Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Keine Internetverbindung trotz WLan (https://www.trojaner-board.de/118804-keine-internetverbindung-trotz-wlan.html)

JuleFritzi 07.07.2012 17:17
Keine Internetverbindung trotz WLan
 
Hallo,
seit gestern morgen kann ich keine Internetseiten mehr öffnen und auch über Outlook Express keine Mails abrufen. Avira meldet keine Funde. Mit einem anderen Rechner nutze ich aktuell die WLan Verbindung problemlos.

Windows - XP

a) Start- Ausführen- msinfo32

-> Informationen können nicht zusammengestellt werden. Auf die Software von Windows-Verwaltungsinstrumenttion kann nicht zugegriffen werden. Möglicherweise wurde die Windows-Verwaltungsdateien verschoben oder sind nicht vorhanden.

Wenn ihr mir sagt, wie ich an alle weiteren Informationen komme, die ihr ggf. benötigt, schicke ich diese gerne zu. :glaskugel:

Also, ich bin ratlos:-)

Liebe Grüße
Daniela

JuleFritzi 08.07.2012 17:21
Hallo,

ich habe das Problem gelöst. Es hatte etwas mit repository zu tun. Was auch immer das ist.
Liebe Grüße
Daniela

t'john 15.07.2012 17:01
Danke fuer die Rueckinfo!

Lasse bitte zur Kontrolle MBAM laufen:

1. Schritt

Neue Version! Bitte neu runterladen!
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

JuleFritzi 16.07.2012 10:17
Hi,

es wurde etwas gefunden:


Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.16.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
[Administrator]

Schutz: Aktiviert

16.07.2012 09:55:12
mbam-log-2012-07-16 (09-55-12).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 303636
Laufzeit: 1 Stunde(n), 10 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 2
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Muss ich noch etwas tun?

Liebe Grüße
Daniela

t'john 16.07.2012 12:56
Sehr gut! :daumenhoc

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

JuleFritzi 16.07.2012 13:23
Hi,

hier kommt´s:

AdwCleaner v1.702 - Logfile created 07/16/2012 at 14:19:20
# Updated 13/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : NL44 - HEINER
# Running from : C:\Dokumente und Einstellungen\NL44\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess

***** [Registry] *****


***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [813 octets] - [16/07/2012 14:19:20]

########## EOF - C:\AdwCleaner[R1].txt - [940 octets] ##########

t'john 16.07.2012 15:42
Sehr gut! :daumenhoc

  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.



dann:


TDSSKiller von Kaspersky
- Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
- Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
- deaktiviere vorübergehend dein AntiVirus-Programm
- Starte die TDSSKiller.exe durch Doppelklick.
- Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
- Bestätige das ggfs. mit Y(es).
- Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
- Poste den Inhalt von C:\TDSSKiller.txt hier in den Thread.
Hier findest Du eine ausführlichere TDSSKiller Anleitung.

JuleFritzi 17.07.2012 19:19
Hi,

# AdwCleaner v1.702 - Logfile created 07/17/2012 at 18:58:39
# Updated 13/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User :
# Running from : C:\Dokumente und EinstellungenEigene Dateien\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess

***** [Registry] *****


***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [940 octets] - [17/07/2012 18:57:52]
AdwCleaner[S1].txt - [878 octets] - [17/07/2012 18:58:39]

