Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: System Care Antivirus-OTL Log

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 30.05.2013, 17:56   #1
Chalumi
 
System Care Antivirus-OTL Log - Beitrag

System Care Antivirus-OTL Log



Hallo zusammen,

bei mir hat der System Care Antivirus auch zugeschlagen.
Hab erstmal direkt den OTL Scan drüberlaufen lassen. Hier das Ergebnis:

Code:
ATTFilter
OTL logfile created on: 5/30/2013 6:42:17 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale:  | Country:  | Language:  | Date Format: 
 
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 81.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149.05 Gb Total Space | 77.26 Gb Free Space | 51.83% Space Free | Partition Type: NTFS
Drive D: | 149.05 Gb Total Space | 148.17 Gb Free Space | 99.41% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (NetTcpPortSharingseclogon)
SRV - File not found [On_Demand] --  -- (de_serv)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - [2013/05/15 05:25:38 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/08 02:07:44 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/04/08 10:36:14 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/03/29 04:12:11 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/03/29 04:11:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/03/27 10:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto] -- C:\Programme\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2012/12/02 10:14:18 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Programme\Gemeinsame Dateien\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV - [2012/12/02 10:14:18 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Programme\Gemeinsame Dateien\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV - [2011/10/24 16:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/07/20 00:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/05/01 20:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2006/12/19 13:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/09/21 06:33:22 | 000,249,954 | ---- | M] () [Auto] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005/09/21 06:33:22 | 000,114,784 | ---- | M] () [Auto] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/09/21 06:33:02 | 000,061,440 | ---- | M] (Cyberlink) [Auto] -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/04/03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/06/19 17:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | Auto] --  -- (Scutum50)
DRV - File not found [Kernel | On_Demand] --  -- (rt2870)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand] --  -- (NETFWDSL)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2013/03/29 04:12:13 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/03/29 04:12:13 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/03/29 04:12:13 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/02/24 06:39:42 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011/01/20 05:14:29 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/01/20 05:14:29 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/09/30 19:00:00 | 000,926,080 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusb4.sys -- (fwlanusb4)
DRV - [2010/09/30 19:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avmeject.sys -- (avmeject)
DRV - [2008/08/29 06:50:50 | 000,034,816 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\SSHDRV5C.sys -- (SSHDRV5C)
DRV - [2008/08/21 13:49:56 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/08/21 13:49:22 | 000,018,688 | ---- | M] (Motorola) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2008/05/16 06:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 06:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 06:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 06:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 06:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 06:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 06:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/02/28 21:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/28 21:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/10/10 12:41:50 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2007/06/18 10:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/04 07:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM)
DRV - [2007/04/04 07:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)
DRV - [2007/04/04 07:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS)
DRV - [2007/04/04 07:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)
DRV - [2007/04/04 07:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/04 07:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)
DRV - [2007/04/04 07:43:20 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)
DRV - [2007/02/16 10:58:33 | 000,271,360 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007/02/16 10:58:33 | 000,018,048 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/11/02 01:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\winusb.sys -- (winusb)
DRV - [2005/09/05 05:25:03 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/08/18 09:35:00 | 003,856,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/08/03 14:30:22 | 000,098,176 | ---- | M] (Micronas GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MicNgTun.sys -- (MicNgTun)
DRV - [2005/08/03 14:30:22 | 000,048,896 | ---- | M] (Micronas GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MicNgCap.sys -- (MicNgCap)
DRV - [2005/08/03 14:30:22 | 000,044,160 | ---- | M] (Micronas GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MicNgBas.sys -- (MicNgBas)
DRV - [2005/02/23 09:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/01/07 11:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004/03/25 11:11:20 | 000,053,632 | ---- | M] (Siemens AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Gigusb.sys -- (Gigusb)
DRV - [2004/03/25 11:01:50 | 000,008,448 | ---- | M] (Siemens AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DectEnum.sys -- (DectEnum)
DRV - [2004/03/25 10:59:38 | 000,113,280 | ---- | M] (Siemens AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\siellif.sys -- (siellif)
DRV - [2004/03/24 14:21:30 | 000,024,288 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2004/03/24 12:35:12 | 000,334,944 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134)
DRV - [2003/08/28 02:44:22 | 000,249,910 | ---- | M] (SIEMENS AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hrcmpa.sys -- (HRCMPA) ISDN Wan driver (Ver. 1.20.0029)
DRV - [2003/08/19 11:46:10 | 000,053,552 | ---- | M] (SIEMENS AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IUAPIWDM.sys -- (IUAPIWDM) ISDN USB Interface (Ver. 1.20.0029)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://de.search.yahoo.com/ [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie8_startpage
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.de/
IE - HKU\Anne_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Anne_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\Anne_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\Anne_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Anne_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\Gast_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/fsc/
IE - HKU\Gast_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Programme\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Programme\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2010/10/17 12:04:13 | 000,422,495 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 14566 more lines...
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} -  File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (GMX Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (GMX Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (GMX Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  File not found
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [{1290A33C-85F5-4164-A1BE-7DD299D4986A}] C:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CloneCDTray] C:\Programme\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [MyGarminAgent] C:\Programme\Garmin\myGarminAgent.exe ()
O4 - HKLM..\Run: [NBKeyScan]  File not found
O4 - HKLM..\Run: [PCMService] C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RegistryMonitor1]  File not found
O4 - HKLM..\Run: [SunJavaUpdateSched]  File not found
O4 - HKLM..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKU\Anne_ON_C..\Run: [{1AB22013-1ACE-B43E-DA31-1DD362CD9026}]  File not found
O4 - HKU\Anne_ON_C..\Run: [{27B0DC9C-E8E5-82F2-D107-284A10FF5909}]  File not found
O4 - HKU\Anne_ON_C..\Run: [GarminExpressTrayApp] C:\Programme\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\Anne_ON_C..\Run: [IncrediMail]  File not found
O4 - HKU\Anne_ON_C..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]  File not found
O4 - HKU\Anne_ON_C..\Run: [Power2GoExpress]  File not found
O4 - HKU\Anne_ON_C..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\Anne_ON_C..\Run: [updateMgr]  File not found
O4 - HKU\Gast_ON_C..\Run: [Power2GoExpress] C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe (Cyberlink)
O4 - HKU\Anne_ON_C..\RunOnce: [4C6A4D2442D7F85C00004C6A00BFFE18] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18\4C6A4D2442D7F85C00004C6A00BFFE18.exe ()
O4 - HKU\Anne_ON_C..\RunOnce: [Shockwave Updater]  File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Anne_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O7 - HKU\Gast_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Geräteerkennung)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} https://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1170798064640 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361876548265 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\gmx {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/23 12:22:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/05/30 10:54:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Startmenü\Programme\System Care Antivirus
[2013/05/30 03:46:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18
[2008/02/04 12:12:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Anne\usbsermptxp.sys
[2008/02/04 12:12:04 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Anne\usbsermpt.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/05/30 11:33:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/30 11:32:00 | 000,000,224 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013/05/30 11:25:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/30 11:14:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/30 11:14:30 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/30 11:13:35 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/30 11:02:01 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/30 10:53:57 | 000,000,355 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\Kreissparkasse Grafschaft Bentheim zu Nordhorn - Privatekunden Homepage (2).url
[2013/05/29 15:53:59 | 000,000,412 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0D519067-02F1-4663-A406-155872697957}.job
[2013/05/19 06:18:09 | 000,000,826 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk
[2013/05/19 04:05:09 | 001,629,855 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2404341298-360915809-3850529198-1008-0.dat
[2013/05/19 04:04:49 | 000,298,690 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2013/05/15 11:37:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Garmin
[2013/05/15 11:30:41 | 000,299,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/15 05:32:05 | 000,684,286 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/05/15 05:32:05 | 000,639,626 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/05/15 05:32:05 | 000,159,638 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/05/15 05:32:05 | 000,130,478 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/15 05:25:35 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/05/15 05:25:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/05/15 05:24:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/05/14 02:35:09 | 001,168,473 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\b_scientific_programming_201201.pdf
