Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GVU Trojaner mit WIN XP Laptop eingefangen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.07.2013, 14:27   #1
Jelar
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Hallo zusammen,
Vor etwa 3 Wochen ist mein Bildschirm hinter GVU Warnung verschwunden. Nach denn neustart war damals alles OK. Gestern kamm es wieder zur abstürtz. Nach rat aus dem Int Forum habe ich verschiednes ausprobiert und ergend wie geschaft wieder in normalen Modus zur kommen (Prefetch Ordnerinhalt gelöscht, AVIRA, CCleaner...) Wenn ich neu starte und sofort manuell Avira scann starte dann bleibt alles OK, wenn ich aber warte ohne scan, kommt Bildschirmspere. Zuletzt habe ich Euren t'john aus den Helfer-Team(s.Link unten) befolgt und ein scann mit OTL gemacht, egebnis füge ich unten bei. Eure Kolege hat aber für Win 7 gearbeitet, kann ich die ratschläge auch für Win XP anwenden um sicher zur sein, das ich wieder Virenfrei bin? Hab nicht so viel ahnung von PCs und bitte Sie um hilfe und Logfiles auswertung. DANKE und Gruß

http://www.trojaner-board.de/134470-...ngefangen.html


LOGFILE 1:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.07.2013 14:04:55 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\****** *******\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,98 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 71,90% Memory free
4,82 Gb Paging File | 3,98 Gb Available in Paging File | 82,53% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 142,51 Gb Total Space | 18,25 Gb Free Space | 12,81% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 248,16 Gb Free Space | 83,25% Space Free | Partition Type: NTFS
 
Computer Name: LENOVO-66E55E6C | User Name: ***** ******* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Symantec\pcAnywhere\Winaw32.exe" = C:\Programme\Symantec\pcAnywhere\Winaw32.exe:*:Enabled:pcAnywhere Main Executable -- (Symantec Corporation)
"C:\Programme\Symantec\pcAnywhere\awhost32.exe" = C:\Programme\Symantec\pcAnywhere\awhost32.exe:*:Enabled:pcAnywhere Host Service -- (Symantec Corporation)
"C:\Programme\Symantec\pcAnywhere\awrem32.exe" = C:\Programme\Symantec\pcAnywhere\awrem32.exe:*:Enabled:pcAnywhere Remote Service -- (Symantec Corporation)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe:*:Enabled:Installationsprogramm für Kaspersky Internet Security 2009 -- (Kaspersky Lab)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process  -- (Nokia Corporation)
"C:\Programme\Gemeinsame Dateien\XpressUpdate\XPressUpdate.exe" = C:\Programme\Gemeinsame Dateien\XpressUpdate\XPressUpdate.exe:*:Enabled:XPressUpdate
"C:\Programme\RosettaStoneLtdServices\RosettaStoneLtdServices.exe" = C:\Programme\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd.)
"C:\Programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe" = C:\Programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Daemon -- (Rosetta Stone Ltd.)
"\\***-server\Install\Funkwerk\TAPI 131ß\setup.exe" = \\***-server\Install\Funkwerk\TAPI 131ß\setup.exe:*:Enabled:setup.exe
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application
"C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Dokumente und Einstellungen\***** *******\Lokale Einstellungen\Temp\Nero Web\SetupXu.exe" = C:\Dokumente und Einstellungen\***** *******\Lokale Einstellungen\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup
"C:\Programme\TVUPlayer\TVUPlayer.exe" = C:\Programme\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component
"C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox
"D:\setup\HPPNIPRINT01.EXE" = D:\setup\HPPNIPRINT01.EXE:*:Enabled:hppniprint01.exe
"D:\setup\HPPNIPRINT64.EXE" = D:\setup\HPPNIPRINT64.EXE:*:Enabled:hppniprint64.exe
"D:\setup\HPPNICIFS01.EXE" = D:\setup\HPPNICIFS01.EXE:*:Enabled:hppnicifs01.exe
"D:\setup\CustomPrnDnld\HPPCSTPG.EXE" = D:\setup\CustomPrnDnld\HPPCSTPG.EXE:*:Enabled:hppcstpg.exe
"D:\setup\HPBTPG.EXE" = D:\setup\HPBTPG.EXE:*:Enabled:hpbtpg.exe
"D:\setup\LaunchApp.exe" = D:\setup\LaunchApp.exe:*:Enabled:launchapp.exe
"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\AirPort\APAgent.exe" = C:\Programme\AirPort\APAgent.exe:*:Enabled:AirPort -- (Apple Inc.)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}" = Visual Studio C++ 9.0 Runtime
"{0921D0A0-5A37-4318-9EDD-6B6EC12E6380}" = Lexware QuickBooks 2008
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{10DDCDDD-9A59-4496-9371-C17F1668D433}" = Windows Live Toolbar
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP100_series" = Canon iP100 series
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19382EF6-8D47-4C3C-AA57-D2D2CDF03828}" = elmeg PABX TAPI V1.32
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{255E0D2A-6AC9-40CB-8F5E-84C8FD7E9DA9}" = hppscanCM1312
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2EE66895-2912-4980-82FD-0AF03FB884DC}" = Lexware QuickBooks 2008
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{319786B7-D72F-43B3-99C1-E93724ED17D3}" = Lexware online banking 4.90
"{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}" = funScreenScraping Client Version
"{3230518C-2953-4FB9-8485-B3CDFCC36A70}" = Rosetta Stone Ltd Services
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{37964A88-DAA1-488B-AE88-A5B6DDC6E9A6}" = Sony Ericsson Wireless Manager 5
"{38EBEF35-18E3-4B74-A560-8F80685B9626}" = Lexware QuickBooks plus 2008
"{39833F8D-0389-43A3-BDED-1C272E1703EA}" = Nokia PC-Internetzugang
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Integrated Camera
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41894269-0DD1-4C85-B3DD-1EB41B07621D}" = ThinkVantage Fingerprint Software 5.6
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}" = hppSendFaxCM1312
"{4B5E4600-5CDC-442C-8C2E-6767B51B169E}" = Remote Presenter
"{4C0F8A40-2273-43E1-8C61-40D7F0573EDE}" = AirPort
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D9DD45B-E79A-4F04-898E-B2C3769AB729}" = Serif DrawPlus X2
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BE4CACE-8B98-4BE7-B854-2CF79D983F3D}" = Lexware Abschreibungsrechner
"{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Office-Bibliothek
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Präsentationsdirektor
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" = 
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7239A06F-235B-43B1-970D-7A411FD95683}" = Nokia Software Updater
"{72BB5DC4-1C72-4306-9005-6B44190DF430}" = Lexware QuickBooks 2008
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Lite
"{7985C7FA-B151-4BA7-B19E-1577A7B527F1}" = hppFaxDrvCM1312
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C2B745A-E7F1-41F1-B9BB-3DDB8D52E4CE}" = Readiris Pro 11
"{7D9A486B-DD9E-4526-9B3A-B26B83179EAE}" = Lexware online banking 4.90
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{80BA9DC6-D628-4752-A1C3-15349C71BB42}" = hppManualsCM1312
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}" = HP Color LaserJet CM1312 MFP Series 5.0
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
"{9A728786-E1CC-49E7-A4B5-EE769410882A}" = StarMoney
"{9A770DAE-BF29-4455-9C6F-20C2F5A940C1}" = funkwerk Phone TAPI V1.33
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A925C778-5E00-477D-A282-B772C9E76DC7}" = hppScanToCM1312
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AC849092-6F19-4395-8860-BC3B82CAFE51}" = funScreenScraping Microsoft Systemdateien
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B6828215-1469-43A2-8BEE-F5A970F98161}" = Microsoft Office 2003 International Character Toolbar
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B6FA7BE5-6C3F-42AF-B3C1-C1F4536920C5}" = Lexware Abschreibungsrechner
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BF638E12-90F1-443D-B93F-51BCCFD487BA}" = hppCLJCM1312
"{C019A4C7-C791-450C-A5CF-FF95826CD276}" = Lexware QuickBooks 2008
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC322D0B-CC8E-4351-90F2-19275DFFC134}" = Lexware QuickBooks 2008
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CD23CF22-1DA2-4351-B6C4-B1A2859C68AC}" = eDrawings 2008
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D0A858BE-A665-4C0D-BC5F-C37E534B7669}" = PC Connectivity Solution
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D728E945-256D-4477-B377-6BBA693714AC}" = Ergänzung zu Productivity Center für ThinkPad
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E05E8183-866A-11D3-97DF-0000F8D8F2E9}" = Symantec pcAnywhere
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ECDC2BC0-0449-48EA-9EBA-95048591DA17}" = hppFaxUtilityCM1312
"{EF4E0DA6-02E0-47BF-9BB6-DC0E83CC6F4C}" = Sony Ericsson MD300 Wireless Modem
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F055E1B2-8A05-4D87-8039-1BE979BA4193}" = Client Security Solution
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant
"{F7E345A5-F79B-44EE-BC4A-738899E756C0}" = Lexware online banking 4.90
"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1031}" = Nero 7 Premium
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem  (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.4)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 6.0
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Advanced Port Scanner v1.3" = Advanced Port Scanner v1.3
"Avira AntiVir Desktop" = Avira Free Antivirus
"AwayTask" = Maintenance Manager
"Birkner 2008" = BIRKNER 2008 deinstallieren
"Canon Setup Utility 2.4" = Canon Setup Utility 2.4
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Carom3D" = Carom3D
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"Destinator PC Portal" = Destinator PC Portal
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DocView" = DocView
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Google Calendar Sync" = Google Calendar Sync
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Lenovo Registration" = Lenovo Registration
"LiveReg" = LiveReg (Symantec Corporation)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"myBabylon_English Toolbar" = myBabylon_English Toolbar
"MyTomTom" = MyTomTom 3.1.0.432
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Internet Access" = Nokia PC-Internetzugang
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"O2M 2.1 for Outlook 2002/2003/XP/2007_is1" = O2M 2.1 (Outlook 2002/2003/XP/2007)
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor 5 for Windows" = PC-Doctor 5 für Windows
"PCMCIAPW" = ThinkPad PC Card Power Policy
"Picasa 3" = Picasa 3
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Remove Multimedia Center" = Remove Multimedia Center
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"SysTools vCard Export - Demo Version 3.0_is1" = SysTools vCard Export
"TeamViewer 6 Host" = TeamViewer 6 Host
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"TomTom HOME" = TomTom HOME 2.8.0.2146
"UN070618" = BUFFALO TurboUSB for FLASH/HDD
"Vector Magic" = Vector Magic
"VirtualCloneDrive" = VirtualCloneDrive
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Windows Mobile®-Gerätehandbuch
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.11.2012 07:14:10 | Computer Name = LENOVO-66E55E6C | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 26.06.2013 07:03:19 | Computer Name = LENOVO-66E55E6C | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 26.06.2013 07:03:19 | Computer Name = LENOVO-66E55E6C | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 09.07.2013 09:36:47 | Computer Name = LENOVO-66E55E6C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hpqtra08.exe, Version 100.0.170.0, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x003a0258.
 
Error - 09.07.2013 10:02:43 | Computer Name = LENOVO-66E55E6C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hpqtra08.exe, Version 100.0.170.0, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000101b3.
 
Error - 09.07.2013 11:47:50 | Computer Name = LENOVO-66E55E6C | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\***** *******\RECENT\DESKTOP.INI>
 in der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 09.07.2013 11:47:51 | Computer Name = LENOVO-66E55E6C | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\***** *******\RECENT\DESKTOP.INI>
 in der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 10.07.2013 05:06:00 | Computer Name = LENOVO-66E55E6C | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\***** *******\RECENT\DESKTOP.INI>
 in der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
[ System Events ]
Error - 10.07.2013 04:43:24 | Computer Name = LENOVO-66E55E6C | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DHCP-Client" ist vom Dienst "NetBios über TCP/IP" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Apple Mobile Device" ist vom Dienst "TCP/IP-Protokolltreiber"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Dienst "Bonjour"" ist vom Dienst "TCP/IP-Protokolltreiber"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   AFD  ANC  avipbb  avkmgr  awlegacy  ElbyCDIO  Fips  IBMTPCHK  intelppm  IPSec  MRxSmb  NetBIOS  NetBT  RasAcd
Rdbss
ssmdrv
Tcpip
TPHKDRV
TPPWRIF
TSMAPIP
 
Error - 10.07.2013 04:49:48 | Computer Name = LENOVO-66E55E6C | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 10.07.2013 05:01:59 | Computer Name = LENOVO-66E55E6C | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 10.07.2013 05:05:32 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
 gestartet.
 
 
< End of report >
         
--- --- ---


LOGFILE 2OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.07.2013 14:04:55 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Georg Larisch\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,98 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 71,90% Memory free
4,82 Gb Paging File | 3,98 Gb Available in Paging File | 82,53% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 142,51 Gb Total Space | 18,25 Gb Free Space | 12,81% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 248,16 Gb Free Space | 83,25% Space Free | Partition Type: NTFS
 
Computer Name: LENOVO-66E55E6C | User Name: ***** ******* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Symantec\pcAnywhere\Winaw32.exe" = C:\Programme\Symantec\pcAnywhere\Winaw32.exe:*:Enabled:pcAnywhere Main Executable -- (Symantec Corporation)
"C:\Programme\Symantec\pcAnywhere\awhost32.exe" = C:\Programme\Symantec\pcAnywhere\awhost32.exe:*:Enabled:pcAnywhere Host Service -- (Symantec Corporation)
"C:\Programme\Symantec\pcAnywhere\awrem32.exe" = C:\Programme\Symantec\pcAnywhere\awrem32.exe:*:Enabled:pcAnywhere Remote Service -- (Symantec Corporation)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe:*:Enabled:Installationsprogramm für Kaspersky Internet Security 2009 -- (Kaspersky Lab)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process  -- (Nokia Corporation)
"C:\Programme\Gemeinsame Dateien\XpressUpdate\XPressUpdate.exe" = C:\Programme\Gemeinsame Dateien\XpressUpdate\XPressUpdate.exe:*:Enabled:XPressUpdate
"C:\Programme\RosettaStoneLtdServices\RosettaStoneLtdServices.exe" = C:\Programme\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Ltd Services -- (Rosetta Stone Ltd.)
"C:\Programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe" = C:\Programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Daemon -- (Rosetta Stone Ltd.)
"\\***-server\Install\Funkwerk\TAPI 131ß\setup.exe" = \\***-server\Install\Funkwerk\TAPI 131ß\setup.exe:*:Enabled:setup.exe
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application
"C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Dokumente und Einstellungen\***** *******\Lokale Einstellungen\Temp\Nero Web\SetupXu.exe" = C:\Dokumente und Einstellungen\***** *******\Lokale Einstellungen\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup
"C:\Programme\TVUPlayer\TVUPlayer.exe" = C:\Programme\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component
"C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox
"D:\setup\HPPNIPRINT01.EXE" = D:\setup\HPPNIPRINT01.EXE:*:Enabled:hppniprint01.exe
"D:\setup\HPPNIPRINT64.EXE" = D:\setup\HPPNIPRINT64.EXE:*:Enabled:hppniprint64.exe
"D:\setup\HPPNICIFS01.EXE" = D:\setup\HPPNICIFS01.EXE:*:Enabled:hppnicifs01.exe
"D:\setup\CustomPrnDnld\HPPCSTPG.EXE" = D:\setup\CustomPrnDnld\HPPCSTPG.EXE:*:Enabled:hppcstpg.exe
"D:\setup\HPBTPG.EXE" = D:\setup\HPBTPG.EXE:*:Enabled:hpbtpg.exe
"D:\setup\LaunchApp.exe" = D:\setup\LaunchApp.exe:*:Enabled:launchapp.exe
"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\AirPort\APAgent.exe" = C:\Programme\AirPort\APAgent.exe:*:Enabled:AirPort -- (Apple Inc.)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}" = Visual Studio C++ 9.0 Runtime
"{0921D0A0-5A37-4318-9EDD-6B6EC12E6380}" = Lexware QuickBooks 2008
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{10DDCDDD-9A59-4496-9371-C17F1668D433}" = Windows Live Toolbar
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP100_series" = Canon iP100 series
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19382EF6-8D47-4C3C-AA57-D2D2CDF03828}" = elmeg PABX TAPI V1.32
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{255E0D2A-6AC9-40CB-8F5E-84C8FD7E9DA9}" = hppscanCM1312
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2EE66895-2912-4980-82FD-0AF03FB884DC}" = Lexware QuickBooks 2008
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{319786B7-D72F-43B3-99C1-E93724ED17D3}" = Lexware online banking 4.90
"{32148D5D-909F-4A7B-93EE-5C16B71F4A8C}" = funScreenScraping Client Version
"{3230518C-2953-4FB9-8485-B3CDFCC36A70}" = Rosetta Stone Ltd Services
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{37964A88-DAA1-488B-AE88-A5B6DDC6E9A6}" = Sony Ericsson Wireless Manager 5
"{38EBEF35-18E3-4B74-A560-8F80685B9626}" = Lexware QuickBooks plus 2008
"{39833F8D-0389-43A3-BDED-1C272E1703EA}" = Nokia PC-Internetzugang
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Integrated Camera
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41894269-0DD1-4C85-B3DD-1EB41B07621D}" = ThinkVantage Fingerprint Software 5.6
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}" = hppSendFaxCM1312
"{4B5E4600-5CDC-442C-8C2E-6767B51B169E}" = Remote Presenter
"{4C0F8A40-2273-43E1-8C61-40D7F0573EDE}" = AirPort
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D9DD45B-E79A-4F04-898E-B2C3769AB729}" = Serif DrawPlus X2
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BE4CACE-8B98-4BE7-B854-2CF79D983F3D}" = Lexware Abschreibungsrechner
"{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Office-Bibliothek
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Präsentationsdirektor
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" = 
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7239A06F-235B-43B1-970D-7A411FD95683}" = Nokia Software Updater
"{72BB5DC4-1C72-4306-9005-6B44190DF430}" = Lexware QuickBooks 2008
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Lite
"{7985C7FA-B151-4BA7-B19E-1577A7B527F1}" = hppFaxDrvCM1312
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C2B745A-E7F1-41F1-B9BB-3DDB8D52E4CE}" = Readiris Pro 11
"{7D9A486B-DD9E-4526-9B3A-B26B83179EAE}" = Lexware online banking 4.90
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{80BA9DC6-D628-4752-A1C3-15349C71BB42}" = hppManualsCM1312
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}" = HP Color LaserJet CM1312 MFP Series 5.0
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
"{9A728786-E1CC-49E7-A4B5-EE769410882A}" = StarMoney
"{9A770DAE-BF29-4455-9C6F-20C2F5A940C1}" = funkwerk Phone TAPI V1.33
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A925C778-5E00-477D-A282-B772C9E76DC7}" = hppScanToCM1312
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AC849092-6F19-4395-8860-BC3B82CAFE51}" = funScreenScraping Microsoft Systemdateien
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B6828215-1469-43A2-8BEE-F5A970F98161}" = Microsoft Office 2003 International Character Toolbar
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B6FA7BE5-6C3F-42AF-B3C1-C1F4536920C5}" = Lexware Abschreibungsrechner
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BF638E12-90F1-443D-B93F-51BCCFD487BA}" = hppCLJCM1312
"{C019A4C7-C791-450C-A5CF-FF95826CD276}" = Lexware QuickBooks 2008
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC322D0B-CC8E-4351-90F2-19275DFFC134}" = Lexware QuickBooks 2008
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CD23CF22-1DA2-4351-B6C4-B1A2859C68AC}" = eDrawings 2008
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D0A858BE-A665-4C0D-BC5F-C37E534B7669}" = PC Connectivity Solution
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D728E945-256D-4477-B377-6BBA693714AC}" = Ergänzung zu Productivity Center für ThinkPad
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E05E8183-866A-11D3-97DF-0000F8D8F2E9}" = Symantec pcAnywhere
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ECDC2BC0-0449-48EA-9EBA-95048591DA17}" = hppFaxUtilityCM1312
"{EF4E0DA6-02E0-47BF-9BB6-DC0E83CC6F4C}" = Sony Ericsson MD300 Wireless Modem
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F055E1B2-8A05-4D87-8039-1BE979BA4193}" = Client Security Solution
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant
"{F7E345A5-F79B-44EE-BC4A-738899E756C0}" = Lexware online banking 4.90
"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1031}" = Nero 7 Premium
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem  (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.4)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 6.0
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Advanced Port Scanner v1.3" = Advanced Port Scanner v1.3
"Avira AntiVir Desktop" = Avira Free Antivirus
"AwayTask" = Maintenance Manager
"Birkner 2008" = BIRKNER 2008 deinstallieren
"Canon Setup Utility 2.4" = Canon Setup Utility 2.4
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Carom3D" = Carom3D
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"Destinator PC Portal" = Destinator PC Portal
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DocView" = DocView
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Google Calendar Sync" = Google Calendar Sync
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Lenovo Registration" = Lenovo Registration
"LiveReg" = LiveReg (Symantec Corporation)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"myBabylon_English Toolbar" = myBabylon_English Toolbar
"MyTomTom" = MyTomTom 3.1.0.432
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Internet Access" = Nokia PC-Internetzugang
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"O2M 2.1 for Outlook 2002/2003/XP/2007_is1" = O2M 2.1 (Outlook 2002/2003/XP/2007)
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor 5 for Windows" = PC-Doctor 5 für Windows
"PCMCIAPW" = ThinkPad PC Card Power Policy
"Picasa 3" = Picasa 3
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Remove Multimedia Center" = Remove Multimedia Center
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"SysTools vCard Export - Demo Version 3.0_is1" = SysTools vCard Export
"TeamViewer 6 Host" = TeamViewer 6 Host
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"TomTom HOME" = TomTom HOME 2.8.0.2146
"UN070618" = BUFFALO TurboUSB for FLASH/HDD
"Vector Magic" = Vector Magic
"VirtualCloneDrive" = VirtualCloneDrive
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Windows Mobile®-Gerätehandbuch
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.11.2012 07:14:10 | Computer Name = LENOVO-66E55E6C | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 26.06.2013 07:03:19 | Computer Name = LENOVO-66E55E6C | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 26.06.2013 07:03:19 | Computer Name = LENOVO-66E55E6C | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 09.07.2013 09:36:47 | Computer Name = LENOVO-66E55E6C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hpqtra08.exe, Version 100.0.170.0, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x003a0258.
 
Error - 09.07.2013 10:02:43 | Computer Name = LENOVO-66E55E6C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hpqtra08.exe, Version 100.0.170.0, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000101b3.
 
Error - 09.07.2013 11:47:50 | Computer Name = LENOVO-66E55E6C | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\***** *******\RECENT\DESKTOP.INI>
 in der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 09.07.2013 11:47:51 | Computer Name = LENOVO-66E55E6C | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\***** *******\RECENT\DESKTOP.INI>
 in der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
Error - 10.07.2013 05:06:00 | Computer Name = LENOVO-66E55E6C | Source = Windows Search Service | ID = 3013
Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\***** *******\RECENT\DESKTOP.INI>
 in der Hash-Zuordnung kann nicht aktualisiert werden.  Kontext:  Anwendung, SystemIndex
 Katalog  Details:  Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

 
[ System Events ]
Error - 10.07.2013 04:43:24 | Computer Name = LENOVO-66E55E6C | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DHCP-Client" ist vom Dienst "NetBios über TCP/IP" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Apple Mobile Device" ist vom Dienst "TCP/IP-Protokolltreiber"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Dienst "Bonjour"" ist vom Dienst "TCP/IP-Protokolltreiber"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,
 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31
 
Error - 10.07.2013 04:44:10 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   AFD  ANC  avipbb  avkmgr  awlegacy  ElbyCDIO  Fips  IBMTPCHK  intelppm  IPSec  MRxSmb  NetBIOS  NetBT  RasAcd
Rdbss
ssmdrv
Tcpip
TPHKDRV
TPPWRIF
TSMAPIP
 
Error - 10.07.2013 04:49:48 | Computer Name = LENOVO-66E55E6C | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 10.07.2013 05:01:59 | Computer Name = LENOVO-66E55E6C | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 10.07.2013 05:05:32 | Computer Name = LENOVO-66E55E6C | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
 gestartet.
 
 
< End of report >
         
--- --- ---

Geändert von Jelar (10.07.2013 um 14:36 Uhr)

Alt 10.07.2013, 14:28   #2
markusg
/// Malware-holic
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Hi, otl.txt fehlt
__________________

__________________

Alt 10.07.2013, 14:47   #3
Jelar
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Hallo markusg,
habe noch was dazu geschrieben, muste jetzt zur sehen sein, oder?
__________________

Alt 10.07.2013, 14:52   #4
markusg
/// Malware-holic
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Hi
ja, 2 mal OTL extra.txt aber immernoch keine OTL.txt :-)
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.07.2013, 15:54   #5
Jelar
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Sorry markusg,
jetzt aber, hoffe das richtige...