########## EOF - C:\AdwCleaner[S1].txt - [1005 octets] ##########


und:
20:14:53.0390 2408 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
20:14:53.0468 2408 ============================================================
20:14:53.0468 2408 Current date / time: 2012/07/17 20:14:53.0468
20:14:53.0468 2408 SystemInfo:
20:14:53.0468 2408
20:14:53.0468 2408 OS Version: 5.1.2600 ServicePack: 3.0
20:14:53.0468 2408 Product type: Workstation
20:14:53.0468 2408 ComputerName:
20:14:53.0468 2408 UserName:
20:14:53.0468 2408 Windows directory: C:\WINDOWS
20:14:53.0468 2408 System windows directory: C:\WINDOWS
20:14:53.0468 2408 Processor architecture: Intel x86
20:14:53.0468 2408 Number of processors: 2
20:14:53.0468 2408 Page size: 0x1000
20:14:53.0468 2408 Boot type: Normal boot
20:14:53.0468 2408 ============================================================
20:14:57.0093 2408 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:14:57.0109 2408 ============================================================
20:14:57.0109 2408 \Device\Harddisk0\DR0:
20:14:57.0109 2408 MBR partitions:
20:14:57.0109 2408 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
20:14:57.0109 2408 ============================================================
20:14:57.0156 2408 C: <-> \Device\Harddisk0\DR0\Partition0
20:14:57.0156 2408 ============================================================
20:14:57.0156 2408 Initialize success
20:14:57.0156 2408 ============================================================
20:15:00.0875 2908 ============================================================
20:15:00.0875 2908 Scan started
20:15:00.0875 2908 Mode: Manual;
20:15:00.0875 2908 ============================================================
20:15:02.0500 2908 Abiosdsk - ok
20:15:02.0515 2908 abp480n5 - ok
20:15:02.0562 2908 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:15:02.0562 2908 ACPI - ok
20:15:02.0562 2908 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:15:02.0562 2908 ACPIEC - ok
20:15:02.0781 2908 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:15:02.0781 2908 AdobeFlashPlayerUpdateSvc - ok
20:15:02.0812 2908 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:15:02.0812 2908 adpu160m - ok
20:15:02.0843 2908 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:15:02.0843 2908 aec - ok
20:15:02.0906 2908 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:15:02.0906 2908 AFD - ok
20:15:02.0906 2908 Aha154x - ok
20:15:02.0921 2908 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:15:02.0937 2908 aic78u2 - ok
20:15:02.0937 2908 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:15:02.0937 2908 aic78xx - ok
20:15:02.0968 2908 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:15:02.0968 2908 Alerter - ok
20:15:02.0968 2908 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:15:02.0968 2908 ALG - ok
20:15:02.0984 2908 AliIde - ok
20:15:02.0984 2908 amsint - ok
20:15:03.0093 2908 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:15:03.0093 2908 Apple Mobile Device - ok
20:15:03.0140 2908 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:15:03.0156 2908 AppMgmt - ok
20:15:03.0203 2908 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:15:03.0203 2908 Arp1394 - ok
20:15:03.0203 2908 asc - ok
20:15:03.0203 2908 asc3350p - ok
20:15:03.0218 2908 asc3550 - ok
20:15:03.0328 2908 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:15:03.0328 2908 aspnet_state - ok
20:15:03.0328 2908 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:15:03.0328 2908 AsyncMac - ok
20:15:03.0343 2908 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:15:03.0343 2908 atapi - ok
20:15:03.0343 2908 Atdisk - ok
20:15:03.0359 2908 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:15:03.0375 2908 Atmarpc - ok
20:15:03.0390 2908 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:15:03.0390 2908 AudioSrv - ok
20:15:03.0406 2908 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:15:03.0406 2908 audstub - ok
20:15:03.0421 2908 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:15:03.0421 2908 Beep - ok
20:15:03.0468 2908 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:15:03.0484 2908 BITS - ok
20:15:03.0515 2908 BMLoad (d002033c1a37f6af51b5f0ba6d0211bc) C:\WINDOWS\system32\drivers\BMLoad.sys
20:15:03.0515 2908 BMLoad - ok
20:15:03.0609 2908 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
20:15:03.0625 2908 Bonjour Service - ok
20:15:03.0671 2908 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
20:15:03.0671 2908 Bridge - ok
20:15:03.0671 2908 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
20:15:03.0671 2908 BridgeMP - ok
20:15:03.0703 2908 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:15:03.0703 2908 Browser - ok
20:15:03.0734 2908 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:15:03.0734 2908 BthEnum - ok
20:15:03.0750 2908 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:15:03.0750 2908 BthPan - ok
20:15:03.0796 2908 BTHPORT (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
20:15:03.0796 2908 BTHPORT - ok
20:15:03.0828 2908 BthServ (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
20:15:03.0828 2908 BthServ - ok
20:15:03.0843 2908 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:15:03.0843 2908 BTHUSB - ok