[2013/05/07 00:27:17 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/05/14 02:35:09 | 001,168,473 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Desktop\b_scientific_programming_201201.pdf
[2013/04/14 08:39:47 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/04/14 08:39:46 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/04/14 08:39:46 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/02/07 23:03:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/09/20 06:46:48 | 000,049,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwlanusb4.bin
[2012/02/15 03:37:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/20 15:19:15 | 000,062,192 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/14 04:33:32 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/12/11 10:42:51 | 001,629,855 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2404341298-360915809-3850529198-1008-0.dat
[2010/12/01 08:30:47 | 000,298,690 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2010/07/12 10:18:58 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\setup_ldm.iss
[2010/06/24 04:08:12 | 002,722,937 | -HS- | C] () -- C:\WINDOWS\System32\3com_dmia.sys
[2010/06/11 02:09:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\adsldpcc.sys
[2010/05/28 09:43:20 | 000,000,976 | --S- | C] () -- C:\WINDOWS\System32\2391860477.dat
[2010/05/28 09:42:54 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\ovczpx.dat
[2010/05/28 09:42:32 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\avdrn.dat
[2010/04/27 10:12:03 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Gast\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008/09/18 10:45:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\odbcddp.ini
[2008/08/29 06:50:50 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV5C.sys
[2008/08/29 06:42:56 | 000,000,316 | ---- | C] () -- C:\WINDOWS\KLETT.INI
[2008/08/08 13:40:38 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/08/08 12:50:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/08/08 12:40:45 | 000,001,024 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\.rnd
[2008/02/04 13:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/02/04 12:12:04 | 000,009,232 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USB_MOT_BRIT.INF
[2008/02/04 12:12:04 | 000,006,947 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USBMOT2000.INF
[2008/02/04 12:12:04 | 000,006,009 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USBMOT2000XP.INF
[2008/02/04 12:12:04 | 000,005,877 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USB_CMCS_2000.INF
[2008/02/04 12:12:04 | 000,005,813 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USB_MOT_A1000.INF
[2008/01/15 04:35:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2008/01/13 05:48:47 | 000,000,125 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2007/11/24 09:52:04 | 000,350,208 | ---- | C] () -- C:\WINDOWS\System32\Rivet200.dll
[2007/08/31 08:50:42 | 000,002,182 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007/08/22 10:36:18 | 000,000,253 | ---- | C] () -- C:\WINDOWS\tm.ini
[2007/04/24 12:24:13 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007/04/20 08:30:00 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\wklnhst.dat
[2007/04/04 10:49:58 | 000,103,024 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2007/03/11 08:12:06 | 000,000,015 | ---- | C] () -- C:\WINDOWS\WDZ3.ini
[2007/03/02 04:00:59 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/02/26 08:38:04 | 000,002,372 | ---- | C] () -- C:\WINDOWS\Loewe_4.ini
[2007/02/18 14:49:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007/02/18 14:31:17 | 000,046,128 | ---- | C] () -- C:\WINDOWS\System32\DLLPRF32.DAT
[2007/02/16 10:58:33 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007/02/16 10:58:33 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007/02/06 12:06:35 | 000,000,071 | ---- | C] () -- C:\WINDOWS\pex.INI
[2007/02/05 14:29:05 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\mscandc.ini
[2007/02/05 14:28:28 | 000,000,156 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2007/02/05 14:26:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsreged.sys
[2007/02/05 14:26:50 | 000,285,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsio.sys
[2007/02/05 12:28:21 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\TXTUSER.EXE
[2007/02/03 12:11:30 | 000,008,192 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/03 10:37:48 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/11/28 04:42:24 | 000,042,195 | ---- | C] () -- C:\WINDOWS\System32\compare.dat
[2006/10/22 07:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 07:22:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/10/22 07:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 07:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/10/22 07:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 07:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 07:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 07:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/10/22 07:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/10/22 07:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/09/23 13:31:11 | 000,684,286 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2005/09/23 13:31:11 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2005/09/23 13:31:11 | 000,159,638 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2005/09/23 13:31:11 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2005/09/23 13:31:08 | 000,009,232 | ---- | C] () -- C:\WINDOWS\System32\advpackz.dat
[2005/09/23 13:31:08 | 000,009,232 | ---- | C] () -- C:\WINDOWS\System32\1033i.dat
[2005/09/23 13:31:06 | 000,639,626 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/09/23 13:31:06 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/09/23 13:31:06 | 000,130,478 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/09/23 13:31:06 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/09/23 13:31:06 | 000,004,643 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/09/23 13:31:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/09/23 13:31:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/09/23 13:31:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/09/23 13:31:03 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/09/23 13:31:03 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/09/23 13:31:01 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/09/23 13:30:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/09/23 13:17:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/09/23 13:16:45 | 000,004,429 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/09/23 13:16:06 | 000,299,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/09/23 13:06:19 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/09/23 13:05:31 | 000,002,881 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/23 13:02:22 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2005/09/23 13:00:43 | 000,001,208 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2005/09/23 12:51:06 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/09/23 12:46:17 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/09/23 12:25:15 | 000,000,778 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/09/23 12:24:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/09/23 12:21:17 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/09/23 12:20:25 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/02/20 11:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2013/03/15 03:38:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Garmin
[2012/05/13 11:08:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\AskToolbar
[2010/06/22 02:18:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ceis
[2007/10/10 03:46:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Cornelsen
[2010/12/06 12:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011/04/14 09:46:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Efiren
[2011/11/16 14:55:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\EPSON
[2012/08/30 12:59:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\FRITZ!
[2013/03/15 03:38:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\GARMIN
[2010/05/20 11:02:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\GrabPro
[2010/06/11 01:21:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Hoixm
[2007/04/16 11:23:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\ICAClient
[2010/07/08 07:35:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ihut
[2010/07/12 10:19:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Leadertech
[2010/10/12 09:49:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Loseu
[2007/02/18 14:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\MAGIX
[2010/05/20 11:02:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Orbit
[2008/09/18 10:35:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Phase6
[2010/07/01 07:58:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Poely
[2008/01/14 09:26:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\SlySoft
[2010/05/28 08:49:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Sony
[2010/05/28 08:45:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Sony Setup
[2012/11/21 10:22:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\TeamViewer
[2011/01/20 05:00:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Teleca
[2007/04/20 08:30:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Template
[2011/04/07 03:38:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ucfya
[2007/02/06 12:06:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ulead Systems
[2010/05/25 05:42:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\uTorrent
[2010/06/21 14:22:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ycbiys
[2010/06/11 02:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Zyzeg
[2010/04/27 10:13:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Teleca
[2013/05/30 10:53:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18
[2011/04/21 03:34:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avanquest
[2008/01/13 11:38:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Brockhaus Multimedia
[2011/01/20 05:27:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2012/02/27 08:14:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DesktopIcons
[2008/01/14 09:21:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elaborate Bytes
[2011/08/20 05:07:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2013/05/15 11:37:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GARMIN
[2007/12/16 12:45:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Global Software Publishing
[2011/05/14 13:25:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2008/10/08 02:39:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM
[2008/10/08 02:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail
[2008/08/28 09:13:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Klett
[2013/05/19 05:01:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Package Cache
[2008/09/18 10:38:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Phase6
[2008/01/13 05:48:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2007/06/08 07:04:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio
[2011/08/20 05:05:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2007/02/05 14:28:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2010/05/24 06:46:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010/07/31 03:48:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/02 08:01:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/09 09:19:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/05/30 11:32:00 | 000,000,224 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2013/05/29 15:53:59 | 000,000,412 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0D519067-02F1-4663-A406-155872697957}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:61A4716179FC1793
< End of report >
         
