\Users\Hauptbenutzer
11:57:30.374    AVAST engine scan C:\ProgramData
11:59:03.834    Scan finished successfully
12:00:57.355    Disk 0 MBR has been saved successfully to "C:\Users\Hauptbenutzer\Desktop\MBR.dat"
12:00:57.370    The log file has been saved successfully to "C:\Users\Hauptbenutzer\Desktop\aswMBR_log.txt"
         
Und hier folgt das Ergebnis vom LDSS-Killer:

Code:
ATTFilter
12:05:09.0956 2720  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:05:10.0143 2720  ============================================================
12:05:10.0143 2720  Current date / time: 2013/02/07 12:05:10.0143
12:05:10.0143 2720  SystemInfo:
12:05:10.0143 2720  
12:05:10.0143 2720  OS Version: 6.0.6002 ServicePack: 2.0
12:05:10.0143 2720  Product type: Workstation
12:05:10.0143 2720  ComputerName: NOTEBOOK
12:05:10.0143 2720  UserName: Hauptbenutzer
12:05:10.0143 2720  Windows directory: C:\Windows
12:05:10.0143 2720  System windows directory: C:\Windows
12:05:10.0143 2720  Processor architecture: Intel x86
12:05:10.0143 2720  Number of processors: 2
12:05:10.0143 2720  Page size: 0x1000
12:05:10.0143 2720  Boot type: Normal boot
12:05:10.0143 2720  ============================================================
12:05:12.0202 2720  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:05:12.0218 2720  ============================================================
12:05:12.0218 2720  \Device\Harddisk0\DR0:
12:05:12.0233 2720  MBR partitions:
12:05:12.0233 2720  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x12057000
12:05:12.0233 2720  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x133DF800, BlocksNum 0x1204E800
12:05:12.0233 2720  ============================================================
12:05:12.0265 2720  C: <-> \Device\Harddisk0\DR0\Partition1
12:05:12.0436 2720  D: <-> \Device\Harddisk0\DR0\Partition2
12:05:12.0436 2720  ============================================================
12:05:12.0436 2720  Initialize success
12:05:12.0436 2720  ============================================================
12:05:35.0243 3876  ============================================================
12:05:35.0243 3876  Scan started
12:05:35.0243 3876  Mode: Manual; SigCheck; TDLFS; 
12:05:35.0243 3876  ============================================================
12:05:36.0179 3876  ================ Scan system memory ========================
12:05:36.0179 3876  System memory - ok
12:05:36.0179 3876  ================ Scan services =============================
12:05:36.0289 3876  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
12:05:36.0507 3876  AAV UpdateService - ok
12:05:36.0647 3876  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
12:05:36.0694 3876  ACPI - ok
12:05:36.0757 3876  [ CF16937C4F653D131056F50012A8C8E7 ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
12:05:36.0819 3876  AcrSch2Svc - ok
12:05:36.0881 3876  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:05:36.0913 3876  AdobeARMservice - ok
12:05:36.0991 3876  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:05:37.0022 3876  AdobeFlashPlayerUpdateSvc - ok
12:05:37.0069 3876  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:05:37.0131 3876  adp94xx - ok
12:05:37.0178 3876  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:05:37.0225 3876  adpahci - ok
12:05:37.0240 3876  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
12:05:37.0271 3876  adpu160m - ok
12:05:37.0287 3876  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:05:37.0334 3876  adpu320 - ok
12:05:37.0381 3876  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:05:37.0505 3876  AeLookupSvc - ok
12:05:37.0537 3876  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
12:05:37.0583 3876  AFD - ok
12:05:37.0646 3876  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:05:37.0677 3876  agp440 - ok
12:05:37.0708 3876  [ FBE4016F9EF3AB3DB547E40A936B6CD9 ] ahcix86s        C:\Windows\system32\drivers\ahcix86s.sys
12:05:37.0739 3876  ahcix86s - ok
12:05:37.0771 3876  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:05:37.0802 3876  aic78xx - ok
12:05:37.0849 3876  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
12:05:37.0989 3876  ALG - ok
12:05:38.0020 3876  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:05:38.0051 3876  aliide - ok
12:05:38.0067 3876  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:05:38.0098 3876  amdagp - ok
12:05:38.0129 3876  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:05:38.0145 3876  amdide - ok
12:05:38.0176 3876  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
12:05:38.0254 3876  AmdK7 - ok
12:05:38.0285 3876  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:05:38.0363 3876  AmdK8 - ok
12:05:38.0426 3876  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
12:05:38.0473 3876  Appinfo - ok
12:05:38.0488 3876  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
12:05:38.0519 3876  arc - ok
12:05:38.0551 3876  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:05:38.0582 3876  arcsas - ok
12:05:38.0597 3876  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:05:38.0660 3876  AsyncMac - ok
12:05:38.0675 3876  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:05:38.0691 3876  atapi - ok
12:05:38.0753 3876  [ 7FA516FC81DD5931F389B56279A27A3E ] athr            C:\Windows\system32\DRIVERS\athr.sys
12:05:38.0863 3876  athr - ok
12:05:38.0909 3876  [ EEC308E4E061344BB31AE295A016721B ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
12:05:39.0003 3876  Ati External Event Utility - ok
12:05:39.0175 3876  [ 8FDD2385D30080711633FE9FF2A64126 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:05:39.0471 3876  atikmdag - ok
12:05:39.0518 3876  [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
12:05:39.0549 3876  AtiPcie - ok
12:05:39.0596 3876  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:05:39.0674 3876  AudioEndpointBuilder - ok
12:05:39.0705 3876  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:05:39.0752 3876  Audiosrv - ok
12:05:39.0783 3876  [ 7D0F2BFA273831124FA08526AF48AF18 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
12:05:39.0845 3876  b57nd60x - ok
12:05:39.0892 3876  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:05:39.0923 3876  Beep - ok
12:05:39.0955 3876  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
12:05:40.0033 3876  BFE - ok
12:05:40.0095 3876  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
12:05:40.0189 3876  BITS - ok
12:05:40.0220 3876  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
12:05:40.0298 3876  blbdrive - ok
12:05:40.0345 3876  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:05:40.0391 3876  bowser - ok
12:05:40.0438 3876  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
12:05:40.0485 3876  BrFiltLo - ok
12:05:40.0501 3876  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
12:05:40.0547 3876  BrFiltUp - ok
12:05:40.0594 3876  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
12:05:40.0625 3876  Browser - ok
12:05:40.0641 3876  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
12:05:40.0813 3876  Brserid - ok
12:05:40.0828 3876  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
12:05:40.0906 3876  BrSerWdm - ok
12:05:40.0937 3876  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
12:05:41.0015 3876  BrUsbMdm - ok
12:05:41.0031 3876  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
12:05:41.0109 3876  BrUsbSer - ok
12:05:41.0125 3876  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:05:41.0203 3876  BTHMODEM - ok
12:05:41.0249 3876  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
12:05:41.0265 3876  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
12:05:41.0265 3876  BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
12:05:41.0281 3876  [ 6598D078D5446197AED6B46C6A2A3431 ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS
12:05:41.0296 3876  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
12:05:41.0296 3876  BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
12:05:41.0312 3876  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:05:41.0374 3876  cdfs - ok
12:05:41.0390 3876  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:05:41.0421 3876  cdrom - ok
12:05:41.0437 3876  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:05:41.0483 3876  CertPropSvc - ok
12:05:41.0515 3876  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
12:05:41.0546 3876  circlass - ok
12:05:41.0593 3876  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
12:05:41.0624 3876  CLFS - ok
12:05:41.0702 3876  [ 5CA9B1062C0C3E3AE19C23AD9D8A5048 ] CLHNService     C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
12:05:41.0717 3876  CLHNService ( UnsignedFile.Multi.Generic ) - warning
12:05:41.0717 3876  CLHNService - detected UnsignedFile.Multi.Generic (1)
12:05:41.0780 3876  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:05:41.0811 3876  clr_optimization_v2.0.50727_32 - ok
12:05:41.0873 3876  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:05:41.0905 3876  clr_optimization_v4.0.30319_32 - ok
12:05:41.0951 3876  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:05:41.0998 3876  CmBatt - ok
12:05:42.0029 3876  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:05:42.0061 3876  cmdide - ok
12:05:42.0076 3876  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:05:42.0092 3876  Compbatt - ok
12:05:42.0107 3876  COMSysApp - ok
12:05:42.0123 3876  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:05:42.0139 3876  crcdisk - ok
12:05:42.0170 3876  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
12:05:42.0217 3876  Crusoe - ok
12:05:42.0279 3876  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:05:42.0295 3876  CryptSvc - ok
12:05:42.0341 3876  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:05:42.0419 3876  DcomLaunch - ok
12:05:42.0451 3876  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:05:42.0513 3876  DfsC - ok
12:05:42.0591 3876  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
12:05:42.0731 3876  DFSR - ok
12:05:42.0778 3876  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
12:05:42.0841 3876  Dhcp - ok
12:05:42.0856 3876  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
12:05:42.0887 3876  disk - ok
12:05:42.0919 3876  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
12:05:42.0950 3876  DKbFltr - ok
12:05:42.0981 3876  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:05:43.0012 3876  Dnscache - ok
12:05:43.0043 3876  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:05:43.0090 3876  dot3svc - ok
12:05:43.0121 3876  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
12:05:43.0199 3876  DPS - ok
12:05:43.0231 3876  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:05:43.0277 3876  drmkaud - ok
12:05:43.0324 3876  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:05:43.0387 3876  DXGKrnl - ok
12:05:43.0433 3876  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
12:05:43.0480 3876  E1G60 - ok
12:05:43.0511 3876  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
12:05:43.0543 3876  EapHost - ok
12:05:43.0558 3876  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
12:05:43.0574 3876  Ecache - ok
12:05:43.0667 3876  [ 2CE2DDCB1A41ED4488A2A8B98D286B3D ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
12:05:43.0699 3876  eDataSecurity Service - ok
12:05:43.0745 3876  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:05:43.0777 3876  ehRecvr - ok
12:05:43.0792 3876  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
12:05:43.0808 3876  ehSched - ok
12:05:43.0823 3876  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
12:05:43.0839 3876  ehstart - ok
12:05:43.0886 3876  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:05:43.0901 3876  elxstor - ok
12:05:43.0964 3876  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
12:05:44.0073 3876  EMDMgmt - ok
12:05:44.0104 3876  [ A81AB23EDDB4693612014D87367D014C ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:05:44.0151 3876  ErrDev - ok
12:05:44.0198 3876  [ A51FD9DF23720485991F56741BBEFCFB ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
12:05:44.0213 3876  ETService ( UnsignedFile.Multi.Generic ) - warning
12:05:44.0213 3876  ETService - detected UnsignedFile.Multi.Generic (1)