20:15:03.0875 2908 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:15:03.0875 2908 cbidf2k - ok
20:15:03.0875 2908 cd20xrnt - ok
20:15:03.0890 2908 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:15:03.0890 2908 Cdaudio - ok
20:15:03.0906 2908 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:15:03.0906 2908 Cdfs - ok
20:15:03.0921 2908 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:15:03.0921 2908 Cdrom - ok
20:15:03.0921 2908 Changer - ok
20:15:03.0937 2908 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:15:03.0937 2908 CiSvc - ok
20:15:03.0953 2908 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:15:03.0953 2908 ClipSrv - ok
20:15:04.0046 2908 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:04.0046 2908 clr_optimization_v2.0.50727_32 - ok
20:15:04.0078 2908 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:15:04.0078 2908 CmBatt - ok
20:15:04.0078 2908 CmdIde - ok
20:15:04.0093 2908 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:15:04.0093 2908 Compbatt - ok
20:15:04.0093 2908 COMSysApp - ok
20:15:04.0093 2908 Cpqarray - ok
20:15:04.0125 2908 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:15:04.0125 2908 CryptSvc - ok
20:15:04.0125 2908 dac2w2k - ok
20:15:04.0140 2908 dac960nt - ok
20:15:04.0187 2908 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:15:04.0250 2908 DcomLaunch - ok
20:15:04.0281 2908 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:15:04.0296 2908 Dhcp - ok
20:15:04.0296 2908 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:15:04.0296 2908 Disk - ok
20:15:04.0312 2908 dmadmin - ok
20:15:04.0375 2908 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:15:04.0421 2908 dmboot - ok
20:15:04.0421 2908 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:15:04.0437 2908 dmio - ok
20:15:04.0437 2908 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:15:04.0437 2908 dmload - ok
20:15:04.0453 2908 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:15:04.0453 2908 dmserver - ok
20:15:04.0468 2908 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:15:04.0468 2908 DMusic - ok
20:15:04.0500 2908 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:15:04.0500 2908 Dnscache - ok
20:15:04.0546 2908 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:15:04.0546 2908 Dot3svc - ok
20:15:04.0546 2908 dpti2o - ok
20:15:04.0562 2908 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:15:04.0562 2908 drmkaud - ok
20:15:04.0578 2908 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:15:04.0593 2908 EapHost - ok
20:15:04.0609 2908 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:15:04.0625 2908 ERSvc - ok
20:15:04.0656 2908 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:15:04.0656 2908 Eventlog - ok
20:15:04.0687 2908 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:15:04.0687 2908 EventSystem - ok
20:15:04.0734 2908 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:15:04.0734 2908 Fastfat - ok
20:15:04.0765 2908 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:15:04.0765 2908 FastUserSwitchingCompatibility - ok
20:15:04.0781 2908 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:15:04.0781 2908 Fdc - ok
20:15:04.0796 2908 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:15:04.0812 2908 Fips - ok
20:15:04.0812 2908 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:15:04.0812 2908 Flpydisk - ok
20:15:04.0843 2908 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:15:04.0843 2908 FltMgr - ok
20:15:04.0937 2908 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:15:04.0937 2908 FontCache3.0.0.0 - ok
20:15:04.0968 2908 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:15:04.0968 2908 Fs_Rec - ok
20:15:04.0984 2908 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:15:04.0984 2908 Ftdisk - ok
20:15:05.0062 2908 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:15:05.0062 2908 GEARAspiWDM - ok
20:15:05.0093 2908 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:15:05.0093 2908 Gpc - ok
20:15:05.0171 2908 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
20:15:05.0171 2908 gupdate - ok
20:15:05.0187 2908 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
20:15:05.0187 2908 gupdatem - ok
20:15:05.0265 2908 HdAudAddService (7662b9aaf36c84af4f9029b6b432c2b3) C:\WINDOWS\system32\drivers\CHDAud.sys
20:15:05.0265 2908 HdAudAddService - ok
20:15:05.0328 2908 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:15:05.0328 2908 HDAudBus - ok
20:15:05.0390 2908 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:15:05.0390 2908 helpsvc - ok
20:15:05.0390 2908 HidServ - ok
20:15:05.0406 2908 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:15:05.0406 2908 HidUsb - ok
20:15:05.0468 2908 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:15:05.0468 2908 hkmsvc - ok
20:15:05.0484 2908 hpn - ok
20:15:05.0562 2908 HSF_DPV (09c2f46230034280d7e5f0b437146c45) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
20:15:05.0562 2908 HSF_DPV - ok
20:15:05.0593 2908 HSXHWAZL (83f221ddae2d2353b41f0227e6e411d7) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
20:15:05.0593 2908 HSXHWAZL - ok
20:15:05.0625 2908 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:15:05.0640 2908 HTTP - ok