Vielleicht könnt Ihr mir ja helfen.
Schonmal danke im Voraus

Alt 30.05.2013, 18:00   #2
markusg
/// Malware-holic
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



hi
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
ATTFilter
:OTL
O4 - HKU\Anne_ON_C..\RunOnce: [4C6A4D2442D7F85C00004C6A00BFFE18] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18\4C6A4D2442D7F85C00004C6A00BFFE18.exe
()
[2013/05/30 10:54:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Startmenü\Programme\System Care Antivirus
:Files
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18
:Commands
[EMPTYFLASH] 
[emptytemp]
         


dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.


falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________

__________________

Alt 30.05.2013, 18:32   #3
Chalumi
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



datei ist hochgeladen
__________________

Alt 30.05.2013, 18:38   #4
markusg
/// Malware-holic
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



Danke, normaler Modus geht?
dann:
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 30.05.2013, 18:52   #5
Chalumi
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



So das wäre das Log:

Code:
ATTFilter
20:45:24.0093 3928  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:45:24.0218 3928  ============================================================
20:45:24.0218 3928  Current date / time: 2013/05/30 20:45:24.0218
20:45:24.0218 3928  SystemInfo:
20:45:24.0218 3928  
20:45:24.0218 3928  OS Version: 5.1.2600 ServicePack: 3.0
20:45:24.0218 3928  Product type: Workstation
20:45:24.0218 3928  ComputerName: ARBEITSZIMMER
20:45:24.0218 3928  UserName: Anne
20:45:24.0218 3928  Windows directory: C:\WINDOWS
20:45:24.0218 3928  System windows directory: C:\WINDOWS
20:45:24.0218 3928  Processor architecture: Intel x86
20:45:24.0218 3928  Number of processors: 2
20:45:24.0218 3928  Page size: 0x1000
20:45:24.0218 3928  Boot type: Normal boot
20:45:24.0218 3928  ============================================================
20:45:27.0984 3928  Drive \Device\Harddisk0\DR0 - Size: 0x25432CDE00 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:45:28.0000 3928  Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:45:28.0140 3928  Drive \Device\Harddisk7\DR14 - Size: 0x7E780000 (1.98 Gb), SectorSize: 0x200, Cylinders: 0x101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:45:28.0140 3928  ============================================================
20:45:28.0140 3928  \Device\Harddisk0\DR0:
20:45:28.0156 3928  MBR partitions:
20:45:28.0156 3928  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
20:45:28.0156 3928  \Device\Harddisk1\DR1:
20:45:28.0156 3928  MBR partitions:
20:45:28.0156 3928  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
20:45:28.0156 3928  \Device\Harddisk7\DR14:
20:45:28.0156 3928  MBR partitions:
20:45:28.0156 3928  \Device\Harddisk7\DR14\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3F3BE0
20:45:28.0156 3928  ============================================================
20:45:28.0187 3928  C: <-> \Device\Harddisk0\DR0\Partition1
20:45:28.0234 3928  D: <-> \Device\Harddisk1\DR1\Partition1
20:45:28.0234 3928  ============================================================
20:45:28.0234 3928  Initialize success
20:45:28.0234 3928  ============================================================
20:45:33.0640 4016  ============================================================
20:45:33.0640 4016  Scan started
20:45:33.0640 4016  Mode: Manual; SigCheck; TDLFS; 
20:45:33.0640 4016  ============================================================
20:45:34.0562 4016  ================ Scan system memory ========================
20:45:34.0562 4016  System memory - ok
20:45:34.0562 4016  ================ Scan services =============================
20:45:34.0703 4016  Abiosdsk - ok
20:45:34.0703 4016  abp480n5 - ok
20:45:34.0750 4016  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:45:36.0359 4016  ACPI - ok
20:45:36.0375 4016  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
20:45:36.0578 4016  ACPIEC - ok
20:45:36.0687 4016  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:45:36.0765 4016  AdobeFlashPlayerUpdateSvc - ok
20:45:36.0765 4016  adpu160m - ok
20:45:36.0796 4016  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
20:45:36.0953 4016  aec - ok
20:45:37.0000 4016  [ A7B8A3A79D35215D798A300DF49ED23F ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
20:45:37.0031 4016  Afc ( UnsignedFile.Multi.Generic ) - warning
20:45:37.0031 4016  Afc - detected UnsignedFile.Multi.Generic (1)
20:45:37.0062 4016  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
20:45:37.0156 4016  AFD - ok
20:45:37.0156 4016  Aha154x - ok
20:45:37.0171 4016  aic78u2 - ok
20:45:37.0187 4016  aic78xx - ok
20:45:37.0218 4016  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
20:45:37.0343 4016  Alerter - ok
20:45:37.0359 4016  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
20:45:37.0468 4016  ALG - ok
20:45:37.0468 4016  AliIde - ok
20:45:37.0468 4016  amsint - ok
20:45:37.0593 4016  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
20:45:37.0640 4016  AntiVirSchedulerService - ok
20:45:37.0687 4016  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:45:37.0703 4016  AntiVirService - ok
20:45:37.0750 4016  [ 9EDAE2D1CA368E8D01BEE8BFBC9488E4 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:45:37.0796 4016  AntiVirWebService - ok
20:45:37.0906 4016  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:45:37.0937 4016  Apple Mobile Device - ok
20:45:37.0937 4016  AppMgmt - ok
20:45:38.0015 4016  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:45:38.0156 4016  Arp1394 - ok
20:45:38.0156 4016  asc - ok
20:45:38.0171 4016  asc3350p - ok
20:45:38.0171 4016  asc3550 - ok
20:45:38.0312 4016  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:45:38.0375 4016  aspnet_state - ok
20:45:38.0406 4016  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:45:38.0593 4016  AsyncMac - ok
20:45:38.0609 4016  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
20:45:38.0750 4016  atapi - ok
20:45:38.0750 4016  Atdisk - ok
20:45:38.0812 4016  [ 6E996CF8459A2594E0E9609D0E34D41F ] atksgt          C:\WINDOWS\system32\DRIVERS\atksgt.sys
20:45:38.0843 4016  atksgt ( UnsignedFile.Multi.Generic ) - warning
20:45:38.0843 4016  atksgt - detected UnsignedFile.Multi.Generic (1)
20:45:38.0875 4016  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:45:39.0015 4016  Atmarpc - ok
20:45:39.0046 4016  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
20:45:39.0187 4016  AudioSrv - ok
20:45:39.0234 4016  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
20:45:39.0359 4016  audstub - ok
20:45:39.0421 4016  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:45:40.0031 4016  avgntflt - ok
20:45:40.0078 4016  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:45:40.0109 4016  avipbb - ok
20:45:40.0125 4016  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:45:40.0156 4016  avkmgr - ok
20:45:40.0203 4016  [ 263CF9D248FD5E020A1333ED4F7EAA88 ] avmeject        C:\WINDOWS\system32\drivers\avmeject.sys
20:45:40.0265 4016  avmeject ( UnsignedFile.Multi.Generic ) - warning
20:45:40.0265 4016  avmeject - detected UnsignedFile.Multi.Generic (1)
20:45:40.0312 4016  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:45:40.0484 4016  Beep - ok
20:45:40.0562 4016  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
20:45:40.0781 4016  BITS - ok
20:45:40.0953 4016  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
20:45:41.0015 4016  Bonjour Service - ok
20:45:41.0062 4016  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll
20:45:41.0171 4016  Browser - ok
20:45:41.0343 4016  [ 8BBE99B0AFFF0B07C4E3B77F9580FBD8 ] Cap7134         C:\WINDOWS\system32\DRIVERS\Cap7134.sys
20:45:41.0515 4016  Cap7134 - ok
20:45:41.0546 4016  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
20:45:41.0765 4016  cbidf2k - ok
20:45:41.0843 4016  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:45:42.0046 4016  CCDECODE - ok
20:45:42.0046 4016  cd20xrnt - ok
20:45:42.0093 4016  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
20:45:42.0312 4016  Cdaudio - ok
20:45:42.0343 4016  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
20:45:42.0562 4016  Cdfs - ok
20:45:42.0593 4016  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:45:42.0796 4016  Cdrom - ok
20:45:42.0796 4016  Changer - ok
20:45:42.0828 4016  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
20:45:43.0015 4016  CiSvc - ok
20:45:43.0468 4016  [ 982D46B31C4B6F5931B8932AC0C7C5F8 ] CLCapSvc        C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
20:45:43.0500 4016  CLCapSvc ( UnsignedFile.Multi.Generic ) - warning
20:45:43.0500 4016  CLCapSvc - detected UnsignedFile.Multi.Generic (1)
20:45:43.0531 4016  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
20:45:43.0734 4016  ClipSrv - ok
20:45:43.0781 4016  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:45:43.0906 4016  clr_optimization_v2.0.50727_32 - ok
20:45:44.0000 4016  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:45:44.0046 4016  clr_optimization_v4.0.30319_32 - ok
20:45:44.0078 4016  [ AC6F2F2001C75DD0DD5B748EDFF298C9 ] CLSched         C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
20:45:44.0109 4016  CLSched ( UnsignedFile.Multi.Generic ) - warning
20:45:44.0109 4016  CLSched - detected UnsignedFile.Multi.Generic (1)
20:45:44.0109 4016  CmdIde - ok
20:45:44.0125 4016  COMSysApp - ok
20:45:44.0140 4016  Cpqarray - ok
20:45:44.0171 4016  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
20:45:44.0375 4016  CryptSvc - ok
20:45:44.0437 4016  [ 5B417ED5B49D5A65355A81A2A5FBC1E0 ] CyberLink Media Library Service C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
20:45:44.0453 4016  CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - warning
20:45:44.0453 4016  CyberLink Media Library Service - detected UnsignedFile.Multi.Generic (1)
20:45:44.0468 4016  dac2w2k - ok
20:45:44.0468 4016  dac960nt - ok
20:45:44.0531 4016  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:45:44.0625 4016  DcomLaunch - ok
20:45:44.0671 4016  [ 6308E040E95F6C97781C63D9FEC290E7 ] DectEnum        C:\WINDOWS\system32\Drivers\DectEnum.sys
20:45:44.0687 4016  DectEnum ( UnsignedFile.Multi.Generic ) - warning
20:45:44.0687 4016  DectEnum - detected UnsignedFile.Multi.Generic (1)
20:45:44.0703 4016  de_serv - ok
20:45:44.0734 4016  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
20:45:44.0937 4016  Dhcp - ok
20:45:45.0000 4016  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
20:45:45.0296 4016  Disk - ok
20:45:45.0312 4016  dmadmin - ok
20:45:45.0890 4016  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
20:45:46.0828 4016  dmboot - ok
20:45:46.0890 4016  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
20:45:47.0125 4016  dmio - ok
20:45:47.0171 4016  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
20:45:47.0359 4016  dmload - ok
20:45:47.0390 4016  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
20:45:47.0609 4016  dmserver - ok
20:45:47.0687 4016  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
20:45:47.0875 4016  DMusic - ok
20:45:47.0921 4016  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:45:48.0046 4016  Dnscache - ok
20:45:48.0109 4016  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:45:48.0296 4016  Dot3svc - ok