12:05:44.0245 3876  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
12:05:44.0307 3876  EventSystem - ok
12:05:44.0338 3876  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
12:05:44.0385 3876  exfat - ok
12:05:44.0416 3876  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:05:44.0463 3876  fastfat - ok
12:05:44.0494 3876  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:05:44.0525 3876  fdc - ok
12:05:44.0541 3876  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:05:44.0572 3876  fdPHost - ok
12:05:44.0588 3876  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:05:44.0650 3876  FDResPub - ok
12:05:44.0681 3876  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:05:44.0713 3876  FileInfo - ok
12:05:44.0728 3876  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:05:44.0775 3876  Filetrace - ok
12:05:44.0791 3876  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:05:44.0853 3876  flpydisk - ok
12:05:44.0884 3876  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:05:44.0915 3876  FltMgr - ok
12:05:44.0978 3876  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
12:05:45.0025 3876  FontCache - ok
12:05:45.0071 3876  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:05:45.0087 3876  FontCache3.0.0.0 - ok
12:05:45.0118 3876  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:05:45.0165 3876  Fs_Rec - ok
12:05:45.0212 3876  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:05:45.0227 3876  gagp30kx - ok
12:05:45.0243 3876  [ 5DC17164F66380CBFEFD895C18467773 ] GearAspiWDM     C:\Windows\system32\drivers\GEARAspiWDM.sys
12:05:45.0259 3876  GearAspiWDM - ok
12:05:45.0305 3876  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:05:45.0399 3876  gpsvc - ok
12:05:45.0446 3876  [ 1BF044E23206FDDC16891A32922D571B ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:05:45.0461 3876  gusvc - ok
12:05:45.0477 3876  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:05:45.0539 3876  HDAudBus - ok
12:05:45.0571 3876  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:05:45.0664 3876  HidBth - ok
12:05:45.0695 3876  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:05:45.0789 3876  HidIr - ok
12:05:45.0836 3876  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
12:05:45.0867 3876  hidserv - ok
12:05:45.0898 3876  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:05:45.0929 3876  HidUsb - ok
12:05:45.0961 3876  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:05:46.0007 3876  hkmsvc - ok
12:05:46.0039 3876  [ 7EBEC5EB56B90ED65A8BBD91464E5CFB ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
12:05:46.0070 3876  HpCISSs - ok
12:05:46.0132 3876  [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
12:05:46.0257 3876  HSF_DPV - ok
12:05:46.0288 3876  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
12:05:46.0335 3876  HSXHWAZL - ok
12:05:46.0382 3876  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:05:46.0491 3876  HTTP - ok
12:05:46.0522 3876  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
12:05:46.0553 3876  i2omp - ok
12:05:46.0585 3876  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:05:46.0647 3876  i8042prt - ok
12:05:46.0678 3876  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
12:05:46.0725 3876  iaStorV - ok
12:05:46.0772 3876  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:05:46.0787 3876  IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:05:46.0787 3876  IDriverT - detected UnsignedFile.Multi.Generic (1)
12:05:46.0865 3876  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:05:46.0959 3876  idsvc - ok
12:05:46.0975 3876  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:05:47.0006 3876  iirsp - ok
12:05:47.0053 3876  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:05:47.0131 3876  IKEEXT - ok
12:05:47.0177 3876  [ C6E5276C00EBDEB096BB5EF4B797D1B6 ] int15           C:\Windows\system32\drivers\int15.sys
12:05:47.0209 3876  int15 - ok
12:05:47.0302 3876  [ 58628F232A00A3149D7CC7708C521499 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:05:47.0505 3876  IntcAzAudAddService - ok
12:05:47.0536 3876  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:05:47.0552 3876  intelide - ok
12:05:47.0599 3876  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:05:47.0661 3876  intelppm - ok
12:05:47.0708 3876  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:05:47.0770 3876  IPBusEnum - ok
12:05:47.0786 3876  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:05:47.0848 3876  IpFilterDriver - ok
12:05:47.0895 3876  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:05:47.0942 3876  iphlpsvc - ok
12:05:47.0957 3876  IpInIp - ok
12:05:47.0973 3876  [ 4B9C0F4D4A3ACC535F9771039ECD6365 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
12:05:48.0035 3876  IPMIDRV - ok
12:05:48.0067 3876  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
12:05:48.0129 3876  IPNAT - ok
12:05:48.0160 3876  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:05:48.0223 3876  IRENUM - ok
12:05:48.0269 3876  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:05:48.0285 3876  isapnp - ok
12:05:48.0316 3876  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:05:48.0363 3876  iScsiPrt - ok
12:05:48.0379 3876  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
12:05:48.0410 3876  iteatapi - ok
12:05:48.0425 3876  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
12:05:48.0441 3876  iteraid - ok
12:05:48.0457 3876  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:05:48.0472 3876  kbdclass - ok
12:05:48.0488 3876  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:05:48.0519 3876  kbdhid - ok
12:05:48.0550 3876  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
12:05:48.0566 3876  KeyIso - ok
12:05:48.0613 3876  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:05:48.0644 3876  KSecDD - ok
12:05:48.0691 3876  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:05:48.0722 3876  KtmRm - ok
12:05:48.0769 3876  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:05:48.0800 3876  LanmanServer - ok
12:05:48.0847 3876  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:05:48.0893 3876  LanmanWorkstation - ok
12:05:48.0971 3876  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
12:05:48.0971 3876  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:05:48.0987 3876  LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:05:49.0018 3876  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:05:49.0096 3876  lltdio - ok
12:05:49.0143 3876  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:05:49.0221 3876  lltdsvc - ok
12:05:49.0252 3876  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:05:49.0346 3876  lmhosts - ok
12:05:49.0377 3876  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:05:49.0408 3876  LSI_FC - ok
12:05:49.0424 3876  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:05:49.0439 3876  LSI_SAS - ok
12:05:49.0471 3876  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:05:49.0486 3876  LSI_SCSI - ok
12:05:49.0502 3876  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
12:05:49.0564 3876  luafv - ok
12:05:49.0627 3876  [ C58F15CD4EF79210455512CF0C449F39 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.313\McCHSvc.exe
12:05:49.0642 3876  McComponentHostService - ok
12:05:49.0689 3876  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:05:49.0736 3876  Mcx2Svc - ok
12:05:49.0767 3876  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:05:49.0798 3876  mdmxsdk - ok
12:05:49.0845 3876  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:05:49.0876 3876  megasas - ok
12:05:49.0923 3876  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
12:05:49.0970 3876  MegaSR - ok
12:05:49.0985 3876  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
12:05:50.0063 3876  MMCSS - ok
12:05:50.0126 3876  MobilityService - ok
12:05:50.0141 3876  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
12:05:50.0204 3876  Modem - ok
12:05:50.0251 3876  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:05:50.0313 3876  monitor - ok
12:05:50.0344 3876  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:05:50.0375 3876  mouclass - ok
12:05:50.0391 3876  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:05:50.0469 3876  mouhid - ok
12:05:50.0485 3876  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
12:05:50.0516 3876  MountMgr - ok
12:05:50.0563 3876  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:05:50.0594 3876  MozillaMaintenance - ok
12:05:50.0641 3876  [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
12:05:50.0687 3876  MpFilter - ok
12:05:50.0719 3876  [ 5DA347912FD3AF24D7BFB3DE519D4BD0 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:05:50.0750 3876  mpio - ok
12:05:50.0859 3876  [ A69630D039C38018689190234F866D77 ] MpKsl433aa42e   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{48F9D230-E394-472E-A4A5-D165F618A4F8}\MpKsl433aa42e.sys
12:05:50.0875 3876  MpKsl433aa42e - ok
12:05:50.0906 3876  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:05:50.0953 3876  mpsdrv - ok
12:05:50.0999 3876  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:05:51.0109 3876  MpsSvc - ok
12:05:51.0140 3876  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
12:05:51.0171 3876  Mraid35x - ok
12:05:51.0218 3876  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:05:51.0280 3876  MRxDAV - ok
12:05:51.0327 3876  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:05:51.0374 3876  mrxsmb - ok
12:05:51.0405 3876  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:05:51.0452 3876  mrxsmb10 - ok
12:05:51.0467 3876  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:05:51.0499 3876  mrxsmb20 - ok
12:05:51.0530 3876  [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:05:51.0545 3876  msahci - ok
12:05:51.0577 3876  [ 2C563AEF15B8D0014C36C5F27742AC7B ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:05:51.0608 3876  msdsm - ok
12:05:51.0623 3876  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
12:05:51.0701 3876  MSDTC - ok
12:05:51.0748 3876  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:05:51.0826 3876  Msfs - ok
12:05:51.0857 3876  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:05:51.0889 3876  msisadrv - ok
12:05:51.0920 3876  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:05:52.0013 3876  MSiSCSI - ok
12:05:52.0013 3876  msiserver - ok
12:05:52.0060 3876  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:05:52.0107 3876  MSKSSRV - ok
12:05:52.0169 3876  [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:05:52.0201 3876  MsMpSvc - ok
12:05:52.0232 3876  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:05:52.0294 3876  MSPCLOCK - ok
12:05:52.0310 3876  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:05:52.0372 3876  MSPQM - ok
12:05:52.0419 3876  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:05:52.0450 3876  MsRPC - ok
12:05:52.0481 3876  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:05:52.0513 3876  mssmbios - ok
12:05:52.0528 3876  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:05:52.0606 3876  MSTEE - ok
12:05:52.0637 3876  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
12:05:52.0669 3876  Mup - ok
12:05:52.0700 3876  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
12:05:52.0793 3876  napagent - ok
12:05:52.0825 3876  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:05:52.0856 3876  NativeWifiP - ok
12:05:52.0903 3876  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:05:52.0949 3876  NDIS - ok
12:05:52.0981 3876  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:05:52.0996 3876  NdisTapi - ok
12:05:53.0012 3876  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:05:53.0043 3876  Ndisuio - ok
12:05:53.0074 3876  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:05:53.0121 3876  NdisWan - ok
12:05:53.0152 3876  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:05:53.0199 3876  NDProxy - ok
12:05:53.0230 3876  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:05:53.0261 3876  NetBIOS - ok
12:05:53.0277 3876  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
12:05:53.0324 3876  netbt - ok
12:05:53.0355 3876  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