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.07.2013 16:42:09 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\***** *******\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,98 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 71,58% Memory free
4,82 Gb Paging File | 4,00 Gb Available in Paging File | 82,86% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 142,51 Gb Total Space | 18,25 Gb Free Space | 12,80% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 248,16 Gb Free Space | 83,25% Space Free | Partition Type: NTFS
 
Computer Name: LENOVO-66E55E6C | User Name: ***** ******* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\***** *******\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - c:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - c:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Programme\TomTom HOME 1005\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo )
PRC - C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo )
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo )
PRC - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\Lenovo\Rescue and Recovery\rrcmd.exe (Lenovo Limited Group Corporation)
PRC - C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe ()
PRC - C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe ()
PRC - C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
PRC - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programme\Intel\Wireless\Bin\iWMSProv.dll ()
MOD - C:\WINDOWS\system32\btwicons.dll ()
MOD - C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe ()
MOD - C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe ()
MOD - C:\Programme\Lenovo\Rescue and Recovery\CDRecord.dll ()
MOD - C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe ()
MOD - C:\Programme\Lenovo\HOTKEY\tphklock.dll ()
MOD - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AdistRes.DEU ()
MOD - C:\WINDOWS\system32\elalsp32.tsp ()
 
 
========== Services (SafeList) ==========
 
SRV - (RoxLiveShare9) -- C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe File not found
SRV - (msupdate) -- c:\windows\system32\mssrv32.exe File not found
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (SUService) -- c:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 1005\TomTomHOMEService.exe (TomTom)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (RosettaStoneDaemon) -- C:\Programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe (Rosetta Stone Ltd.)
SRV - (SolidWorks Licensing Service) -- C:\Programme\Gemeinsame Dateien\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (TVT Scheduler) -- c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (AcPrfMgrSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo )
SRV - (AcSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo )
SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (TVT Backup Protection Service) -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe ()
SRV - (tvtnetwk) -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe ()
SRV - (IPSSVC) -- C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
SRV - (IviRegMgr) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (Diskeeper) -- C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\Installshield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (awhost32) -- C:\Programme\Symantec\pcAnywhere\awhost32.exe (Symantec Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (ZDPSp50) -- System32\Drivers\ZDPSp50.sys File not found
DRV - (ZDCndis5) -- C:\WINDOWS\system32\ZDCndis5.SYS File not found
DRV - (WDICA) --  File not found
DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found
DRV - (TVTPktFilter) -- system32\DRIVERS\tvtpktfilter.sys File not found
DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (PCANDIS5) -- C:\WINDOWS\system32\PCANDIS5.SYS File not found
DRV - (lbrtfdc) --  File not found
DRV - (HPFXFAX) -- system32\drivers\hpfxfax.sys File not found
DRV - (HPFXBULK) -- system32\drivers\hpfxbulk.sys File not found
DRV - (cpuz132) -- C:\DOKUME~1\GEORGL~1\LOKALE~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (Changer) --  File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (teamviewervpn) -- C:\WINDOWS\system32\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (SymEvent) -- C:\Programme\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SEMCReserved) -- C:\WINDOWS\system32\drivers\semcreserved.sys ()
DRV - (Sony_EricssonWWSC) -- C:\WINDOWS\system32\drivers\seu4scard.sys (Sony Ericsson)
DRV - (sembwwan) -- C:\WINDOWS\system32\drivers\sembwwan.sys (MCCI Corporation)
DRV - (sembunic) -- C:\WINDOWS\system32\drivers\sembunic.sys (MCCI Corporation)
DRV - (sembnd5) -- C:\WINDOWS\system32\drivers\sembnd5.sys (MCCI Corporation)
DRV - (sembmgmt) -- C:\WINDOWS\system32\drivers\sembmgmt.sys (MCCI Corporation)
DRV - (sembmdm2) -- C:\WINDOWS\system32\drivers\sembmdm2.sys (MCCI Corporation)
DRV - (sembmdfl2) -- C:\WINDOWS\system32\drivers\sembmdfl2.sys (MCCI Corporation)
DRV - (sembcard) -- C:\WINDOWS\system32\drivers\sembcard.sys (MCCI Corporation)
DRV - (sembbus) -- C:\WINDOWS\system32\drivers\sembbus.sys (MCCI Corporation)
DRV - (bfturboh) -- C:\WINDOWS\system32\drivers\bfturboh.sys (BUFFALO INC.)
DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS ()
DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()
DRV - (Shockprf) -- C:\WINDOWS\system32\drivers\ApsX86.sys (Lenovo.)
DRV - (TPDIGIMN) -- C:\WINDOWS\system32\drivers\ApsHM86.sys (Lenovo.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.)
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (NETw4x32) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (IBMTPCHK) -- C:\WINDOWS\system32\drivers\IBMBLDID.sys ()
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (smihlp) -- C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (PROCDD) -- C:\WINDOWS\system32\drivers\PROCDD.SYS (Lenovo Group Limited)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (ANC) -- C:\WINDOWS\system32\drivers\ANC.sys (IBM Corp.)
DRV - (AW_HOST) -- C:\WINDOWS\system32\drivers\AW_HOST5.sys (Symantec Corporation)
DRV - (awlegacy) -- C:\WINDOWS\system32\drivers\AWLEGACY.sys (Symantec Corporation)
DRV - (Gernuwa) -- C:\WINDOWS\System32\drivers\GERNUWA.sys (Symantec Corporation)
DRV - (ElgTaDrv) -- C:\WINDOWS\system32\drivers\ElgTaDrv.sys (elmeg Kommunikationstechnik)
DRV - (G400) -- C:\WINDOWS\system32\drivers\G400m.sys (Matrox Graphics Inc.)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Programme\myBabylon_English\prxtbmyB0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&amp;entrypoint={referrer:source?}&amp;FORM=LENIE 
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&rlz=
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.115.1:3128
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://fritz.box/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.8013
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12
FF - prefs.js..network.proxy.ftp: "192.168.115.1"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "192.168.115.1"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "192.168.115.1"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "192.168.115.1"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "192.168.115.1"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.02 19:30:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Programme\Java\jre6\lib\deploy\jqs\ff [2009.01.14 09:44:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.01.25 15:32:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.03.04 23:39:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.07.09 18:35:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.17 13:42:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.11.04 16:36:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2013.05.17 13:42:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.03.04 23:39:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Programme\Lenovo\Client Security Solution\PWM Firefox Extension [2009.04.09 18:45:16 | 000,000,000 | ---D | M]
 
[2008.10.18 18:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Mozilla\Extensions
[2008.10.18 18:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008.10.11 21:29:07 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.11.22 15:53:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Mozilla\Firefox\Profiles\vsaunozd.default\extensions
[2010.05.10 17:10:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Mozilla\Firefox\Profiles\vsaunozd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.22 15:53:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.09.08 10:12:18 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.11.12 01:32:37 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.08.20 11:31:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.11.27 21:30:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2009.01.14 09:44:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.11.12 01:32:14 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browserdirprovider.dll
[2010.11.12 01:32:14 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\brwsrcmp.dll
[2009.02.24 21:34:32 | 001,044,480 | ---- | M] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\Programme\mozilla firefox\plugins\libdivx.dll
[2009.10.11 05:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeploytk.dll
[2009.02.24 21:34:14 | 001,337,648 | ---- | M] (DivX,Inc.) -- C:\Programme\mozilla firefox\plugins\npdivx32.dll
[2009.02.24 21:34:22 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Programme\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2010.11.12 01:32:26 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Programme\mozilla firefox\plugins\npnul32.dll
[2007.03.22 19:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL
[2013.02.16 00:04:52 | 000,208,448 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\mozilla firefox\plugins\nppdf32.dll
[2011.03.04 11:14:48 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin.dll
[2011.03.04 11:14:48 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin2.dll
[2011.03.04 11:14:48 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin3.dll
[2011.03.04 11:14:48 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin4.dll
[2011.03.04 11:14:48 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin5.dll
[2011.03.04 11:14:48 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin6.dll
[2011.03.04 11:14:48 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Programme\mozilla firefox\plugins\npqtplugin7.dll
[2009.02.24 21:34:32 | 000,200,704 | ---- | M] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\Programme\mozilla firefox\plugins\ssldivx.dll
[2010.11.12 01:32:32 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.11.12 01:32:32 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010.11.12 01:32:32 | 000,002,371 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\google.xml
[2010.11.12 01:32:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.11.12 01:32:32 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.11.12 01:32:32 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&output=chrome&hl={language}&q={searchTerms}
 
O1 HOSTS File: ([2010.05.27 12:53:52 | 000,000,856 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 192.168.178.22 NPIFD152D.fritz.box
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (BBB002 Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Programme\myBabylon_English\prxtbmyB0.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (BBB002 Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Programme\myBabylon_English\prxtbmyB0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\..\Toolbar\WebBrowser: (BBB002 Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Programme\myBabylon_English\prxtbmyB0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [hpqSRMon]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3317598621-2374655837-956553009-1008..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3317598621-2374655837-956553009-1008..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 4
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3317598621-2374655837-956553009-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} hxxp://picasaweb.google.com/s/v/36.18/uploader2.cab (UploadListView Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1343646464212 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF947584-005E-4C3A-AC5E-431956F7877B}: DhcpNameServer = 10.0.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - (ACNotify.dll) - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\PCANotify: DllName - (PCANotify.dll) - C:\WINDOWS\System32\PCANotify.dll (Symantec Corporation)
O20 - Winlogon\Notify\psfus: DllName - (C:\WINDOWS\system32\psqlpwd.dll) - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\tpfnf2: DllName - (C:\Programme\Lenovo\HOTKEY\notifyf2.dll) - C:\Programme\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - (C:\Programme\Lenovo\HOTKEY\tphklock.dll) - C:\Programme\Lenovo\HOTKEY\tphklock.dll ()
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\1680_1050 Think EMEA Map.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\1680_1050 Think EMEA Map.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.01.27 04:18:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0be4f8ce-6bb6-11de-a5c6-001f3b729e4d}\Shell - "" = AutoRun
O33 - MountPoints2\{0be4f8ce-6bb6-11de-a5c6-001f3b729e4d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0be4f8ce-6bb6-11de-a5c6-001f3b729e4d}\Shell\AutoRun\command - "" = E:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{1fc32f26-995e-11dd-80ec-001f3b729e4d}\Shell - "" = AutoRun
O33 - MountPoints2\{1fc32f26-995e-11dd-80ec-001f3b729e4d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1fc32f26-995e-11dd-80ec-001f3b729e4d}\Shell\AutoRun\command - "" = E:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{270e11b1-7d51-11de-a5de-001f3b729e4d}\Shell - "" = AutoRun
O33 - MountPoints2\{270e11b1-7d51-11de-a5de-001f3b729e4d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{270e11b1-7d51-11de-a5de-001f3b729e4d}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{32b9378b-97be-11dd-80e5-001f3b729e4d}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe
O33 - MountPoints2\{53c2d26f-f079-11dd-a4aa-001f3b729e4d}\Shell - "" = AutoRun
O33 - MountPoints2\{53c2d26f-f079-11dd-a4aa-001f3b729e4d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{53c2d26f-f079-11dd-a4aa-001f3b729e4d}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{f39f5ec8-e9bc-11de-a668-001f3b729e4d}\Shell\AutoRun\command - "" = F:\Install\Setup.exe
O33 - MountPoints2\{f4cb440b-f8bc-11df-a7b4-001f3b729e4d}\Shell - "" = AutoRun
O33 - MountPoints2\{f4cb440b-f8bc-11df-a7b4-001f3b729e4d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f4cb440b-f8bc-11df-a7b4-001f3b729e4d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.10 14:03:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***** *******\Desktop\OTL.exe
[2013.07.10 13:41:51 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***** *******\Recent
[2013.07.10 13:38:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2013.07.09 18:35:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2013.07.09 18:35:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Mozilla
[2009.06.27 11:09:46 | 003,252,640 | ---- | C] (Piriform Ltd) -- C:\Programme\ccsetup221.exe
[2009.06.22 11:56:41 | 000,112,984 | ---- | C] (Elmeg GmbH & Co. KG) -- C:\Programme\elgtaldr.sys
[2009.06.22 11:56:41 | 000,072,704 | ---- | C] (Funkwerk Enterprise Communications) -- C:\Programme\elgtadrv.sys
[2009.06.22 11:56:41 | 000,038,263 | ---- | C] (Elmeg Kommunikationstechnik) -- C:\Programme\elgusb.sys
[2009.06.22 11:56:41 | 000,027,264 | ---- | C] (Microsoft Corporation) -- C:\Programme\rndismpm.sys
[2009.06.22 11:56:41 | 000,027,264 | ---- | C] (Microsoft Corporation) -- C:\Programme\rndismpk.sys
[2009.06.22 11:56:41 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Programme\rndismpw.sys
[2009.06.22 11:56:41 | 000,026,880 | ---- | C] (Microsoft Corporation) -- C:\Programme\rndismp.sys
[2009.06.22 11:56:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Programme\usb8023w.sys
[2009.06.22 11:56:41 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\Programme\usb8023m.sys
[2009.06.22 11:56:41 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\Programme\usb8023k.sys
[2009.06.22 11:56:41 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\Programme\usb8023.sys
[2009.06.08 23:21:04 | 002,059,072 | ---- | C] (Rosetta Stone Ltd., .) -- C:\Programme\setup.exe
[2009.05.22 23:52:56 | 001,976,104 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup.exe
[2009.04.11 20:23:32 | 001,867,776 | ---- | C] (Python Software Foundation) -- C:\Programme\python24.dll
[2009.04.11 20:23:32 | 001,093,632 | ---- | C] (FreeImage) -- C:\Programme\FreeImage.dll
[2009.04.11 20:23:32 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Programme\msvcp71.dll
[2009.04.11 20:23:32 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Programme\msvcr71.dll
[2009.04.11 20:23:32 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Programme\unicows.dll
[2009.04.11 20:23:32 | 000,135,168 | ---- | C] (NEOACT) -- C:\Programme\update.exe
[2009.04.11 20:23:31 | 000,072,400 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[2009.04.11 20:23:25 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Programme\d3dx9_36.dll
[2009.04.11 20:23:25 | 003,031,040 | ---- | C] (NEOACT) -- C:\Programme\carom.exe
[2009.04.11 20:23:25 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Programme\d3dx9_26.dll
[2009.04.11 20:23:25 | 001,683,456 | ---- | C] (NVIDIA Corporation) -- C:\Programme\cg.dll
[2009.02.11 11:27:13 | 013,084,392 | ---- | C] (SolidWorks Corporation                                      ) -- C:\Programme\eDrawingsGerman.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.10 16:43:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{984E94B7-1E5B-4293-A0EF-52136B1743FE}.job
[2013.07.10 16:26:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.07.10 16:07:00 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.10 15:47:00 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job
[2013.07.10 14:03:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***** *******\Desktop\OTL.exe
[2013.07.10 11:23:05 | 002,092,792 | ---- | M] () -- C:\Dokumente und Einstellungen\***** *******\Eigene Dateien\avira_free_antivirus.exe
[2013.07.10 11:05:46 | 000,025,261 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2013.07.10 11:04:36 | 000,029,911 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2013.07.10 11:04:35 | 000,179,177 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2013.07.10 11:04:33 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.10 11:03:18 | 000,000,380 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2013.07.10 11:02:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.10 11:02:46 | 3202,658,304 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.10 10:35:57 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2013.07.09 19:07:01 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.09 18:52:15 | 000,051,712 | ---- | M] () -- C:\WINDOWS\CC3216KS.exe
[2013.07.09 17:50:21 | 000,488,260 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.07.09 17:50:21 | 000,444,902 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.07.09 17:50:21 | 000,096,086 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.07.09 17:50:21 | 000,072,778 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.07.09 17:49:15 | 000,179,177 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2013.07.09 17:27:41 | 001,963,614 | ---- | M] () -- C:\Dokumente und Einstellungen\***** *******\Eigene Dateien\cc_20130709_172609.reg
[2013.07.04 17:39:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.06.20 12:33:57 | 000,040,448 | ---- | M] () -- C:\Dokumente und Einstellungen\***** *******\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.12 08:26:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.06.12 08:26:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.10 11:23:04 | 002,092,792 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Eigene Dateien\avira_free_antivirus.exe
[2013.07.10 11:02:46 | 3202,658,304 | -HS- | C] () -- C:\hiberfil.sys
[2013.07.09 18:52:15 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KS.exe
[2013.07.09 17:27:16 | 001,963,614 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Eigene Dateien\cc_20130709_172609.reg
[2013.06.10 15:09:02 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\skype.ini
[2013.02.14 11:44:17 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KR.exe
[2013.02.13 16:01:57 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KQ.exe
[2013.02.13 15:58:14 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KP.exe
[2013.01.11 13:02:48 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KO.exe
[2013.01.11 12:36:09 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KN.exe
[2012.12.19 11:03:29 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KM.exe
[2012.11.22 13:22:42 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KL.exe
[2012.11.22 13:15:21 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KK.exe
[2012.11.16 18:20:13 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KJ.exe
[2012.11.16 18:02:40 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KI.exe
[2012.10.30 12:06:43 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KH.exe
[2012.10.24 13:32:26 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KG.exe
[2012.10.01 18:30:56 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KF.exe
[2012.09.03 13:54:22 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KE.exe
[2012.08.07 10:34:15 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KD.exe
[2012.06.25 16:07:13 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KC.exe
[2012.06.08 12:43:40 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KB.exe
[2012.05.31 12:57:56 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KA.exe
[2012.04.20 13:39:14 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JZ.exe
[2012.04.16 12:13:57 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JY.exe
[2012.03.27 10:32:59 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JX.exe
[2012.03.15 15:08:02 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JW.exe
[2012.02.20 12:09:43 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JV.exe
[2012.02.16 20:51:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.19 17:31:25 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JU.exe
[2012.01.12 11:58:58 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JT.exe
[2011.12.20 17:45:21 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JS.exe
[2011.12.16 15:36:51 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JR.exe
[2011.12.11 19:07:12 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JQ.exe
[2011.11.14 12:57:57 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JP.exe
[2011.11.11 16:17:34 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2011.11.04 16:48:31 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Ÿ9Ÿ9
[2011.10.12 13:20:29 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JO.exe
[2011.09.09 10:23:17 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JN.exe
[2011.09.06 12:54:55 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JM.exe
[2011.08.29 10:35:23 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JL.exe
[2011.08.17 13:06:20 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JK.exe
[2011.08.11 09:40:01 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JJ.exe
[2011.08.09 14:13:16 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JI.exe
[2011.07.18 10:51:58 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JH.exe
[2010.09.06 22:39:09 | 000,000,074 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\default.pls
[2010.08.29 14:27:07 | 000,063,488 | ---- | C] () -- C:\Programme\office2003_sp3changes.exe
[2009.08.27 12:57:40 | 000,000,256 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\pool.bin
[2009.08.01 19:11:51 | 000,038,470 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\Microsoft Excel.ADR
[2009.06.22 11:56:41 | 000,006,608 | ---- | C] () -- C:\Programme\FecTxxx.inf
[2009.06.22 11:56:41 | 000,005,591 | ---- | C] () -- C:\Programme\fecusb.inf
[2009.06.22 11:56:41 | 000,005,497 | ---- | C] () -- C:\Programme\elmegnet.inf
[2009.06.22 11:56:41 | 000,003,275 | ---- | C] () -- C:\Programme\elgusb.inf
[2009.06.19 15:38:46 | 000,700,784 | ---- | C] () -- C:\Programme\GoogleCalendarSync_Installer.exe
[2009.04.11 20:23:32 | 002,702,848 | ---- | C] () -- C:\Programme\OgreMain.dll
[2009.04.11 20:23:32 | 000,364,544 | ---- | C] () -- C:\Programme\OgrePlatform.dll
[2009.04.11 20:23:32 | 000,327,680 | ---- | C] () -- C:\Programme\RenderSystem_Direct3D9.dll
[2009.04.11 20:23:32 | 000,097,792 | ---- | C] () -- C:\Programme\Plugin_ParticleFX.dll
[2009.04.11 20:23:32 | 000,061,440 | ---- | C] () -- C:\Programme\ILU.dll
[2009.04.11 20:23:32 | 000,055,808 | ---- | C] () -- C:\Programme\zlib1.dll
[2009.04.11 20:23:32 | 000,036,864 | ---- | C] () -- C:\Programme\Plugin_CgProgramManager.dll
[2009.04.11 20:23:32 | 000,000,176 | ---- | C] () -- C:\Programme\[Ogre]Plugins.cfg
[2009.04.11 20:23:32 | 000,000,043 | ---- | C] () -- C:\Programme\[Ogre]ogre.cfg
[2009.04.11 20:23:31 | 000,757,760 | ---- | C] () -- C:\Programme\DevIL.dll
[2009.04.11 20:23:31 | 000,193,158 | ---- | C] () -- C:\Programme\end.dle
[2009.04.11 20:23:25 | 000,001,663 | ---- | C] () -- C:\Programme\Uninstall.ini
[2008.11.19 08:06:05 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\$_hpcst$.hpc
[2008.06.24 16:23:10 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.06.24 11:58:25 | 000,040,448 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.24 11:55:45 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\$_hpcst$.hpc
 
========== ZeroAccess Check ==========
 
[2006.01.27 19:19:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
--- --- ---


Alt 10.07.2013, 18:02   #6
markusg
/// Malware-holic
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Hi,
es sind mehrere Arbeitsschritte auszuführen, bitte poste die Ergebnisse möglichst gleichzeitig.
1.
otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
[2013.06.10 15:09:02 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\skype.ini
[2013.06.10 15:09:02 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\skype.ini
[2013.02.13 16:01:57 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KQ.exe
[2013.02.13 15:58:14 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KP.exe
[2013.01.11 12:36:09 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KN.exe
[2012.12.19 11:03:29 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KM.exe
[2012.11.22 13:15:21 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KK.exe
[2012.11.16 18:20:13 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KJ.exe
[2012.10.30 12:06:43 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KH.exe
[2012.10.24 13:32:26 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KG.exe
[2012.09.03 13:54:22 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KE.exe
[2012.08.07 10:34:15 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KD.exe
[2012.06.08 12:43:40 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KB.exe
[2012.05.31 12:57:56 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216KA.exe
[2012.04.16 12:13:57 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JY.exe
[2012.03.27 10:32:59 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JX.exe
[2012.02.20 12:09:43 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JV.exe
[2012.01.19 17:31:25 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JU.exe
[2012.01.12 11:58:58 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JT.exe
[2011.12.16 15:36:51 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JR.exe
[2011.12.11 19:07:12 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JQ.exe
[2011.11.14 12:57:57 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JP.exe
[2011.10.12 13:20:29 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JO.exe
[2011.09.09 10:23:17 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JN.exe
[2011.08.29 10:35:23 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JL.exe
[2011.08.17 13:06:20 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JK.exe
[2011.08.11 09:40:01 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JJ.exe
[2011.07.18 10:51:58 | 000,051,712 | ---- | C] () -- C:\WINDOWS\CC3216JH.exe
:files
C:\WINDOWS\CC3216KS.exe
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

2.
falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden
sollte jetzt alles laufen, weiter hiermit:
3.
Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

4.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

b
__________________
--> GVU Trojaner mit WIN XP Laptop eingefangen

Alt 11.07.2013, 11:43   #7
Jelar
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Hallo markusg

Schritt 1

All processes killed
========== OTL ==========
C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\skype.ini moved successfully.
File C:\Dokumente und Einstellungen\***** *******\Anwendungsdaten\skype.ini not found.
C:\WINDOWS\CC3216KQ.exe moved successfully.
C:\WINDOWS\CC3216KP.exe moved successfully.
C:\WINDOWS\CC3216KN.exe moved successfully.
C:\WINDOWS\CC3216KM.exe moved successfully.
C:\WINDOWS\CC3216KK.exe moved successfully.
C:\WINDOWS\CC3216KJ.exe moved successfully.
C:\WINDOWS\CC3216KH.exe moved successfully.
C:\WINDOWS\CC3216KG.exe moved successfully.
C:\WINDOWS\CC3216KE.exe moved successfully.
C:\WINDOWS\CC3216KD.exe moved successfully.
C:\WINDOWS\CC3216KB.exe moved successfully.
C:\WINDOWS\CC3216KA.exe moved successfully.
C:\WINDOWS\CC3216JY.exe moved successfully.
C:\WINDOWS\CC3216JX.exe moved successfully.
C:\WINDOWS\CC3216JV.exe moved successfully.
C:\WINDOWS\CC3216JU.exe moved successfully.
C:\WINDOWS\CC3216JT.exe moved successfully.
C:\WINDOWS\CC3216JR.exe moved successfully.
C:\WINDOWS\CC3216JQ.exe moved successfully.
C:\WINDOWS\CC3216JP.exe moved successfully.
C:\WINDOWS\CC3216JO.exe moved successfully.
C:\WINDOWS\CC3216JN.exe moved successfully.
C:\WINDOWS\CC3216JL.exe moved successfully.
C:\WINDOWS\CC3216JK.exe moved successfully.
C:\WINDOWS\CC3216JJ.exe moved successfully.
C:\WINDOWS\CC3216JH.exe moved successfully.
========== FILES ==========
C:\WINDOWS\CC3216KS.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 84 bytes

User: ***** *******
->Temp folder emptied: 98121190 bytes
->Temporary Internet Files folder emptied: 15151336 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 56930497 bytes
->Google Chrome cache emptied: 16696831 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 3596 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 3433007 bytes