20:45:48.0312 4016  dpti2o - ok
20:45:48.0343 4016  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:45:48.0531 4016  drmkaud - ok
20:45:48.0593 4016  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:45:48.0765 4016  EapHost - ok
20:45:48.0812 4016  [ CE37E3D51912E59C80C6D84337C0B4CD ] ElbyCDFL        C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
20:45:48.0828 4016  ElbyCDFL - ok
20:45:48.0890 4016  [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
20:45:48.0921 4016  ElbyCDIO - ok
20:45:49.0015 4016  [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe
20:45:49.0031 4016  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
20:45:49.0031 4016  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
20:45:49.0078 4016  [ B92F2B3247F0A99490C1298A1D3D7B4C ] EPSON_EB_RPCV4_04 C:\Programme\Gemeinsame Dateien\EPSON\EPW!3 SSRP\E_S50ST7.EXE
20:45:49.0093 4016  EPSON_EB_RPCV4_04 ( UnsignedFile.Multi.Generic ) - warning
20:45:49.0093 4016  EPSON_EB_RPCV4_04 - detected UnsignedFile.Multi.Generic (1)
20:45:49.0125 4016  [ 651336B99C75FB54E4B5971CF458F9BD ] EPSON_PM_RPCV4_04 C:\Programme\Gemeinsame Dateien\EPSON\EPW!3 SSRP\E_S50RP7.EXE
20:45:49.0156 4016  EPSON_PM_RPCV4_04 ( UnsignedFile.Multi.Generic ) - warning
20:45:49.0156 4016  EPSON_PM_RPCV4_04 - detected UnsignedFile.Multi.Generic (1)
20:45:49.0218 4016  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
20:45:49.0390 4016  ERSvc - ok
20:45:49.0437 4016  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
20:45:49.0500 4016  Eventlog - ok
20:45:49.0546 4016  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
20:45:49.0625 4016  EventSystem - ok
20:45:49.0671 4016  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
20:45:49.0812 4016  Fastfat - ok
20:45:49.0875 4016  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:45:49.0937 4016  FastUserSwitchingCompatibility - ok
20:45:49.0984 4016  [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:45:50.0125 4016  Fax - ok
20:45:50.0140 4016  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
20:45:50.0281 4016  Fdc - ok
20:45:50.0281 4016  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
20:45:50.0421 4016  Fips - ok
20:45:50.0453 4016  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
20:45:50.0578 4016  Flpydisk - ok
20:45:50.0609 4016  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:45:50.0734 4016  FltMgr - ok
20:45:50.0781 4016  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:45:50.0812 4016  FontCache3.0.0.0 - ok
20:45:50.0828 4016  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:45:50.0953 4016  Fs_Rec - ok
20:45:50.0968 4016  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:45:51.0109 4016  Ftdisk - ok
20:45:51.0156 4016  [ 7AD4C281CB1661086B05E087230D4B76 ] fwlanusb4       C:\WINDOWS\system32\DRIVERS\fwlanusb4.sys
20:45:51.0265 4016  fwlanusb4 - ok
20:45:51.0390 4016  [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Programme\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
20:45:51.0406 4016  Garmin Core Update Service - ok
20:45:51.0468 4016  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
20:45:51.0484 4016  GEARAspiWDM - ok
20:45:51.0515 4016  [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt           C:\WINDOWS\system32\DRIVERS\ggflt.sys
20:45:51.0531 4016  ggflt - ok
20:45:51.0562 4016  [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc          C:\WINDOWS\system32\DRIVERS\ggsemc.sys
20:45:51.0578 4016  ggsemc - ok
20:45:51.0625 4016  [ FA16C9BEF9C41F8E85043866926BC7E1 ] Gigusb          C:\WINDOWS\system32\Drivers\Gigusb.sys
20:45:51.0640 4016  Gigusb ( UnsignedFile.Multi.Generic ) - warning
20:45:51.0640 4016  Gigusb - detected UnsignedFile.Multi.Generic (1)
20:45:51.0656 4016  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:45:51.0796 4016  Gpc - ok
20:45:51.0859 4016  [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb         C:\WINDOWS\system32\drivers\grmnusb.sys
20:45:51.0921 4016  grmnusb - ok
20:45:52.0046 4016  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe
20:45:52.0062 4016  gupdate - ok
20:45:52.0062 4016  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
20:45:52.0078 4016  gupdatem - ok
20:45:52.0125 4016  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
20:45:52.0156 4016  gusvc - ok
20:45:52.0203 4016  [ 2A013E7530BEAB6E569FAA83F517E836 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:45:52.0265 4016  HdAudAddService - ok
20:45:52.0312 4016  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:45:52.0453 4016  HDAudBus - ok
20:45:52.0515 4016  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:45:52.0656 4016  helpsvc - ok
20:45:52.0687 4016  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ         C:\WINDOWS\System32\hidserv.dll
20:45:52.0796 4016  HidServ - ok
20:45:52.0828 4016  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:45:52.0953 4016  HidUsb - ok
20:45:53.0000 4016  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
20:45:53.0109 4016  hkmsvc - ok
20:45:53.0125 4016  hpn - ok
20:45:53.0156 4016  [ A65DF14D0AF5FFCE9B5FCC728046981D ] HRCMPA          C:\WINDOWS\system32\DRIVERS\hrcmpa.sys
20:45:53.0171 4016  HRCMPA ( UnsignedFile.Multi.Generic ) - warning
20:45:53.0171 4016  HRCMPA - detected UnsignedFile.Multi.Generic (1)
20:45:53.0218 4016  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
20:45:53.0250 4016  HTTP - ok
20:45:53.0281 4016  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
20:45:53.0406 4016  HTTPFilter - ok
20:45:53.0421 4016  i2omgmt - ok
20:45:53.0421 4016  i2omp - ok
20:45:53.0453 4016  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:45:53.0593 4016  i8042prt - ok
20:45:53.0640 4016  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:45:53.0687 4016  IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:45:53.0687 4016  IDriverT - detected UnsignedFile.Multi.Generic (1)
20:45:53.0765 4016  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:45:53.0828 4016  idsvc - ok
20:45:53.0859 4016  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
20:45:54.0015 4016  Imapi - ok
20:45:54.0046 4016  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:45:54.0187 4016  ImapiService - ok
20:45:54.0187 4016  ini910u - ok
20:45:54.0375 4016  [ 98B7FAB86755A42FE8EB04538A4CD6C8 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:45:54.0531 4016  IntcAzAudAddService - ok
20:45:54.0562 4016  [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
20:45:54.0703 4016  IntelIde - ok
20:45:54.0734 4016  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:45:54.0875 4016  intelppm - ok
20:45:54.0875 4016  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
20:45:55.0015 4016  Ip6Fw - ok
20:45:55.0031 4016  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:45:55.0156 4016  IpFilterDriver - ok
20:45:55.0171 4016  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:45:55.0296 4016  IpInIp - ok
20:45:55.0328 4016  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:45:55.0453 4016  IpNat - ok
20:45:55.0515 4016  [ CA1972397B845B2F53F5DC63C22FD98A ] iPod Service    C:\Programme\iPod\bin\iPodService.exe
20:45:55.0531 4016  iPod Service - ok
20:45:55.0578 4016  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:45:55.0718 4016  IPSec - ok
20:45:55.0734 4016  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
20:45:55.0812 4016  IRENUM - ok
20:45:55.0843 4016  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:45:55.0984 4016  isapnp - ok
20:45:56.0015 4016  [ FE9B1D7BBB21EF00B0655FD715E46440 ] IUAPIWDM        C:\WINDOWS\system32\DRIVERS\IUAPIWDM.sys
20:45:56.0031 4016  IUAPIWDM ( UnsignedFile.Multi.Generic ) - warning
20:45:56.0031 4016  IUAPIWDM - detected UnsignedFile.Multi.Generic (1)
20:45:56.0140 4016  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
20:45:56.0171 4016  JavaQuickStarterService - ok
20:45:56.0218 4016  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:45:56.0343 4016  Kbdclass - ok
20:45:56.0375 4016  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:45:56.0484 4016  kbdhid - ok
20:45:56.0531 4016  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
20:45:56.0671 4016  kmixer - ok
20:45:56.0718 4016  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
20:45:56.0796 4016  KSecDD - ok
20:45:56.0828 4016  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
20:45:56.0875 4016  lanmanserver - ok
20:45:56.0921 4016  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:45:56.0968 4016  lanmanworkstation - ok
20:45:56.0968 4016  lbrtfdc - ok
20:45:57.0046 4016  [ A0F7DC0080E4F97DC97DE08B699E231B ] LBTServ         C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
20:45:57.0078 4016  LBTServ - ok
20:45:57.0125 4016  [ 24E0DDB99AECCF86BB37702611761459 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
20:45:57.0140 4016  LHidFilt - ok
20:45:57.0187 4016  [ 975B6CF65F44E95883F3855BAE8CECAF ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
20:45:57.0218 4016  lirsgt ( UnsignedFile.Multi.Generic ) - warning
20:45:57.0218 4016  lirsgt - detected UnsignedFile.Multi.Generic (1)
20:45:57.0265 4016  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
20:45:57.0375 4016  LmHosts - ok
20:45:57.0406 4016  [ D58B330D318361A66A9FE60D7C9B4951 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
20:45:57.0421 4016  LMouFilt - ok
20:45:57.0484 4016  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
20:45:57.0500 4016  MDM - ok
20:45:57.0531 4016  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
20:45:57.0671 4016  Messenger - ok
20:45:57.0687 4016  [ AE65E674804E0845A106796A0DD7CDA1 ] MicNgBas        C:\WINDOWS\system32\drivers\MicNgBas.sys
20:45:57.0734 4016  MicNgBas - ok
20:45:57.0765 4016  [ 6FD30C898C6F21BA939FDB0615A62755 ] MicNgCap        C:\WINDOWS\system32\drivers\MicNgCap.sys
20:45:57.0796 4016  MicNgCap - ok
20:45:57.0828 4016  [ AD65751E0466A79C07C592B9ADDB7103 ] MicNgTun        C:\WINDOWS\system32\drivers\MicNgTun.sys
20:45:57.0859 4016  MicNgTun - ok
20:45:57.0890 4016  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
20:45:58.0000 4016  mnmdd - ok
20:45:58.0046 4016  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:45:58.0171 4016  mnmsrvc - ok
20:45:58.0203 4016  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
20:45:58.0312 4016  Modem - ok
20:45:58.0343 4016  [ 201BFC4EF8B33D02D133FBF6535E515B ] motccgp         C:\WINDOWS\system32\DRIVERS\motccgp.sys
20:45:58.0546 4016  motccgp - ok
20:45:58.0578 4016  [ D0242A3832EB7C97801BB25889561E23 ] motccgpfl       C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
20:45:58.0609 4016  motccgpfl - ok
20:45:58.0640 4016  [ 80BDA4AC4B2834CA522B7386FC1F6A20 ] MotDev          C:\WINDOWS\system32\DRIVERS\motodrv.sys
20:45:58.0687 4016  MotDev - ok
20:45:58.0718 4016  [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem        C:\WINDOWS\system32\DRIVERS\motmodem.sys
20:45:58.0781 4016  motmodem - ok
20:45:58.0812 4016  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:45:58.0953 4016  Mouclass - ok
20:45:58.0968 4016  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:45:59.0109 4016  mouhid - ok
20:45:59.0140 4016  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
20:45:59.0265 4016  MountMgr - ok
20:45:59.0281 4016  [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE             C:\WINDOWS\system32\DRIVERS\MPE.sys
20:45:59.0390 4016  MPE - ok