12:05:53.0371 3876  Netlogon - ok
12:05:53.0402 3876  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
12:05:53.0449 3876  Netman - ok
12:05:53.0464 3876  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
12:05:53.0527 3876  netprofm - ok
12:05:53.0573 3876  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:05:53.0589 3876  NetTcpPortSharing - ok
12:05:53.0605 3876  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:05:53.0620 3876  nfrd960 - ok
12:05:53.0636 3876  [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:05:53.0667 3876  NisDrv - ok
12:05:53.0698 3876  [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
12:05:53.0714 3876  NisSrv - ok
12:05:53.0745 3876  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:05:53.0792 3876  NlaSvc - ok
12:05:53.0823 3876  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:05:53.0870 3876  Npfs - ok
12:05:53.0901 3876  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
12:05:53.0932 3876  nsi - ok
12:05:53.0948 3876  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:05:53.0979 3876  nsiproxy - ok
12:05:54.0041 3876  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:05:54.0151 3876  Ntfs - ok
12:05:54.0182 3876  [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
12:05:54.0197 3876  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - warning
12:05:54.0197 3876  NTIBackupSvc - detected UnsignedFile.Multi.Generic (1)
12:05:54.0229 3876  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
12:05:54.0260 3876  NTIDrvr - ok
12:05:54.0291 3876  [ 547BFA3591C70674B0BFC99354AB78B3 ] NTIPPKernel     C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
12:05:54.0322 3876  NTIPPKernel ( UnsignedFile.Multi.Generic ) - warning
12:05:54.0322 3876  NTIPPKernel - detected UnsignedFile.Multi.Generic (1)
12:05:54.0369 3876  [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
12:05:54.0400 3876  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
12:05:54.0400 3876  NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
12:05:54.0431 3876  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
12:05:54.0541 3876  ntrigdigi - ok
12:05:54.0556 3876  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
12:05:54.0634 3876  Null - ok
12:05:54.0665 3876  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:05:54.0697 3876  nvraid - ok
12:05:54.0728 3876  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:05:54.0759 3876  nvstor - ok
12:05:54.0775 3876  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:05:54.0806 3876  nv_agp - ok
12:05:54.0821 3876  NwlnkFlt - ok
12:05:54.0837 3876  NwlnkFwd - ok
12:05:54.0868 3876  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:05:54.0931 3876  ohci1394 - ok
12:05:54.0962 3876  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
12:05:55.0055 3876  p2pimsvc - ok
12:05:55.0071 3876  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:05:55.0118 3876  p2psvc - ok
12:05:55.0149 3876  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
12:05:55.0196 3876  Parport - ok
12:05:55.0227 3876  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:05:55.0258 3876  partmgr - ok
12:05:55.0274 3876  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
12:05:55.0336 3876  Parvdm - ok
12:05:55.0367 3876  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:05:55.0414 3876  PcaSvc - ok
12:05:55.0445 3876  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
12:05:55.0461 3876  pci - ok
12:05:55.0477 3876  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys
12:05:55.0492 3876  pciide - ok
12:05:55.0508 3876  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:05:55.0523 3876  pcmcia - ok
12:05:55.0570 3876  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:05:55.0742 3876  PEAUTH - ok
12:05:55.0867 3876  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
12:05:56.0038 3876  pla - ok
12:05:56.0085 3876  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:05:56.0147 3876  PlugPlay - ok
12:05:56.0194 3876  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
12:05:56.0257 3876  PNRPAutoReg - ok
12:05:56.0303 3876  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
12:05:56.0350 3876  PNRPsvc - ok
12:05:56.0381 3876  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:05:56.0459 3876  PolicyAgent - ok
12:05:56.0491 3876  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:05:56.0537 3876  PptpMiniport - ok
12:05:56.0569 3876  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:05:56.0600 3876  Processor - ok
12:05:56.0647 3876  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:05:56.0662 3876  ProfSvc - ok
12:05:56.0678 3876  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:05:56.0693 3876  ProtectedStorage - ok
12:05:56.0725 3876  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
12:05:56.0771 3876  PSched - ok
12:05:56.0818 3876  [ 1DCBB35090CC4B2BD3D661E6089523C6 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
12:05:56.0834 3876  PSDFilter - ok
12:05:56.0849 3876  [ E26E46D619469964AC3609620F443867 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
12:05:56.0865 3876  PSDNServ - ok
12:05:56.0881 3876  [ 3E1D134AF2806867D06047C4CC33CC65 ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
12:05:56.0896 3876  psdvdisk - ok
12:05:56.0943 3876  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:05:57.0037 3876  ql2300 - ok
12:05:57.0052 3876  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:05:57.0068 3876  ql40xx - ok
12:05:57.0115 3876  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
12:05:57.0130 3876  QWAVE - ok
12:05:57.0146 3876  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:05:57.0193 3876  QWAVEdrv - ok
12:05:57.0208 3876  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:05:57.0255 3876  RasAcd - ok
12:05:57.0286 3876  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
12:05:57.0349 3876  RasAuto - ok
12:05:57.0380 3876  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:05:57.0427 3876  Rasl2tp - ok
12:05:57.0458 3876  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
12:05:57.0505 3876  RasMan - ok
12:05:57.0520 3876  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:05:57.0567 3876  RasPppoe - ok
12:05:57.0598 3876  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:05:57.0629 3876  RasSstp - ok
12:05:57.0661 3876  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:05:57.0707 3876  rdbss - ok
12:05:57.0723 3876  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:05:57.0770 3876  RDPCDD - ok
12:05:57.0817 3876  [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
12:05:57.0863 3876  rdpdr - ok
12:05:57.0879 3876  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:05:57.0926 3876  RDPENCDD - ok
12:05:57.0973 3876  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:05:58.0019 3876  RDPWD - ok
12:05:58.0082 3876  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:05:58.0144 3876  RemoteAccess - ok
12:05:58.0175 3876  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:05:58.0222 3876  RemoteRegistry - ok
12:05:58.0269 3876  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo       C:\Program Files\Cyberlink\Shared files\RichVideo.exe
12:05:58.0300 3876  RichVideo - ok
12:05:58.0331 3876  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
12:05:58.0378 3876  RpcLocator - ok
12:05:58.0425 3876  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
12:05:58.0487 3876  RpcSs - ok
12:05:58.0519 3876  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:05:58.0597 3876  rspndr - ok
12:05:58.0628 3876  [ 30AF53469B2A60F693ACB24FBD90ABD7 ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
12:05:58.0690 3876  RTSTOR - ok
12:05:58.0721 3876  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
12:05:58.0737 3876  SamSs - ok
12:05:58.0768 3876  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:05:58.0799 3876  sbp2port - ok
12:05:58.0831 3876  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:05:58.0877 3876  SCardSvr - ok
12:05:58.0924 3876  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
12:05:58.0987 3876  Schedule - ok
12:05:59.0018 3876  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:05:59.0049 3876  SCPolicySvc - ok
12:05:59.0080 3876  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:05:59.0127 3876  SDRSVC - ok
12:05:59.0189 3876  [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:05:59.0236 3876  SeaPort - ok
12:05:59.0267 3876  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:05:59.0377 3876  secdrv - ok
12:05:59.0408 3876  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
12:05:59.0470 3876  seclogon - ok
12:05:59.0486 3876  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
12:05:59.0564 3876  SENS - ok
12:05:59.0595 3876  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:05:59.0720 3876  Serenum - ok
12:05:59.0751 3876  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
12:05:59.0860 3876  Serial - ok
12:05:59.0876 3876  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:05:59.0923 3876  sermouse - ok
12:05:59.0954 3876  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:05:59.0985 3876  SessionEnv - ok
12:06:00.0001 3876  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:06:00.0032 3876  sffdisk - ok
12:06:00.0047 3876  [ E5EAFE85815BD89095FEF3144A09AB68 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:06:00.0063 3876  sffp_mmc - ok
12:06:00.0079 3876  [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:06:00.0125 3876  sffp_sd - ok
12:06:00.0141 3876  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:06:00.0219 3876  sfloppy - ok
12:06:00.0250 3876  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:06:00.0313 3876  SharedAccess - ok
12:06:00.0344 3876  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:06:00.0391 3876  ShellHWDetection - ok
12:06:00.0406 3876  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:06:00.0422 3876  sisagp - ok
12:06:00.0437 3876  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
12:06:00.0453 3876  SiSRaid2 - ok
12:06:00.0484 3876  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:06:00.0500 3876  SiSRaid4 - ok
12:06:00.0547 3876  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
12:06:00.0578 3876  SkypeUpdate - ok
12:06:00.0687 3876  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
12:06:00.0890 3876  slsvc - ok
12:06:00.0921 3876  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
12:06:00.0937 3876  SLUINotify - ok
12:06:00.0952 3876  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:06:00.0999 3876  Smb - ok
12:06:01.0046 3876  [ 793F65AAC52E5ECCB83E6D9DE054C865 ] snapman378      C:\Windows\system32\DRIVERS\snman378.sys
12:06:01.0061 3876  snapman378 - ok
12:06:01.0077 3876  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:06:01.0093 3876  SNMPTRAP - ok
12:06:01.0108 3876  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
12:06:01.0124 3876  spldr - ok
12:06:01.0171 3876  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
12:06:01.0202 3876  Spooler - ok
12:06:01.0280 3876  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:06:01.0311 3876  srv - ok
12:06:01.0327 3876  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:06:01.0373 3876  srv2 - ok
12:06:01.0405 3876  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:06:01.0451 3876  srvnet - ok
12:06:01.0467 3876  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:06:01.0561 3876  SSDPSRV - ok
12:06:01.0592 3876  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:06:01.0639 3876  SstpSvc - ok
12:06:01.0670 3876  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
12:06:01.0701 3876  stisvc - ok
12:06:01.0748 3876  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:06:01.0763 3876  swenum - ok
12:06:01.0779 3876  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
12:06:01.0810 3876  swprv - ok
12:06:01.0841 3876  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
12:06:01.0857 3876  Symc8xx - ok
12:06:01.0873 3876  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
12:06:01.0888 3876  Sym_hi - ok
12:06:01.0904 3876  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
12:06:01.0919 3876  Sym_u3 - ok