User: NetworkService
->Temp folder emptied: 295392 bytes
->Temporary Internet Files folder emptied: 579947595 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->Flash cache emptied: 84 bytes

User: TEMP.LENOVO-66E55E6C
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 0 bytes

User: TEMP.LENOVO-66E55E6C.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 84 bytes

User: TEMP.LENOVO-66E55E6C.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 84 bytes

User: TEMP.LENOVO-66E55E6C.002

User: TEMP.LENOVO-66E55E6C.003
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: TEMP.LENOVO-66E55E6C.004

User: TEMP.LENOVO-66E55E6C.005

User: TEMP.LENOVO-66E55E6C.006

User: TEMP.LENOVO-66E55E6C.007

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 88425632 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 819,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07112013_122849

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Schritt 3 auf Uploadchannel geladen

Alt 11.07.2013, 12:03   #8
markusg
/// Malware-holic
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Danke.
kannst du wieder normal starten? dann:
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.07.2013, 12:36   #9
Jelar
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Ich sehe meine letzte Nachricht mit TDSSKiller ergebnis nicht hier, also nochmal
Ja markusg, neustart ohne Probleme, vielen, vielen Dank an Dich und die Platform. Super sache, auch umbegabten wie ich kann geholfen werden. Werde aber mehr auf mein Laptop aufpassen, bis jetzt durfte da jeder dran, ab jetzt nicht mehr!
Noch mal vielen dank für schnelle hilfe!!!
Ich hoffe dass was, oder markusg?

aaaa, jetzt habe ich auch gelesen: Text zu lang (156478 Zeichen) Ich soll auf 120000 kürzen, also markusg, ich teile diesen Text in zwei Nachrichten