20:45:59.0406 4016  mraid35x - ok
20:45:59.0406 4016  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:45:59.0531 4016  MRxDAV - ok
20:45:59.0593 4016  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:45:59.0656 4016  MRxSmb - ok
20:45:59.0687 4016  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:45:59.0812 4016  MSDTC - ok
20:45:59.0812 4016  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:45:59.0937 4016  Msfs - ok
20:45:59.0953 4016  MSIServer - ok
20:45:59.0968 4016  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:46:00.0078 4016  MSKSSRV - ok
20:46:00.0093 4016  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:46:00.0218 4016  MSPCLOCK - ok
20:46:00.0250 4016  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:46:00.0390 4016  MSPQM - ok
20:46:00.0406 4016  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:46:00.0515 4016  mssmbios - ok
20:46:00.0546 4016  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
20:46:00.0671 4016  MSTEE - ok
20:46:00.0718 4016  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
20:46:00.0765 4016  Mup - ok
20:46:00.0796 4016  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:46:00.0921 4016  NABTSFEC - ok
20:46:00.0953 4016  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
20:46:01.0078 4016  napagent - ok
20:46:01.0125 4016  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
20:46:01.0250 4016  NDIS - ok
20:46:01.0281 4016  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:46:01.0390 4016  NdisIP - ok
20:46:01.0437 4016  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:46:01.0484 4016  NdisTapi - ok
20:46:01.0515 4016  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:46:01.0656 4016  Ndisuio - ok
20:46:01.0656 4016  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:46:01.0781 4016  NdisWan - ok
20:46:01.0828 4016  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:46:01.0875 4016  NDProxy - ok
20:46:01.0906 4016  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:46:02.0031 4016  NetBIOS - ok
20:46:02.0062 4016  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:46:02.0218 4016  NetBT - ok
20:46:02.0250 4016  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
20:46:02.0390 4016  NetDDE - ok
20:46:02.0390 4016  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
20:46:02.0500 4016  NetDDEdsdm - ok
20:46:02.0515 4016  NETFWDSL - ok
20:46:02.0546 4016  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:46:02.0656 4016  Netlogon - ok
20:46:02.0687 4016  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
20:46:02.0828 4016  Netman - ok
20:46:02.0859 4016  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:46:02.0890 4016  NetTcpPortSharing - ok
20:46:02.0890 4016  NetTcpPortSharingseclogon - ok
20:46:02.0937 4016  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:46:03.0046 4016  NIC1394 - ok
20:46:03.0093 4016  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
20:46:03.0125 4016  Nla - ok
20:46:03.0156 4016  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:46:03.0265 4016  Npfs - ok
20:46:03.0281 4016  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:46:03.0453 4016  Ntfs - ok
20:46:03.0468 4016  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
20:46:03.0578 4016  NtLmSsp - ok
20:46:03.0640 4016  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
20:46:03.0781 4016  NtmsSvc - ok
20:46:03.0812 4016  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:46:03.0953 4016  Null - ok
20:46:04.0453 4016  [ 7C56F3FD65B2BDB315CA3605A5392D7B ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:46:04.0890 4016  nv - ok
20:46:04.0953 4016  [ 0FEBE37DB6650FAA5965C00545009D1D ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
20:46:05.0015 4016  NVSvc - ok
20:46:05.0046 4016  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:46:05.0171 4016  NwlnkFlt - ok
20:46:05.0203 4016  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:46:05.0328 4016  NwlnkFwd - ok
20:46:05.0390 4016  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
20:46:05.0437 4016  odserv - ok
20:46:05.0484 4016  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:46:05.0625 4016  ohci1394 - ok
20:46:05.0656 4016  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:46:05.0687 4016  ose - ok
20:46:05.0718 4016  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
20:46:05.0843 4016  Parport - ok
20:46:05.0875 4016  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:46:05.0984 4016  PartMgr - ok
20:46:06.0015 4016  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:46:06.0140 4016  ParVdm - ok
20:46:06.0171 4016  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:46:06.0296 4016  PCI - ok
20:46:06.0296 4016  PCIDump - ok
20:46:06.0328 4016  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\drivers\PCIIde.sys
20:46:06.0437 4016  PCIIde - ok
20:46:06.0453 4016  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:46:06.0578 4016  Pcmcia - ok
20:46:06.0578 4016  PDCOMP - ok
20:46:06.0593 4016  PDFRAME - ok
20:46:06.0593 4016  PDRELI - ok
20:46:06.0625 4016  PDRFRAME - ok
20:46:06.0625 4016  perc2 - ok
20:46:06.0625 4016  perc2hib - ok
20:46:06.0687 4016  [ 548418FDE05DFF456F3D7039E70264D1 ] PhTVTune        C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
20:46:06.0734 4016  PhTVTune - ok
20:46:06.0765 4016  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
20:46:06.0781 4016  PlugPlay - ok
20:46:06.0796 4016  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:46:06.0906 4016  PolicyAgent - ok
20:46:06.0937 4016  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:46:07.0078 4016  PptpMiniport - ok
20:46:07.0078 4016  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:46:07.0187 4016  ProtectedStorage - ok
20:46:07.0203 4016  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:46:07.0328 4016  PSched - ok
20:46:07.0343 4016  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:46:07.0468 4016  Ptilink - ok
20:46:07.0468 4016  ql1080 - ok
20:46:07.0484 4016  Ql10wnt - ok
20:46:07.0484 4016  ql12160 - ok
20:46:07.0500 4016  ql1240 - ok
20:46:07.0500 4016  ql1280 - ok
20:46:07.0515 4016  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:46:07.0640 4016  RasAcd - ok
20:46:07.0671 4016  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:46:07.0781 4016  RasAuto - ok
20:46:07.0812 4016  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:46:07.0937 4016  Rasl2tp - ok
20:46:07.0984 4016  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:46:08.0093 4016  RasMan - ok
20:46:08.0109 4016  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:46:08.0250 4016  RasPppoe - ok
20:46:08.0281 4016  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:46:08.0406 4016  Raspti - ok
20:46:08.0453 4016  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:46:08.0562 4016  Rdbss - ok
20:46:08.0625 4016  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:46:08.0750 4016  RDPCDD - ok
20:46:08.0781 4016  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:46:08.0890 4016  RDPWD - ok
20:46:08.0921 4016  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:46:09.0046 4016  RDSessMgr - ok
20:46:09.0062 4016  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:46:09.0203 4016  redbook - ok
20:46:09.0234 4016  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:46:09.0359 4016  RemoteAccess - ok
20:46:09.0437 4016  [ A76CDDB6D1F25797843E2557A2118E2E ] RichVideo       C:\Programme\CyberLink\Shared Files\RichVideo.exe
20:46:09.0453 4016  RichVideo ( UnsignedFile.Multi.Generic ) - warning
20:46:09.0453 4016  RichVideo - detected UnsignedFile.Multi.Generic (1)
20:46:09.0484 4016  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:46:09.0593 4016  RpcLocator - ok
20:46:09.0640 4016  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:46:09.0656 4016  RpcSs - ok
20:46:09.0718 4016  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:46:09.0828 4016  RSVP - ok
20:46:09.0843 4016  rt2870 - ok
20:46:09.0906 4016  [ 7F0413BDD7D53EB4C7A371E7F6F84DF1 ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
20:46:09.0984 4016  RTL8023xp - ok
20:46:10.0015 4016  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:46:10.0140 4016  rtl8139 - ok
20:46:10.0171 4016  [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus        C:\WINDOWS\system32\DRIVERS\s0016bus.sys
20:46:10.0203 4016  s0016bus - ok
20:46:10.0234 4016  [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl       C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
20:46:10.0250 4016  s0016mdfl - ok
20:46:10.0265 4016  [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm        C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
20:46:10.0296 4016  s0016mdm - ok
20:46:10.0343 4016  [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt       C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
20:46:10.0375 4016  s0016mgmt - ok
20:46:10.0390 4016  [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5        C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
20:46:10.0406 4016  s0016nd5 - ok
20:46:10.0437 4016  [ 36792935847143E4A3CDA0DC87248487 ] s0016obex       C:\WINDOWS\system32\DRIVERS\s0016obex.sys
20:46:10.0453 4016  s0016obex - ok
20:46:10.0484 4016  [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic       C:\WINDOWS\system32\DRIVERS\s0016unic.sys
20:46:10.0515 4016  s0016unic - ok
20:46:10.0531 4016  [ D7A84EF8F953A2D704580E4E73E00011 ] s716bus         C:\WINDOWS\system32\DRIVERS\s716bus.sys
20:46:10.0562 4016  s716bus - ok
20:46:10.0578 4016  [ C5B509CDEEB733EFAFADC2D93BC77712 ] s716mdfl        C:\WINDOWS\system32\DRIVERS\s716mdfl.sys
20:46:10.0593 4016  s716mdfl - ok
20:46:10.0625 4016  [ DC3DEC64860878540B374DC7D15D921F ] s716mdm         C:\WINDOWS\system32\DRIVERS\s716mdm.sys
20:46:10.0640 4016  s716mdm - ok
20:46:10.0656 4016  [ 047FD555D897333AD9F61B1D4CC7C114 ] s716mgmt        C:\WINDOWS\system32\DRIVERS\s716mgmt.sys
20:46:10.0687 4016  s716mgmt - ok
20:46:10.0703 4016  [ 2858193E91EEF964E41B6A032E1E4418 ] s716nd5         C:\WINDOWS\system32\DRIVERS\s716nd5.sys
20:46:10.0718 4016  s716nd5 - ok
20:46:10.0750 4016  [ CC6C212585891614CC2059BA48D27A86 ] s716obex        C:\WINDOWS\system32\DRIVERS\s716obex.sys
20:46:10.0765 4016  s716obex - ok
20:46:10.0812 4016  [ AAAEEBA9FA0ECB0DE6BBA59F955CDEFB ] s716unic        C:\WINDOWS\system32\DRIVERS\s716unic.sys
20:46:10.0828 4016  s716unic - ok
20:46:10.0859 4016  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:46:10.0968 4016  SamSs - ok
20:46:11.0000 4016  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:46:11.0125 4016  SCardSvr - ok
20:46:11.0171 4016  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:46:11.0312 4016  Schedule - ok
20:46:11.0312 4016  Scutum50 - ok
20:46:11.0343 4016  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:46:11.0421 4016  Secdrv - ok
20:46:11.0453 4016  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:46:11.0578 4016  seclogon - ok
20:46:11.0609 4016  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
20:46:11.0718 4016  SENS - ok
20:46:11.0750 4016  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
20:46:11.0875 4016  serenum - ok
20:46:11.0906 4016  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
20:46:12.0031 4016  Serial - ok
20:46:12.0078 4016  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
20:46:12.0218 4016  Sfloppy - ok