20:15:05.0671 2908 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:15:05.0671 2908 HTTPFilter - ok
20:15:05.0687 2908 i2omgmt - ok
20:15:05.0687 2908 i2omp - ok
20:15:05.0718 2908 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:15:05.0718 2908 i8042prt - ok
20:15:05.0843 2908 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:15:05.0875 2908 idsvc - ok
20:15:05.0906 2908 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:15:05.0906 2908 Imapi - ok
20:15:05.0937 2908 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:15:05.0937 2908 ImapiService - ok
20:15:05.0953 2908 ini910u - ok
20:15:05.0968 2908 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:15:05.0968 2908 IntelIde - ok
20:15:06.0000 2908 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:15:06.0000 2908 intelppm - ok
20:15:06.0031 2908 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:15:06.0031 2908 Ip6Fw - ok
20:15:06.0062 2908 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:15:06.0062 2908 IpFilterDriver - ok
20:15:06.0078 2908 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:15:06.0078 2908 IpInIp - ok
20:15:06.0093 2908 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:15:06.0093 2908 IpNat - ok
20:15:06.0218 2908 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Programme\iPod\bin\iPodService.exe
20:15:06.0265 2908 iPod Service - ok
20:15:06.0281 2908 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:15:06.0296 2908 IPSec - ok
20:15:06.0296 2908 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:15:06.0296 2908 IRENUM - ok
20:15:06.0312 2908 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:15:06.0312 2908 isapnp - ok
20:15:06.0359 2908 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
20:15:06.0359 2908 JavaQuickStarterService - ok
20:15:06.0406 2908 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:15:06.0406 2908 Kbdclass - ok
20:15:06.0421 2908 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:15:06.0421 2908 kmixer - ok
20:15:06.0453 2908 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:15:06.0453 2908 KSecDD - ok
20:15:06.0484 2908 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:15:06.0500 2908 lanmanserver - ok
20:15:06.0515 2908 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:15:06.0515 2908 lanmanworkstation - ok
20:15:06.0515 2908 lbrtfdc - ok
20:15:06.0546 2908 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:15:06.0546 2908 LmHosts - ok
20:15:06.0656 2908 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
20:15:06.0671 2908 MDM - ok
20:15:06.0687 2908 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:15:06.0687 2908 mdmxsdk - ok
20:15:06.0718 2908 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:15:06.0718 2908 Messenger - ok
20:15:06.0765 2908 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:15:06.0765 2908 mnmdd - ok
20:15:06.0796 2908 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:15:06.0796 2908 mnmsrvc - ok
20:15:06.0828 2908 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:15:06.0828 2908 Modem - ok
20:15:06.0843 2908 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:15:06.0843 2908 Mouclass - ok
20:15:06.0875 2908 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:15:06.0875 2908 MountMgr - ok
20:15:06.0921 2908 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:15:06.0937 2908 MozillaMaintenance - ok
20:15:06.0937 2908 mraid35x - ok
20:15:06.0953 2908 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:15:06.0953 2908 MRxDAV - ok
20:15:07.0000 2908 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:15:07.0031 2908 MRxSmb - ok
20:15:07.0031 2908 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:15:07.0031 2908 MSDTC - ok
20:15:07.0046 2908 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:15:07.0046 2908 Msfs - ok
20:15:07.0046 2908 MSIServer - ok
20:15:07.0078 2908 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:15:07.0078 2908 MSKSSRV - ok
20:15:07.0109 2908 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:15:07.0109 2908 MSPCLOCK - ok
20:15:07.0125 2908 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:15:07.0125 2908 MSPQM - ok
20:15:07.0140 2908 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:15:07.0140 2908 mssmbios - ok
20:15:07.0171 2908 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:15:07.0171 2908 Mup - ok
20:15:07.0218 2908 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:15:07.0234 2908 napagent - ok
20:15:07.0296 2908 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:15:07.0296 2908 NDIS - ok
20:15:07.0312 2908 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:15:07.0312 2908 NdisTapi - ok
20:15:07.0328 2908 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:15:07.0328 2908 Ndisuio - ok
20:15:07.0343 2908 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:15:07.0343 2908 NdisWan - ok
20:15:07.0390 2908 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:15:07.0390 2908 NDProxy - ok
20:15:07.0406 2908 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:15:07.0406 2908 NetBIOS - ok
20:15:07.0828 2908 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:15:07.0828 2908 NetBT - ok