12:55:48.0437 4264 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:55:48.0703 4264 ============================================================
12:55:48.0703 4264 Current date / time: 2013/07/11 12:55:48.0703
12:55:48.0703 4264 SystemInfo:
12:55:48.0703 4264
12:55:48.0703 4264 OS Version: 5.1.2600 ServicePack: 3.0
12:55:48.0703 4264 Product type: Workstation
12:55:48.0703 4264 ComputerName: LENOVO-66E55E6C
12:55:48.0703 4264 UserName: ***** *******
12:55:48.0703 4264 Windows directory: C:\WINDOWS
12:55:48.0703 4264 System windows directory: C:\WINDOWS
12:55:48.0703 4264 Processor architecture: Intel x86
12:55:48.0703 4264 Number of processors: 2
12:55:48.0703 4264 Page size: 0x1000
12:55:48.0703 4264 Boot type: Normal boot
12:55:48.0703 4264 ============================================================
12:55:50.0500 4264 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
12:55:50.0500 4264 Drive \Device\Harddisk1\DR3 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:55:50.0828 4264 ============================================================
12:55:50.0828 4264 \Device\Harddisk0\DR0:
12:55:50.0828 4264 MBR partitions:
12:55:50.0828 4264 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11D04521
12:55:50.0828 4264 \Device\Harddisk1\DR3:
12:55:50.0828 4264 MBR partitions:
12:55:50.0828 4264 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
12:55:50.0828 4264 ============================================================
12:55:50.0875 4264 C: <-> \Device\Harddisk0\DR0\Partition1
12:55:50.0921 4264 F: <-> \Device\Harddisk1\DR3\Partition1
12:55:50.0921 4264 ============================================================
12:55:50.0921 4264 Initialize success
12:55:50.0921 4264 ============================================================
12:56:21.0953 1256 ============================================================
12:56:21.0953 1256 Scan started
12:56:21.0953 1256 Mode: Manual; SigCheck; TDLFS;
12:56:21.0953 1256 ============================================================
12:56:22.0359 1256 ================ Scan system memory ========================
12:56:22.0375 1256 System memory - ok
12:56:22.0375 1256 ================ Scan services =============================
12:56:22.0578 1256 Abiosdsk - ok
12:56:22.0593 1256 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:56:24.0375 1256 abp480n5 - ok
12:56:24.0406 1256 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINDOWS\system32\drivers\ac97intc.sys
12:56:24.0515 1256 ac97intc - ok
12:56:24.0578 1256 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:56:24.0640 1256 ACPI - ok
12:56:24.0656 1256 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
12:56:24.0750 1256 ACPIEC - ok
12:56:24.0921 1256 [ AC83DA08B02BC2AC4F9920523275BB0F ] AcPrfMgrSvc C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
12:56:24.0921 1256 AcPrfMgrSvc ( UnsignedFile.Multi.Generic ) - warning
12:56:24.0921 1256 AcPrfMgrSvc - detected UnsignedFile.Multi.Generic (1)
12:56:24.0937 1256 [ F0DFCAB03CC9C71137D00C17FEB08873 ] AcSvc C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
12:56:24.0968 1256 AcSvc ( UnsignedFile.Multi.Generic ) - warning
12:56:24.0968 1256 AcSvc - detected UnsignedFile.Multi.Generic (1)
12:56:25.0015 1256 [ D537F3D03C6301FEFA21F3EEE8CC82D8 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
12:56:25.0125 1256 ADIHdAudAddService - ok
12:56:25.0218 1256 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:56:25.0250 1256 AdobeFlashPlayerUpdateSvc - ok
12:56:25.0281 1256 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:56:25.0406 1256 adpu160m - ok
12:56:25.0421 1256 [ 860DF7676869CD8690CB2B23AB6DE66A ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
12:56:25.0468 1256 AEAudio - ok
12:56:25.0484 1256 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:56:25.0843 1256 aec - ok
12:56:25.0875 1256 [ A1AD1A4A9F18D900CA9C93FA3EFDCB56 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
12:56:25.0937 1256 AegisP - ok
12:56:25.0968 1256 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:56:26.0078 1256 AFD - ok
12:56:26.0125 1256 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
12:56:26.0343 1256 agp440 - ok
12:56:26.0421 1256 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:56:26.0484 1256 agpCPQ - ok
12:56:26.0531 1256 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:56:26.0578 1256 Aha154x - ok
12:56:26.0593 1256 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:56:26.0687 1256 aic78u2 - ok
12:56:26.0703 1256 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:56:26.0781 1256 aic78xx - ok
12:56:26.0812 1256 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:56:26.0906 1256 Alerter - ok
12:56:26.0921 1256 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
12:56:27.0015 1256 ALG - ok
12:56:27.0046 1256 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
12:56:27.0140 1256 AliIde - ok
12:56:27.0156 1256 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:56:27.0250 1256 alim1541 - ok
12:56:27.0265 1256 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:56:27.0343 1256 amdagp - ok
12:56:27.0359 1256 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
12:56:27.0406 1256 amsint - ok
12:56:27.0437 1256 [ 11AB185A7AF224800BBFB5B836974A17 ] ANC C:\WINDOWS\system32\drivers\ANC.SYS
12:56:27.0453 1256 ANC ( UnsignedFile.Multi.Generic ) - warning
12:56:27.0453 1256 ANC - detected UnsignedFile.Multi.Generic (1)
12:56:27.0531 1256 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
12:56:27.0593 1256 AntiVirSchedulerService - ok
12:56:27.0625 1256 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
12:56:27.0640 1256 AntiVirService - ok
12:56:27.0671 1256 [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:56:27.0703 1256 AntiVirWebService - ok
12:56:27.0828 1256 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:56:27.0843 1256 Apple Mobile Device - ok
12:56:27.0906 1256 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
12:56:28.0078 1256 AppMgmt - ok
12:56:28.0125 1256 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:56:28.0281 1256 Arp1394 - ok
12:56:28.0296 1256 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
12:56:28.0390 1256 asc - ok
12:56:28.0437 1256 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:56:28.0484 1256 asc3350p - ok
12:56:28.0500 1256 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:56:28.0578 1256 asc3550 - ok
12:56:28.0671 1256 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:56:28.0718 1256 aspnet_state - ok
12:56:28.0734 1256 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:56:28.0812 1256 AsyncMac - ok
12:56:28.0828 1256 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:56:28.0937 1256 atapi - ok
12:56:28.0937 1256 Atdisk - ok
12:56:28.0968 1256 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:56:29.0062 1256 Atmarpc - ok
12:56:29.0109 1256 [ DBF0D7E2DF33B469EB55406FEA759350 ] atmeltpm C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
12:56:29.0171 1256 atmeltpm - ok
12:56:29.0203 1256 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:56:29.0281 1256 AudioSrv - ok
12:56:29.0296 1256 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:56:29.0375 1256 audstub - ok
12:56:29.0390 1256 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
12:56:29.0437 1256 avgntflt - ok
12:56:29.0468 1256 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
12:56:29.0500 1256 avipbb - ok
12:56:29.0515 1256 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
12:56:29.0531 1256 avkmgr - ok
12:56:29.0609 1256 [ 958038B812E2B6AB998E115194B8D2B7 ] awhost32 C:\Programme\Symantec\pcAnywhere\awhost32.exe
12:56:29.0656 1256 awhost32 ( UnsignedFile.Multi.Generic ) - warning
12:56:29.0656 1256 awhost32 - detected UnsignedFile.Multi.Generic (1)
12:56:29.0656 1256 [ ABFE3AB22767EEB5E7D91B1B3BB2901C ] awlegacy C:\WINDOWS\System32\Drivers\awlegacy.sys
12:56:29.0671 1256 awlegacy ( UnsignedFile.Multi.Generic ) - warning
12:56:29.0671 1256 awlegacy - detected UnsignedFile.Multi.Generic (1)
12:56:29.0687 1256 [ 852D995A4B283C341A2BAEFAA8067671 ] AW_HOST C:\WINDOWS\system32\drivers\aw_host5.sys
12:56:29.0718 1256 AW_HOST ( UnsignedFile.Multi.Generic ) - warning
12:56:29.0718 1256 AW_HOST - detected UnsignedFile.Multi.Generic (1)
12:56:29.0718 1256 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:56:29.0843 1256 Beep - ok
12:56:29.0921 1256 [ 94A5E2424BC8B94D02F88DEA0702246B ] bfturboh C:\WINDOWS\system32\drivers\bfturboh.sys
12:56:29.0953 1256 bfturboh ( UnsignedFile.Multi.Generic ) - warning
12:56:29.0953 1256 bfturboh - detected UnsignedFile.Multi.Generic (1)
12:56:30.0015 1256 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
12:56:30.0156 1256 BITS - ok
12:56:30.0234 1256 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
12:56:30.0250 1256 Bonjour Service - ok
12:56:30.0296 1256 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
12:56:30.0375 1256 Browser - ok
12:56:30.0421 1256 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
12:56:30.0453 1256 BrScnUsb ( UnsignedFile.Multi.Generic ) - warning
12:56:30.0453 1256 BrScnUsb - detected UnsignedFile.Multi.Generic (1)
12:56:30.0515 1256 [ 3AA4BF555C00C5B87FD48DD7BDBD4E97 ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
12:56:30.0609 1256 btaudio - ok
12:56:30.0640 1256 [ 07F0A66CFA550B13AD0674AE09E3CBA0 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
12:56:30.0687 1256 BTDriver - ok
12:56:30.0734 1256 [ 9DA09B5800B9DE8336948664E3B9CC94 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
12:56:30.0812 1256 BTKRNL - ok
12:56:30.0890 1256 [ D14C346D293E6F83CBB55AC641FF941E ] btwdins C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
12:56:30.0906 1256 btwdins ( UnsignedFile.Multi.Generic ) - warning
12:56:30.0906 1256 btwdins - detected UnsignedFile.Multi.Generic (1)
12:56:30.0953 1256 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
12:56:31.0031 1256 BTWDNDIS - ok
12:56:31.0078 1256 [ 6BEB0ADAA3D2B80E6515EEC5D03B7540 ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
12:56:31.0156 1256 btwhid - ok
12:56:31.0171 1256 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
12:56:31.0234 1256 BTWUSB - ok
12:56:31.0250 1256 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:56:31.0375 1256 cbidf - ok
12:56:31.0375 1256 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:56:31.0453 1256 cbidf2k - ok
12:56:31.0500 1256 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:56:31.0562 1256 cd20xrnt - ok
12:56:31.0578 1256 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:56:31.0656 1256 Cdaudio - ok
12:56:31.0703 1256 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:56:31.0781 1256 Cdfs - ok
12:56:31.0796 1256 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:56:31.0890 1256 Cdrom - ok
12:56:31.0890 1256 Changer - ok
12:56:31.0921 1256 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:56:32.0015 1256 CiSvc - ok
12:56:32.0031 1256 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:56:32.0125 1256 ClipSrv - ok
12:56:32.0171 1256 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:56:32.0265 1256 clr_optimization_v2.0.50727_32 - ok
12:56:32.0281 1256 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:56:32.0390 1256 CmBatt - ok
12:56:32.0406 1256 [ C687F81290303D90099B027A6474F99F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:56:32.0500 1256 CmdIde - ok
12:56:32.0515 1256 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:56:32.0609 1256 Compbatt - ok
12:56:32.0625 1256 COMSysApp - ok
12:56:32.0640 1256 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:56:32.0765 1256 Cpqarray - ok
12:56:32.0890 1256 cpuz132 - ok
12:56:32.0937 1256 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:56:33.0046 1256 CryptSvc - ok
12:56:33.0093 1256 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:56:33.0234 1256 dac2w2k - ok
12:56:33.0234 1256 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:56:33.0359 1256 dac960nt - ok
12:56:33.0421 1256 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:56:33.0515 1256 DcomLaunch - ok
12:56:33.0578 1256 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:56:33.0718 1256 Dhcp - ok
12:56:33.0734 1256 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:56:33.0890 1256 Disk - ok
12:56:33.0953 1256 [ 0711D2E0F17B31E537B2770A618DA41F ] Diskeeper C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe
12:56:33.0984 1256 Diskeeper ( UnsignedFile.Multi.Generic ) - warning
12:56:33.0984 1256 Diskeeper - detected UnsignedFile.Multi.Generic (1)
12:56:34.0046 1256 [ 35CBC02546335EA41A5D516DA6626C8A ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
12:56:34.0062 1256 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
12:56:34.0062 1256 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
12:56:34.0078 1256 [ EC6AE8BC9F773382D2EED49E4DFDAE2A ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
12:56:34.0109 1256 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
12:56:34.0109 1256 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
12:56:34.0125 1256 [ 2104649B0B79B9F30122C545CBA0C655 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
12:56:34.0156 1256 DLADResN ( UnsignedFile.Multi.Generic ) - warning
12:56:34.0156 1256 DLADResN - detected UnsignedFile.Multi.Generic (1)
12:56:34.0171 1256 [ E4859CA5BD8412A9A60D62067A653522 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
12:56:34.0234 1256 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
12:56:34.0234 1256 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
12:56:34.0250 1256 [ 20C24A3D1CF0825487C93F806625805E ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
12:56:34.0265 1256 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
12:56:34.0265 1256 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
12:56:34.0265 1256 [ 8A530DA5DC81954BCF1966813F699B49 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
12:56:34.0281 1256 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
12:56:34.0281 1256 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
12:56:34.0281 1256 [ 0605B66052F82B6F07204DBDB61C13FF ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
12:56:34.0296 1256 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
12:56:34.0296 1256 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
12:56:34.0312 1256 [ 7EDA68AF6A91BF64AF6F301E39928EBF ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
12:56:34.0328 1256 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
12:56:34.0343 1256 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
12:56:34.0359 1256 [ A18423BBC6D92B01FDF3C51E7510EE70 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
12:56:34.0390 1256 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
12:56:34.0390 1256 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
12:56:34.0390 1256 dmadmin - ok
12:56:34.0468 1256 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:56:34.0718 1256 dmboot - ok
12:56:34.0750 1256 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:56:34.0843 1256 dmio - ok
12:56:34.0859 1256 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:56:34.0937 1256 dmload - ok
12:56:34.0984 1256 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:56:35.0062 1256 dmserver - ok
12:56:35.0078 1256 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:56:35.0171 1256 DMusic - ok
12:56:35.0203 1256 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:56:35.0343 1256 Dnscache - ok
12:56:35.0375 1256 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:56:35.0484 1256 Dot3svc - ok
12:56:35.0500 1256 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:56:35.0578 1256 dpti2o - ok
12:56:35.0625 1256 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:56:35.0921 1256 drmkaud - ok
12:56:35.0937 1256 [ 48C7008D23DCFCE0D0232F49307EFCED ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
12:56:35.0953 1256 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
12:56:35.0953 1256 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
12:56:35.0968 1256 [ 05467E44A42C777DD1534BB4539B16D1 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
12:56:36.0015 1256 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
12:56:36.0015 1256 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
12:56:36.0062 1256 [ A6DE5342417FEC3C0AA8EFEBB899C431 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:56:36.0234 1256 E100B - ok
12:56:36.0312 1256 [ B1E9161BA28D5B826E49A1D0DED7FCC4 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:56:36.0375 1256 e1express - ok
12:56:36.0406 1256 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:56:36.0656 1256 EapHost - ok
12:56:36.0718 1256 [ 28CB0B64134AD62C2ACF77DB8501A619 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
12:56:36.0765 1256 ElbyCDIO - ok
12:56:36.0796 1256 [ B687F79CB390E103AF36DCBB5C417044 ] ElgTaDrv C:\WINDOWS\system32\Drivers\ElgTaDrv.sys
12:56:36.0843 1256 ElgTaDrv ( UnsignedFile.Multi.Generic ) - warning
12:56:36.0843 1256 ElgTaDrv - detected UnsignedFile.Multi.Generic (1)
12:56:36.0890 1256 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:56:37.0093 1256 ERSvc - ok
12:56:37.0140 1256 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
12:56:37.0156 1256 Eventlog - ok
12:56:37.0218 1256 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
12:56:37.0250 1256 EventSystem - ok
12:56:37.0312 1256 [ 695E398E5858C10813E54FAFC933514F ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
12:56:37.0343 1256 EvtEng ( UnsignedFile.Multi.Generic ) - warning
12:56:37.0343 1256 EvtEng - detected UnsignedFile.Multi.Generic (1)
12:56:37.0375 1256 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:56:37.0453 1256 Fastfat - ok
12:56:37.0500 1256 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:56:37.0562 1256 FastUserSwitchingCompatibility - ok
12:56:37.0593 1256 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:56:37.0671 1256 Fdc - ok
12:56:37.0703 1256 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:56:37.0859 1256 Fips - ok
12:56:37.0937 1256 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:56:37.0968 1256 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:56:37.0984 1256 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:56:38.0000 1256 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:56:38.0093 1256 Flpydisk - ok
12:56:38.0125 1256 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:56:38.0203 1256 FltMgr - ok
12:56:38.0265 1256 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:56:38.0281 1256 FontCache3.0.0.0 - ok
12:56:38.0312 1256 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:56:38.0421 1256 Fs_Rec - ok
12:56:38.0453 1256 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:56:38.0578 1256 Ftdisk - ok
12:56:38.0609 1256 [ 33D00F8CB70AC5F7A8101F79D5273615 ] G400 C:\WINDOWS\system32\DRIVERS\G400m.sys
12:56:38.0750 1256 G400 - ok
12:56:38.0781 1256 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:56:38.0812 1256 GEARAspiWDM - ok
12:56:38.0812 1256 [ FD25177CED6751C14DE170D8282CED90 ] Gernuwa C:\WINDOWS\system32\drivers\Gernuwa.sys
12:56:38.0843 1256 Gernuwa ( UnsignedFile.Multi.Generic ) - warning
12:56:38.0843 1256 Gernuwa - detected UnsignedFile.Multi.Generic (1)
12:56:38.0890 1256 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:56:39.0015 1256 Gpc - ok
12:56:39.0109 1256 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
12:56:39.0140 1256 gupdate - ok
12:56:39.0140 1256 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
12:56:39.0156 1256 gupdatem - ok
12:56:39.0203 1256 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:56:39.0328 1256 HDAudBus - ok
12:56:39.0406 1256 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:56:39.0531 1256 helpsvc - ok
12:56:39.0562 1256 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
12:56:39.0640 1256 HidServ - ok
12:56:39.0656 1256 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:56:39.0718 1256 HidUsb - ok
12:56:39.0765 1256 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:56:39.0843 1256 hkmsvc - ok
12:56:39.0843 1256 HPFXBULK - ok
12:56:39.0843 1256 HPFXFAX - ok
12:56:39.0875 1256 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
12:56:39.0953 1256 hpn - ok
12:56:40.0062 1256 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
12:56:40.0109 1256 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
12:56:40.0109 1256 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
12:56:40.0125 1256 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
12:56:40.0140 1256 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
12:56:40.0140 1256 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
12:56:40.0171 1256 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:56:40.0281 1256 HPZid412 - ok
12:56:40.0312 1256 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:56:40.0343 1256 HPZipr12 - ok
12:56:40.0375 1256 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:56:40.0390 1256 HPZius12 - ok
12:56:40.0421 1256 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
12:56:40.0484 1256 HSFHWAZL - ok
12:56:40.0546 1256 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
12:56:40.0687 1256 HSF_DPV - ok
12:56:40.0750 1256 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:56:40.0812 1256 HTTP - ok
12:56:40.0859 1256 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:56:41.0031 1256 HTTPFilter - ok
12:56:41.0078 1256 [ 2910A14DD8807FD0E6C263599BDFC520 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
12:56:41.0140 1256 hwdatacard - ok
12:56:41.0171 1256 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
12:56:41.0250 1256 i2omgmt - ok
12:56:41.0281 1256 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:56:41.0375 1256 i2omp - ok
12:56:41.0421 1256 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:56:41.0500 1256 i8042prt - ok
12:56:41.0546 1256 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
12:56:41.0578 1256 iaStor - ok
12:56:41.0609 1256 [ BF648877413F6160E480814A24942B65 ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
12:56:41.0640 1256 IBMPMDRV - ok
12:56:41.0656 1256 [ A75CE11915E4ECC5E1597D6E0F7BB2DB ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
12:56:41.0671 1256 IBMPMSVC - ok
12:56:41.0718 1256 [ 083D095FED4B01FFF9D501B98D50DB68 ] IBMTPCHK C:\WINDOWS\system32\Drivers\IBMBLDID.sys
12:56:41.0718 1256 IBMTPCHK ( UnsignedFile.Multi.Generic ) - warning
12:56:41.0718 1256 IBMTPCHK - detected UnsignedFile.Multi.Generic (1)
12:56:41.0812 1256 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:56:41.0843 1256 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:56:41.0843 1256 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:56:41.0953 1256 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:56:42.0046 1256 idsvc - ok
12:56:42.0078 1256 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:56:42.0312 1256 Imapi - ok
12:56:42.0406 1256 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
12:56:42.0484 1256 ImapiService - ok
12:56:42.0531 1256 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:56:42.0625 1256 ini910u - ok
12:56:42.0656 1256 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
12:56:42.0750 1256 IntelIde - ok
12:56:42.0765 1256 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:56:42.0843 1256 intelppm - ok
12:56:42.0859 1256 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:56:42.0953 1256 Ip6Fw - ok
12:56:42.0968 1256 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:56:43.0078 1256 IpFilterDriver - ok
12:56:43.0093 1256 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:56:43.0171 1256 IpInIp - ok
12:56:43.0203 1256 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:56:43.0265 1256 IpNat - ok
12:56:43.0328 1256 [ 0CA8C2E721617AA2F923A8151C96FB33 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
12:56:43.0375 1256 iPod Service - ok
12:56:43.0390 1256 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:56:43.0484 1256 IPSec - ok
12:56:43.0515 1256 [ 00D8E9DAEBE72A5DF3986FD418A995EB ] IPSSVC C:\WINDOWS\system32\IPSSVC.EXE
12:56:43.0531 1256 IPSSVC - ok
12:56:43.0562 1256 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:56:43.0656 1256 IRENUM - ok
12:56:43.0671 1256 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:56:43.0750 1256 isapnp - ok
12:56:43.0796 1256 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
12:56:43.0796 1256 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
12:56:43.0796 1256 Iviaspi - detected UnsignedFile.Multi.Generic (1)
12:56:43.0859 1256 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
12:56:43.0875 1256 IviRegMgr - ok
12:56:44.0000 1256 [ 39133291CB607BDD87CFC565A4A1E7A5 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
12:56:44.0015 1256 JavaQuickStarterService - ok
12:56:44.0031 1256 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:56:44.0125 1256 Kbdclass - ok
12:56:44.0156 1256 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:56:44.0234 1256 kbdhid - ok
12:56:44.0296 1256 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:56:44.0468 1256 kmixer - ok
12:56:44.0500 1256 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:56:44.0578 1256 KSecDD - ok
12:56:44.0625 1256 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:56:44.0671 1256 lanmanserver - ok
12:56:44.0687 1256 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:56:44.0734 1256 lanmanworkstation - ok
12:56:44.0734 1256 lbrtfdc - ok
12:56:44.0765 1256 [ 3FA98339E8D9E007726BE62F231E2015 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
12:56:44.0796 1256 LHidFilt - ok
12:56:44.0812 1256 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:56:44.0968 1256 LmHosts - ok
12:56:45.0000 1256 [ F259F758E04D8FB8D48C6CDBE45223E8 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
12:56:45.0015 1256 LMouFilt - ok
12:56:45.0046 1256 [ CA26E46EC8891058C9E10363DF4E4650 ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
12:56:45.0062 1256 LUsbFilt - ok
12:56:45.0156 1256 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
12:56:45.0171 1256 MDM - ok
12:56:45.0203 1256 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:56:45.0234 1256 mdmxsdk - ok
12:56:45.0265 1256 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:56:45.0328 1256 Messenger - ok
12:56:45.0359 1256 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:56:45.0437 1256 mnmdd - ok
12:56:45.0468 1256 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:56:45.0640 1256 mnmsrvc - ok
12:56:45.0671 1256 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:56:45.0968 1256 Modem - ok
12:56:45.0984 1256 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:56:46.0078 1256 Mouclass - ok
12:56:46.0078 1256 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:56:46.0156 1256 mouhid - ok
12:56:46.0171 1256 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:56:46.0265 1256 MountMgr - ok
12:56:46.0296 1256 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:56:46.0484 1256 mraid35x - ok
12:56:46.0500 1256 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:56:46.0578 1256 MRxDAV - ok
12:56:46.0625 1256 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:56:46.0703 1256 MRxSmb - ok
12:56:46.0750 1256 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:56:46.0843 1256 MSDTC - ok
12:56:46.0843 1256 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:56:46.0921 1256 Msfs - ok
12:56:46.0921 1256 MSIServer - ok
12:56:46.0953 1256 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:56:47.0031 1256 MSKSSRV - ok
12:56:47.0031 1256 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:56:47.0109 1256 MSPCLOCK - ok
12:56:47.0109 1256 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:56:47.0218 1256 MSPQM - ok
12:56:47.0218 1256 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:56:47.0296 1256 mssmbios - ok
12:56:47.0296 1256 msupdate - ok
12:56:47.0328 1256 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:56:47.0359 1256 Mup - ok
12:56:47.0390 1256 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
12:56:47.0500 1256 napagent - ok
12:56:47.0640 1256 [ 3BAE2BFCB6D69E19C8373F635DD544DC ] NBService C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
12:56:47.0687 1256 NBService - ok
12:56:47.0734 1256 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:56:47.0812 1256 NDIS - ok
12:56:47.0859 1256 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:56:47.0953 1256 NdisTapi - ok
12:56:47.0984 1256 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:56:48.0109 1256 Ndisuio - ok
12:56:48.0125 1256 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:56:48.0250 1256 NdisWan - ok
12:56:48.0265 1256 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:56:48.0312 1256 NDProxy - ok
12:56:48.0359 1256 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
12:56:48.0375 1256 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:56:48.0375 1256 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:56:48.0406 1256 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:56:48.0578 1256 NetBIOS - ok
12:56:48.0593 1256 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:56:48.0750 1256 NetBT - ok
12:56:48.0781 1256 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
12:56:48.0890 1256 NetDDE - ok
12:56:48.0890 1256 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:56:48.0953 1256 NetDDEdsdm - ok
12:56:48.0984 1256 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:56:49.0078 1256 Netlogon - ok
12:56:49.0109 1256 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
12:56:49.0187 1256 Netman - ok
12:56:49.0234 1256 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:56:49.0250 1256 NetTcpPortSharing - ok
12:56:49.0343 1256 [ 18B2D3E11ED7A3C898ADE6A6692B6929 ] NETw4x32 C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
12:56:49.0531 1256 NETw4x32 - ok
12:56:49.0562 1256 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:56:49.0687 1256 NIC1394 - ok
12:56:49.0734 1256 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
12:56:49.0781 1256 Nla - ok
12:56:49.0890 1256 [ 193FA51DDDD0BFFDED1C340F0434999A ] NMIndexingService C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
12:56:49.0953 1256 NMIndexingService - ok
12:56:50.0000 1256 [ C3963D85B721A7F80D8A55F4E2867A3A ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
12:56:50.0421 1256 nmwcd - ok
12:56:50.0484 1256 [ 3859C69A77793180548802DAC9F34A38 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
12:56:50.0625 1256 nmwcdc - ok
12:56:50.0671 1256 [ 338F83EE9CB9E15EEACF0CBB90218CBF ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
12:56:50.0828 1256 nmwcdnsu - ok
12:56:50.0859 1256 [ D15BAC979144FB69ED28F97B2DD84D48 ] nmwcdnsuc C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
12:56:51.0000 1256 nmwcdnsuc - ok
12:56:51.0046 1256 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:56:51.0234 1256 Npfs - ok
12:56:51.0265 1256 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:56:51.0375 1256 Ntfs - ok
12:56:51.0390 1256 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:56:51.0468 1256 NtLmSsp - ok
12:56:51.0515 1256 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:56:51.0609 1256 NtmsSvc - ok
12:56:51.0625 1256 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
12:56:51.0640 1256 NuidFltr - ok
12:56:51.0671 1256 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:56:51.0750 1256 Null - ok
12:56:51.0984 1256 [ DB33C5AB368F40AEAA85580E147DB2BD ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:56:52.0343 1256 nv - ok
12:56:52.0375 1256 [ 46898B6C76AC5223A22056314C35239E ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
12:56:52.0406 1256 NVSvc - ok
12:56:52.0437 1256 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:56:52.0609 1256 NwlnkFlt - ok
12:56:52.0671 1256 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:56:52.0843 1256 NwlnkFwd - ok
12:56:52.0890 1256 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:56:53.0046 1256 ohci1394 - ok
12:56:53.0109 1256 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
12:56:53.0140 1256 ose - ok
12:56:53.0156 1256 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:56:53.0296 1256 Parport - ok
12:56:53.0296 1256 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:56:53.0375 1256 PartMgr - ok
12:56:53.0390 1256 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:56:53.0484 1256 ParVdm - ok
12:56:53.0500 1256 PCANDIS5 - ok
12:56:53.0531 1256 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:56:53.0562 1256 pccsmcfd - ok
12:56:53.0562 1256 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:56:53.0656 1256 PCI - ok
12:56:53.0656 1256 PCIDump - ok
12:56:53.0687 1256 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:56:53.0781 1256 PCIIde - ok
12:56:53.0796 1256 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:56:53.0875 1256 Pcmcia - ok
12:56:53.0875 1256 PDCOMP - ok
12:56:53.0890 1256 PDFRAME - ok
12:56:53.0890 1256 PDRELI - ok
12:56:53.0890 1256 PDRFRAME - ok
12:56:53.0906 1256 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
12:56:54.0000 1256 perc2 - ok
12:56:54.0015 1256 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:56:54.0109 1256 perc2hib - ok
12:56:54.0156 1256 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\WINDOWS\system32\IoctlSvc.exe
12:56:54.0171 1256 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
12:56:54.0171 1256 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
12:56:54.0187 1256 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
12:56:54.0203 1256 PlugPlay - ok
12:56:54.0234 1256 [ DEDEF40E1D05842639491365CB2C069E ] pmem C:\WINDOWS\System32\drivers\pmemnt.sys
12:56:54.0234 1256 pmem ( UnsignedFile.Multi.Generic ) - warning
12:56:54.0234 1256 pmem - detected UnsignedFile.Multi.Generic (1)
12:56:54.0281 1256 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