20:46:12.0250 4016  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:46:12.0390 4016  SharedAccess - ok
20:46:12.0406 4016  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:46:12.0437 4016  ShellHWDetection - ok
20:46:12.0468 4016  [ 4FDD2FBB89FE4AB84F7E23171CA6885C ] siellif         C:\WINDOWS\system32\Drivers\siellif.sys
20:46:12.0484 4016  siellif ( UnsignedFile.Multi.Generic ) - warning
20:46:12.0484 4016  siellif - detected UnsignedFile.Multi.Generic (1)
20:46:12.0484 4016  Simbad - ok
20:46:12.0515 4016  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:46:12.0640 4016  SLIP - ok
20:46:12.0656 4016  Sparrow - ok
20:46:12.0671 4016  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:46:12.0812 4016  splitter - ok
20:46:12.0843 4016  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:46:12.0906 4016  Spooler - ok
20:46:12.0937 4016  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:46:13.0031 4016  sr - ok
20:46:13.0078 4016  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:46:13.0156 4016  srservice - ok
20:46:13.0203 4016  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:46:13.0265 4016  Srv - ok
20:46:13.0281 4016  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:46:13.0343 4016  SSDPSRV - ok
20:46:13.0390 4016  [ EA8925B4FF94B307D9A9B20FD664D543 ] SSHDRV5C        C:\WINDOWS\system32\drivers\SSHDRV5C.sys
20:46:13.0406 4016  SSHDRV5C ( UnsignedFile.Multi.Generic ) - warning
20:46:13.0406 4016  SSHDRV5C - detected UnsignedFile.Multi.Generic (1)
20:46:13.0437 4016  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:46:13.0468 4016  ssmdrv - ok
20:46:13.0484 4016  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:46:13.0625 4016  stisvc - ok
20:46:13.0656 4016  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:46:13.0781 4016  streamip - ok
20:46:13.0812 4016  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:46:13.0937 4016  swenum - ok
20:46:13.0968 4016  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:46:14.0109 4016  swmidi - ok
20:46:14.0109 4016  SwPrv - ok
20:46:14.0125 4016  symc810 - ok
20:46:14.0125 4016  symc8xx - ok
20:46:14.0140 4016  sym_hi - ok
20:46:14.0140 4016  sym_u3 - ok
20:46:14.0171 4016  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:46:14.0296 4016  sysaudio - ok
20:46:14.0328 4016  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:46:14.0437 4016  SysmonLog - ok
20:46:14.0468 4016  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:46:14.0609 4016  TapiSrv - ok
20:46:14.0656 4016  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:46:14.0718 4016  Tcpip - ok
20:46:14.0750 4016  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:46:14.0875 4016  TDPIPE - ok
20:46:14.0906 4016  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:46:15.0031 4016  TDTCP - ok
20:46:15.0062 4016  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:46:15.0187 4016  TermDD - ok
20:46:15.0203 4016  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:46:15.0328 4016  TermService - ok
20:46:15.0343 4016  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:46:15.0359 4016  Themes - ok
20:46:15.0359 4016  TosIde - ok
20:46:15.0390 4016  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:46:15.0515 4016  TrkWks - ok
20:46:15.0531 4016  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:46:15.0656 4016  Udfs - ok
20:46:15.0671 4016  ultra - ok
20:46:15.0687 4016  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:46:15.0828 4016  Update - ok
20:46:15.0859 4016  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:46:15.0921 4016  upnphost - ok
20:46:15.0937 4016  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
20:46:16.0062 4016  UPS - ok
20:46:16.0093 4016  [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
20:46:16.0140 4016  USBAAPL - ok
20:46:16.0156 4016  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
20:46:16.0296 4016  usbaudio - ok
20:46:16.0312 4016  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:46:16.0453 4016  usbccgp - ok
20:46:16.0484 4016  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:46:16.0609 4016  usbehci - ok
20:46:16.0640 4016  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:46:16.0781 4016  usbhub - ok
20:46:16.0796 4016  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:46:16.0921 4016  usbscan - ok
20:46:16.0937 4016  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:46:17.0046 4016  usbstor - ok
20:46:17.0062 4016  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:46:17.0203 4016  usbuhci - ok
20:46:17.0203 4016  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:46:17.0328 4016  VgaSave - ok
20:46:17.0328 4016  ViaIde - ok
20:46:17.0359 4016  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:46:17.0484 4016  VolSnap - ok
20:46:17.0515 4016  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
20:46:17.0593 4016  VSS - ok
20:46:17.0625 4016  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
20:46:17.0765 4016  W32Time - ok
20:46:17.0796 4016  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:46:17.0906 4016  Wanarp - ok
20:46:17.0953 4016  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
20:46:18.0000 4016  Wdf01000 - ok
20:46:18.0000 4016  WDICA - ok
20:46:18.0031 4016  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:46:18.0171 4016  wdmaud - ok
20:46:18.0203 4016  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:46:18.0328 4016  WebClient - ok
20:46:18.0406 4016  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:46:18.0531 4016  winmgmt - ok
20:46:18.0593 4016  [ FD600B032E741EB6AAB509FC630F7C42 ] winusb          C:\WINDOWS\system32\DRIVERS\WinUSB.SYS
20:46:18.0625 4016  winusb - ok
20:46:18.0656 4016  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
20:46:18.0718 4016  WmdmPmSN - ok
20:46:18.0750 4016  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:46:18.0875 4016  WmiApSrv - ok
20:46:18.0953 4016  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
20:46:19.0046 4016  WMPNetworkSvc - ok
20:46:19.0078 4016  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:46:19.0093 4016  WpdUsb - ok
20:46:19.0218 4016  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:46:19.0250 4016  WPFFontCache_v0400 - ok
20:46:19.0296 4016  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:46:19.0406 4016  WS2IFSL - ok
20:46:19.0453 4016  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:46:19.0578 4016  wscsvc - ok
20:46:19.0609 4016  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:46:19.0734 4016  WSTCODEC - ok
20:46:19.0765 4016  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:46:19.0875 4016  wuauserv - ok
20:46:19.0906 4016  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:46:19.0953 4016  WudfPf - ok
20:46:19.0984 4016  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:46:20.0015 4016  WudfRd - ok
20:46:20.0046 4016  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
20:46:20.0062 4016  WudfSvc - ok
20:46:20.0125 4016  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:46:20.0265 4016  WZCSVC - ok
20:46:20.0296 4016  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:46:20.0421 4016  xmlprov - ok
20:46:20.0468 4016  ================ Scan global ===============================
20:46:20.0515 4016  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
20:46:20.0578 4016  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
20:46:20.0593 4016  [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
20:46:20.0609 4016  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
20:46:20.0609 4016  [Global] - ok
20:46:20.0609 4016  ================ Scan MBR ==================================
20:46:20.0640 4016  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
20:46:20.0843 4016  \Device\Harddisk0\DR0 - ok
20:46:20.0859 4016  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:46:21.0281 4016  \Device\Harddisk1\DR1 - ok
20:46:21.0281 4016  [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk7\DR14
20:46:24.0062 4016  \Device\Harddisk7\DR14 - ok
20:46:24.0062 4016  ================ Scan VBR ==================================
20:46:24.0062 4016  [ BB6E11143E0D42102333E22378E536E4 ] \Device\Harddisk0\DR0\Partition1
20:46:24.0078 4016  \Device\Harddisk0\DR0\Partition1 - ok
20:46:24.0078 4016  [ 8F508C70623727FAB5C584106AE9B1BE ] \Device\Harddisk1\DR1\Partition1
20:46:24.0078 4016  \Device\Harddisk1\DR1\Partition1 - ok
20:46:24.0078 4016  [ 7CECB962CD1A99A9EF03730FEAFCAE5C ] \Device\Harddisk7\DR14\Partition1
20:46:24.0078 4016  \Device\Harddisk7\DR14\Partition1 - ok
20:46:24.0078 4016  ============================================================
20:46:24.0078 4016  Scan finished
20:46:24.0078 4016  ============================================================
20:46:24.0218 4012  Detected object count: 18
20:46:24.0218 4012  Actual detected object count: 18
20:50:15.0265 4012  Afc ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0265 4012  Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0265 4012  atksgt ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0265 4012  atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0265 4012  avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0265 4012  avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0265 4012  CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0265 4012  CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0265 4012  CLSched ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0265 4012  CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0265 4012  CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0265 4012  CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0265 4012  DectEnum ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0265 4012  DectEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0281 4012  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0281 4012  EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0281 4012  EPSON_EB_RPCV4_04 ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0281 4012  EPSON_EB_RPCV4_04 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0281 4012  EPSON_PM_RPCV4_04 ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0281 4012  EPSON_PM_RPCV4_04 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0281 4012  Gigusb ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0281 4012  Gigusb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0281 4012  HRCMPA ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0281 4012  HRCMPA ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0281 4012  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0281 4012  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0281 4012  IUAPIWDM ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0281 4012  IUAPIWDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0281 4012  lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0281 4012  lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0281 4012  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0281 4012  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0296 4012  siellif ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0296 4012  siellif ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:15.0296 4012  SSHDRV5C ( UnsignedFile.Multi.Generic ) - skipped by user
20:50:15.0296 4012  SSHDRV5C ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:50:54.0500 3924  Deinitialize success
         