12:06:01.0966 3876  [ 4C9BB4B3B9EAC26211484C30B914C6DC ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:06:01.0982 3876  SynTP - ok
12:06:02.0013 3876  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
12:06:02.0091 3876  SysMain - ok
12:06:02.0107 3876  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:06:02.0153 3876  TabletInputService - ok
12:06:02.0185 3876  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:06:02.0231 3876  TapiSrv - ok
12:06:02.0263 3876  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
12:06:02.0309 3876  TBS - ok
12:06:02.0356 3876  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:06:02.0434 3876  Tcpip - ok
12:06:02.0465 3876  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
12:06:02.0528 3876  Tcpip6 - ok
12:06:02.0559 3876  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:06:02.0575 3876  tcpipreg - ok
12:06:02.0606 3876  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:06:02.0653 3876  TDPIPE - ok
12:06:02.0715 3876  [ 1C66BD6C1C2463514635CDD9443EB0E9 ] tdrpman124      C:\Windows\system32\DRIVERS\tdrpm124.sys
12:06:02.0793 3876  tdrpman124 - ok
12:06:02.0824 3876  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:06:02.0887 3876  TDTCP - ok
12:06:02.0902 3876  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:06:02.0980 3876  tdx - ok
12:06:03.0011 3876  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:06:03.0027 3876  TermDD - ok
12:06:03.0074 3876  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
12:06:03.0167 3876  TermService - ok
12:06:03.0214 3876  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
12:06:03.0245 3876  Themes - ok
12:06:03.0261 3876  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
12:06:03.0323 3876  THREADORDER - ok
12:06:03.0339 3876  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
12:06:03.0401 3876  TrkWks - ok
12:06:03.0448 3876  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:06:03.0479 3876  TrustedInstaller - ok
12:06:03.0511 3876  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:06:03.0557 3876  tssecsrv - ok
12:06:03.0573 3876  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
12:06:03.0620 3876  tunmp - ok
12:06:03.0651 3876  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:06:03.0682 3876  tunnel - ok
12:06:03.0698 3876  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:06:03.0713 3876  uagp35 - ok
12:06:03.0745 3876  [ F763E070843EE2803DE1395002B42938 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
12:06:03.0760 3876  UBHelper - ok
12:06:03.0791 3876  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:06:03.0838 3876  udfs - ok
12:06:03.0885 3876  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:06:03.0916 3876  UI0Detect - ok
12:06:03.0932 3876  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:06:03.0947 3876  uliagpkx - ok
12:06:03.0979 3876  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
12:06:03.0994 3876  uliahci - ok
12:06:04.0025 3876  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
12:06:04.0041 3876  UlSata - ok
12:06:04.0057 3876  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
12:06:04.0072 3876  ulsata2 - ok
12:06:04.0088 3876  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:06:04.0150 3876  umbus - ok
12:06:04.0181 3876  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
12:06:04.0213 3876  upnphost - ok
12:06:04.0259 3876  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:06:04.0291 3876  usbccgp - ok
12:06:04.0306 3876  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:06:04.0353 3876  usbcir - ok
12:06:04.0384 3876  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:06:04.0400 3876  usbehci - ok
12:06:04.0447 3876  [ EDCA5124B54BCF04E5C0538AA397A9C1 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
12:06:04.0462 3876  usbfilter - ok
12:06:04.0478 3876  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:06:04.0509 3876  usbhub - ok
12:06:04.0525 3876  [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:06:04.0571 3876  usbohci - ok
12:06:04.0603 3876  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
12:06:04.0649 3876  usbprint - ok
12:06:04.0665 3876  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:06:04.0696 3876  USBSTOR - ok
12:06:04.0712 3876  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:06:04.0727 3876  usbuhci - ok
12:06:04.0743 3876  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:06:04.0790 3876  usbvideo - ok
12:06:04.0837 3876  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
12:06:04.0852 3876  UxSms - ok
12:06:04.0883 3876  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
12:06:04.0946 3876  vds - ok
12:06:04.0961 3876  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:06:05.0039 3876  vga - ok
12:06:05.0071 3876  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:06:05.0149 3876  VgaSave - ok
12:06:05.0180 3876  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:06:05.0211 3876  viaagp - ok
12:06:05.0242 3876  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:06:05.0289 3876  ViaC7 - ok
12:06:05.0320 3876  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
12:06:05.0351 3876  viaide - ok
12:06:05.0367 3876  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:06:05.0398 3876  volmgr - ok
12:06:05.0429 3876  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:06:05.0476 3876  volmgrx - ok
12:06:05.0507 3876  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:06:05.0539 3876  volsnap - ok
12:06:05.0585 3876  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:06:05.0617 3876  vsmraid - ok
12:06:05.0679 3876  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
12:06:05.0819 3876  VSS - ok
12:06:05.0851 3876  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
12:06:05.0897 3876  W32Time - ok
12:06:05.0929 3876  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:06:05.0991 3876  WacomPen - ok
12:06:06.0007 3876  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:06:06.0038 3876  Wanarp - ok
12:06:06.0053 3876  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:06:06.0069 3876  Wanarpv6 - ok
12:06:06.0100 3876  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:06:06.0116 3876  wcncsvc - ok
12:06:06.0147 3876  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:06:06.0209 3876  WcsPlugInService - ok
12:06:06.0256 3876  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
12:06:06.0272 3876  Wd - ok
12:06:06.0319 3876  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:06:06.0365 3876  Wdf01000 - ok
12:06:06.0381 3876  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:06:06.0443 3876  WdiServiceHost - ok
12:06:06.0459 3876  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:06:06.0506 3876  WdiSystemHost - ok
12:06:06.0537 3876  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
12:06:06.0584 3876  WebClient - ok
12:06:06.0631 3876  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:06:06.0677 3876  Wecsvc - ok
12:06:06.0693 3876  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:06:06.0755 3876  wercplsupport - ok
12:06:06.0787 3876  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:06:06.0818 3876  WerSvc - ok
12:06:06.0849 3876  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
12:06:06.0958 3876  winachsf - ok
12:06:07.0005 3876  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:06:07.0021 3876  WinDefend - ok
12:06:07.0036 3876  WinHttpAutoProxySvc - ok
12:06:07.0114 3876  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:06:07.0145 3876  Winmgmt - ok
12:06:07.0208 3876  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:06:07.0301 3876  WinRM - ok
12:06:07.0364 3876  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:06:07.0442 3876  Wlansvc - ok
12:06:07.0489 3876  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:06:07.0520 3876  WmiAcpi - ok
12:06:07.0567 3876  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:06:07.0598 3876  wmiApSrv - ok
12:06:07.0691 3876  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:06:07.0801 3876  WMPNetworkSvc - ok
12:06:07.0832 3876  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:06:07.0879 3876  WPCSvc - ok
12:06:07.0925 3876  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:06:07.0957 3876  WPDBusEnum - ok
12:06:07.0988 3876  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
12:06:08.0019 3876  WpdUsb - ok
12:06:08.0113 3876  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:06:08.0175 3876  WPFFontCache_v0400 - ok
12:06:08.0206 3876  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:06:08.0284 3876  ws2ifsl - ok
12:06:08.0331 3876  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
12:06:08.0378 3876  wscsvc - ok
12:06:08.0393 3876  WSearch - ok
12:06:08.0518 3876  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
12:06:08.0690 3876  wuauserv - ok
12:06:08.0737 3876  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:06:08.0768 3876  WudfPf - ok
12:06:08.0830 3876  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:06:08.0908 3876  WUDFRd - ok
12:06:08.0939 3876  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:06:08.0971 3876  wudfsvc - ok
12:06:08.0986 3876  [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
12:06:09.0017 3876  XAudio - ok
12:06:09.0033 3876  [ 15A317674A08DF26BE65164D959E9203 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
12:06:09.0080 3876  XAudioService - ok
12:06:09.0158 3876  [ 4D840C6AF3C020ED3A35EFBA9025CF4A ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
12:06:09.0173 3876  {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
12:06:09.0173 3876  ================ Scan global ===============================
12:06:09.0205 3876  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:06:09.0236 3876  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:06:09.0267 3876  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:06:09.0298 3876  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:06:09.0314 3876  [Global] - ok
12:06:09.0314 3876  ================ Scan MBR ==================================
12:06:09.0329 3876  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:06:09.0719 3876  \Device\Harddisk0\DR0 - ok
12:06:09.0719 3876  ================ Scan VBR ==================================
12:06:09.0735 3876  [ BB278F094C39BE47E05BE7C4BAEE0D18 ] \Device\Harddisk0\DR0\Partition1
12:06:09.0735 3876  \Device\Harddisk0\DR0\Partition1 - ok
12:06:09.0766 3876  [ 932A15A22F6DA086DEAE086D394E3E5C ] \Device\Harddisk0\DR0\Partition2
12:06:09.0766 3876  \Device\Harddisk0\DR0\Partition2 - ok
12:06:09.0766 3876  ============================================================
12:06:09.0766 3876  Scan finished
12:06:09.0766 3876  ============================================================
12:06:09.0797 5292  Detected object count: 9
12:06:09.0797 5292  Actual detected object count: 9
12:06:54.0351 5292  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:54.0351 5292  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:06:54.0351 5292  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:54.0351 5292  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:06:54.0351 5292  CLHNService ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:54.0351 5292  CLHNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:06:54.0367 5292  ETService ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:54.0367 5292  ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:06:54.0367 5292  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:54.0367 5292  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:06:54.0367 5292  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:54.0367 5292  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:06:54.0382 5292  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:54.0382 5292  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:06:54.0382 5292  NTIPPKernel ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:54.0382 5292  NTIPPKernel ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:06:54.0382 5292  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:54.0382 5292  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Danke schon mal für die gute Unterstützung!