12:56:54.0281 1256 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:56:54.0281 1256 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:56:54.0296 1256 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:56:54.0359 1256 PolicyAgent - ok
12:56:54.0406 1256 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:56:54.0484 1256 PptpMiniport - ok
12:56:54.0515 1256 [ 1D80309FED4BABF8EA9E7B84A394348B ] PROCDD C:\WINDOWS\system32\DRIVERS\PROCDD.SYS
12:56:54.0531 1256 PROCDD - ok
12:56:54.0546 1256 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
12:56:54.0640 1256 Processor - ok
12:56:54.0640 1256 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:56:54.0718 1256 ProtectedStorage - ok
12:56:54.0750 1256 [ AAC08DEFB15AAAB00B30341C716EFA35 ] psadd C:\WINDOWS\system32\DRIVERS\psadd.sys
12:56:54.0812 1256 psadd - ok
12:56:54.0812 1256 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:56:54.0890 1256 PSched - ok
12:56:54.0921 1256 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:56:55.0015 1256 Ptilink - ok
12:56:55.0046 1256 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:56:55.0078 1256 PxHelp20 - ok
12:56:55.0093 1256 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:56:55.0171 1256 ql1080 - ok
12:56:55.0187 1256 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:56:55.0265 1256 Ql10wnt - ok
12:56:55.0281 1256 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:56:55.0359 1256 ql12160 - ok
12:56:55.0359 1256 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:56:55.0437 1256 ql1240 - ok
12:56:55.0437 1256 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:56:55.0515 1256 ql1280 - ok
12:56:55.0546 1256 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:56:55.0625 1256 RasAcd - ok
12:56:55.0656 1256 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:56:55.0750 1256 RasAuto - ok
12:56:55.0781 1256 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:56:56.0140 1256 Rasl2tp - ok
12:56:56.0171 1256 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:56:56.0234 1256 RasMan - ok
12:56:56.0265 1256 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:56:56.0406 1256 RasPppoe - ok
12:56:56.0421 1256 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:56:56.0625 1256 Raspti - ok
12:56:56.0671 1256 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:56:56.0750 1256 Rdbss - ok
12:56:56.0796 1256 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:56:56.0875 1256 RDPCDD - ok
12:56:56.0906 1256 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:56:57.0000 1256 rdpdr - ok
12:56:57.0046 1256 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:56:57.0093 1256 RDPWD - ok
12:56:57.0125 1256 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:56:57.0234 1256 RDSessMgr - ok
12:56:57.0265 1256 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:56:57.0375 1256 redbook - ok
12:56:57.0437 1256 [ B3611F5CC7052FE52998984A4361880F ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
12:56:57.0437 1256 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
12:56:57.0437 1256 RegSrvc - detected UnsignedFile.Multi.Generic (1)
12:56:57.0484 1256 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:56:57.0609 1256 RemoteAccess - ok
12:56:57.0656 1256 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:56:57.0750 1256 RemoteRegistry - ok
12:56:57.0796 1256 [ C35CA13D3627EBD9DD12A23CE781BC3D ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
12:56:57.0843 1256 rimmptsk - ok
12:56:57.0859 1256 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
12:56:57.0890 1256 rimsptsk - ok
12:56:57.0906 1256 RimUsb - ok
12:56:57.0937 1256 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
12:56:58.0015 1256 RimVSerPort - ok
12:56:58.0046 1256 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
12:56:58.0062 1256 rismxdp - ok
12:56:58.0093 1256 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
12:56:58.0234 1256 ROOTMODEM - ok
12:56:58.0281 1256 [ 594822F6E691E3B0D7046D1910847727 ] RosettaStoneDaemon C:\Programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe
12:56:58.0312 1256 RosettaStoneDaemon ( UnsignedFile.Multi.Generic ) - warning
12:56:58.0312 1256 RosettaStoneDaemon - detected UnsignedFile.Multi.Generic (1)
12:56:58.0390 1256 RoxLiveShare9 - ok
12:56:58.0406 1256 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:56:58.0578 1256 RpcLocator - ok
12:56:58.0609 1256 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:56:58.0687 1256 RpcSs - ok
12:56:58.0718 1256 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:56:58.0906 1256 RSVP - ok
12:56:59.0000 1256 [ 2FD3B284ADE57CFAA70A6A9753E50572 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
12:56:59.0046 1256 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
12:56:59.0046 1256 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
12:56:59.0078 1256 [ 2220783B32A9F91DF87F3E8315F091E7 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
12:56:59.0093 1256 s24trans ( UnsignedFile.Multi.Generic ) - warning
12:56:59.0093 1256 s24trans - detected UnsignedFile.Multi.Generic (1)
12:56:59.0125 1256 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
12:56:59.0296 1256 SamSs - ok
12:56:59.0375 1256 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:56:59.0468 1256 SCardSvr - ok
12:56:59.0500 1256 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:56:59.0593 1256 Schedule - ok
12:56:59.0609 1256 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:56:59.0687 1256 sdbus - ok
12:56:59.0734 1256 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:56:59.0796 1256 Secdrv - ok
12:56:59.0828 1256 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
12:56:59.0921 1256 seclogon - ok
12:56:59.0984 1256 [ BA55C28D2B175A55ADCBDF3D990D97A4 ] sembbus C:\WINDOWS\system32\DRIVERS\sembbus.sys
12:57:00.0000 1256 sembbus - ok
12:57:00.0078 1256 [ 056DFA11277F22977DC5641D83012454 ] sembcard C:\WINDOWS\system32\DRIVERS\sembcard.sys
12:57:00.0125 1256 sembcard - ok
12:57:00.0156 1256 [ BB652CA7E20AECC0AD4085F9F029EACD ] sembmdfl2 C:\WINDOWS\system32\DRIVERS\sembmdfl2.sys
12:57:00.0171 1256 sembmdfl2 - ok
12:57:00.0187 1256 [ DCFFB3F76D15B3A456065E9198A86FCE ] sembmdm2 C:\WINDOWS\system32\DRIVERS\sembmdm2.sys
12:57:00.0218 1256 sembmdm2 - ok
12:57:00.0234 1256 [ A095ACA64CA705477969F239712EB489 ] sembmgmt C:\WINDOWS\system32\DRIVERS\sembmgmt.sys
12:57:00.0265 1256 sembmgmt - ok
12:57:00.0265 1256 [ DE69B731C2F78220DE65B59B97A40946 ] sembnd5 C:\WINDOWS\system32\DRIVERS\sembnd5.sys
12:57:00.0296 1256 sembnd5 - ok
12:57:00.0296 1256 [ F0948DCAFFD9821DFD83538E7E404662 ] sembunic C:\WINDOWS\system32\DRIVERS\sembunic.sys
12:57:00.0328 1256 sembunic - ok
12:57:00.0375 1256 [ 51056C879264F52404089C4F6172A5E8 ] sembwwan C:\WINDOWS\system32\DRIVERS\sembwwan.sys
12:57:00.0406 1256 sembwwan - ok
12:57:00.0453 1256 [ 0F52DC75E31714695ED941B60B553EF0 ] SEMCReserved C:\WINDOWS\system32\DRIVERS\semcreserved.sys
12:57:00.0515 1256 SEMCReserved - ok
12:57:00.0546 1256 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
12:57:00.0671 1256 SENS - ok
12:57:00.0703 1256 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:57:00.0828 1256 serenum - ok
12:57:00.0843 1256 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:57:00.0968 1256 Serial - ok
12:57:01.0078 1256 [ 2D841B7B7F6DEC32162EDFCC69D61F42 ] ServiceLayer C:\Programme\PC Connectivity Solution\ServiceLayer.exe
12:57:01.0125 1256 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:57:01.0125 1256 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
12:57:01.0171 1256 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
12:57:01.0250 1256 sffdisk - ok
12:57:01.0296 1256 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
12:57:01.0375 1256 sffp_sd - ok
12:57:01.0390 1256 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
12:57:01.0484 1256 Sfloppy - ok
12:57:01.0546 1256 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:57:01.0703 1256 SharedAccess - ok
12:57:01.0765 1256 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:57:01.0796 1256 ShellHWDetection - ok
12:57:01.0843 1256 [ A3AEE791DB8C73882F4503BFAACD8C9E ] Shockprf C:\WINDOWS\system32\DRIVERS\Apsx86.sys
12:57:01.0875 1256 Shockprf - ok
12:57:01.0875 1256 Simbad - ok
12:57:01.0906 1256 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:57:02.0062 1256 sisagp - ok
12:57:02.0125 1256 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
12:57:02.0140 1256 SkypeUpdate - ok
12:57:02.0187 1256 [ 350483C5A139F8A39ED3191AFF39BED0 ] smihlp C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys
12:57:02.0218 1256 smihlp - ok
12:57:02.0265 1256 [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Programme\Gemeinsame Dateien\SolidWorks Shared\Service\SolidWorksLicensing.exe
12:57:02.0296 1256 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:57:02.0296 1256 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:57:02.0328 1256 [ EE923E3E5C6B6A59D7E70E15C3EDA367 ] Sony_EricssonWWSC C:\WINDOWS\system32\DRIVERS\seu4scard.sys
12:57:02.0406 1256 Sony_EricssonWWSC - ok
12:57:02.0437 1256 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:57:02.0531 1256 Sparrow - ok
12:57:02.0578 1256 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:57:02.0750 1256 splitter - ok
12:57:02.0796 1256 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:57:02.0828 1256 Spooler - ok
12:57:02.0890 1256 [ 9263C8898732E2B890F7E954E7729AB7 ] SQLWriter c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:57:02.0921 1256 SQLWriter - ok
12:57:02.0937 1256 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:57:03.0015 1256 sr - ok
12:57:03.0062 1256 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
12:57:03.0140 1256 srservice - ok
12:57:03.0171 1256 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:57:03.0234 1256 Srv - ok
12:57:03.0281 1256 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:57:03.0390 1256 SSDPSRV - ok
12:57:03.0437 1256 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
12:57:03.0453 1256 ssmdrv - ok
12:57:03.0468 1256 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:57:03.0640 1256 stisvc - ok
12:57:03.0750 1256 [ B71A41CAD9DE92219C3891E88F822AC3 ] SUService c:\programme\lenovo\system update\suservice.exe
12:57:03.0781 1256 SUService ( UnsignedFile.Multi.Generic ) - warning
12:57:03.0781 1256 SUService - detected UnsignedFile.Multi.Generic (1)
12:57:03.0812 1256 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:57:03.0937 1256 swenum - ok
12:57:03.0984 1256 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:57:04.0125 1256 swmidi - ok
12:57:04.0125 1256 SwPrv - ok
12:57:04.0140 1256 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
12:57:04.0218 1256 symc810 - ok
12:57:04.0234 1256 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:57:04.0312 1256 symc8xx - ok
12:57:04.0390 1256 [ 083FE6483DC16A02AF2434D04B7D7AEA ] SymEvent C:\Programme\Symantec\SYMEVENT.SYS
12:57:04.0406 1256 SymEvent - ok
12:57:04.0421 1256 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:57:04.0515 1256 sym_hi - ok
12:57:04.0531 1256 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:57:04.0609 1256 sym_u3 - ok
12:57:04.0640 1256 [ 820D28F30AC01CE86860A35DCC7BFAAB ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:57:04.0718 1256 SynTP - ok
12:57:04.0750 1256 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:57:04.0843 1256 sysaudio - ok
12:57:04.0875 1256 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:57:05.0000 1256 SysmonLog - ok
12:57:05.0015 1256 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:57:05.0125 1256 TapiSrv - ok
12:57:05.0171 1256 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:57:05.0234 1256 Tcpip - ok
12:57:05.0281 1256 [ 109D1F5CD9CC370A87901DB3DDD533F1 ] TcUsb C:\WINDOWS\system32\Drivers\tcusb.sys
12:57:05.0312 1256 TcUsb - ok
12:57:05.0328 1256 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:57:05.0421 1256 TDPIPE - ok
12:57:05.0437 1256 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:57:05.0546 1256 TDTCP - ok
12:57:05.0703 1256 [ 4768F719F7225A43C493BDD8BBAB52BB ] TeamViewer6 C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
12:57:05.0781 1256 TeamViewer6 - ok
12:57:05.0859 1256 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
12:57:05.0921 1256 teamviewervpn - ok
12:57:05.0937 1256 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:57:06.0281 1256 TermDD - ok
12:57:06.0312 1256 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
12:57:06.0500 1256 TermService - ok
12:57:06.0546 1256 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
12:57:06.0546 1256 Themes - ok
12:57:06.0656 1256 [ D04402CD654AF1058AD9A82B73AD67C8 ] ThinkVantage Registry Monitor Service C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
12:57:06.0671 1256 ThinkVantage Registry Monitor Service - ok
12:57:06.0703 1256 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
12:57:06.0796 1256 TlntSvr - ok
12:57:06.0906 1256 [ 572A16FBAD52AB1AC8E3D44BAAF99694 ] TomTomHOMEService C:\Programme\TomTom HOME 1005\TomTomHOMEService.exe
12:57:06.0906 1256 TomTomHOMEService - ok
12:57:06.0937 1256 [ D213A9247DC347F305A2D4CC9B951487 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
12:57:07.0015 1256 TosIde - ok
12:57:07.0046 1256 [ 639BA7B37F25054CF5E82604E736D250 ] TPDIGIMN C:\WINDOWS\system32\DRIVERS\ApsHM86.sys
12:57:07.0062 1256 TPDIGIMN - ok
12:57:07.0109 1256 [ 3663C0F611711DAC453636AF562F0831 ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG.exe
12:57:07.0125 1256 TPHDEXLGSVC - ok
12:57:07.0156 1256 [ 542770C8925E13B29B1BA63F05898058 ] TPHKDRV C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
12:57:07.0203 1256 TPHKDRV - ok
12:57:07.0234 1256 [ 44672DE6CEA9569C21C4B7A8D2560750 ] TPPWRIF C:\WINDOWS\system32\drivers\Tppwrif.sys
12:57:07.0250 1256 TPPWRIF ( UnsignedFile.Multi.Generic ) - warning
12:57:07.0250 1256 TPPWRIF - detected UnsignedFile.Multi.Generic (1)
12:57:07.0312 1256 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:57:07.0437 1256 TrkWks - ok
12:57:07.0468 1256 [ F2ABA3066D7921D7FCDBD66DEA88BE11 ] TSMAPIP C:\WINDOWS\system32\drivers\TSMAPIP.SYS
12:57:07.0468 1256 TSMAPIP ( UnsignedFile.Multi.Generic ) - warning
12:57:07.0468 1256 TSMAPIP - detected UnsignedFile.Multi.Generic (1)
12:57:07.0515 1256 [ 44D5BE1651390476C5EDB3B5DF28DE30 ] TSSCoreService C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe
12:57:07.0562 1256 TSSCoreService - ok
12:57:07.0578 1256 [ C8DA890DF821DBE5CD5B9A10C6C82D51 ] TVT Backup Protection Service C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
12:57:07.0625 1256 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - warning
12:57:07.0625 1256 TVT Backup Protection Service - detected UnsignedFile.Multi.Generic (1)
12:57:07.0671 1256 [ 951675971BB6DE44284CCE95F33F7421 ] TVT Backup Service C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe
12:57:07.0703 1256 TVT Backup Service ( UnsignedFile.Multi.Generic ) - warning
12:57:07.0703 1256 TVT Backup Service - detected UnsignedFile.Multi.Generic (1)
12:57:07.0828 1256 [ E9EA448F1174BE4052416B62263EA4EE ] TVT Scheduler c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
12:57:07.0875 1256 TVT Scheduler ( UnsignedFile.Multi.Generic ) - warning
12:57:07.0875 1256 TVT Scheduler - detected UnsignedFile.Multi.Generic (1)
12:57:07.0921 1256 [ 49258A02A1E8D304ED88B0F1C56B1738 ] tvtfilter C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
12:57:07.0984 1256 tvtfilter - ok
12:57:08.0031 1256 [ 8AB24D4B7DA715C2C80455137910E792 ] TVTI2C C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
12:57:08.0078 1256 TVTI2C - ok
12:57:08.0109 1256 [ 2E72C66682E9274C97AE3F5A57C2FA33 ] tvtnetwk C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe
12:57:08.0125 1256 tvtnetwk ( UnsignedFile.Multi.Generic ) - warning
12:57:08.0125 1256 tvtnetwk - detected UnsignedFile.Multi.Generic (1)
12:57:08.0125 1256 TVTPktFilter - ok
12:57:08.0125 1256 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:57:08.0312 1256 Udfs - ok
12:57:08.0328 1256 UIUSys - ok
12:57:08.0359 1256 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
12:57:08.0515 1256 ultra - ok
12:57:08.0593 1256 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:57:08.0843 1256 Update - ok
12:57:08.0875 1256 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:57:08.0968 1256 upnphost - ok
12:57:09.0000 1256 [ 0CCADC7391021376EDBB8AA649D04E68 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
12:57:09.0062 1256 upperdev - ok
12:57:09.0078 1256 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
12:57:09.0156 1256 UPS - ok
12:57:09.0187 1256 [ D4FB6ECC60A428564BA8768B0E23C0FC ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
12:57:09.0250 1256 USBAAPL - ok
12:57:09.0281 1256 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:57:09.0375 1256 usbccgp - ok
12:57:09.0406 1256 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:57:09.0531 1256 usbehci - ok
12:57:09.0531 1256 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:57:09.0671 1256 usbhub - ok
12:57:09.0734 1256 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:57:09.0859 1256 usbprint - ok
12:57:09.0890 1256 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:57:10.0015 1256 usbscan - ok
12:57:10.0078 1256 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
12:57:10.0187 1256 usbser - ok
12:57:10.0218 1256 [ 68B4F83CCCF70A2FF32EE142C234332A ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
12:57:10.0281 1256 UsbserFilt - ok
12:57:10.0312 1256 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:57:10.0437 1256 USBSTOR - ok
12:57:10.0453 1256 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:57:10.0562 1256 usbuhci - ok
12:57:10.0593 1256 [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
12:57:10.0703 1256 usb_rndisx - ok
12:57:10.0750 1256 [ 9BF2EA54E5ED5ACDF96F1DEC84C117C4 ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
12:57:10.0750 1256 VClone ( UnsignedFile.Multi.Generic ) - warning
12:57:10.0750 1256 VClone - detected UnsignedFile.Multi.Generic (1)
12:57:10.0796 1256 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:57:10.0921 1256 VgaSave - ok
12:57:10.0953 1256 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:57:11.0078 1256 viaagp - ok
12:57:11.0078 1256 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:57:11.0250 1256 ViaIde - ok
12:57:11.0265 1256 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:57:11.0437 1256 VolSnap - ok
12:57:11.0484 1256 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
12:57:11.0656 1256 VSS - ok
12:57:11.0734 1256 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
12:57:11.0906 1256 W32Time - ok
12:57:11.0921 1256 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:57:12.0078 1256 Wanarp - ok
12:57:12.0171 1256 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:57:12.0218 1256 Wdf01000 - ok
12:57:12.0218 1256 WDICA - ok
12:57:12.0250 1256 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:57:12.0406 1256 wdmaud - ok
12:57:12.0421 1256 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:57:12.0500 1256 WebClient - ok
12:57:12.0562 1256 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:57:12.0609 1256 winachsf - ok
12:57:12.0718 1256 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:57:12.0796 1256 winmgmt - ok
12:57:12.0828 1256 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:57:12.0859 1256 WmdmPmSN - ok
12:57:12.0906 1256 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
12:57:12.0953 1256 Wmi - ok
12:57:12.0968 1256 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:57:13.0093 1256 WmiAcpi - ok
12:57:13.0109 1256 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:57:13.0265 1256 WmiApSrv - ok
12:57:13.0421 1256 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
12:57:13.0484 1256 WMPNetworkSvc - ok
12:57:13.0531 1256 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
12:57:13.0578 1256 WpdUsb - ok
12:57:13.0640 1256 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:57:13.0796 1256 wscsvc - ok
12:57:13.0796 1256 WSearch - ok
12:57:13.0828 1256 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:57:13.0984 1256 wuauserv - ok
12:57:14.0015 1256 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:57:14.0078 1256 WudfPf - ok
12:57:14.0109 1256 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:57:14.0125 1256 WudfRd - ok
12:57:14.0156 1256 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:57:14.0156 1256 WudfSvc - ok
12:57:14.0218 1256 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:57:14.0328 1256 WZCSVC - ok
12:57:14.0343 1256 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:57:14.0437 1256 xmlprov - ok
12:57:14.0453 1256 ZDCndis5 - ok
12:57:14.0453 1256 ZDPSp50 - ok
12:57:14.0468 1256 ================ Scan global ===============================
12:57:14.0515 1256 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
12:57:14.0546 1256 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
12:57:14.0562 1256 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
12:57:14.0578 1256 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
12:57:14.0593 1256 [Global] - ok
12:57:14.0593 1256 ================ Scan MBR ==================================
12:57:14.0609 1256 [ 13673366CACAF0CAD108225F01B5C98B ] \Device\Harddisk0\DR0
12:57:15.0125 1256 \Device\Harddisk0\DR0 - ok
12:57:15.0515 1256 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
12:57:15.0703 1256 \Device\Harddisk1\DR3 - ok
12:57:15.0703 1256 ================ Scan VBR ==================================
12:57:15.0718 1256 [ 69F6BB060B69F859275B135292170073 ] \Device\Harddisk0\DR0\Partition1
12:57:15.0718 1256 \Device\Harddisk0\DR0\Partition1 - ok
12:57:15.0718 1256 [ 95B509D8B5516100DA3ACEB7491E22EC ] \Device\Harddisk1\DR3\Partition1
12:57:15.0734 1256 \Device\Harddisk1\DR3\Partition1 - ok
12:57:15.0734 1256 ============================================================
12:57:15.0734 1256 Scan finished
12:57:15.0734 1256 ============================================================
12:57:15.0843 5828 Detected object count: 48
12:57:15.0843 5828 Actual detected object count: 48
12:58:03.0953 5828 AcPrfMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0953 5828 AcPrfMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0953 5828 AcSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0953 5828 AcSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0953 5828 ANC ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0953 5828 ANC ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0953 5828 awhost32 ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0953 5828 awhost32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0953 5828 awlegacy ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0953 5828 awlegacy ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0968 5828 AW_HOST ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0968 5828 AW_HOST ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0968 5828 bfturboh ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0968 5828 bfturboh ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0968 5828 BrScnUsb ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0968 5828 BrScnUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0968 5828 btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0968 5828 btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0968 5828 Diskeeper ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0968 5828 Diskeeper ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0984 5828 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0984 5828 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0984 5828 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0984 5828 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0984 5828 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0984 5828 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0984 5828 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0984 5828 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0984 5828 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0984 5828 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:03.0984 5828 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:03.0984 5828 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0000 5828 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0000 5828 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0000 5828 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0000 5828 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0000 5828 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0000 5828 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0015 5828 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0015 5828 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0015 5828 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0015 5828 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0015 5828 ElgTaDrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0015 5828 ElgTaDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0015 5828 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0015 5828 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0015 5828 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0015 5828 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0031 5828 Gernuwa ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0031 5828 Gernuwa ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0031 5828 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0031 5828 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0031 5828 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0031 5828 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0031 5828 IBMTPCHK ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0031 5828 IBMTPCHK ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0031 5828 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0031 5828 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0031 5828 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0031 5828 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0046 5828 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0046 5828 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0046 5828 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0046 5828 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0046 5828 pmem ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0046 5828 pmem ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0046 5828 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0046 5828 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0046 5828 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0046 5828 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0062 5828 RosettaStoneDaemon ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0062 5828 RosettaStoneDaemon ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0062 5828 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0062 5828 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0062 5828 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0062 5828 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0062 5828 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0062 5828 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0062 5828 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0062 5828 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0078 5828 SUService ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0078 5828 SUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0078 5828 TPPWRIF ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0078 5828 TPPWRIF ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0078 5828 TSMAPIP ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0078 5828 TSMAPIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0078 5828 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0078 5828 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0093 5828 TVT Backup Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0093 5828 TVT Backup Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0093 5828 TVT Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0093 5828 TVT Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0093 5828 tvtnetwk ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0093 5828 tvtnetwk ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:04.0093 5828 VClone ( UnsignedFile.Multi.Generic ) - skipped by user
12:58:04.0093 5828 VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:58:28.0984 0452 ============================================================
12:58:28.0984 0452 Scan started
12:58:28.0984 0452 Mode: Manual; SigCheck; TDLFS;
12:58:28.0984 0452 ============================================================
12:58:29.0578 0452 ================ Scan system memory ========================
12:58:29.0578 0452 System memory - ok
12:58:29.0578 0452 ================ Scan services =============================
12:58:29.0734 0452 Abiosdsk - ok
12:58:29.0765 0452 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:58:30.0109 0452 abp480n5 - ok
12:58:30.0125 0452 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINDOWS\system32\drivers\ac97intc.sys
12:58:30.0218 0452 ac97intc - ok
12:58:30.0265 0452 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:58:30.0343 0452 ACPI - ok
12:58:30.0343 0452 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
12:58:30.0437 0452 ACPIEC - ok
12:58:30.0625 0452 [ AC83DA08B02BC2AC4F9920523275BB0F ] AcPrfMgrSvc C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
12:58:30.0625 0452 AcPrfMgrSvc ( UnsignedFile.Multi.Generic ) - warning
12:58:30.0625 0452 AcPrfMgrSvc - detected UnsignedFile.Multi.Generic (1)
12:58:30.0640 0452 [ F0DFCAB03CC9C71137D00C17FEB08873 ] AcSvc C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
12:58:30.0656 0452 AcSvc ( UnsignedFile.Multi.Generic ) - warning
12:58:30.0656 0452 AcSvc - detected UnsignedFile.Multi.Generic (1)
12:58:30.0703 0452 [ D537F3D03C6301FEFA21F3EEE8CC82D8 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
12:58:30.0734 0452 ADIHdAudAddService - ok
12:58:30.0843 0452 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:58:30.0859 0452 AdobeFlashPlayerUpdateSvc - ok
12:58:30.0875 0452 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:58:31.0000 0452 adpu160m - ok
12:58:31.0031 0452 [ 860DF7676869CD8690CB2B23AB6DE66A ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
12:58:31.0062 0452 AEAudio - ok
12:58:31.0078 0452 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:58:31.0203 0452 aec - ok
12:58:31.0250 0452 [ A1AD1A4A9F18D900CA9C93FA3EFDCB56 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
12:58:31.0281 0452 AegisP - ok
12:58:31.0312 0452 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:58:31.0343 0452 AFD - ok
12:58:31.0390 0452 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
12:58:31.0546 0452 agp440 - ok
12:58:31.0609 0452 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:58:31.0750 0452 agpCPQ - ok
12:58:31.0796 0452 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:58:31.0843 0452 Aha154x - ok
12:58:31.0859 0452 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:58:31.0937 0452 aic78u2 - ok
12:58:31.0937 0452 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:58:32.0015 0452 aic78xx - ok
12:58:32.0031 0452 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:58:32.0140 0452 Alerter - ok
12:58:32.0156 0452 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
12:58:32.0218 0452 ALG - ok
12:58:32.0265 0452 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
12:58:32.0343 0452 AliIde - ok
12:58:32.0359 0452 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:58:32.0453 0452 alim1541 - ok
12:58:32.0453 0452 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:58:32.0546 0452 amdagp - ok
12:58:32.0546 0452 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
12:58:32.0593 0452 amsint - ok
12:58:32.0625 0452 [ 11AB185A7AF224800BBFB5B836974A17 ] ANC C:\WINDOWS\system32\drivers\ANC.SYS
12:58:32.0640 0452 ANC ( UnsignedFile.Multi.Generic ) - warning
12:58:32.0640 0452 ANC - detected UnsignedFile.Multi.Generic (1)
12:58:32.0703 0452 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
12:58:32.0718 0452 AntiVirSchedulerService - ok
12:58:32.0765 0452 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
12:58:32.0781 0452 AntiVirService - ok
12:58:32.0812 0452 [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:58:32.0828 0452 AntiVirWebService - ok
12:58:32.0984 0452 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:58:33.0000 0452 Apple Mobile Device - ok
12:58:33.0062 0452 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
12:58:33.0156 0452 AppMgmt - ok
12:58:33.0203 0452 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
12:58:33.0390 0452 Arp1394 - ok
12:58:33.0421 0452 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
12:58:33.0500 0452 asc - ok
12:58:33.0546 0452 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:58:33.0609 0452 asc3350p - ok
12:58:33.0625 0452 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:58:33.0687 0452 asc3550 - ok
12:58:33.0781 0452 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:58:33.0796 0452 aspnet_state - ok
12:58:33.0812 0452 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:58:33.0890 0452 AsyncMac - ok
12:58:33.0906 0452 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:58:33.0984 0452 atapi - ok
12:58:34.0000 0452 Atdisk - ok
12:58:34.0015 0452 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:58:34.0125 0452 Atmarpc - ok
12:58:34.0171 0452 [ DBF0D7E2DF33B469EB55406FEA759350 ] atmeltpm C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
12:58:34.0187 0452 atmeltpm - ok
12:58:34.0234 0452 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:58:34.0328 0452 AudioSrv - ok
12:58:34.0343 0452 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:58:34.0437 0452 audstub - ok
12:58:34.0468 0452 [ 87425709A251386064C99B684BF96F72 ] avgntflt C