Ja normaler Modus läuft.


Alt 30.05.2013, 18:58   #6
markusg
/// Malware-holic
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



Passt.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> System Care Antivirus-OTL Log

Alt 30.05.2013, 19:51   #7
Chalumi
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



So hier der Combofix Log:

Code:
ATTFilter
ComboFix 13-05-30.02 - Anne 30.05.2013  21:18:14.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1535.905 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Anne\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
 ADS - WINDOWS: deleted 24 bytes in 1 streams. 
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18
c:\dokumente und einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18\4C6A4D2442D7F85C00004C6A00BFFE18
c:\dokumente und einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18\4C6A4D2442D7F85C00004C6A00BFFE18.exe
c:\dokumente und einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18\4C6A4D2442D7F85C00004C6A00BFFE18.ico
c:\dokumente und einstellungen\Anne\Anwendungsdaten\avdrn.dat
c:\dokumente und einstellungen\Anne\Anwendungsdaten\Ebezze\irys.exe
c:\dokumente und einstellungen\Anne\Anwendungsdaten\Efiren\ymle.exe
c:\dokumente und einstellungen\Anne\WINDOWS
c:\windows\dasetup.log
c:\windows\IsUn0407.exe
c:\windows\ST6UNST.000
c:\windows\system32\2391860477.dat
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETTCPPORTSHARINGSECLOGON
-------\Service_NetTcpPortSharingseclogon
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-28 bis 2013-05-30  ))))))))))))))))))))))))))))))
.
.
2013-05-31 00:22 . 2013-05-31 00:22	--------	d-----w-	C:\_OTL
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 09:25 . 2012-04-19 15:07	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-05-15 09:25 . 2011-06-15 17:13	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-16 22:16 . 2005-09-23 17:31	920064	----a-w-	c:\windows\system32\wininet.dll
2013-04-16 22:16 . 2005-09-23 17:31	43520	------w-	c:\windows\system32\licmgr10.dll
2013-04-16 22:16 . 2005-09-23 17:31	1469440	------w-	c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2005-09-23 17:31	385024	------w-	c:\windows\system32\html.iec
2013-04-12 14:00 . 2005-09-23 17:31	1876480	----a-w-	c:\windows\system32\win32k.sys
2013-04-08 14:36 . 2013-04-08 14:36	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-04-08 14:36 . 2012-06-22 07:06	861088	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-04-08 14:36 . 2011-01-20 09:34	782240	----a-w-	c:\windows\system32\deployJava1.dll
2013-04-08 14:36 . 2007-11-13 15:03	143872	----a-w-	c:\windows\system32\javacpl.cpl
2013-03-29 08:12 . 2013-03-14 13:57	37352	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-03-29 08:12 . 2013-03-14 13:57	84744	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-03-29 08:12 . 2013-03-14 13:57	135136	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-03-08 08:36 . 2005-09-23 17:31	293888	----a-w-	c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2004-08-04 00:50	2031104	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-03-07 15:56 . 2004-08-04 00:50	2152448	----a-w-	c:\windows\system32\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\programme\Ask.com\GenericAskToolbar.dll" [2012-06-20 1519824]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-22 68856]
"SpybotSD TeaTimer"="c:\programme\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"GarminExpressTrayApp"="c:\programme\Garmin\Express Tray\ExpressTray.exe" [2013-03-27 1098072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2005-08-18 14820864]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-04-15 45056]
"{1290A33C-85F5-4164-A1BE-7DD299D4986A}"="c:\program files\CyberLink\PowerBackup\PBKScheduler.exe" [2005-04-11 69721]
"PCMService"="c:\program files\CyberLink\PowerCinema\PCMService.exe" [2005-09-21 139264]
"CloneCDTray"="c:\programme\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"MyGarminAgent"="c:\programme\Garmin\MyGarminAgent.exe" [2009-06-17 331776]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2010-11-29 421888]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2011-11-12 421736]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ApnUpdater"="c:\programme\Ask.com\Updater\Updater.exe" [2012-06-20 1568976]
"PDFPrint"="c:\programme\PDF24\pdf24.exe" [2012-12-12 163000]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2013-05-08 345312]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 00:42	72208	----a-w-	c:\programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Dokumente und Einstellungen\\Anne\\Eigene Dateien\\Lukas\\Arbeiten1\\Telligo\\Spiele\\BlobbyVolley\\volley.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Programme\\Motorola\\Software Update\\msu.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programme\\EpsonNet\\EpsonNet Setup\\tool10\\ENEasyApp.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7000:TCP"= 7000:TCP:TCP-Port für Windows-EasyTransfer
"7000:UDP"= 7000:UDP:UDP-Port für Windows-EasyTransfer
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [14.03.2013 15:57 37352]
R1 SSHDRV5C;SSHDRV5C;c:\windows\system32\drivers\SSHDRV5C.sys [29.08.2008 12:50 34816]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [14.03.2013 15:57 86752]
R2 AntiVirWebService;Avira Browser-Schutz;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [14.03.2013 15:57 562744]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\programme\Gemeinsame Dateien\EPSON\EPW!3 SSRP\E_S50ST7.EXE [02.12.2012 16:17 153600]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\programme\Gemeinsame Dateien\EPSON\EPW!3 SSRP\E_S50RP7.EXE [02.12.2012 16:17 121856]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\programme\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [27.03.2013 16:17 185688]
R3 PhTVTune;ProVideo WDM TVTuner;c:\windows\system32\drivers\PhTVTune.sys [23.09.2005 19:37 24288]
S2 Scutum50;Scutum50 NDIS Protocol Driver;c:\windows\system32\Drivers\Scutum50.sys --> c:\windows\system32\Drivers\Scutum50.sys [?]
S3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [20.09.2012 12:47 4352]
S3 DectEnum;DectEnum;c:\windows\system32\drivers\DectEnum.sys [25.03.2004 17:01 8448]
S3 fwlanusb4;FRITZ!WLAN N/G;c:\windows\system32\drivers\fwlanusb4.sys [20.09.2012 12:46 926080]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [20.01.2011 11:14 13224]
S3 Gigusb;Dect USB Driver;c:\windows\system32\drivers\Gigusb.sys [25.03.2004 17:11 53632]
S3 HRCMPA;ISDN Wan driver (Ver. 1.20.0029);c:\windows\system32\drivers\hrcmpa.sys [28.08.2003 08:44 249910]
S3 IUAPIWDM;ISDN USB Interface (Ver. 1.20.0029);c:\windows\system32\drivers\IUAPIWDM.sys [19.08.2003 17:46 53552]
S3 MicNgBas;Cinergy Dual T PCIe Base Driver;c:\windows\system32\drivers\MicNgBas.sys [23.09.2005 19:37 44160]
S3 MicNgCap;Cinergy Dual T PCIe Capture Driver;c:\windows\system32\drivers\MicNgCap.sys [23.09.2005 19:37 48896]
S3 MicNgTun;Cinergy Dual T PCIe Tuner Driver;c:\windows\system32\drivers\MicNgTun.sys [23.09.2005 19:37 98176]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [12.02.2009 17:57 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [12.02.2009 17:57 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [12.02.2009 17:57 42112]
S3 NETFWDSL;AVM FRITZ!web DSL PPP;c:\windows\system32\DRIVERS\NETFWDSL.SYS --> c:\windows\system32\DRIVERS\NETFWDSL.SYS [?]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [20.01.2011 11:26 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [20.01.2011 11:26 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [20.01.2011 11:26 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [20.01.2011 11:26 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [20.01.2011 11:26 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [20.01.2011 11:26 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [20.01.2011 11:26 115752]
S3 siellif;siellif;c:\windows\system32\drivers\siellif.sys [25.03.2004 16:59 113280]
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 09:25]
.
2013-03-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-02 13:19]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-02 13:19]
.
2013-05-30 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programme\Ask.com\UpdateTask.exe [2012-06-20 11:18]
.
2013-05-29 c:\windows\Tasks\User_Feed_Synchronization-{0D519067-02F1-4663-A406-155872697957}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.gmx.de/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/fuji/defaults/su/*hxxp://www.yahoo.com
IE: &Download by Orbit - g:\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - g:\orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - g:\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - g:\orbitdownloader\orbitmxt.dll/202
IE: Free YouTube to MP3 Converter - c:\dokumente und einstellungen\Anne\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Mit FRITZ!Box Anrufen
IE: Mit FRITZ!Box Anrufen\Flags
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\programme\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - c:\programme\GMX Toolbar\IE\uitb.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Power2GoExpress - (no file)
HKCU-Run-updateMgr - c:\programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe
HKCU-Run-IncrediMail - c:\programme\IncrediMail\bin\IncMail.exe
HKCU-Run-{27B0DC9C-E8E5-82F2-D107-284A10FF5909} - c:\dokumente und einstellungen\Anne\Anwendungsdaten\Ebezze\irys.exe
HKCU-Run-{1AB22013-1ACE-B43E-DA31-1DD362CD9026} - c:\dokumente und einstellungen\Anne\Anwendungsdaten\Efiren\ymle.exe
HKLM-Run-NBKeyScan - c:\programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-SunJavaUpdateSched - c:\programme\Java\jre7\bin\jusched.exe
AddRemove-IC35 Manager - c:\windows\IsUn0407.exe
AddRemove-IC35 Sync - c:\windows\IsUn0407.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
AddRemove-PhotoRecord - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-05-30 21:43
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,08,27,37,3b,48,65,18,4b,84,5d,a5,\
.
[HKEY_USERS\S-1-5-21-2404341298-360915809-3850529198-1008\Software\SecuROM\License information*]
"datasecu"=hex:81,62,e2,fd,a6,75,3a,63,e7,8c,05,87,b1,c8,53,8e,fb,5c,0b,1d,1f,
   d6,66,0b,63,13,c4,c9,7e,70,ba,e5,c5,26,2f,68,c6,1f,fa,09,c1,d5,3a,b2,44,68,\
"rkeysecu"=hex:50,b0,88,83,b7,a0,8c,45,51,76,56,3b,b1,cf,27,76
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•6~*]
"7040111900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(556)
c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll
c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTServ.dll
.
- - - - - - - > 'lsass.exe'(612)
c:\programme\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(2348)
c:\programme\Windows Media Player\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\progra~1\ArcSoft\PHOTOI~1\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
c:\program files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLService.exe
c:\programme\Java\jre7\bin\jqs.exe
c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\programme\CyberLink\Shared Files\RichVideo.exe
c:\program files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\programme\iPod\bin\iPodService.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-05-30  21:49:28 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-05-30 19:49
.
Vor Suchlauf: 30 Verzeichnis(se), 84.248.678.400 Bytes frei
Nach Suchlauf: 32 Verzeichnis(se), 93.602.193.408 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - D345BB5D8D36BA12217D81D6D12F8F64
         