Alt 07.02.2013, 12:54   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.02.2013, 20:18   #11
reginew
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Hallo,

ich musste Microsoft Security Essentials deinstallieren, da ich es nicht stoppen konnte, weil ich keinen Zugriff mehr hatte. Combofix meldete, dass es noch aktiv sei.

Hier das Ergebnis von Combofix:

Code:
ATTFilter
ComboFix 13-02-07.01 - Hauptbenutzer 07.02.2013  19:43:39.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2814.1873 [GMT 1:00]
ausgeführt von:: c:\users\Hauptbenutzer\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Hauptbenutzer\4.0
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-07 bis 2013-02-07  ))))))))))))))))))))))))))))))
.
.
2013-02-07 18:52 . 2013-02-07 18:52	--------	d-----w-	c:\users\Hauptbenutzer\AppData\Local\temp
2013-02-07 18:52 . 2013-02-07 18:52	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-06 19:07 . 2013-02-06 19:07	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-05 17:04 . 2013-02-05 17:04	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-02-05 16:59 . 2013-02-05 16:59	7450888	----a-w-	c:\program files\Common Files\Windows Live\.cache\15d216e71ce03c205\bingbarsetup.exe
2013-02-05 16:58 . 2009-08-04 08:02	754688	----a-w-	c:\windows\system32\webservices.dll
2013-02-05 16:58 . 2013-02-05 16:58	15712	----a-w-	c:\program files\Common Files\Windows Live\.cache\eadf6e71ce03c204\MeshBetaRemover.exe
2013-02-05 16:58 . 2013-02-05 16:58	537432	----a-w-	c:\program files\Common Files\Windows Live\.cache\bb43ee71ce03c203\DXSETUP.exe
2013-02-05 16:58 . 2013-02-05 16:58	89944	----a-w-	c:\program files\Common Files\Windows Live\.cache\bb43ee71ce03c203\DSETUP.dll
2013-02-05 16:58 . 2013-02-05 16:58	1801048	----a-w-	c:\program files\Common Files\Windows Live\.cache\bb43ee71ce03c203\dsetup32.dll
2013-02-05 16:58 . 2013-02-05 16:58	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\807ffc71ce03c202\DXSETUP.exe
2013-02-05 16:58 . 2013-02-05 16:58	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\807ffc71ce03c202\dsetup32.dll
2013-02-05 16:58 . 2013-02-05 16:58	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\807ffc71ce03c202\DSETUP.dll
2013-02-05 16:58 . 2013-02-05 16:58	--------	d-----w-	c:\users\Hauptbenutzer\AppData\Local\Windows Live
2013-02-05 13:28 . 2013-02-05 13:28	98304	--sha-r-	c:\windows\system32\tquery8.dll
2013-01-10 06:15 . 2012-11-23 01:35	2048000	----a-w-	c:\windows\system32\win32k.sys
2013-01-10 06:15 . 2012-11-20 04:22	204288	----a-w-	c:\windows\system32\ncrypt.dll
2013-01-10 06:14 . 2012-11-02 10:19	1400832	----a-w-	c:\windows\system32\msxml6.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-05 17:04 . 2012-07-09 20:25	861088	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-02-05 17:04 . 2010-05-12 20:22	782240	----a-w-	c:\windows\system32\deployJava1.dll
2013-01-30 10:53 . 2009-10-04 14:51	232336	------w-	c:\windows\system32\MpSigStub.exe
2013-01-10 07:03 . 2012-04-06 12:11	697864	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-01-10 07:03 . 2011-07-01 09:02	74248	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 13:12 . 2012-12-21 07:25	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-21 07:25	293376	----a-w-	c:\windows\system32\atmfd.dll
2012-11-14 02:09 . 2012-12-15 10:56	1800704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-15 10:56	1427968	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-15 10:56	1129472	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-15 10:56	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-15 10:56	420864	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-15 10:56	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-13 01:29 . 2012-12-14 08:38	2048	----a-w-	c:\windows\system32\tzres.dll
2004-02-09 03:48 . 2005-07-04 15:35	899072	----a-w-	c:\program files\audiograbber.exe
2002-01-03 20:50 . 2005-07-04 15:35	155648	----a-w-	c:\program files\WMA8Connect.dll
2000-01-15 23:01 . 2005-07-04 15:35	36352	----a-w-	c:\program files\ag12full.dll
2013-02-06 10:15 . 2013-02-06 10:14	262552	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-14 15:05	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-17 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-09-15 165144]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-09-15 962456]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-29 147456]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-29 167936]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-06-11 409600]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-09-15 4353088]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-09-10 809480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-04-06 273528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Hauptbenutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files\program\quickstart.exe [2012-8-13 1199104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.313\SSScheduler.exe [2012-10-26 271808]
t@x aktuell.lnk - c:\program files\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe [2012-10-8 537240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AAV UpdateService;AAV UpdateService;c:\program files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 07:03]
.
2013-02-07 c:\windows\Tasks\klkmpnrxv.job
- c:\windows\system32\tquery8.dll [2013-02-05 13:28]
.
.
------- Zusätzlicher Suchlauf -------
.
TCP: DhcpNameServer = 80.69.100.198 80.69.102.158
TCP: Interfaces\{21A43059-8D0B-432B-B6BB-7427E6F51834}: NameServer = 145.253.2.11
FF - ProfilePath - c:\users\Hauptbenutzer\AppData\Roaming\Mozilla\Firefox\Profiles\66xu3ay9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/webhp?hl=de&tab=Xw
FF - ExtSQL: !HIDDEN! 2011-05-26 23:09; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-02-07 19:52
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
.
c:\users\HAUPTB~1\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4736)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
.
Zeit der Fertigstellung: 2013-02-07  19:54:43
ComboFix-quarantined-files.txt  2013-02-07 18:54
.
Vor Suchlauf: 9 Verzeichnis(se), 86.788.804.608 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 87.037.050.880 Bytes frei
.
- - End Of File - - 62582D9BFE3532F3516B7D6742BB761B
         
Schönen Abend!
Regine

Alt 08.02.2013, 13:23   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:
ATTFilter
File::
c:\windows\system32\tquery8.dll
C:\Windows\tasks\klkmpnrxv.job
         
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.



6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.02.2013, 16:53   #13
reginew
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Hallo,

leider bekam ich wieder von Combofix die Meldung, das Microsoft Security Essentials aktiv sei, obwohl ich das Prohrammm deinstalliert habe.

Hier das Ergebnis:

Code:
ATTFilter
ComboFix 13-02-07.01 - Hauptbenutzer 08.02.2013  16:33:27.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2814.1772 [GMT 1:00]
ausgeführt von:: c:\users\Hauptbenutzer\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Hauptbenutzer\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\tquery8.dll"
"c:\windows\tasks\klkmpnrxv.job"
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-08 bis 2013-02-08  ))))))))))))))))))))))))))))))
.
.
2013-02-08 15:42 . 2013-02-08 15:42	--------	d-----w-	c:\users\Hauptbenutzer\AppData\Local\temp
2013-02-08 15:42 . 2013-02-08 15:42	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-06 19:07 . 2013-02-06 19:07	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-05 17:04 . 2013-02-05 17:04	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-02-05 16:59 . 2013-02-05 16:59	7450888	----a-w-	c:\program files\Common Files\Windows Live\.cache\15d216e71ce03c205\bingbarsetup.exe
2013-02-05 16:58 . 2009-08-04 08:02	754688	----a-w-	c:\windows\system32\webservices.dll
2013-02-05 16:58 . 2013-02-05 16:58	15712	----a-w-	c:\program files\Common Files\Windows Live\.cache\eadf6e71ce03c204\MeshBetaRemover.exe
2013-02-05 16:58 . 2013-02-05 16:58	537432	----a-w-	c:\program files\Common Files\Windows Live\.cache\bb43ee71ce03c203\DXSETUP.exe
2013-02-05 16:58 . 2013-02-05 16:58	89944	----a-w-	c:\program files\Common Files\Windows Live\.cache\bb43ee71ce03c203\DSETUP.dll
2013-02-05 16:58 . 2013-02-05 16:58	1801048	----a-w-	c:\program files\Common Files\Windows Live\.cache\bb43ee71ce03c203\dsetup32.dll
2013-02-05 16:58 . 2013-02-05 16:58	525656	----a-w-	c:\program files\Common Files\Windows Live\.cache\807ffc71ce03c202\DXSETUP.exe
2013-02-05 16:58 . 2013-02-05 16:58	1691480	----a-w-	c:\program files\Common Files\Windows Live\.cache\807ffc71ce03c202\dsetup32.dll
2013-02-05 16:58 . 2013-02-05 16:58	94040	----a-w-	c:\program files\Common Files\Windows Live\.cache\807ffc71ce03c202\DSETUP.dll
2013-02-05 16:58 . 2013-02-05 16:58	--------	d-----w-	c:\users\Hauptbenutzer\AppData\Local\Windows Live
2013-02-05 13:28 . 2013-02-05 13:28	98304	--sha-r-	c:\windows\system32\tquery8.dll
2013-01-10 06:15 . 2012-11-23 01:35	2048000	----a-w-	c:\windows\system32\win32k.sys
2013-01-10 06:15 . 2012-11-20 04:22	204288	----a-w-	c:\windows\system32\ncrypt.dll
2013-01-10 06:14 . 2012-11-02 10:19	1400832	----a-w-	c:\windows\system32\msxml6.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-05 17:04 . 2012-07-09 20:25	861088	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-02-05 17:04 . 2010-05-12 20:22	782240	----a-w-	c:\windows\system32\deployJava1.dll
2013-01-30 10:53 . 2009-10-04 14:51	232336	------w-	c:\windows\system32\MpSigStub.exe
2013-01-10 07:03 . 2012-04-06 12:11	697864	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-01-10 07:03 . 2011-07-01 09:02	74248	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 13:12 . 2012-12-21 07:25	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-21 07:25	293376	----a-w-	c:\windows\system32\atmfd.dll
2012-11-14 02:09 . 2012-12-15 10:56	1800704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-15 10:56	1427968	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-15 10:56	1129472	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-15 10:56	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-15 10:56	420864	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-15 10:56	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-13 01:29 . 2012-12-14 08:38	2048	----a-w-	c:\windows\system32\tzres.dll
2004-02-09 03:48 . 2005-07-04 15:35	899072	----a-w-	c:\program files\audiograbber.exe
2002-01-03 20:50 . 2005-07-04 15:35	155648	----a-w-	c:\program files\WMA8Connect.dll
2000-01-15 23:01 . 2005-07-04 15:35	36352	----a-w-	c:\program files\ag12full.dll
2013-02-06 10:15 . 2013-02-06 10:14	262552	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-14 15:05	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-17 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-09-15 165144]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-09-15 962456]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-29 147456]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-29 167936]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-06-11 409600]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-09-15 4353088]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-09-10 809480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-04-06 273528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Hauptbenutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files\program\quickstart.exe [2012-8-13 1199104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.313\SSScheduler.exe [2012-10-26 271808]
t@x aktuell.lnk - c:\program files\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe [2012-10-8 537240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AAV UpdateService;AAV UpdateService;c:\program files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 07:03]
.
2013-02-08 c:\windows\Tasks\klkmpnrxv.job
- c:\windows\system32\tquery8.dll [2013-02-05 13:28]
.
.
------- Zusätzlicher Suchlauf -------
.
TCP: DhcpNameServer = 80.69.100.198 80.69.102.158
TCP: Interfaces\{21A43059-8D0B-432B-B6BB-7427E6F51834}: NameServer = 145.253.2.11
FF - ProfilePath - c:\users\Hauptbenutzer\AppData\Roaming\Mozilla\Firefox\Profiles\66xu3ay9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/webhp?hl=de&tab=Xw
FF - ExtSQL: !HIDDEN! 2011-05-26 23:09; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: yahoo.homepage.dontask - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-02-08 16:42
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1004)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
.
Zeit der Fertigstellung: 2013-02-08  16:44:26
ComboFix-quarantined-files.txt  2013-02-08 15:44
ComboFix2.txt  2013-02-07 18:54
.
Vor Suchlauf: 11 Verzeichnis(se), 86.863.425.536 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 86.840.586.240 Bytes frei
.
- - End Of File - - FDB41432DB37DD981DB63B2E78C64849
         