Alt 11.07.2013, 12:37   #10
Jelar
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



:\WINDOWS\system32\DRIVERS\avgntflt.sys
12:58:34.0484 0452 avgntflt - ok
12:58:34.0515 0452 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
12:58:34.0531 0452 avipbb - ok
12:58:34.0531 0452 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
12:58:34.0546 0452 avkmgr - ok
12:58:34.0625 0452 [ 958038B812E2B6AB998E115194B8D2B7 ] awhost32 C:\Programme\Symantec\pcAnywhere\awhost32.exe
12:58:34.0640 0452 awhost32 ( UnsignedFile.Multi.Generic ) - warning
12:58:34.0640 0452 awhost32 - detected UnsignedFile.Multi.Generic (1)
12:58:34.0640 0452 [ ABFE3AB22767EEB5E7D91B1B3BB2901C ] awlegacy C:\WINDOWS\System32\Drivers\awlegacy.sys
12:58:34.0671 0452 awlegacy ( UnsignedFile.Multi.Generic ) - warning
12:58:34.0671 0452 awlegacy - detected UnsignedFile.Multi.Generic (1)
12:58:34.0687 0452 [ 852D995A4B283C341A2BAEFAA8067671 ] AW_HOST C:\WINDOWS\system32\drivers\aw_host5.sys
12:58:34.0703 0452 AW_HOST ( UnsignedFile.Multi.Generic ) - warning
12:58:34.0703 0452 AW_HOST - detected UnsignedFile.Multi.Generic (1)
12:58:34.0718 0452 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:58:34.0828 0452 Beep - ok
12:58:34.0921 0452 [ 94A5E2424BC8B94D02F88DEA0702246B ] bfturboh C:\WINDOWS\system32\drivers\bfturboh.sys
12:58:34.0937 0452 bfturboh ( UnsignedFile.Multi.Generic ) - warning
12:58:34.0937 0452 bfturboh - detected UnsignedFile.Multi.Generic (1)
12:58:35.0000 0452 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
12:58:35.0109 0452 BITS - ok
12:58:35.0187 0452 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
12:58:35.0218 0452 Bonjour Service - ok
12:58:35.0265 0452 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
12:58:35.0312 0452 Browser - ok
12:58:35.0343 0452 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
12:58:35.0359 0452 BrScnUsb ( UnsignedFile.Multi.Generic ) - warning
12:58:35.0359 0452 BrScnUsb - detected UnsignedFile.Multi.Generic (1)
12:58:35.0421 0452 [ 3AA4BF555C00C5B87FD48DD7BDBD4E97 ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
12:58:35.0453 0452 btaudio - ok
12:58:35.0500 0452 [ 07F0A66CFA550B13AD0674AE09E3CBA0 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
12:58:35.0531 0452 BTDriver - ok
12:58:35.0593 0452 [ 9DA09B5800B9DE8336948664E3B9CC94 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
12:58:35.0656 0452 BTKRNL - ok
12:58:35.0718 0452 [ D14C346D293E6F83CBB55AC641FF941E ] btwdins C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
12:58:35.0781 0452 btwdins ( UnsignedFile.Multi.Generic ) - warning
12:58:35.0781 0452 btwdins - detected UnsignedFile.Multi.Generic (1)
12:58:35.0828 0452 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
12:58:35.0875 0452 BTWDNDIS - ok
12:58:35.0921 0452 [ 6BEB0ADAA3D2B80E6515EEC5D03B7540 ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
12:58:35.0968 0452 btwhid - ok
12:58:36.0000 0452 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
12:58:36.0046 0452 BTWUSB - ok
12:58:36.0078 0452 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:58:36.0187 0452 cbidf - ok
12:58:36.0203 0452 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:58:36.0265 0452 cbidf2k - ok
12:58:36.0296 0452 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:58:36.0359 0452 cd20xrnt - ok
12:58:36.0375 0452 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:58:36.0437 0452 Cdaudio - ok
12:58:36.0484 0452 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:58:36.0546 0452 Cdfs - ok
12:58:36.0562 0452 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:58:36.0656 0452 Cdrom - ok
12:58:36.0656 0452 Changer - ok
12:58:36.0687 0452 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:58:36.0781 0452 CiSvc - ok
12:58:36.0796 0452 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:58:36.0875 0452 ClipSrv - ok
12:58:36.0906 0452 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:58:36.0921 0452 clr_optimization_v2.0.50727_32 - ok
12:58:36.0937 0452 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:58:37.0015 0452 CmBatt - ok
12:58:37.0046 0452 [ C687F81290303D90099B027A6474F99F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:58:37.0343 0452 CmdIde - ok
12:58:37.0343 0452 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:58:37.0437 0452 Compbatt - ok
12:58:37.0437 0452 COMSysApp - ok
12:58:37.0468 0452 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:58:37.0578 0452 Cpqarray - ok
12:58:37.0703 0452 cpuz132 - ok
12:58:37.0734 0452 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:58:37.0859 0452 CryptSvc - ok
12:58:37.0906 0452 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:58:38.0031 0452 dac2w2k - ok
12:58:38.0031 0452 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:58:38.0156 0452 dac960nt - ok
12:58:38.0203 0452 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:58:38.0250 0452 DcomLaunch - ok
12:58:38.0281 0452 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:58:38.0437 0452 Dhcp - ok
12:58:38.0484 0452 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:58:38.0640 0452 Disk - ok
12:58:38.0734 0452 [ 0711D2E0F17B31E537B2770A618DA41F ] Diskeeper C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe
12:58:38.0765 0452 Diskeeper ( UnsignedFile.Multi.Generic ) - warning
12:58:38.0765 0452 Diskeeper - detected UnsignedFile.Multi.Generic (1)
12:58:38.0812 0452 [ 35CBC02546335EA41A5D516DA6626C8A ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
12:58:38.0828 0452 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
12:58:38.0828 0452 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
12:58:38.0843 0452 [ EC6AE8BC9F773382D2EED49E4DFDAE2A ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
12:58:38.0859 0452 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
12:58:38.0859 0452 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
12:58:38.0875 0452 [ 2104649B0B79B9F30122C545CBA0C655 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
12:58:38.0890 0452 DLADResN ( UnsignedFile.Multi.Generic ) - warning
12:58:38.0890 0452 DLADResN - detected UnsignedFile.Multi.Generic (1)
12:58:38.0906 0452 [ E4859CA5BD8412A9A60D62067A653522 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
12:58:38.0921 0452 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
12:58:38.0921 0452 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
12:58:38.0937 0452 [ 20C24A3D1CF0825487C93F806625805E ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
12:58:38.0953 0452 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
12:58:38.0953 0452 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
12:58:38.0953 0452 [ 8A530DA5DC81954BCF1966813F699B49 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
12:58:38.0968 0452 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
12:58:38.0968 0452 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
12:58:38.0968 0452 [ 0605B66052F82B6F07204DBDB61C13FF ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
12:58:38.0968 0452 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
12:58:38.0968 0452 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
12:58:39.0015 0452 [ 7EDA68AF6A91BF64AF6F301E39928EBF ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
12:58:39.0031 0452 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
12:58:39.0031 0452 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
12:58:39.0046 0452 [ A18423BBC6D92B01FDF3C51E7510EE70 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
12:58:39.0062 0452 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
12:58:39.0062 0452 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
12:58:39.0078 0452 dmadmin - ok
12:58:39.0156 0452 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:58:39.0343 0452 dmboot - ok
12:58:39.0390 0452 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:58:39.0468 0452 dmio - ok
12:58:39.0500 0452 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:58:39.0562 0452 dmload - ok
12:58:39.0593 0452 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:58:39.0671 0452 dmserver - ok
12:58:39.0687 0452 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:58:39.0765 0452 DMusic - ok
12:58:39.0796 0452 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:58:39.0828 0452 Dnscache - ok
12:58:39.0859 0452 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:58:39.0968 0452 Dot3svc - ok
12:58:40.0000 0452 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:58:40.0093 0452 dpti2o - ok
12:58:40.0140 0452 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:58:40.0250 0452 drmkaud - ok
12:58:40.0250 0452 [ 48C7008D23DCFCE0D0232F49307EFCED ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
12:58:40.0265 0452 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
12:58:40.0265 0452 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
12:58:40.0265 0452 [ 05467E44A42C777DD1534BB4539B16D1 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
12:58:40.0281 0452 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
12:58:40.0281 0452 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
12:58:40.0296 0452 [ A6DE5342417FEC3C0AA8EFEBB899C431 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:58:40.0390 0452 E100B - ok
12:58:40.0437 0452 [ B1E9161BA28D5B826E49A1D0DED7FCC4 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:58:40.0453 0452 e1express - ok
12:58:40.0468 0452 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:58:40.0593 0452 EapHost - ok
12:58:40.0640 0452 [ 28CB0B64134AD62C2ACF77DB8501A619 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
12:58:40.0656 0452 ElbyCDIO - ok
12:58:40.0687 0452 [ B687F79CB390E103AF36DCBB5C417044 ] ElgTaDrv C:\WINDOWS\system32\Drivers\ElgTaDrv.sys
12:58:40.0718 0452 ElgTaDrv ( UnsignedFile.Multi.Generic ) - warning
12:58:40.0718 0452 ElgTaDrv - detected UnsignedFile.Multi.Generic (1)
12:58:40.0750 0452 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:58:40.0875 0452 ERSvc - ok
12:58:40.0921 0452 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
12:58:40.0937 0452 Eventlog - ok
12:58:41.0000 0452 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
12:58:41.0031 0452 EventSystem - ok
12:58:41.0109 0452 [ 695E398E5858C10813E54FAFC933514F ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
12:58:41.0140 0452 EvtEng ( UnsignedFile.Multi.Generic ) - warning
12:58:41.0140 0452 EvtEng - detected UnsignedFile.Multi.Generic (1)
12:58:41.0171 0452 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:58:41.0312 0452 Fastfat - ok
12:58:41.0406 0452 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:58:41.0453 0452 FastUserSwitchingCompatibility - ok
12:58:41.0484 0452 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:58:41.0578 0452 Fdc - ok
12:58:41.0609 0452 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:58:41.0687 0452 Fips - ok
12:58:41.0734 0452 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:58:41.0750 0452 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:58:41.0750 0452 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:58:41.0781 0452 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:58:41.0859 0452 Flpydisk - ok
12:58:41.0890 0452 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:58:41.0953 0452 FltMgr - ok
12:58:42.0015 0452 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:58:42.0031 0452 FontCache3.0.0.0 - ok
12:58:42.0062 0452 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:58:42.0140 0452 Fs_Rec - ok
12:58:42.0171 0452 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:58:42.0250 0452 Ftdisk - ok
12:58:42.0281 0452 [ 33D00F8CB70AC5F7A8101F79D5273615 ] G400 C:\WINDOWS\system32\DRIVERS\G400m.sys
12:58:42.0359 0452 G400 - ok
12:58:42.0406 0452 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:58:42.0406 0452 GEARAspiWDM - ok
12:58:42.0421 0452 [ FD25177CED6751C14DE170D8282CED90 ] Gernuwa C:\WINDOWS\system32\drivers\Gernuwa.sys
12:58:42.0437 0452 Gernuwa ( UnsignedFile.Multi.Generic ) - warning
12:58:42.0437 0452 Gernuwa - detected UnsignedFile.Multi.Generic (1)
12:58:42.0468 0452 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:58:42.0546 0452 Gpc - ok
12:58:42.0640 0452 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
12:58:42.0656 0452 gupdate - ok
12:58:42.0656 0452 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
12:58:42.0671 0452 gupdatem - ok
12:58:42.0687 0452 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:58:42.0765 0452 HDAudBus - ok
12:58:42.0843 0452 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:58:42.0921 0452 helpsvc - ok
12:58:42.0968 0452 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
12:58:43.0031 0452 HidServ - ok
12:58:43.0062 0452 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:58:43.0125 0452 HidUsb - ok
12:58:43.0171 0452 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:58:43.0234 0452 hkmsvc - ok
12:58:43.0234 0452 HPFXBULK - ok
12:58:43.0250 0452 HPFXFAX - ok
12:58:43.0265 0452 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
12:58:43.0343 0452 hpn - ok
12:58:43.0453 0452 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
12:58:43.0468 0452 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
12:58:43.0468 0452 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
12:58:43.0484 0452 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
12:58:43.0500 0452 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
12:58:43.0500 0452 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
12:58:43.0546 0452 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:58:43.0562 0452 HPZid412 - ok
12:58:43.0578 0452 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:58:43.0593 0452 HPZipr12 - ok
12:58:43.0609 0452 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:58:43.0625 0452 HPZius12 - ok
12:58:43.0671 0452 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
12:58:43.0687 0452 HSFHWAZL - ok
12:58:43.0734 0452 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
12:58:43.0765 0452 HSF_DPV - ok
12:58:43.0812 0452 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:58:43.0828 0452 HTTP - ok
12:58:43.0875 0452 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:58:43.0953 0452 HTTPFilter - ok
12:58:43.0984 0452 [ 2910A14DD8807FD0E6C263599BDFC520 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
12:58:44.0015 0452 hwdatacard - ok
12:58:44.0046 0452 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
12:58:44.0125 0452 i2omgmt - ok
12:58:44.0140 0452 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:58:44.0234 0452 i2omp - ok
12:58:44.0296 0452 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:58:44.0375 0452 i8042prt - ok
12:58:44.0421 0452 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
12:58:44.0437 0452 iaStor - ok
12:58:44.0468 0452 [ BF648877413F6160E480814A24942B65 ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
12:58:44.0484 0452 IBMPMDRV - ok
12:58:44.0500 0452 [ A75CE11915E4ECC5E1597D6E0F7BB2DB ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
12:58:44.0500 0452 IBMPMSVC - ok
12:58:44.0546 0452 [ 083D095FED4B01FFF9D501B98D50DB68 ] IBMTPCHK C:\WINDOWS\system32\Drivers\IBMBLDID.sys
12:58:44.0546 0452 IBMTPCHK ( UnsignedFile.Multi.Generic ) - warning
12:58:44.0546 0452 IBMTPCHK - detected UnsignedFile.Multi.Generic (1)
12:58:44.0640 0452 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:58:44.0671 0452 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:58:44.0671 0452 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:58:44.0765 0452 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:58:44.0796 0452 idsvc - ok
12:58:44.0828 0452 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:58:44.0906 0452 Imapi - ok
12:58:44.0953 0452 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
12:58:45.0031 0452 ImapiService - ok
12:58:45.0062 0452 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:58:45.0140 0452 ini910u - ok
12:58:45.0156 0452 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
12:58:45.0250 0452 IntelIde - ok
12:58:45.0265 0452 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:58:45.0328 0452 intelppm - ok
12:58:45.0359 0452 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:58:45.0421 0452 Ip6Fw - ok
12:58:45.0437 0452 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:58:45.0500 0452 IpFilterDriver - ok
12:58:45.0515 0452 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:58:45.0578 0452 IpInIp - ok
12:58:45.0625 0452 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:58:45.0687 0452 IpNat - ok
12:58:45.0750 0452 [ 0CA8C2E721617AA2F923A8151C96FB33 ] iPod Service C:\Programme\iPod\bin\iPodService.exe
12:58:45.0781 0452 iPod Service - ok
12:58:45.0781 0452 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:58:45.0859 0452 IPSec - ok
12:58:45.0890 0452 [ 00D8E9DAEBE72A5DF3986FD418A995EB ] IPSSVC C:\WINDOWS\system32\IPSSVC.EXE
12:58:45.0906 0452 IPSSVC - ok
12:58:45.0937 0452 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:58:46.0015 0452 IRENUM - ok
12:58:46.0046 0452 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:58:46.0140 0452 isapnp - ok
12:58:46.0187 0452 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
12:58:46.0187 0452 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
12:58:46.0187 0452 Iviaspi - detected UnsignedFile.Multi.Generic (1)
12:58:46.0250 0452 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
12:58:46.0265 0452 IviRegMgr - ok
12:58:46.0375 0452 [ 39133291CB607BDD87CFC565A4A1E7A5 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
12:58:46.0390 0452 JavaQuickStarterService - ok
12:58:46.0421 0452 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:58:46.0531 0452 Kbdclass - ok
12:58:46.0546 0452 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:58:46.0640 0452 kbdhid - ok
12:58:46.0687 0452 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:58:46.0843 0452 kmixer - ok
12:58:46.0875 0452 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:58:46.0906 0452 KSecDD - ok
12:58:46.0937 0452 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:58:46.0968 0452 lanmanserver - ok
12:58:46.0984 0452 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:58:47.0015 0452 lanmanworkstation - ok
12:58:47.0015 0452 lbrtfdc - ok
12:58:47.0031 0452 [ 3FA98339E8D9E007726BE62F231E2015 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
12:58:47.0062 0452 LHidFilt - ok
12:58:47.0109 0452 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:58:47.0359 0452 LmHosts - ok
12:58:47.0375 0452 [ F259F758E04D8FB8D48C6CDBE45223E8 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
12:58:47.0390 0452 LMouFilt - ok
12:58:47.0421 0452 [ CA26E46EC8891058C9E10363DF4E4650 ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
12:58:47.0421 0452 LUsbFilt - ok
12:58:47.0515 0452 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
12:58:47.0531 0452 MDM - ok
12:58:47.0578 0452 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:58:47.0593 0452 mdmxsdk - ok
12:58:47.0609 0452 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:58:47.0687 0452 Messenger - ok
12:58:47.0718 0452 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:58:47.0812 0452 mnmdd - ok
12:58:47.0843 0452 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:58:48.0046 0452 mnmsrvc - ok
12:58:48.0078 0452 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:58:48.0156 0452 Modem - ok
12:58:48.0187 0452 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:58:48.0281 0452 Mouclass - ok
12:58:48.0296 0452 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:58:48.0375 0452 mouhid - ok
12:58:48.0390 0452 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:58:48.0468 0452 MountMgr - ok
12:58:48.0500 0452 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:58:48.0562 0452 mraid35x - ok
12:58:48.0578 0452 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:58:48.0671 0452 MRxDAV - ok
12:58:48.0718 0452 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:58:48.0750 0452 MRxSmb - ok
12:58:48.0765 0452 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:58:48.0843 0452 MSDTC - ok
12:58:48.0859 0452 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:58:48.0921 0452 Msfs - ok
12:58:48.0937 0452 MSIServer - ok
12:58:48.0953 0452 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:58:49.0015 0452 MSKSSRV - ok
12:58:49.0015 0452 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:58:49.0093 0452 MSPCLOCK - ok
12:58:49.0093 0452 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:58:49.0171 0452 MSPQM - ok
12:58:49.0171 0452 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:58:49.0250 0452 mssmbios - ok
12:58:49.0250 0452 msupdate - ok
12:58:49.0265 0452 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:58:49.0296 0452 Mup - ok
12:58:49.0343 0452 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
12:58:49.0421 0452 napagent - ok
12:58:49.0546 0452 [ 3BAE2BFCB6D69E19C8373F635DD544DC ] NBService C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
12:58:49.0578 0452 NBService - ok
12:58:49.0609 0452 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:58:49.0703 0452 NDIS - ok
12:58:49.0734 0452 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:58:49.0750 0452 NdisTapi - ok
12:58:49.0750 0452 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:58:49.0875 0452 Ndisuio - ok
12:58:49.0890 0452 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:58:50.0015 0452 NdisWan - ok
12:58:50.0062 0452 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:58:50.0093 0452 NDProxy - ok
12:58:50.0140 0452 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
12:58:50.0140 0452 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:58:50.0140 0452 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:58:50.0156 0452 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:58:50.0281 0452 NetBIOS - ok
12:58:50.0296 0452 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:58:50.0421 0452 NetBT - ok
12:58:50.0468 0452 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
12:58:50.0593 0452 NetDDE - ok
12:58:50.0593 0452 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:58:50.0718 0452 NetDDEdsdm - ok
12:58:50.0734 0452 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:58:50.0843 0452 Netlogon - ok
12:58:50.0875 0452 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
12:58:51.0000 0452 Netman - ok
12:58:51.0031 0452 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:58:51.0062 0452 NetTcpPortSharing - ok
12:58:51.0156 0452 [ 18B2D3E11ED7A3C898ADE6A6692B6929 ] NETw4x32 C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
12:58:51.0234 0452 NETw4x32 - ok
12:58:51.0250 0452 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
12:58:51.0375 0452 NIC1394 - ok
12:58:51.0453 0452 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
12:58:51.0484 0452 Nla - ok
12:58:51.0578 0452 [ 193FA51DDDD0BFFDED1C340F0434999A ] NMIndexingService C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
12:58:51.0593 0452 NMIndexingService - ok
12:58:51.0625 0452 [ C3963D85B721A7F80D8A55F4E2867A3A ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
12:58:51.0687 0452 nmwcd - ok
12:58:51.0718 0452 [ 3859C69A77793180548802DAC9F34A38 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
12:58:51.0750 0452 nmwcdc - ok
12:58:51.0796 0452 [ 338F83EE9CB9E15EEACF0CBB90218CBF ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
12:58:51.0843 0452 nmwcdnsu - ok
12:58:51.0875 0452 [ D15BAC979144FB69ED28F97B2DD84D48 ] nmwcdnsuc C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
12:58:52.0000 0452 nmwcdnsuc - ok
12:58:52.0046 0452 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:58:52.0218 0452 Npfs - ok
12:58:52.0265 0452 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:58:52.0625 0452 Ntfs - ok
12:58:52.0656 0452 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:58:52.0718 0452 NtLmSsp - ok
12:58:52.0765 0452 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:58:52.0937 0452 NtmsSvc - ok
12:58:52.0968 0452 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
12:58:53.0000 0452 NuidFltr - ok
12:58:53.0031 0452 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:58:53.0171 0452 Null - ok
12:58:53.0406 0452 [ DB33C5AB368F40AEAA85580E147DB2BD ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:58:53.0609 0452 nv - ok
12:58:53.0656 0452 [ 46898B6C76AC5223A22056314C35239E ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
12:58:53.0671 0452 NVSvc - ok
12:58:53.0703 0452 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:58:53.0921 0452 NwlnkFlt - ok
12:58:53.0968 0452 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:58:54.0062 0452 NwlnkFwd - ok
12:58:54.0109 0452 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
12:58:54.0203 0452 ohci1394 - ok
12:58:54.0265 0452 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
12:58:54.0281 0452 ose - ok
12:58:54.0296 0452 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:58:54.0390 0452 Parport - ok
12:58:54.0390 0452 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:58:54.0468 0452 PartMgr - ok
12:58:54.0484 0452 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:58:54.0593 0452 ParVdm - ok
12:58:54.0609 0452 PCANDIS5 - ok
12:58:54.0640 0452 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:58:54.0656 0452 pccsmcfd - ok
12:58:54.0656 0452 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:58:54.0765 0452 PCI - ok
12:58:54.0765 0452 PCIDump - ok
12:58:54.0781 0452 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:58:54.0875 0452 PCIIde - ok
12:58:54.0875 0452 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
12:58:54.0968 0452 Pcmcia - ok
12:58:54.0968 0452 PDCOMP - ok
12:58:54.0984 0452 PDFRAME - ok
12:58:54.0984 0452 PDRELI - ok
12:58:54.0984 0452 PDRFRAME - ok
12:58:55.0015 0452 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
12:58:55.0125 0452 perc2 - ok
12:58:55.0156 0452 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:58:55.0265 0452 perc2hib - ok
12:58:55.0312 0452 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\WINDOWS\system32\IoctlSvc.exe
12:58:55.0312 0452 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
12:58:55.0312 0452 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
12:58:55.0328 0452 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
12:58:55.0343 0452 PlugPlay - ok
12:58:55.0390 0452 [ DEDEF40E1D05842639491365CB2C069E ] pmem C:\WINDOWS\System32\drivers\pmemnt.sys
12:58:55.0390 0452 pmem ( UnsignedFile.Multi.Generic ) - warning
12:58:55.0390 0452 pmem - detected UnsignedFile.Multi.Generic (1)
12:58:55.0437 0452 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
12:58:55.0437 0452 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:58:55.0437 0452 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:58:55.0453 0452 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:58:55.0546 0452 PolicyAgent - ok
12:58:55.0593 0452 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:58:55.0671 0452 PptpMiniport - ok
12:58:55.0718 0452 [ 1D80309FED4BABF8EA9E7B84A394348B ] PROCDD C:\WINDOWS\system32\DRIVERS\PROCDD.SYS
12:58:55.0734 0452 PROCDD - ok
12:58:55.0750 0452 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
12:58:55.0859 0452 Processor - ok
12:58:55.0875 0452 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:58:55.0984 0452 ProtectedStorage - ok
12:58:56.0015 0452 [ AAC08DEFB15AAAB00B30341C716EFA35 ] psadd C:\WINDOWS\system32\DRIVERS\psadd.sys
12:58:56.0031 0452 psadd - ok
12:58:56.0031 0452 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:58:56.0156 0452 PSched - ok
12:58:56.0171 0452 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:58:56.0281 0452 Ptilink - ok
12:58:56.0343 0452 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:58:56.0343 0452 PxHelp20 - ok
12:58:56.0359 0452 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:58:56.0453 0452 ql1080 - ok
12:58:56.0484 0452 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:58:56.0562 0452 Ql10wnt - ok
12:58:56.0578 0452 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:58:56.0671 0452 ql12160 - ok
12:58:56.0671 0452 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:58:56.0734 0452 ql1240 - ok
12:58:56.0750 0452 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:58:56.0828 0452 ql1280 - ok
12:58:56.0843 0452 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:58:56.0921 0452 RasAcd - ok
12:58:56.0953 0452 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:58:57.0031 0452 RasAuto - ok
12:58:57.0046 0452 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:58:57.0125 0452 Rasl2tp - ok
12:58:57.0171 0452 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:58:57.0265 0452 RasMan - ok
12:58:57.0281 0452 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:58:57.0343 0452 RasPppoe - ok
12:58:57.0359 0452 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:58:57.0437 0452 Raspti - ok
12:58:57.0468 0452 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:58:57.0562 0452 Rdbss - ok
12:58:57.0578 0452 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:58:57.0687 0452 RDPCDD - ok
12:58:57.0703 0452 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:58:57.0796 0452 rdpdr - ok
12:58:57.0843 0452 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:58:57.0859 0452 RDPWD - ok
12:58:57.0875 0452 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:58:57.0984 0452 RDSessMgr - ok
12:58:58.0015 0452 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:58:58.0109 0452 redbook - ok
12:58:58.0171 0452 [ B3611F5CC7052FE52998984A4361880F ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
12:58:58.0171 0452 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
12:58:58.0171 0452 RegSrvc - detected UnsignedFile.Multi.Generic (1)
12:58:58.0203 0452 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:58:58.0312 0452 RemoteAccess - ok
12:58:58.0359 0452 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:58:58.0453 0452 RemoteRegistry - ok
12:58:58.0500 0452 [ C35CA13D3627EBD9DD12A23CE781BC3D ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
12:58:58.0531 0452 rimmptsk - ok
12:58:58.0531 0452 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
12:58:58.0546 0452 rimsptsk - ok
12:58:58.0546 0452 RimUsb - ok
12:58:58.0578 0452 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
12:58:58.0625 0452 RimVSerPort - ok
12:58:58.0640 0452 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
12:58:58.0656 0452 rismxdp - ok
12:58:58.0687 0452 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
12:58:58.0812 0452 ROOTMODEM - ok
12:58:58.0875 0452 [ 594822F6E691E3B0D7046D1910847727 ] RosettaStoneDaemon C:\Programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe
12:58:58.0890 0452 RosettaStoneDaemon ( UnsignedFile.Multi.Generic ) - warning
12:58:58.0890 0452 RosettaStoneDaemon - detected UnsignedFile.Multi.Generic (1)
12:58:58.0953 0452 RoxLiveShare9 - ok
12:58:58.0968 0452 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:58:59.0140 0452 RpcLocator - ok
12:58:59.0187 0452 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:58:59.0203 0452 RpcSs - ok
12:58:59.0234 0452 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:58:59.0312 0452 RSVP - ok
12:58:59.0359 0452 [ 2FD3B284ADE57CFAA70A6A9753E50572 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
12:58:59.0406 0452 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
12:58:59.0406 0452 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
12:58:59.0421 0452 [ 2220783B32A9F91DF87F3E8315F091E7 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
12:58:59.0421 0452 s24trans ( UnsignedFile.Multi.Generic ) - warning
12:58:59.0421 0452 s24trans - detected UnsignedFile.Multi.Generic (1)
12:58:59.0437 0452 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
12:58:59.0515 0452 SamSs - ok
12:58:59.0546 0452 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:58:59.0640 0452 SCardSvr - ok
12:58:59.0687 0452 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:58:59.0796 0452 Schedule - ok
12:58:59.0812 0452 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
12:58:59.0890 0452 sdbus - ok
12:58:59.0921 0452 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:59:00.0015 0452 Secdrv - ok
12:59:00.0046 0452 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
12:59:00.0125 0452 seclogon - ok
12:59:00.0187 0452 [ BA55C28D2B175A55ADCBDF3D990D97A4 ] sembbus C:\WINDOWS\system32\DRIVERS\sembbus.sys
12:59:00.0187 0452 sembbus - ok
12:59:00.0250 0452 [ 056DFA11277F22977DC5641D83012454 ] sembcard C:\WINDOWS\system32\DRIVERS\sembcard.sys
12:59:00.0265 0452 sembcard - ok
12:59:00.0312 0452 [ BB652CA7E20AECC0AD4085F9F029EACD ] sembmdfl2 C:\WINDOWS\system32\DRIVERS\sembmdfl2.sys
12:59:00.0312 0452 sembmdfl2 - ok
12:59:00.0328 0452 [ DCFFB3F76D15B3A456065E9198A86FCE ] sembmdm2 C:\WINDOWS\system32\DRIVERS\sembmdm2.sys
12:59:00.0359 0452 sembmdm2 - ok
12:59:00.0359 0452 [ A095ACA64CA705477969F239712EB489 ] sembmgmt C:\WINDOWS\system32\DRIVERS\sembmgmt.sys
12:59:00.0390 0452 sembmgmt - ok
12:59:00.0390 0452 [ DE69B731C2F78220DE65B59B97A40946 ] sembnd5 C:\WINDOWS\system32\DRIVERS\sembnd5.sys
12:59:00.0406 0452 sembnd5 - ok
12:59:00.0406 0452 [ F0948DCAFFD9821DFD83538E7E404662 ] sembunic C:\WINDOWS\system32\DRIVERS\sembunic.sys
12:59:00.0421 0452 sembunic - ok
12:59:00.0453 0452 [ 51056C879264F52404089C4F6172A5E8 ] sembwwan C:\WINDOWS\system32\DRIVERS\sembwwan.sys
12:59:00.0484 0452 sembwwan - ok
12:59:00.0531 0452 [ 0F52DC75E31714695ED941B60B553EF0 ] SEMCReserved C:\WINDOWS\system32\DRIVERS\semcreserved.sys
12:59:00.0546 0452 SEMCReserved - ok
12:59:00.0562 0452 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
12:59:00.0671 0452 SENS - ok
12:59:00.0703 0452 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:59:00.0812 0452 serenum - ok
12:59:00.0828 0452 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:59:00.0906 0452 Serial - ok
12:59:01.0015 0452 [ 2D841B7B7F6DEC32162EDFCC69D61F42 ] ServiceLayer C:\Programme\PC Connectivity Solution\ServiceLayer.exe
12:59:01.0031 0452 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:59:01.0031 0452 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
12:59:01.0078 0452 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
12:59:01.0156 0452 sffdisk - ok
12:59:01.0171 0452 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
12:59:01.0234 0452 sffp_sd - ok
12:59:01.0265 0452 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
12:59:01.0359 0452 Sfloppy - ok
12:59:01.0406 0452 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:59:01.0515 0452 SharedAccess - ok
12:59:01.0546 0452 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:59:01.0562 0452 ShellHWDetection - ok
12:59:01.0609 0452 [ A3AEE791DB8C73882F4503BFAACD8C9E ] Shockprf C:\WINDOWS\system32\DRIVERS\Apsx86.sys
12:59:01.0640 0452 Shockprf - ok
12:59:01.0640 0452 Simbad - ok
12:59:01.0671 0452 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:59:01.0812 0452 sisagp - ok
12:59:01.0890 0452 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
12:59:01.0906 0452 SkypeUpdate - ok
12:59:01.0953 0452 [ 350483C5A139F8A39ED3191AFF39BED0 ] smihlp C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys
12:59:01.0953 0452 smihlp - ok
12:59:02.0015 0452 [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Programme\Gemeinsame Dateien\SolidWorks Shared\Service\SolidWorksLicensing.exe
12:59:02.0015 0452 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:59:02.0015 0452 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:59:02.0046 0452 [ EE923E3E5C6B6A59D7E70E15C3EDA367 ] Sony_EricssonWWSC C:\WINDOWS\system32\DRIVERS\seu4scard.sys
12:59:02.0062 0452 Sony_EricssonWWSC - ok
12:59:02.0093 0452 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:59:02.0156 0452 Sparrow - ok
12:59:02.0203 0452 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:59:02.0281 0452 splitter - ok
12:59:02.0312 0452 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:59:02.0359 0452 Spooler - ok
12:59:02.0406 0452 [ 9263C8898732E2B890F7E954E7729AB7 ] SQLWriter c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:59:02.0640 0452 SQLWriter - ok
12:59:02.0671 0452 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:59:02.0843 0452 sr - ok
12:59:02.0890 0452 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
12:59:02.0968 0452 srservice - ok
12:59:02.0984 0452 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:59:03.0000 0452 Srv - ok
12:59:03.0046 0452 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:59:03.0109 0452 SSDPSRV - ok
12:59:03.0156 0452 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
12:59:03.0171 0452 ssmdrv - ok
12:59:03.0187 0452 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:59:03.0281 0452 stisvc - ok
12:59:03.0375 0452 [ B71A41CAD9DE92219C3891E88F822AC3 ] SUService c:\programme\lenovo\system update\suservice.exe
12:59:03.0406 0452 SUService ( UnsignedFile.Multi.Generic ) - warning
12:59:03.0406 0452 SUService - detected UnsignedFile.Multi.Generic (1)
12:59:03.0437 0452 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:59:03.0562 0452 swenum - ok
12:59:03.0578 0452 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:59:03.0687 0452 swmidi - ok
12:59:03.0687 0452 SwPrv - ok
12:59:03.0718 0452 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
12:59:03.0796 0452 symc810 - ok
12:59:03.0812 0452 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:59:03.0875 0452 symc8xx - ok
12:59:03.0953 0452 [ 083FE6483DC16A02AF2434D04B7D7AEA ] SymEvent C:\Programme\Symantec\SYMEVENT.SYS
12:59:03.0968 0452 SymEvent - ok
12:59:03.0984 0452 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:59:04.0078 0452 sym_hi - ok
12:59:04.0093 0452 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:59:04.0156 0452 sym_u3 - ok
12:59:04.0187 0452 [ 820D28F30AC01CE86860A35DCC7BFAAB ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:59:04.0203 0452 SynTP - ok
12:59:04.0218 0452 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:59:04.0312 0452 sysaudio - ok
12:59:04.0343 0452 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:59:04.0468 0452 SysmonLog - ok
12:59:04.0500 0452 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:59:04.0609 0452 TapiSrv - ok
12:59:04.0671 0452 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:59:04.0703 0452 Tcpip - ok
12:59:04.0765 0452 [ 109D1F5CD9CC370A87901DB3DDD533F1 ] TcUsb C:\WINDOWS\system32\Drivers\tcusb.sys
12:59:04.0781 0452 TcUsb - ok
12:59:04.0812 0452 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:59:04.0890 0452 TDPIPE - ok
12:59:04.0906 0452 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:59:05.0015 0452 TDTCP - ok
12:59:05.0156 0452 [ 4768F719F7225A43C493BDD8BBAB52BB ] TeamViewer6 C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
12:59:05.0265 0452 TeamViewer6 - ok
12:59:05.0312 0452 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
12:59:05.0343 0452 teamviewervpn - ok
12:59:05.0375 0452 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:59:05.0531 0452 TermDD - ok
12:59:05.0578 0452 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
12:59:05.0734 0452 TermService - ok
12:59:05.0750 0452 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
12:59:05.0781 0452 Themes - ok
12:59:05.0875 0452 [ D04402CD654AF1058AD9A82B73AD67C8 ] ThinkVantage Registry Monitor Service C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
12:59:05.0921 0452 ThinkVantage Registry Monitor Service - ok
12:59:05.0953 0452 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
12:59:06.0109 0452 TlntSvr - ok
12:59:06.0187 0452 [ 572A16FBAD52AB1AC8E3D44BAAF99694 ] TomTomHOMEService C:\Programme\TomTom HOME 1005\TomTomHOMEService.exe
12:59:06.0218 0452 TomTomHOMEService - ok
12:59:06.0250 0452 [ D213A9247DC347F305A2D4CC9B951487 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
12:59:06.0375 0452 TosIde - ok
12:59:06.0453 0452 [ 639BA7B37F25054CF5E82604E736D250 ] TPDIGIMN C:\WINDOWS\system32\DRIVERS\ApsHM86.sys
12:59:06.0453 0452 TPDIGIMN - ok
12:59:06.0500 0452 [ 3663C0F611711DAC453636AF562F0831 ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG.exe
12:59:06.0515 0452 TPHDEXLGSVC - ok
12:59:06.0531 0452 [ 542770C8925E13B29B1BA63F05898058 ] TPHKDRV C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
12:59:06.0546 0452 TPHKDRV - ok
12:59:06.0593 0452 [ 44672DE6CEA9569C21C4B7A8D2560750 ] TPPWRIF C:\WINDOWS\system32\drivers\Tppwrif.sys
12:59:06.0609 0452 TPPWRIF ( UnsignedFile.Multi.Generic ) - warning
12:59:06.0609 0452 TPPWRIF - detected UnsignedFile.Multi.Generic (1)
12:59:06.0656 0452 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:59:06.0734 0452 TrkWks - ok
12:59:06.0734 0452 [ F2ABA3066D7921D7FCDBD66DEA88BE11 ] TSMAPIP C:\WINDOWS\system32\drivers\TSMAPIP.SYS
12:59:06.0734 0452 TSMAPIP ( UnsignedFile.Multi.Generic ) - warning
12:59:06.0734 0452 TSMAPIP - detected UnsignedFile.Multi.Generic (1)
12:59:06.0828 0452 [ 44D5BE1651390476C5EDB3B5DF28DE30 ] TSSCoreService C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe
12:59:06.0859 0452 TSSCoreService - ok
12:59:06.0875 0452 [ C8DA890DF821DBE5CD5B9A10C6C82D51 ] TVT Backup Protection Service C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
12:59:06.0890 0452 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - warning
12:59:06.0890 0452 TVT Backup Protection Service - detected UnsignedFile.Multi.Generic (1)
12:59:06.0953 0452 [ 951675971BB6DE44284CCE95F33F7421 ] TVT Backup Service C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe
12:59:06.0984 0452 TVT Backup Service ( UnsignedFile.Multi.Generic ) - warning
12:59:06.0984 0452 TVT Backup Service - detected UnsignedFile.Multi.Generic (1)
12:59:07.0109 0452 [ E9EA448F1174BE4052416B62263EA4EE ] TVT Scheduler c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
12:59:07.0156 0452 TVT Scheduler ( UnsignedFile.Multi.Generic ) - warning
12:59:07.0156 0452 TVT Scheduler - detected UnsignedFile.Multi.Generic (1)
12:59:07.0218 0452 [ 49258A02A1E8D304ED88B0F1C56B1738 ] tvtfilter C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
12:59:07.0265 0452 tvtfilter - ok
12:59:07.0312 0452 [ 8AB24D4B7DA715C2C80455137910E792 ] TVTI2C C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
12:59:07.0343 0452 TVTI2C - ok
12:59:07.0375 0452 [ 2E72C66682E9274C97AE3F5A57C2FA33 ] tvtnetwk C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe
12:59:07.0390 0452 tvtnetwk ( UnsignedFile.Multi.Generic ) - warning
12:59:07.0390 0452 tvtnetwk - detected UnsignedFile.Multi.Generic (1)
12:59:07.0406 0452 TVTPktFilter - ok
12:59:07.0421 0452 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:59:07.0640 0452 Udfs - ok
12:59:07.0640 0452 UIUSys - ok
12:59:07.0671 0452 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
12:59:07.0734 0452 ultra - ok
12:59:07.0796 0452 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:59:07.0890 0452 Update - ok
12:59:07.0921 0452 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:59:08.0000 0452 upnphost - ok
12:59:08.0031 0452 [ 0CCADC7391021376EDBB8AA649D04E68 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
12:59:08.0062 0452 upperdev - ok
12:59:08.0078 0452 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
12:59:08.0156 0452 UPS - ok
12:59:08.0171 0452 [ D4FB6ECC60A428564BA8768B0E23C0FC ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
12:59:08.0218 0452 USBAAPL - ok
12:59:08.0250 0452 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:59:08.0359 0452 usbccgp - ok
12:59:08.0375 0452 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:59:08.0468 0452 usbehci - ok
12:59:08.0484 0452 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:59:08.0562 0452 usbhub - ok
12:59:08.0578 0452 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:59:08.0656 0452 usbprint - ok
12:59:08.0687 0452 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:59:08.0781 0452 usbscan - ok
12:59:08.0812 0452 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
12:59:08.0875 0452 usbser - ok
12:59:08.0890 0452 [ 68B4F83CCCF70A2FF32EE142C234332A ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
12:59:08.0921 0452 UsbserFilt - ok
12:59:08.0953 0452 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:59:09.0031 0452 USBSTOR - ok
12:59:09.0046 0452 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:59:09.0125 0452 usbuhci - ok
12:59:09.0156 0452 [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
12:59:09.0218 0452 usb_rndisx - ok
12:59:09.0265 0452 [ 9BF2EA54E5ED5ACDF96F1DEC84C117C4 ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
12:59:09.0265 0452 VClone ( UnsignedFile.Multi.Generic ) - warning
12:59:09.0265 0452 VClone - detected UnsignedFile.Multi.Generic (1)
12:59:09.0265 0452 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:59:09.0359 0452 VgaSave - ok
12:59:09.0390 0452 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:59:09.0484 0452 viaagp - ok
12:59:09.0500 0452 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:59:09.0609 0452 ViaIde - ok
12:59:09.0625 0452 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:59:09.0734 0452 VolSnap - ok
12:59:09.0796 0452 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
12:59:09.0921 0452 VSS - ok
12:59:09.0937 0452 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
12:59:10.0046 0452 W32Time - ok
12:59:10.0093 0452 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:59:10.0218 0452 Wanarp - ok
12:59:10.0265 0452 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:59:10.0296 0452 Wdf01000 - ok
12:59:10.0296 0452 WDICA - ok
12:59:10.0328 0452 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:59:10.0453 0452 wdmaud - ok
12:59:10.0468 0452 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:59:10.0578 0452 WebClient - ok
12:59:10.0640 0452 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:59:10.0687 0452 winachsf - ok
12:59:10.0781 0452 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:59:10.0906 0452 winmgmt - ok
12:59:10.0937 0452 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:59:10.0953 0452 WmdmPmSN - ok
12:59:11.0015 0452 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
12:59:11.0046 0452 Wmi - ok
12:59:11.0062 0452 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:59:11.0171 0452 WmiAcpi - ok
12:59:11.0234 0452 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:59:11.0375 0452 WmiApSrv - ok
12:59:11.0515 0452 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
12:59:11.0546 0452 WMPNetworkSvc - ok
12:59:11.0578 0452 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
12:59:11.0609 0452 WpdUsb - ok
12:59:11.0687 0452 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:59:11.0781 0452 wscsvc - ok
12:59:11.0781 0452 WSearch - ok
12:59:11.0796 0452 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:59:11.0875 0452 wuauserv - ok
12:59:11.0906 0452 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:59:11.0953 0452 WudfPf - ok
12:59:11.0984 0452 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:59:12.0031 0452 WudfRd - ok
12:59:12.0078 0452 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:59:12.0109 0452 WudfSvc - ok
12:59:12.0171 0452 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:59:12.0421 0452 WZCSVC - ok
12:59:12.0437 0452 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:59:12.0531 0452 xmlprov - ok
12:59:12.0546 0452 ZDCndis5 - ok
12:59:12.0546 0452 ZDPSp50 - ok
12:59:12.0562 0452 ================ Scan global ===============================
12:59:12.0609 0452 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
12:59:12.0734 0452 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
12:59:12.0750 0452 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll
12:59:12.0812 0452 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
12:59:12.0812 0452 [Global] - ok
12:59:12.0812 0452 ================ Scan MBR ==================================
12:59:12.0859 0452 [ 13673366CACAF0CAD108225F01B5C98B ] \Device\Harddisk0\DR0
12:59:13.0437 0452 \Device\Harddisk0\DR0 - ok
12:59:13.0812 0452 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
12:59:14.0031 0452 \Device\Harddisk1\DR3 - ok
12:59:14.0031 0452 ================ Scan VBR ==================================
12:59:14.0046 0452 [ 69F6BB060B69F859275B135292170073 ] \Device\Harddisk0\DR0\Partition1
12:59:14.0046 0452 \Device\Harddisk0\DR0\Partition1 - ok
12:59:14.0046 0452 [ 95B509D8B5516100DA3ACEB7491E22EC ] \Device\Harddisk1\DR3\Partition1
12:59:14.0046 0452 \Device\Harddisk1\DR3\Partition1 - ok
12:59:14.0062 0452 ============================================================
12:59:14.0062 0452 Scan finished
12:59:14.0062 0452 ============================================================
12:59:14.0078 1476 Detected object count: 48
12:59:14.0078 1476 Actual detected object count: 48
13:00:12.0046 1476 AcPrfMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0046 1476 AcPrfMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0046 1476 AcSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0046 1476 AcSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0046 1476 ANC ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0046 1476 ANC ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0062 1476 awhost32 ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0062 1476 awhost32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0062 1476 awlegacy ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0062 1476 awlegacy ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0062 1476 AW_HOST ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0062 1476 AW_HOST ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0062 1476 bfturboh ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0062 1476 bfturboh ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0078 1476 BrScnUsb ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0078 1476 BrScnUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0078 1476 btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0078 1476 btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0078 1476 Diskeeper ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0078 1476 Diskeeper ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0078 1476 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0078 1476 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0078 1476 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0078 1476 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0093 1476 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0093 1476 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0093 1476 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0093 1476 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0093 1476 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0093 1476 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0093 1476 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0093 1476 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0093 1476 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0093 1476 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0109 1476 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0109 1476 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0109 1476 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0109 1476 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0109 1476 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0109 1476 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0109 1476 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0109 1476 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0125 1476 ElgTaDrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0125 1476 ElgTaDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0125 1476 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0125 1476 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0125 1476 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0125 1476 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0125 1476 Gernuwa ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0125 1476 Gernuwa ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0140 1476 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0140 1476 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0140 1476 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0140 1476 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0140 1476 IBMTPCHK ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0140 1476 IBMTPCHK ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0140 1476 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0140 1476 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0156 1476 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0156 1476 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0156 1476 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0156 1476 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0156 1476 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0156 1476 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0156 1476 pmem ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0156 1476 pmem ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0156 1476 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0156 1476 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0156 1476 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0156 1476 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0156 1476 RosettaStoneDaemon ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0156 1476 RosettaStoneDaemon ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0156 1476 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0156 1476 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0171 1476 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0171 1476 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0171 1476 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0171 1476 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0171 1476 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0171 1476 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0171 1476 SUService ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0171 1476 SUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0171 1476 TPPWRIF ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0171 1476 TPPWRIF ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0171 1476 TSMAPIP ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0171 1476 TSMAPIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0171 1476 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0171 1476 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0171 1476 TVT Backup Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0171 1476 TVT Backup Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0171 1476 TVT Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0171 1476 TVT Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0187 1476 tvtnetwk ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0187 1476 tvtnetwk ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:00:12.0187 1476 VClone ( UnsignedFile.Multi.Generic ) - skipped by user
13:00:12.0187 1476 VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:03:17.0062 2480 Deinitialize success