Alt 30.05.2013, 21:37   #8
markusg
/// Malware-holic
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



hi
sei doch so gut, öffne Arbeitsplatz, c: qoobox, mit winrar packen und im UPloadchannel hochladen, kurze Rückmeldung, wenn erledigt.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.05.2013, 14:01   #9
Chalumi
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



So die .rar ist hochgeladen.

Alt 31.05.2013, 14:27   #10
markusg
/// Malware-holic
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



Hi danke fürs hochladen.
wird dieses Gerät fürs Onlinebanking, zum einkaufen, für sonstige Zahlungsabwicklungen oder ähnlich wichtigem, wie beruflichem, verwendet?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.05.2013, 15:01   #11
Chalumi
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



Ja Online-Banking wird relativ regelmäßig durchgeführt. Einkaufen etc. auch hin und wieder.

Alt 31.05.2013, 15:04   #12
markusg
/// Malware-holic
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



Ok, bank anrufen, onlinebanking wegen Zbot sperren lassen, notfalnummer:
116 116

Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und der sicherste Weg, zumal du deinen PC
für onlinebanking, verwendest
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.
Wenn es mein PC währe, würd ich ihn einmal neu machen, und dann absichern, Anleitungen bekommst du dazu.
Auch wenn du bereinigen willst natürlich
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.05.2013, 15:15   #13
Chalumi
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



Ja ok. wie ist das denn bei einem Neumachen mit den Daten. Der betroffenen Computer gehört meiner Mutter und sie möchte vor allem die E-mails behalten.

Ein Back-up liegt nicht vor.

Alt 31.05.2013, 15:16   #14
markusg
/// Malware-holic
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



Daten können wir schon sichern?
1. welches mailprogramm?
2. würde ich erst mal gucken, welche mails man noch braucht, evtl. den spamordner leeren, papierkorb und gesendete Objekte und ordner komprimieren.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.05.2013, 16:13   #15
Chalumi
 
System Care Antivirus-OTL Log - Standard

System Care Antivirus-OTL Log



Also:

1. Outlook Express

2. Die Mails sind soweit sortiert und die Vorhandenen sollen alle gesichert werden.

Antwort

Themen zu System Care Antivirus-OTL Log
adobe, antivirus, avira, avira searchfree toolbar, bho, bonjour, desktop, einstellungen, error, explorer, flash player, format, hdaudio.sys, helper, homepage, launch, log, logfile, object, opera, realtek, registry, safer networking, scan, software, system, system care, usb, windows, windows xp



Ähnliche Themen: System Care Antivirus-OTL Log


  1. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 16.12.2013 (22)
  2. System Care Antivirus
    Log-Analyse und Auswertung - 04.09.2013 (5)
  3. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (4)
  4. System Care Antivirus was tun?
    Plagegeister aller Art und deren Bekämpfung - 09.08.2013 (3)
  5. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (25)
  6. System Care Antivirus auf PC
    Plagegeister aller Art und deren Bekämpfung - 20.07.2013 (10)
  7. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (15)
  8. System Care Antivirus
    Log-Analyse und Auswertung - 25.06.2013 (33)
  9. System Care Antivirus
    Log-Analyse und Auswertung - 23.06.2013 (9)
  10. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 23.06.2013 (21)
  11. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (70)
  12. System Care Antivirus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 23.05.2013 (3)
  13. System Care Antivirus Win XP
    Plagegeister aller Art und deren Bekämpfung - 03.05.2013 (11)
  14. System Care Antivirus Win XP
    Mülltonne - 01.05.2013 (1)
  15. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 19.04.2013 (1)
  16. System Care Antivirus entfernen
    Anleitungen, FAQs & Links - 10.04.2013 (2)

Zum Thema System Care Antivirus-OTL Log - Hallo zusammen, bei mir hat der System Care Antivirus auch zugeschlagen. Hab erstmal direkt den OTL Scan drüberlaufen lassen. Hier das Ergebnis: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created - System Care Antivirus-OTL Log...
Archiv
Du betrachtest: System Care Antivirus-OTL Log auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.