Grüße
Regine

Alt 08.02.2013, 21:07   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.02.2013, 10:15   #15
reginew
 
Sicherheitscenter bei Windows Vista lässt sich nicht starten - Standard

Sicherheitscenter bei Windows Vista lässt sich nicht starten



Guten Morgen,

der adwcleaner lief einmal, hier das Ergebnis:

Code:
ATTFilter
# AdwCleaner v2.111 - Datei am 09/02/2013 um 09:39:45 erstellt
# Aktualisiert am 05/02/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Hauptbenutzer - NOTEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Hauptbenutzer\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Hauptbenutzer\AppData\Roaming\Mozilla\Firefox\Profiles\66xu3ay9.default\searchplugins\11-suche.xml

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v18.0.2 (de)

Datei : C:\Users\Hauptbenutzer\AppData\Roaming\Mozilla\Firefox\Profiles\66xu3ay9.default\prefs.js

C:\Users\Hauptbenutzer\AppData\Roaming\Mozilla\Firefox\Profiles\66xu3ay9.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1132 octets] - [09/02/2013 09:39:45]

########## EOF - C:\AdwCleaner[S1].txt - [1192 octets] ##########
         

Und hier die beiden OTL Logfiles:

Code:
ATTFilter
OTL logfile created on: 09.02.2013 09:49:29 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Hauptbenutzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,75 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 62,14% Memory free
5,72 Gb Paging File | 4,66 Gb Available in Paging File | 81,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,17 Gb Total Space | 80,91 Gb Free Space | 56,12% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 102,05 Gb Free Space | 70,79% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Hauptbenutzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Hauptbenutzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\McAfee Security Scan\3.0.313\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe ()
PRC - C:\Programme\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Programme\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
PRC - C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e40fa3c6d2f2a4200ee4e11fce57e7\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\259f7342c8ebb1150db3df1bc4d3394c\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wauff12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wfvie12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wgui12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wreli12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wcore12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wsteu12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\rsguiwinapi47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\rscorewinapi47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\rsodbc47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\rsdcom47.dll ()
MOD - C:\Programme\program\libxml2.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtcluceners47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\phononrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtwebkitrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qttestrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtscriptrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qt3supportrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtsqlrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtsvgrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtxmlrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtguirs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtcorers47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtnetworkrs47.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3097.37359__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3091.17956__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3091.17977__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3097.37356__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3091.17965__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3091.17954__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3091.17977__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3091.17963__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3097.37411__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3091.17981__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3091.17980__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3091.17981__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3091.17957__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3091.17961__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3091.18035__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3091.17978__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3097.37100__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3097.37062_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3097.37062__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3097.37060__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3091.17979__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3091.17967__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3097.37059__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3091.17977__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3091.17968__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3097.37077__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3091.17961__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3091.17987__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3097.37107__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3091.17993__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3097.37069__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3097.37084__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3097.37379__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3097.37372__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3091.18001__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3097.37306__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3097.37130__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3097.37137__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3091.17983__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3097.37090__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3097.37114__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3097.37093__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3097.37332__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3091.17993__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3097.37237__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3091.17976__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3097.37153__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3097.37277__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3097.37278__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3097.37238__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3097.37287__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3097.37239__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3097.37239__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3091.17979__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3097.37358__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3097.37061__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3097.37057__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3097.37058__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3097.37396__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3091.17977__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3091.17961__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3091.17980__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3091.17978__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Windows\System32\SysHook.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()
MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Programme\Launch Manager\PowerUtl.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.313\McCHSvc.exe (McAfee, Inc.)
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AAV UpdateService) -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (AcrSch2Svc) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (eDataSecurity Service) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\HAUPTB~1\AppData\Local\Temp\catchme.sys File not found
DRV - (tdrpman124) -- C:\Windows\System32\drivers\tdrpm124.sys (Acronis)
DRV - (snapman378) -- C:\Windows\System32\drivers\snman378.sys (Acronis)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices Inc.)
DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 5F 19 63 A8 38 CC 01  [binary data]
IE - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?hl=de&tab=Xw"
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.313\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.04.06 13:13:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.06 11:15:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.06 11:14:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.06 11:15:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.06 11:14:25 | 000,000,000 | ---D | M]
 