Alt 11.07.2013, 12:46   #11
markusg
/// Malware-holic
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Hi,
wir bereinign noch fertig, dann sichern wir das gerät ab.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.07.2013, 13:54   #12
Jelar
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



auch noch geschaft, ohne Problemmeldungen

Logfile:

Combofix Logfile:
Code:
ATTFilter
ComboFix 13-07-09.01 - ***** ******* 11.07.2013  14:27:04.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.3054.2310 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***** *******\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\***** *******\Anwendungsdaten\1&1
c:\dokumente und einstellungen\***** *******\Anwendungsdaten\1&1\1&1 EasyLogin\customer.xml
c:\dokumente und einstellungen\***** *******\Anwendungsdaten\1&1\1&1 EasyLogin\EasyLogin.log
c:\dokumente und einstellungen\***** *******\WINDOWS
c:\programme\office2003_sp3changes.exe
c:\programme\Setup.exe
c:\programme\Uninstall.ini
c:\programme\update.exe
c:\windows\CC3216AA.exe
c:\windows\CC3216AB.exe
c:\windows\CC3216AC.exe
c:\windows\CC3216AD.exe
c:\windows\CC3216AE.exe
c:\windows\CC3216AF.exe
c:\windows\CC3216BA.exe
c:\windows\CC3216BB.exe
c:\windows\CC3216BC.exe
c:\windows\CC3216BD.exe
c:\windows\CC3216BE.exe
c:\windows\CC3216BF.exe
c:\windows\CC3216CA.exe
c:\windows\CC3216CB.exe
c:\windows\CC3216CC.exe
c:\windows\CC3216CD.exe
c:\windows\CC3216CE.exe
c:\windows\CC3216CF.exe
c:\windows\CC3216DA.exe
c:\windows\CC3216DB.exe
c:\windows\CC3216DC.exe
c:\windows\CC3216DD.exe
c:\windows\CC3216DE.exe
c:\windows\CC3216DF.exe
c:\windows\CC3216EA.exe
c:\windows\CC3216EB.exe
c:\windows\CC3216EC.exe
c:\windows\CC3216ED.exe
c:\windows\CC3216EE.exe
c:\windows\CC3216EF.exe
c:\windows\CC3216FA.exe
c:\windows\CC3216FB.exe
c:\windows\CC3216FC.exe
c:\windows\CC3216FD.exe
c:\windows\CC3216FE.exe
c:\windows\CC3216FF.exe
c:\windows\IsUn0407.exe
c:\windows\system32\Thumbs.db
c:\windows\system32\TPAPSLOG.LOG
c:\windows\system32\TPHDLOG0.LOG
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MSUPDATE
-------\Service_msupdate
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-11 bis 2013-07-11  ))))))))))))))))))))))))))))))
.
.
2013-07-11 11:15 . 2013-07-11 11:15	51712	----a-w-	c:\windows\CC3216JH.exe
2013-07-11 10:28 . 2013-07-11 10:45	--------	d-----w-	C:\_OTL
2013-07-09 16:35 . 2013-07-09 16:35	--------	d-----w-	c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Mozilla
2013-07-09 16:34 . 2013-07-09 16:34	--------	d-----r-	c:\dokumente und einstellungen\LocalService\Favoriten
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 06:26 . 2012-10-24 10:04	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-06-12 06:26 . 2011-11-14 09:14	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-07 22:28 . 2006-01-27 01:01	920064	----a-w-	c:\windows\system32\wininet.dll
2013-05-07 22:28 . 2006-01-27 01:01	43520	------w-	c:\windows\system32\licmgr10.dll
2013-05-07 22:28 . 2006-01-27 01:01	1469440	------w-	c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2006-01-27 01:01	385024	------w-	c:\windows\system32\html.iec
2013-05-03 05:39 . 2006-01-27 01:00	2152448	------w-	c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39 . 2004-08-04 00:50	2031104	------w-	c:\windows\system32\ntkrnlpa.exe
2013-04-12 14:00 . 2006-01-27 01:00	1876480	------w-	c:\windows\system32\win32k.sys
2009-06-27 09:09 . 2009-06-27 09:09	3252640	------w-	c:\programme\ccsetup221.exe
2009-06-22 08:25 . 2009-06-19 13:38	700784	------w-	c:\programme\GoogleCalendarSync_Installer.exe
2009-05-22 21:53 . 2009-05-22 21:52	1976104	------w-	c:\programme\SkypeSetup.exe
2009-02-04 11:52 . 2009-04-11 18:23	3031040	-c----w-	c:\programme\carom.exe
2009-01-05 16:32 . 2009-04-11 18:23	97792	-c----w-	c:\programme\Plugin_ParticleFX.dll
2009-01-05 16:32 . 2009-04-11 18:23	61440	-c----w-	c:\programme\ILU.dll
2009-01-05 16:32 . 2009-04-11 18:23	55808	-c----w-	c:\programme\zlib1.dll
2009-01-05 16:32 . 2009-04-11 18:23	499712	-c----w-	c:\programme\msvcp71.dll
2009-01-05 16:32 . 2009-04-11 18:23	36864	-c----w-	c:\programme\Plugin_CgProgramManager.dll
2009-01-05 16:32 . 2009-04-11 18:23	364544	-c----w-	c:\programme\OgrePlatform.dll
2009-01-05 16:32 . 2009-04-11 18:23	348160	-c----w-	c:\programme\msvcr71.dll
2009-01-05 16:32 . 2009-04-11 18:23	327680	-c----w-	c:\programme\RenderSystem_Direct3D9.dll
2009-01-05 16:32 . 2009-04-11 18:23	2702848	-c----w-	c:\programme\OgreMain.dll
2009-01-05 16:32 . 2009-04-11 18:23	258352	-c----w-	c:\programme\unicows.dll
2009-01-05 16:32 . 2009-04-11 18:23	1867776	-c----w-	c:\programme\python24.dll
2009-01-05 16:32 . 2009-04-11 18:23	1093632	-c----w-	c:\programme\FreeImage.dll
2009-01-05 16:32 . 2009-04-11 18:23	757760	-c----w-	c:\programme\DevIL.dll
2009-01-05 16:32 . 2009-04-11 18:23	72400	-c----w-	c:\programme\DSETUP.dll
2009-01-05 16:32 . 2009-04-11 18:23	3734536	-c----w-	c:\programme\d3dx9_36.dll
2009-01-05 16:32 . 2009-04-11 18:23	2297552	-c----w-	c:\programme\d3dx9_26.dll
2009-01-05 16:32 . 2009-04-11 18:23	1683456	-c----w-	c:\programme\cg.dll
2008-03-05 14:34 . 2009-02-11 09:27	13084392	------w-	c:\programme\eDrawingsGerman.exe
2007-11-19 06:50 . 2009-06-22 09:56	72704	-c----w-	c:\programme\elgtadrv.sys
2002-08-12 13:20 . 2009-06-22 09:56	27264	-c----w-	c:\programme\rndismpk.sys
2002-08-12 13:20 . 2009-06-22 09:56	11264	-c----w-	c:\programme\usb8023w.sys
2002-08-12 13:20 . 2009-06-22 09:56	11136	-c----w-	c:\programme\usb8023m.sys
2002-08-12 13:20 . 2009-06-22 09:56	11136	-c----w-	c:\programme\usb8023k.sys
2002-08-12 13:20 . 2009-06-22 09:56	27264	-c----w-	c:\programme\rndismpm.sys
2002-08-12 13:20 . 2009-06-22 09:56	27008	-c----w-	c:\programme\rndismpw.sys
2002-06-05 09:28 . 2009-06-22 09:56	38263	-c----w-	c:\programme\elgusb.sys
2001-08-10 02:52 . 2009-06-22 09:56	11136	-c----w-	c:\programme\usb8023.sys
2001-08-10 02:52 . 2009-06-22 09:56	26880	-c----w-	c:\programme\rndismp.sys
2000-12-12 15:09 . 2009-06-22 09:56	112984	-c----w-	c:\programme\elgtaldr.sys
2009-02-24 19:34 . 2009-02-24 19:34	1044480	-c----w-	c:\programme\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34	200704	-c----w-	c:\programme\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\programme\myBabylon_English\prxtbmyB0.dll" [2013-06-18 231712]
.
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
2013-06-18 11:54	231712	----a-w-	c:\programme\myBabylon_English\prxtbmyB0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\programme\myBabylon_English\prxtbmyB0.dll" [2013-06-18 231712]
.
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\programme\myBabylon_English\prxtbmyB0.dll" [2013-06-18 231712]
.
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-21 13524992]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2013-06-26 345144]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify]
2003-05-29 09:00	8704	------w-	c:\windows\system32\PCANotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-03-14 20:17	89600	------w-	c:\windows\system32\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2006-09-06 07:37	34344	------w-	c:\programme\Lenovo\HOTKEY\notifyf2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2006-12-14 02:06	28672	------w-	c:\programme\Lenovo\HOTKEY\tphklock.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli psqlpwd
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Acrobat - Schnellstart.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk
backup=c:\windows\pss\Adobe Acrobat - Schnellstart.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Lexware Info Service.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Lexware Info Service.lnk
backup=c:\windows\pss\Lexware Info Service.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^***** *******^Startmenü^Programme^Autostart^regmonstd.lnk]
path=c:\dokumente und einstellungen\***** *******\Startmenü\Programme\Autostart\regmonstd.lnk
backup=c:\windows\pss\regmonstd.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2006-10-22 22:24	620152	------w-	c:\programme\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTray]
2007-07-05 12:58	413696	------w-	c:\programme\ThinkPad\ConnectUtilities\ACTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-18 19:08	946352	----a-w-	c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirPort Base Station Agent]
2009-11-11 15:17	771360	----a-w-	c:\programme\AirPort\APAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
2007-02-01 18:00	419376	------w-	c:\programme\ThinkVantage\AMSG\Amsg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 10:48	58656	----a-w-	c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2013-06-26 11:02	345144	----a-w-	c:\programme\Avira\AntiVir Desktop\avgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AwaySch]
2006-11-07 10:51	91688	------w-	c:\programme\Lenovo\AwayTask\AwaySch.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-01-22 09:13	152872	------w-	c:\programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLOG]
2007-12-06 16:22	208896	------w-	c:\progra~1\ThinkPad\UTILIT~1\BATLOGEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-07 01:07	1848648	------w-	c:\programme\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2007-10-26 01:10	652624	------w-	c:\programme\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
2007-08-03 14:35	2630968	------w-	c:\programme\Lenovo\Client Security Solution\cssauth.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:22	15360	------w-	c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
2006-05-18 14:24	196696	------w-	c:\programme\Diskeeper Corporation\Diskeeper\DkIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
2006-02-02 03:20	122940	------w-	c:\windows\system32\DLA\DLACTRLW.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2007-03-28 17:32	243248	------w-	c:\progra~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 11:50	1289000	------w-	c:\programme\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-14 19:17	49152	------w-	c:\programme\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 14:31	80896	------w-	c:\programme\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2006-09-11 02:40	218032	------w-	c:\programme\Gemeinsame Dateien\Installshield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-09-11 02:40	218032	------w-	c:\progra~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-09-11 02:40	86960	------w-	c:\programme\Gemeinsame Dateien\Installshield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-11-17 19:59	421160	------w-	c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-04-11 14:32	56080	------w-	c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
2007-04-26 17:10	120368	------w-	c:\progra~1\THINKV~1\PrdCtr\LPMGR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22	1695232	------w-	c:\programme\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe]
2011-08-15 13:20	420312	----a-w-	c:\programme\MyTomTom 3\MyTomTomSA.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-05-28 06:27	570664	-c----w-	c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-03-21 02:19	13524992	------w-	c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-03-21 02:19	86016	------w-	c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-03-21 02:19	1630208	------w-	c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57	1451520	------w-	c:\programme\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRMGRTR]
2007-12-06 16:22	200704	------w-	c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38	421888	----a-w-	c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2007-04-03 17:55	839680	------w-	c:\programme\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-04-09 07:23	1015808	------w-	c:\programme\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17	149280	-c----w-	c:\programme\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-07-03 22:10	1323008	------w-	c:\programme\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
2008-07-03 22:17	118784	------w-	c:\programme\Synaptics\SynTP\SynTPLpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-12-10 12:28	247144	------w-	c:\programme\TomTom HOME 1005\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
2007-11-29 18:04	59168	------w-	c:\programme\Lenovo\NPDIRECT\tpfnf7sp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPHOTKEY]
2007-03-09 05:49	66176	------w-	c:\programme\Lenovo\HOTKEY\TPOSDSVC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TpShocks]
2007-11-22 13:09	181536	------w-	c:\windows\system32\TpShocks.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]
2008-03-04 09:34	487424	------w-	c:\programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2008-06-29 22:01	52168	------w-	c:\programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-03 08:56	204288	-c----w-	c:\programme\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\programme\Microsoft ActiveSync\rapimgr.exe"= c:\programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programme\Microsoft ActiveSync\wcescomm.exe"= c:\programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programme\Microsoft ActiveSync\WCESMgr.exe"= c:\programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Symantec\\pcAnywhere\\Winaw32.exe"=
"c:\\Programme\\Symantec\\pcAnywhere\\awhost32.exe"=
"c:\\Programme\\Symantec\\pcAnywhere\\awrem32.exe"=
"c:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\German\\setup.exe"=
"c:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\programme\RosettaStoneLtdServices\RosettaStoneLtdServices.exe"= c:\programme\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Ltd Services
"c:\programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe"= c:\programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Daemon
"c:\\Programme\\Gemeinsame Dateien\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\AirPort\\APAgent.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [16.10.2007 18:32 19504]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [24.10.2012 12:41 37352]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [24.10.2012 12:41 84024]
R2 RosettaStoneDaemon;RosettaStoneDaemon;c:\programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe [25.04.2009 20:45 443712]
R2 smihlp;SMI Helper Driver (smihlp);c:\programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [14.03.2007 22:10 11152]
R2 TeamViewer6;TeamViewer 6;c:\programme\TeamViewer\Version6\TeamViewer_Service.exe [14.01.2011 17:16 2255224]
R2 TomTomHOMEService;TomTomHOMEService;c:\programme\TomTom HOME 1005\TomTomHOMEService.exe [10.12.2010 14:29 92008]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\programme\Lenovo\Rescue and Recovery\rrpservice.exe [08.02.2007 13:11 569344]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22.05.2007 15:59 30336]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [09.11.2012 12:21 160944]
S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\system32\drivers\bfturboh.sys [20.11.2008 17:43 17152]
S3 ElgTaDrv;elmeg USB Device Driver;c:\windows\system32\drivers\ElgTaDrv.sys [22.06.2009 12:23 73660]
S3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfxfax.sys --> c:\windows\system32\drivers\hpfxfax.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [23.10.2010 23:17 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [23.10.2010 23:17 8320]
S3 sembbus;SEMC WMC Composite Device driver (WDM);c:\windows\system32\drivers\sembbus.sys [15.12.2009 23:04 260992]
S3 sembcard;Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM);c:\windows\system32\drivers\sembcard.sys [15.12.2009 23:06 338048]
S3 sembmdfl2;Sony Ericsson PC300 Wireless Modem Filter;c:\windows\system32\drivers\sembmdfl2.sys [15.12.2009 23:06 14976]
S3 sembmdm2;Sony Ericsson PC300 Wireless Modem Driver;c:\windows\system32\drivers\sembmdm2.sys [15.12.2009 23:06 382080]
S3 sembmgmt;Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM);c:\windows\system32\drivers\sembmgmt.sys [15.12.2009 23:06 345216]
S3 sembnd5;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS);c:\windows\system32\drivers\sembnd5.sys [15.12.2009 23:07 24960]
S3 sembunic;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM);c:\windows\system32\drivers\sembunic.sys [15.12.2009 23:06 344064]
S3 sembwwan;Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM);c:\windows\system32\drivers\sembwwan.sys [15.12.2009 23:06 338048]
S3 SEMCReserved;SEMC Reserved Interface;c:\windows\system32\drivers\semcreserved.sys [15.12.2009 23:06 17408]
S3 Sony_EricssonWWSC;Sony Ericsson PC SC Port;c:\windows\system32\drivers\seu4scard.sys [15.12.2009 23:06 17920]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [09.11.2009 19:12 25088]
S4 AntiVirWebService;Avira Browser-Schutz;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [24.10.2012 12:41 589368]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-24 06:26]
.
2013-07-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2013-07-11 c:\windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
- c:\programme\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 13:54]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-04-05 17:59]
.
2013-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-04-05 17:59]
.
2013-07-10 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2008-05-21 16:22]
.
2013-07-11 c:\windows\Tasks\User_Feed_Synchronization-{984E94B7-1E5B-4293-A0EF-52136B1743FE}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = 192.168.115.1:3128
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\programme\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An vorhandenes PDF anfügen - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Senden an &Bluetooth-Gerät... - c:\programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 10.0.1.1
FF - ProfilePath - c:\dokumente und einstellungen\***** *******\Anwendungsdaten\Mozilla\Firefox\Profiles\vsaunozd.default\
FF - prefs.js: browser.startup.homepage - hxxp://fritz.box/
FF - Ext: Click to call with Skype: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\Java\jre6\lib\deploy\jqs\ff
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-hpqSRMon - (no file)
Notify-ACNotify - ACNotify.dll
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Adobe Reader Speed Launcher - c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
AddRemove-Destinator PC Portal - c:\programme\Destinator PC Portal\Inst.exe \U
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
AddRemove-Vector Magic - e:\vector magic\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-07-11 14:42
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]
"7040AC1900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(1076)
c:\programme\ThinkPad\ConnectUtilities\ACNotify.dll
c:\programme\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\programme\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\programme\ThinkPad\ConnectUtilities\ACHelper.dll
c:\windows\system32\psqlpwd.dll
c:\programme\ThinkVantage Fingerprint Software\homefus2.dll
c:\programme\ThinkVantage Fingerprint Software\infra.dll
c:\programme\ThinkVantage Fingerprint Software\homepass.dll
c:\programme\ThinkVantage Fingerprint Software\bio.dll
c:\programme\ThinkVantage Fingerprint Software\ps2css.dll
c:\programme\ThinkVantage Fingerprint Software\remote.dll
c:\programme\Lenovo\HOTKEY\tphklock.dll
c:\programme\ThinkVantage Fingerprint Software\pscssint.dll
c:\programme\ThinkVantage Fingerprint Software\crypto.dll
.
- - - - - - - > 'lsass.exe'(1132)
c:\windows\system32\psqlpwd.dll
c:\programme\ThinkVantage Fingerprint Software\homefus2.dll
c:\programme\ThinkVantage Fingerprint Software\infra.dll
.
- - - - - - - > 'explorer.exe'(2116)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\programme\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\programme\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programme\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ger.nlr
c:\programme\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
c:\programme\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\IPSSVC.EXE
c:\programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Diskeeper Corporation\Diskeeper\DkService.exe
c:\programme\Intel\Wireless\Bin\EvtEng.exe
c:\programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\programme\Intel\Wireless\Bin\RegSrvc.exe
c:\programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\System32\TPHDEXLG.exe
c:\programme\Lenovo\Client Security Solution\tvttcsd.exe
c:\programme\Lenovo\Rescue and Recovery\rrservice.exe
c:\programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\SearchIndexer.exe
c:\programme\ThinkPad\ConnectUtilities\AcSvc.exe
c:\programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe
c:\programme\lenovo\system update\suservice.exe
c:\programme\Windows Media Player\WMPNetwk.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\programme\TeamViewer\Version6\TeamViewer.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-11  14:49:26 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-07-11 12:49
.
Vor Suchlauf: 24 Verzeichnis(se), 20.253.827.072 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 20.805.115.904 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 5B2A89A0271906F4D93789F557B3E04B
         
--- --- ---
13673366CACAF0CAD108225F01B5C98B

Alt 11.07.2013, 14:10   #13
markusg
/// Malware-holic
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Start programme Zubehör, editor, reinkopieren bitte.

Killall::
Rootkit::
c:\windows\CC3216JH.exe

Datei speichern unter, Typ alle Dateien, Name:
cfscript.txt
Speicherort, dort wo sich Combofix.exe befindet.
Ziehe CFSCRIPT auf combofix.exe, Programm startet, neues Log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.07.2013, 14:44   #14
Jelar
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



...und nochmal


Combofix Logfile:
Code:
ATTFilter
ComboFix 13-07-09.01 - ***** ******* 11.07.2013  15:25:11.2.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.3054.2276 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***** *******\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\***** *******\Desktop\cfscript.txt
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\CC3216AA.exe
c:\windows\system32\TPAPSLOG.LOG
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-11 bis 2013-07-11  ))))))))))))))))))))))))))))))
.
.
2013-07-11 10:28 . 2013-07-11 10:45	--------	d-----w-	C:\_OTL
2013-07-09 16:35 . 2013-07-09 16:35	--------	d-----w-	c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Mozilla
2013-07-09 16:34 . 2013-07-09 16:34	--------	d-----r-	c:\dokumente und einstellungen\LocalService\Favoriten
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 06:26 . 2012-10-24 10:04	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-06-12 06:26 . 2011-11-14 09:14	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-07 22:28 . 2006-01-27 01:01	920064	----a-w-	c:\windows\system32\wininet.dll
2013-05-07 22:28 . 2006-01-27 01:01	43520	------w-	c:\windows\system32\licmgr10.dll
2013-05-07 22:28 . 2006-01-27 01:01	1469440	------w-	c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2006-01-27 01:01	385024	------w-	c:\windows\system32\html.iec
2013-05-03 05:39 . 2006-01-27 01:00	2152448	------w-	c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39 . 2004-08-04 00:50	2031104	------w-	c:\windows\system32\ntkrnlpa.exe
2013-04-12 14:00 . 2006-01-27 01:00	1876480	------w-	c:\windows\system32\win32k.sys
2009-06-27 09:09 . 2009-06-27 09:09	3252640	------w-	c:\programme\ccsetup221.exe
2009-06-22 08:25 . 2009-06-19 13:38	700784	------w-	c:\programme\GoogleCalendarSync_Installer.exe
2009-05-22 21:53 . 2009-05-22 21:52	1976104	------w-	c:\programme\SkypeSetup.exe
2009-02-04 11:52 . 2009-04-11 18:23	3031040	-c----w-	c:\programme\carom.exe
2009-01-05 16:32 . 2009-04-11 18:23	97792	-c----w-	c:\programme\Plugin_ParticleFX.dll
2009-01-05 16:32 . 2009-04-11 18:23	61440	-c----w-	c:\programme\ILU.dll
2009-01-05 16:32 . 2009-04-11 18:23	55808	-c----w-	c:\programme\zlib1.dll
2009-01-05 16:32 . 2009-04-11 18:23	499712	-c----w-	c:\programme\msvcp71.dll
2009-01-05 16:32 . 2009-04-11 18:23	36864	-c----w-	c:\programme\Plugin_CgProgramManager.dll
2009-01-05 16:32 . 2009-04-11 18:23	364544	-c----w-	c:\programme\OgrePlatform.dll
2009-01-05 16:32 . 2009-04-11 18:23	348160	-c----w-	c:\programme\msvcr71.dll
2009-01-05 16:32 . 2009-04-11 18:23	327680	-c----w-	c:\programme\RenderSystem_Direct3D9.dll
2009-01-05 16:32 . 2009-04-11 18:23	2702848	-c----w-	c:\programme\OgreMain.dll
2009-01-05 16:32 . 2009-04-11 18:23	258352	-c----w-	c:\programme\unicows.dll
2009-01-05 16:32 . 2009-04-11 18:23	1867776	-c----w-	c:\programme\python24.dll
2009-01-05 16:32 . 2009-04-11 18:23	1093632	-c----w-	c:\programme\FreeImage.dll
2009-01-05 16:32 . 2009-04-11 18:23	757760	-c----w-	c:\programme\DevIL.dll
2009-01-05 16:32 . 2009-04-11 18:23	72400	-c----w-	c:\programme\DSETUP.dll
2009-01-05 16:32 . 2009-04-11 18:23	3734536	-c----w-	c:\programme\d3dx9_36.dll
2009-01-05 16:32 . 2009-04-11 18:23	2297552	-c----w-	c:\programme\d3dx9_26.dll
2009-01-05 16:32 . 2009-04-11 18:23	1683456	-c----w-	c:\programme\cg.dll
2008-03-05 14:34 . 2009-02-11 09:27	13084392	------w-	c:\programme\eDrawingsGerman.exe
2007-11-19 06:50 . 2009-06-22 09:56	72704	-c----w-	c:\programme\elgtadrv.sys
2002-08-12 13:20 . 2009-06-22 09:56	27264	-c----w-	c:\programme\rndismpk.sys
2002-08-12 13:20 . 2009-06-22 09:56	11264	-c----w-	c:\programme\usb8023w.sys
2002-08-12 13:20 . 2009-06-22 09:56	11136	-c----w-	c:\programme\usb8023m.sys
2002-08-12 13:20 . 2009-06-22 09:56	11136	-c----w-	c:\programme\usb8023k.sys
2002-08-12 13:20 . 2009-06-22 09:56	27264	-c----w-	c:\programme\rndismpm.sys
2002-08-12 13:20 . 2009-06-22 09:56	27008	-c----w-	c:\programme\rndismpw.sys
2002-06-05 09:28 . 2009-06-22 09:56	38263	-c----w-	c:\programme\elgusb.sys
2001-08-10 02:52 . 2009-06-22 09:56	11136	-c----w-	c:\programme\usb8023.sys
2001-08-10 02:52 . 2009-06-22 09:56	26880	-c----w-	c:\programme\rndismp.sys
2000-12-12 15:09 . 2009-06-22 09:56	112984	-c----w-	c:\programme\elgtaldr.sys
2009-02-24 19:34 . 2009-02-24 19:34	1044480	-c----w-	c:\programme\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34	200704	-c----w-	c:\programme\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\programme\myBabylon_English\prxtbmyB0.dll" [2013-06-18 231712]
.
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
2013-06-18 11:54	231712	----a-w-	c:\programme\myBabylon_English\prxtbmyB0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\programme\myBabylon_English\prxtbmyB0.dll" [2013-06-18 231712]
.
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\programme\myBabylon_English\prxtbmyB0.dll" [2013-06-18 231712]
.
[HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-21 13524992]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2013-06-26 345144]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify]
2003-05-29 09:00	8704	------w-	c:\windows\system32\PCANotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-03-14 20:17	89600	------w-	c:\windows\system32\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2006-09-06 07:37	34344	------w-	c:\programme\Lenovo\HOTKEY\notifyf2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2006-12-14 02:06	28672	------w-	c:\programme\Lenovo\HOTKEY\tphklock.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli psqlpwd
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Acrobat - Schnellstart.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk
backup=c:\windows\pss\Adobe Acrobat - Schnellstart.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Lexware Info Service.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Lexware Info Service.lnk
backup=c:\windows\pss\Lexware Info Service.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^***** *******^Startmenü^Programme^Autostart^regmonstd.lnk]
path=c:\dokumente und einstellungen\***** *******\Startmenü\Programme\Autostart\regmonstd.lnk
backup=c:\windows\pss\regmonstd.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2006-10-22 22:24	620152	------w-	c:\programme\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTray]
2007-07-05 12:58	413696	------w-	c:\programme\ThinkPad\ConnectUtilities\ACTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-18 19:08	946352	----a-w-	c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirPort Base Station Agent]
2009-11-11 15:17	771360	----a-w-	c:\programme\AirPort\APAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
2007-02-01 18:00	419376	------w-	c:\programme\ThinkVantage\AMSG\Amsg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 10:48	58656	----a-w-	c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2013-06-26 11:02	345144	----a-w-	c:\programme\Avira\AntiVir Desktop\avgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AwaySch]
2006-11-07 10:51	91688	------w-	c:\programme\Lenovo\AwayTask\AwaySch.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-01-22 09:13	152872	------w-	c:\programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLOG]
2007-12-06 16:22	208896	------w-	c:\progra~1\ThinkPad\UTILIT~1\BATLOGEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-07 01:07	1848648	------w-	c:\programme\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2007-10-26 01:10	652624	------w-	c:\programme\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
2007-08-03 14:35	2630968	------w-	c:\programme\Lenovo\Client Security Solution\cssauth.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 02:22	15360	------w-	c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
2006-05-18 14:24	196696	------w-	c:\programme\Diskeeper Corporation\Diskeeper\DkIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
2006-02-02 03:20	122940	------w-	c:\windows\system32\DLA\DLACTRLW.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2007-03-28 17:32	243248	------w-	c:\progra~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 11:50	1289000	------w-	c:\programme\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-14 19:17	49152	------w-	c:\programme\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 14:31	80896	------w-	c:\programme\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2006-09-11 02:40	218032	------w-	c:\programme\Gemeinsame Dateien\Installshield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-09-11 02:40	218032	------w-	c:\progra~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-09-11 02:40	86960	------w-	c:\programme\Gemeinsame Dateien\Installshield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-11-17 19:59	421160	------w-	c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-04-11 14:32	56080	------w-	c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
2007-04-26 17:10	120368	------w-	c:\progra~1\THINKV~1\PrdCtr\LPMGR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22	1695232	------w-	c:\programme\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe]
2011-08-15 13:20	420312	----a-w-	c:\programme\MyTomTom 3\MyTomTomSA.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-05-28 06:27	570664	-c----w-	c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-03-21 02:19	13524992	------w-	c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-03-21 02:19	86016	------w-	c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-03-21 02:19	1630208	------w-	c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57	1451520	------w-	c:\programme\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRMGRTR]
2007-12-06 16:22	200704	------w-	c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38	421888	----a-w-	c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2007-04-03 17:55	839680	------w-	c:\programme\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-04-09 07:23	1015808	------w-	c:\programme\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17	149280	-c----w-	c:\programme\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2008-07-03 22:10	1323008	------w-	c:\programme\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
2008-07-03 22:17	118784	------w-	c:\programme\Synaptics\SynTP\SynTPLpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-12-10 12:28	247144	------w-	c:\programme\TomTom HOME 1005\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
2007-11-29 18:04	59168	------w-	c:\programme\Lenovo\NPDIRECT\tpfnf7sp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPHOTKEY]
2007-03-09 05:49	66176	------w-	c:\programme\Lenovo\HOTKEY\TPOSDSVC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TpShocks]
2007-11-22 13:09	181536	------w-	c:\windows\system32\TpShocks.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]
2008-03-04 09:34	487424	------w-	c:\programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2008-06-29 22:01	52168	------w-	c:\programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-03 08:56	204288	-c----w-	c:\programme\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\programme\Microsoft ActiveSync\rapimgr.exe"= c:\programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programme\Microsoft ActiveSync\wcescomm.exe"= c:\programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programme\Microsoft ActiveSync\WCESMgr.exe"= c:\programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Symantec\\pcAnywhere\\Winaw32.exe"=
"c:\\Programme\\Symantec\\pcAnywhere\\awhost32.exe"=
"c:\\Programme\\Symantec\\pcAnywhere\\awrem32.exe"=
"c:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\German\\setup.exe"=
"c:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\programme\RosettaStoneLtdServices\RosettaStoneLtdServices.exe"= c:\programme\RosettaStoneLtdServices\RosettaStoneLtdServices.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Ltd Services
"c:\programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe"= c:\programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe:127.0.0.1/255.255.255.255:Enabled:Rosetta Stone Daemon
"c:\\Programme\\Gemeinsame Dateien\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\AirPort\\APAgent.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [16.10.2007 18:32 19504]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [24.10.2012 12:41 37352]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [24.10.2012 12:41 84024]
R2 RosettaStoneDaemon;RosettaStoneDaemon;c:\programme\RosettaStoneLtdServices\RosettaStoneDaemon.exe [25.04.2009 20:45 443712]
R2 smihlp;SMI Helper Driver (smihlp);c:\programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [14.03.2007 22:10 11152]
R2 TeamViewer6;TeamViewer 6;c:\programme\TeamViewer\Version6\TeamViewer_Service.exe [14.01.2011 17:16 2255224]
R2 TomTomHOMEService;TomTomHOMEService;c:\programme\TomTom HOME 1005\TomTomHOMEService.exe [10.12.2010 14:29 92008]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\programme\Lenovo\Rescue and Recovery\rrpservice.exe [08.02.2007 13:11 569344]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22.05.2007 15:59 30336]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [09.11.2012 12:21 160944]
S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\system32\drivers\bfturboh.sys [20.11.2008 17:43 17152]
S3 ElgTaDrv;elmeg USB Device Driver;c:\windows\system32\drivers\ElgTaDrv.sys [22.06.2009 12:23 73660]
S3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfxfax.sys --> c:\windows\system32\drivers\hpfxfax.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [23.10.2010 23:17 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [23.10.2010 23:17 8320]
S3 sembbus;SEMC WMC Composite Device driver (WDM);c:\windows\system32\drivers\sembbus.sys [15.12.2009 23:04 260992]
S3 sembcard;Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM);c:\windows\system32\drivers\sembcard.sys [15.12.2009 23:06 338048]
S3 sembmdfl2;Sony Ericsson PC300 Wireless Modem Filter;c:\windows\system32\drivers\sembmdfl2.sys [15.12.2009 23:06 14976]
S3 sembmdm2;Sony Ericsson PC300 Wireless Modem Driver;c:\windows\system32\drivers\sembmdm2.sys [15.12.2009 23:06 382080]
S3 sembmgmt;Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM);c:\windows\system32\drivers\sembmgmt.sys [15.12.2009 23:06 345216]
S3 sembnd5;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS);c:\windows\system32\drivers\sembnd5.sys [15.12.2009 23:07 24960]
S3 sembunic;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM);c:\windows\system32\drivers\sembunic.sys [15.12.2009 23:06 344064]
S3 sembwwan;Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM);c:\windows\system32\drivers\sembwwan.sys [15.12.2009 23:06 338048]
S3 SEMCReserved;SEMC Reserved Interface;c:\windows\system32\drivers\semcreserved.sys [15.12.2009 23:06 17408]
S3 Sony_EricssonWWSC;Sony Ericsson PC SC Port;c:\windows\system32\drivers\seu4scard.sys [15.12.2009 23:06 17920]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [09.11.2009 19:12 25088]
S4 AntiVirWebService;Avira Browser-Schutz;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [24.10.2012 12:41 589368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-24 06:26]
.
2013-07-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2013-07-11 c:\windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
- c:\programme\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 13:54]
.
2013-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-04-05 17:59]
.
2013-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-04-05 17:59]
.
2013-07-10 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2008-05-21 16:22]
.
2013-07-11 c:\windows\Tasks\User_Feed_Synchronization-{984E94B7-1E5B-4293-A0EF-52136B1743FE}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = 192.168.115.1:3128
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\programme\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An vorhandenes PDF anfügen - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Senden an &Bluetooth-Gerät... - c:\programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 10.0.1.1
FF - ProfilePath - c:\dokumente und einstellungen\***** *******\Anwendungsdaten\Mozilla\Firefox\Profiles\vsaunozd.default\
FF - prefs.js: browser.startup.homepage - hxxp://fritz.box/
FF - Ext: Click to call with Skype: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-07-11 15:36
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
.
c:\windows\system32\TPAPSLOG.LOG 128 bytes
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]
"7040AC1900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(1076)
c:\windows\system32\psqlpwd.dll
c:\programme\ThinkVantage Fingerprint Software\homefus2.dll
c:\programme\ThinkVantage Fingerprint Software\infra.dll
c:\programme\ThinkVantage Fingerprint Software\homepass.dll
c:\programme\ThinkVantage Fingerprint Software\bio.dll
c:\programme\ThinkVantage Fingerprint Software\ps2css.dll
c:\programme\ThinkVantage Fingerprint Software\remote.dll
c:\programme\Lenovo\HOTKEY\tphklock.dll
c:\programme\ThinkVantage Fingerprint Software\pscssint.dll
c:\programme\ThinkVantage Fingerprint Software\crypto.dll
.
- - - - - - - > 'lsass.exe'(1132)
c:\windows\system32\psqlpwd.dll
c:\programme\ThinkVantage Fingerprint Software\homefus2.dll
c:\programme\ThinkVantage Fingerprint Software\infra.dll
.
- - - - - - - > 'explorer.exe'(3900)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\programme\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\programme\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programme\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ger.nlr
c:\programme\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
c:\programme\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\IPSSVC.EXE
c:\programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Diskeeper Corporation\Diskeeper\DkService.exe
c:\programme\Intel\Wireless\Bin\EvtEng.exe
c:\programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\programme\Intel\Wireless\Bin\RegSrvc.exe
c:\programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\System32\TPHDEXLG.exe
c:\programme\Lenovo\Client Security Solution\tvttcsd.exe
c:\programme\Lenovo\Rescue and Recovery\rrservice.exe
c:\programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
c:\programme\Lenovo\Rescue and Recovery\ADM\IUService.exe
c:\programme\TeamViewer\Version6\TeamViewer.exe
c:\windows\system32\SearchIndexer.exe
c:\programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe
c:\programme\ThinkPad\ConnectUtilities\AcSvc.exe
c:\programme\lenovo\system update\suservice.exe
c:\programme\Windows Media Player\WMPNetwk.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-11  15:41:38 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-07-11 13:41
ComboFix2.txt  2013-07-11 12:49
.
Vor Suchlauf: 27 Verzeichnis(se), 20.806.676.480 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 20.797.489.152 Bytes frei
.
- - End Of File - - 05BC10FA19C4092656EEA4E4F42457E3
         
--- --- ---
13673366CACAF0CAD108225F01B5C98B

Alt 11.07.2013, 16:01   #15
markusg
/// Malware-holic
 
GVU Trojaner mit WIN XP Laptop eingefangen - Standard

GVU Trojaner mit WIN XP Laptop eingefangen



Hi,
es sind 2 Logs zu erstellen, poste sie möglichst zur selben Zeit.
1.
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.


2.

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu GVU Trojaner mit WIN XP Laptop eingefangen
32 bit, adobe, adobe reader xi, avira, bildschirm, bonjour, canon, einstellungen, error, fehler, festplatte, flash player, format, google, help, hijack, hijackthis, home, microsoft office 2003, mozilla, ntdll.dll, picasa, prefetch, registry, remote control, rundll, scan, security, software, tcp, trojaner, udp, visual studio, warnung, windows internet



Ähnliche Themen: GVU Trojaner mit WIN XP Laptop eingefangen


  1. Laptop läuft langsam Win 7, Rechtsklick mit Maus funktioniert nicht, Laptop zickt rum.
    Plagegeister aller Art und deren Bekämpfung - 18.01.2015 (11)
  2. etwas eingefangen, weiß aber nicht was / Win 7, Laptop, FireFox
    Plagegeister aller Art und deren Bekämpfung - 31.10.2014 (5)
  3. Lollipop Virus auf Laptop , Laptop wird immer Langsamer! Deinstellieren fehlerhaft
    Log-Analyse und Auswertung - 03.02.2014 (3)
  4. GVU Interpol auf Laptop Win 7 32bit eingefangen
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (23)
  5. GVU Trojaner auf Laptop
    Plagegeister aller Art und deren Bekämpfung - 06.09.2013 (11)
  6. GVU-Trojaner auf dem Laptop
    Plagegeister aller Art und deren Bekämpfung - 24.07.2013 (9)
  7. GVU Trojaner auf Laptop
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (28)
  8. Viren eingefangen (JAVA/dldr.lamar.TP), auch Trojaner (Polizei.Trojaner) gefunden
    Log-Analyse und Auswertung - 07.05.2013 (15)
  9. Trojaner auf dem Laptop eingefangen
    Log-Analyse und Auswertung - 21.03.2013 (13)
  10. GVU Trojaner auf Laptop, Wix XP SP3
    Plagegeister aller Art und deren Bekämpfung - 26.02.2013 (27)
  11. GVU Virus auf Laptop, Laie braucht dringend Hilfe, wie OTL auf verseuchten Laptop bringen?
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (21)
  12. GUV Trojaner am Laptop
    Plagegeister aller Art und deren Bekämpfung - 16.01.2013 (7)
  13. SUISA-Trojaner (Verschlüsselungs-Trojaner) befall auf HP-Pro-Laptop Win7 64Bit
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (19)
  14. Security Shield auf dem Laptop (Win XP) eingefangen
    Plagegeister aller Art und deren Bekämpfung - 22.06.2012 (19)
  15. Mein LapTop hat sich einen Virus/Tojaner eingefangen
    Log-Analyse und Auswertung - 03.02.2012 (5)
  16. TAN-Trojaner auf Laptop
    Log-Analyse und Auswertung - 04.05.2011 (7)
  17. TAN-Trojaner auf altem Laptop - Datenübertragung auf neuen Laptop?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2010 (5)

Zum Thema GVU Trojaner mit WIN XP Laptop eingefangen - Hallo zusammen, Vor etwa 3 Wochen ist mein Bildschirm hinter GVU Warnung verschwunden. Nach denn neustart war damals alles OK. Gestern kamm es wieder zur abstürtz. Nach rat aus dem - GVU Trojaner mit WIN XP Laptop eingefangen...
Archiv
Du betrachtest: GVU Trojaner mit WIN XP Laptop eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.