[2011.05.26 22:19:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\Extensions
[2013.01.18 20:38:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\Firefox\Profiles\66xu3ay9.default\extensions
[2011.05.26 22:19:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\Firefox\Profiles\66xu3ay9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.01.18 20:38:22 | 000,538,938 | ---- | M] () (No name found) -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\extensions\toolbar@web.de.xpi
[2013.01.18 20:38:27 | 000,002,273 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\searchplugins\englische-ergebnisse.xml
[2013.01.18 20:38:26 | 000,010,563 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\searchplugins\gmx-suche.xml
[2013.01.18 20:38:26 | 000,002,432 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\searchplugins\lastminute.xml
[2013.01.18 20:38:26 | 000,005,545 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Roaming\mozilla\firefox\profiles\66xu3ay9.default\searchplugins\webde-suche.xml
[2013.02.06 11:14:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.02.06 11:14:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.02.06 11:15:23 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 12:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.04 19:05:59 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.16 12:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 12:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 12:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 12:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Programme\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - Startup: C:\Users\Hauptbenutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3536314564-2519316015-1050042000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.13.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.198 80.69.102.158
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FE02DFE-0767-48E6-96C2-F05D932B6E75}: DhcpNameServer = 80.69.100.198 80.69.102.158
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21A43059-8D0B-432B-B6BB-7427E6F51834}: DhcpNameServer = 192.168.182.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21A43059-8D0B-432B-B6BB-7427E6F51834}: NameServer = 145.253.2.11
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Hauptbenutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Hauptbenutzer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.08 16:44:28 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.02.08 16:44:28 | 000,000,000 | ---D | C] -- C:\Users\Hauptbenutzer\AppData\Local\temp
[2013.02.08 16:43:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.08 16:30:17 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.02.07 19:40:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.02.07 19:40:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.02.07 19:40:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.02.07 19:31:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.02.07 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.02.07 19:29:46 | 005,031,093 | R--- | C] (Swearware) -- C:\Users\Hauptbenutzer\Desktop\ComboFix.exe
[2013.02.07 12:03:32 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Hauptbenutzer\Desktop\tdsskiller.exe
[2013.02.07 11:35:12 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Hauptbenutzer\Desktop\aswMBR.exe
[2013.02.06 20:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.06 20:06:13 | 000,000,000 | ---D | C] -- C:\Users\Hauptbenutzer\Desktop\mbar-1.01.0.1017
[2013.02.06 19:52:32 | 000,000,000 | ---D | C] -- C:\Users\Hauptbenutzer\Desktop\board
[2013.02.06 12:35:15 | 000,000,000 | ---D | C] -- C:\Users\Hauptbenutzer\Desktop\Logfiles
[2013.02.06 11:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.06 10:53:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.02.06 09:07:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hauptbenutzer\Desktop\OTL.exe
[2013.02.05 18:09:10 | 078,991,448 | ---- | C] (Microsoft Corporation) -- C:\Users\Hauptbenutzer\Desktop\mserta.exe
[2013.02.05 18:04:56 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.05 18:04:43 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.05 18:04:43 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.05 18:04:43 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.02.05 17:58:50 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2013.02.05 17:58:06 | 000,000,000 | ---D | C] -- C:\Users\Hauptbenutzer\AppData\Local\Windows Live
[2013.01.28 17:33:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2010.03.19 15:42:54 | 024,791,032 | ---- | C] (SiSoftware                                                  ) -- C:\Users\Hauptbenutzer\san2010-1626-BQR.exe
[2005.07.04 16:35:43 | 000,155,648 | ---- | C] (Illustrate) -- C:\Program Files\WMA8Connect.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.09 09:47:48 | 000,628,918 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.09 09:47:48 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.09 09:47:48 | 000,126,692 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.09 09:47:48 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.09 09:42:20 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2013.02.09 09:42:10 | 000,006,836 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Local\d3d9caps.dat
[2013.02.09 09:42:03 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.09 09:42:03 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.09 09:42:02 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\klkmpnrxv.job
[2013.02.09 09:41:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.09 09:38:46 | 000,582,209 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\adwcleaner.exe
[2013.02.08 11:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.07 19:39:40 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.02.07 19:30:06 | 005,031,093 | R--- | M] (Swearware) -- C:\Users\Hauptbenutzer\Desktop\ComboFix.exe
[2013.02.07 12:03:35 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Hauptbenutzer\Desktop\tdsskiller.exe
[2013.02.07 12:00:57 | 000,000,512 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\MBR.dat
[2013.02.07 11:36:22 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Hauptbenutzer\Desktop\aswMBR.exe
[2013.02.06 20:04:49 | 013,562,257 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\mbar-1.01.0.1017.zip
[2013.02.06 10:53:26 | 247,245,430 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.06 10:30:31 | 000,365,568 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\gmer_2.0.18454.exe
[2013.02.06 09:07:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hauptbenutzer\Desktop\OTL.exe
[2013.02.06 09:05:28 | 000,000,000 | ---- | M] () -- C:\Users\Hauptbenutzer\defogger_reenable
[2013.02.06 09:04:23 | 000,050,477 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\Defogger.exe
[2013.02.05 18:10:06 | 078,991,448 | ---- | M] (Microsoft Corporation) -- C:\Users\Hauptbenutzer\Desktop\mserta.exe
[2013.02.05 18:08:07 | 000,610,364 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\msert.exe
[2013.02.05 18:04:34 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.02.05 18:04:28 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.05 18:04:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.05 18:04:27 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.05 18:04:26 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.02.05 18:04:26 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.02.05 14:28:05 | 000,098,304 | RHS- | M] () -- C:\Windows\System32\tquery8.dll
[2013.01.30 11:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.01.28 17:33:46 | 000,001,915 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.01.28 17:33:46 | 000,001,915 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.01.26 08:59:29 | 000,024,064 | ---- | M] () -- C:\Users\Hauptbenutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.23 19:09:14 | 000,479,924 | ---- | M] () -- C:\Users\Hauptbenutzer\Desktop\Fahrkarte Kornwestheim.pdf
[2013.01.11 10:02:32 | 000,339,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.09 09:38:45 | 000,582,209 | ---- | C] () -- C:\Users\Hauptbenutzer\Desktop\adwcleaner.exe
[2013.02.07 19:40:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.02.07 19:40:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.02.07 19:40:54 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.02.07 19:40:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.02.07 19:40:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.02.07 12:00:57 | 000,000,512 | ---- | C] () -- C:\Users\Hauptbenutzer\Desktop\MBR.dat
[2013.02.06 20:04:27 | 013,562,257 | ---- | C] () -- C:\Users\Hauptbenutzer\Desktop\mbar-1.01.0.1017.zip
[2013.02.06 10:53:26 | 247,245,430 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.02.06 10:30:29 | 000,365,568 | ---- | C] () -- C:\Users\Hauptbenutzer\Desktop\gmer_2.0.18454.exe
[2013.02.06 09:05:28 | 000,000,000 | ---- | C] () -- C:\Users\Hauptbenutzer\defogger_reenable
[2013.02.06 09:04:22 | 000,050,477 | ---- | C] () -- C:\Users\Hauptbenutzer\Desktop\Defogger.exe
[2013.02.05 18:08:07 | 000,610,364 | ---- | C] () -- C:\Users\Hauptbenutzer\Desktop\msert.exe
[2013.02.05 14:28:05 | 000,098,304 | RHS- | C] () -- C:\Windows\System32\tquery8.dll
[2013.02.05 14:28:05 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\klkmpnrxv.job
[2013.01.28 17:33:46 | 000,001,915 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012.08.13 10:08:08 | 000,014,217 | ---- | C] () -- C:\Program Files\readme.html
[2012.05.08 13:15:36 | 000,000,005 | ---- | C] () -- C:\Program Files\basis-link
[2011.10.30 12:16:47 | 000,000,931 | ---- | C] () -- C:\Windows\wiso.ini
[2011.07.25 16:12:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.07.19 18:41:06 | 000,024,064 | ---- | C] () -- C:\Users\Hauptbenutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.12 16:58:02 | 000,006,836 | ---- | C] () -- C:\Users\Hauptbenutzer\AppData\Local\d3d9caps.dat
[2011.07.01 15:27:21 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.06.29 17:08:31 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2011.05.26 22:40:17 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011.05.26 22:40:17 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.05.26 22:40:17 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011.05.26 22:40:17 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2011.05.26 22:40:13 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011.05.26 22:26:47 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011.05.26 21:51:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.20 19:48:46 | 000,000,268 | RH-- | C] () -- C:\Users\Hauptbenutzer\AppData\Roaming\Sounds
[2009.07.20 19:43:23 | 000,000,268 | RH-- | C] () -- C:\Users\Hauptbenutzer\AppData\Roaming\Solid Colors
[2005.07.04 16:35:43 | 001,309,668 | ---- | C] () -- C:\Program Files\Line-In.pdf
[2005.07.04 16:35:43 | 000,044,863 | ---- | C] () -- C:\Program Files\German.lng
[2005.07.04 16:35:43 | 000,043,771 | ---- | C] () -- C:\Program Files\Italian.lng
[2005.07.04 16:35:43 | 000,042,533 | ---- | C] () -- C:\Program Files\Spanish.lng
[2005.07.04 16:35:42 | 000,899,072 | ---- | C] () -- C:\Program Files\audiograbber.exe
[2005.07.04 16:35:42 | 000,178,412 | ---- | C] () -- C:\Program Files\Erste_Schritte.pdf
[2005.07.04 16:35:42 | 000,046,092 | ---- | C] () -- C:\Program Files\French.lng
[2005.07.04 16:35:42 | 000,036,352 | ---- | C] () -- C:\Program Files\ag12full.dll
[2005.07.04 16:35:42 | 000,004,774 | ---- | C] () -- C:\Program Files\audiograbber.ini
[2005.07.04 16:35:42 | 000,000,760 | ---- | C] () -- C:\Program Files\audiograbber.apr
[2005.07.04 16:35:42 | 000,000,386 | ---- | C] () -- C:\Program Files\Auto.Nam
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 14:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 14:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 09.02.2013 09:49:29 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Hauptbenutzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,75 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 62,14% Memory free
5,72 Gb Paging File | 4,66 Gb Available in Paging File | 81,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,17 Gb Total Space | 80,91 Gb Free Space | 56,12% Space Free | Partition Type: NTFS
Drive D: | 144,15 Gb Total Space | 102,05 Gb Free Space | 70,79% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK | User Name: Hauptbenutzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3536314564-2519316015-1050042000-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe" = C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe:*:Designer.exe -- ()
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0290A9D5-CAD0-4407-B390-D2AF0AC9775E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe | 
"{12A89E7C-C931-47E2-B6D2-93A1F16BA6F5}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe | 
"{1FFE0232-C298-4822-8958-18450E11D425}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{4018B5C4-5096-451D-B7D4-F0B49C4EE255}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{4964F629-1B19-441E-B74B-435856AE721F}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x86\rpcsandrasrv.exe | 
"{91077A8F-1CCD-4B67-9B76-541E03141F2C}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe | 
"{A428CC9E-B935-417B-AFBF-1EE3A909DE5B}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x86\rpcsandrasrv.exe | 
"{C5AB4ED1-B78A-4D4E-82BA-1561E77E9BBA}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{D80FEEDC-BE20-43A3-B319-B38F8385466D}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x86\rpcsandrasrv.exe | 
"{FB19F89E-42E3-495D-9B50-E6D393C559E2}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe | 
"{FD78CB7B-94F8-420B-8A29-02FFF9401500}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{062DDF7A-384F-40CD-8BB8-5F6E097F9CB3}" = dir=out | svc=sharedaccess | app=c:\windows\system32\svchost.exe | 
"{29E790C3-5498-47B3-BCC6-21451B194C9B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{329FCCDF-B3F8-4CC7-A027-BE0536084AAB}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{4BEC6E19-6D0D-495D-98F2-BAD257870999}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x86\rpcsandrasrv.exe | 
"{5D481E14-DDB9-4ABD-B9ED-93A0920E9814}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | 
"{66CCA87C-61D0-4BC9-9BCB-F09A6602EAA5}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | 
"{702EFD6A-4AB8-4332-8998-50DBFBB66BE8}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x86\rpcsandrasrv.exe | 
"{74736D51-9D1C-4671-8899-A913BAE55D85}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{7A6DA532-0EA2-4DCF-98F2-E8464B824450}" = protocol=58 | dir=in | name=gemeinsame nutzung der internetverbindung (routeranfrage, eingehend) | 
"{C8F282B3-B9F0-4B58-8498-B8DBA729EE76}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | 
"{C99FB232-79B2-4C58-80D4-5781C44CA1E9}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x86\rpcsandrasrv.exe | 
"{CF7B4E43-B2E8-418B-A8CC-5C530A767C97}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{F2FD1F76-5057-4A6B-B196-BEFA0F4A3DCD}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"TCP Query User{10906A7A-A1D1-4091-B7C1-3EE8A851ED34}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{2B6DDC35-FE18-4855-8026-9BC7854965AC}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06396923-449E-4881-DB30-9677EBFBE5ED}" = Catalyst Control Center Localization Dutch
"{0AD7E761-CDD9-79AD-6C0F-2CE53F7277DB}" = Catalyst Control Center Localization Japanese
"{0CAA0BF0-293D-32E7-BF40-99C26947B3B6}" = CCC Help Greek
"{0D0256AB-54EF-414E-A6D9-896610EBAB70}" = Catalyst Control Center Localization Thai
"{0E806605-5B82-4A4F-BC31-AA4FADA03C42}" = t@x 2012
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16A31107-6828-ED37-8551-37888EA51D85}" = Catalyst Control Center Localization Chinese Standard
"{18855F72-E9B6-74C7-67DC-86CA6D775554}" = CCC Help Swedish
"{1D801B9D-9473-2001-2FB4-875F75C5CFFA}" = Catalyst Control Center Localization French
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{265B1C1D-9BD0-A416-D5FE-0710AC0A9592}" = CCC Help Italian
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{27C9470C-2077-F4AD-8921-9504D1B9BC83}" = Catalyst Control Center Graphics Light
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3066F7B1-5918-4E18-292B-1153283E2CC3}" = ATI Catalyst Install Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}" = Steuer-Spar-Erklärung 2009
"{33D8205B-9118-D20E-F94A-4B467BB46289}" = Catalyst Control Center Localization Chinese Traditional
"{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis*True*Image*Home
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45CEBDDE-AD94-4C5A-999D-0D35CE61405B}_is1" = 1.5
"{4684B4D7-A90A-028E-F300-7C96761B1287}" = CCC Help Chinese Traditional
"{468789CE-4A7C-F9C8-9DB9-6F32827F1721}" = CCC Help Danish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{5122D45F-16C5-6E6C-4509-4EE321E8A45F}" = Catalyst Control Center Localization Finnish
"{5735B860-F404-20E5-2C4A-2108AFDF7DAB}" = CCC Help Polish
"{573CE82D-3BA8-1D84-9F59-87DD11EAFB79}" = CCC Help Norwegian
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{591137F5-39FD-BFEF-FA09-181F0FA9B9EF}" = CCC Help Hungarian
"{5AB587B5-8FAE-55F2-DB26-5A83234E3FDC}" = CCC Help Japanese
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{60C85C96-8D91-58AF-E5D0-4C53A0ACEE78}" = Catalyst Control Center Localization Polish
"{613D098B-93C6-A2DE-5319-FF7D2229DB2B}" = CCC Help German
"{67DEBF39-8470-344D-6332-969307D41805}" = CCC Help Chinese Standard
"{687BD5FD-DC50-A653-9022-A7113D50B331}" = CCC Help Korean
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73B5C7D2-30E4-5522-52BC-89677DFD8E32}" = Catalyst Control Center InstallProxy
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{781B8114-9EFF-BFF5-B7F7-7DCFE5571218}" = Catalyst Control Center Localization German
"{78D7D7CD-A06B-4514-ACBD-8055BF945A8E}" = InfoBibliothek 2
"{79866648-18CB-4C93-F124-31AFE54F9A9D}" = Catalyst Control Center Core Implementation
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7CAE5047-9916-477F-283A-8E994DFAAD21}" = Catalyst Control Center Localization Spanish
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802F0F4E-A0A5-4E4D-9D7B-1933913EF7B6}" = Catalyst Control Center - Branding
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{849C1158-7421-893E-8E33-4312F49C1ADF}" = Catalyst Control Center Localization Greek
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EA318FC-D486-57D6-2A25-6BD247FA99DB}" = Catalyst Control Center Localization Norwegian
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90C26DA5-6780-0E5F-BC97-CAA7B5727E86}" = Catalyst Control Center Graphics Full Existing
"{925150D7-0CC2-D6DF-6066-3784CE22CEE7}" = Catalyst Control Center Localization Korean
"{946BA398-5A53-454E-8D39-1C02959C1727}" = AAVUpdateManager
"{966DE944-348D-01B7-F9B7-0F0D696F4076}" = Catalyst Control Center Localization Swedish
"{99F8744D-211D-42D9-CA25-1029F8E0912B}" = Catalyst Control Center Localization Portuguese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3FA7FD-9B70-C526-FA63-162783E1060D}" = CCC Help Portuguese
"{9D6271F2-6F0A-A259-085B-5BBD4F05A33E}" = Catalyst Control Center Localization Hungarian
"{A2694396-5508-3DB0-5308-7E6768DD7896}" = Catalyst Control Center Localization Turkish
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A5FDB0FC-8DD0-E5D4-E031-922AE876403A}" = CCC Help Turkish
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A79E4110-0087-E8AE-BD4F-A1883B2FD357}" = CCC Help French
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{B0414A3B-3AE3-47B8-8FC0-2129781FF425}" = t@x 2011
"{B316A8CE-F7F6-C99A-C41D-369A7CD33FC6}" = Catalyst Control Center Localization Danish
"{B44695F8-959E-95EC-F3AC-F734C9DC6DAE}" = Catalyst Control Center Localization Italian
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C08A4D67-6837-5097-CC0C-B5DFD60630B9}" = ccc-core-static
"{C0A1C9D6-9AC7-5B5A-6C25-B8FBC478BA8A}" = CCC Help Russian
"{C34686CD-A03B-1B48-8085-341CD632C0BC}" = Catalyst Control Center Graphics Full New
"{C83127E6-697A-7EEC-D53D-C089610D7F4A}" = CCC Help Dutch
"{C91E74DA-8852-D2BB-B3A2-60A9202E1732}" = CCC Help Thai
"{CAC9E80B-7515-0DB9-40BB-09B3703D90BB}" = Catalyst Control Center Localization Russian
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CD4D90B4-CC18-C176-B261-8BA8D5F644AB}" = CCC Help Czech
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCD2B7EA-5452-DD3E-D008-2320C06862DB}" = CCC Help Finnish
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye Webcam
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E7E36B90-24D7-E382-CEFB-6F293A2302F6}" = CCC Help English
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3E29994-EE0A-C417-7FDE-902B1D722460}" = Catalyst Control Center Localization Czech
"{F420F5B3-677A-779E-AEEC-81A00ED373FE}" = ccc-utility
"{F42D4CA6-E811-C8DA-D607-4F8A510D7953}" = CCC Help Spanish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"ABC Amber Audio Converter" = ABC Amber Audio Converter
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Any Video Converter_is1" = Any Video Converter 3.3.5
"Audiograbber" = Audiograbber 1.83 SE 
"Audiograbber-Lame" = Audiograbber MP3-Plugin
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Designer 2.0_is1" = Designer 2.0
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InterActual Player" = InterActual Player
"LManager" = Launch Manager
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"RealPlayer 12.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3536314564-2519316015-1050042000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.10.2012 12:53:35 | Computer Name = Notebook | Source = EventSystem | ID = 4621
Description = 
 
Error - 16.10.2012 02:53:37 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.10.2012 01:46:54 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.10.2012 02:00:01 | Computer Name = Notebook | Source = EventSystem | ID = 4621
Description = 
 
Error - 23.10.2012 08:37:01 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.10.2012 13:42:07 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.10.2012 02:30:22 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.10.2012 05:41:50 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 26.10.2012 04:15:30 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 26.10.2012 10:30:46 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 08.02.2013 11:46:44 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 08.02.2013 11:46:50 | Computer Name = Notebook | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 08.02.2013 11:46:50 | Computer Name = Notebook | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 81.210.220.80 deaktiviert,
 da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 09.02.2013 04:30:09 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 09.02.2013 04:30:17 | Computer Name = Notebook | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 09.02.2013 04:30:17 | Computer Name = Notebook | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 176.198.104.203 deaktiviert,
 da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 09.02.2013 04:42:17 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 09.02.2013 04:42:22 | Computer Name = Notebook | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 09.02.2013 04:42:22 | Computer Name = Notebook | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 176.198.104.203 deaktiviert,
 da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 09.02.2013 04:42:51 | Computer Name = Notebook | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
 werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner 
Fehler ist im Speicher-Manager aufgetreten.
 
 
< End of report >
         
Blöde Frage: Wieso gibt es Fehlermeldungen von heute Nacht, der Laptop war doch aus?

Grüße
Regine

Antwort

Themen zu Sicherheitscenter bei Windows Vista lässt sich nicht starten
adobe, adobe flash player, autorun, bho, defender, error, explorer, firefox, flash player, frage, helper, home, launch, logfile, monitor, mozilla, notebook, popup, programme, registry, scan, security, starten, vista, windows, wma



Ähnliche Themen: Sicherheitscenter bei Windows Vista lässt sich nicht starten


  1. Windows Vista - Abgestürzt und lässt sich nicht mehr starten
    Alles rund um Windows - 28.06.2015 (27)
  2. Windows 7 Firewall ist deaktiviert und lässt sich nicht starten & Basisfiltermodul lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 23.06.2015 (15)
  3. Sicherheitscenter ist deaktiviert und lässt sich auch nicht starten win7 ultimate 64bit
    Plagegeister aller Art und deren Bekämpfung - 27.12.2014 (10)
  4. (Vista) Sicherheitscenter lässt sich nicht mehr aktivieren
    Log-Analyse und Auswertung - 24.12.2014 (3)
  5. Windows Vista: Anti-Vir lässt sich nicht mehr starten - geblockt durch Gruppenrichtlinie
    Log-Analyse und Auswertung - 22.08.2014 (11)
  6. Windows Vista Home Premium lässt sich nicht starten.
    Alles rund um Windows - 02.01.2014 (14)
  7. GVU-Trojaner, Windows-Vista lässt sich nicht mehr starten
    Log-Analyse und Auswertung - 26.08.2013 (24)
  8. AdWare und Windows Sicherheitscenter lässt sich nicht aktivieren
    Plagegeister aller Art und deren Bekämpfung - 23.06.2013 (21)
  9. Windows Sicherheitscenter lässt sich nicht starten / GVU-Trojaner (unter anderem (?) )
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (23)
  10. Windows Sicherheitscenter nicht mehr starten lässt und dass google mich zu Fremde Seiten umleitet
    Log-Analyse und Auswertung - 14.01.2013 (26)
  11. Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten
    Log-Analyse und Auswertung - 18.07.2012 (27)
  12. (Vista) Sicherheitscenter lässt sich nach Virus nicht mehr aktivieren
    Log-Analyse und Auswertung - 11.04.2012 (9)
  13. Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (9)
  14. Windows Sicherheitscenter deaktiviert sich ständig, Systemwiederherstellung lässt sich nicht öffnen
    Log-Analyse und Auswertung - 29.03.2012 (13)
  15. Windows-Sicherheitscenter lässt sich nicht aktivieren
    Antiviren-, Firewall- und andere Schutzprogramme - 27.03.2011 (5)
  16. Windows-Sicherheitscenter lässt sich nicht aktivieren
    Mülltonne - 26.03.2011 (1)
  17. Dienst "Sicherheitscenter" lässt sich nicht starten - Googleumleitungen - Trojaner on Board ?
    Log-Analyse und Auswertung - 10.02.2011 (25)

Zum Thema Sicherheitscenter bei Windows Vista lässt sich nicht starten - Hallo, das Sicherheitscenter von Windows Vista hat gemeldet, dass es inaktiv ist und lässt sich jetzt nicht mehr starten. Beim Googeln nach diesem Thema werden mir Ergebnisse von Microsoft-Seiten angezeigt, - Sicherheitscenter bei Windows Vista lässt sich nicht starten...
Archiv
Du betrachtest: Sicherheitscenter bei Windows Vista lässt sich nicht starten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.