20:15:07.0875 2908 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:15:07.0875 2908 NetDDE - ok
20:15:07.0875 2908 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:15:07.0875 2908 NetDDEdsdm - ok
20:15:08.0000 2908 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:15:08.0015 2908 Netlogon - ok
20:15:08.0312 2908 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:15:08.0328 2908 Netman - ok
20:15:08.0515 2908 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:15:08.0515 2908 NetTcpPortSharing - ok
20:15:08.0546 2908 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:15:08.0546 2908 NIC1394 - ok
20:15:08.0593 2908 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:15:08.0609 2908 Nla - ok
20:15:08.0640 2908 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:15:08.0640 2908 Npfs - ok
20:15:08.0687 2908 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:15:08.0703 2908 Ntfs - ok
20:15:08.0703 2908 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:15:08.0703 2908 NtLmSsp - ok
20:15:08.0890 2908 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:15:09.0109 2908 NtmsSvc - ok
20:15:09.0156 2908 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:15:09.0156 2908 Null - ok
20:15:10.0593 2908 nv (f55138bc8319dc17dc1a2d7d5908ed72) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:15:10.0703 2908 nv - ok
20:15:10.0937 2908 NVSvc (604074b99bce4eda4db010e237eb8f1b) C:\WINDOWS\system32\nvsvc32.exe
20:15:10.0953 2908 NVSvc - ok
20:15:10.0968 2908 NWCWorkstation (c34a6a72dec2c317d67355dc18f87090) C:\WINDOWS\System32\nwwks.dll
20:15:10.0968 2908 NWCWorkstation - ok
20:15:11.0031 2908 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:15:11.0031 2908 NwlnkFlt - ok
20:15:11.0031 2908 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:15:11.0031 2908 NwlnkFwd - ok
20:15:11.0062 2908 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
20:15:11.0078 2908 NwlnkIpx - ok
20:15:11.0078 2908 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
20:15:11.0078 2908 NwlnkNb - ok
20:15:11.0093 2908 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
20:15:11.0093 2908 NwlnkSpx - ok
20:15:11.0125 2908 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
20:15:11.0125 2908 NWRDR - ok
20:15:11.0140 2908 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:15:11.0140 2908 ohci1394 - ok
20:15:11.0187 2908 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:15:11.0203 2908 ose - ok
20:15:11.0218 2908 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:15:11.0218 2908 Parport - ok
20:15:11.0234 2908 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:15:11.0234 2908 PartMgr - ok
20:15:11.0265 2908 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:15:11.0265 2908 ParVdm - ok
20:15:11.0281 2908 PCASp50 - ok
20:15:11.0296 2908 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:15:11.0296 2908 PCI - ok
20:15:11.0296 2908 PCIDump - ok
20:15:11.0296 2908 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:15:11.0296 2908 PCIIde - ok
20:15:11.0312 2908 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:15:11.0312 2908 Pcmcia - ok
20:15:11.0328 2908 PDCOMP - ok
20:15:11.0328 2908 PDFRAME - ok
20:15:11.0328 2908 PDRELI - ok
20:15:11.0328 2908 PDRFRAME - ok
20:15:11.0328 2908 perc2 - ok
20:15:11.0343 2908 perc2hib - ok
20:15:11.0406 2908 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:15:11.0421 2908 PlugPlay - ok
20:15:11.0437 2908 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:15:11.0437 2908 PolicyAgent - ok
20:15:11.0453 2908 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:15:11.0453 2908 PptpMiniport - ok
20:15:11.0453 2908 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:15:11.0453 2908 ProtectedStorage - ok
20:15:11.0468 2908 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:15:11.0468 2908 PSched - ok
20:15:11.0500 2908 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:15:11.0500 2908 Ptilink - ok
20:15:11.0515 2908 qkbfiltr (7dc7aca4e775e9d823f5773a2f47a2ac) C:\WINDOWS\system32\drivers\qkbfiltr.sys
20:15:11.0515 2908 qkbfiltr - ok
20:15:11.0515 2908 ql1080 - ok
20:15:11.0531 2908 Ql10wnt - ok
20:15:11.0531 2908 ql12160 - ok
20:15:11.0531 2908 ql1240 - ok
20:15:11.0531 2908 ql1280 - ok
20:15:11.0546 2908 qmofiltr (8652b9e134c3478be948bf089df8ed5e) C:\WINDOWS\system32\drivers\qmofiltr.sys
20:15:11.0546 2908 qmofiltr - ok
20:15:11.0562 2908 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:15:11.0562 2908 RasAcd - ok
20:15:11.0593 2908 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:15:11.0593 2908 RasAuto - ok
20:15:11.0609 2908 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:15:11.0609 2908 Rasl2tp - ok
20:15:11.0640 2908 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:15:11.0656 2908 RasMan - ok
20:15:11.0671 2908 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:15:11.0671 2908 RasPppoe - ok
20:15:11.0671 2908 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:15:11.0671 2908 Raspti - ok
20:15:11.0718 2908 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:15:11.0734 2908 Rdbss - ok
20:15:11.0734 2908 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:15:11.0734 2908 RDPCDD - ok
20:15:11.0765 2908 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:15:11.0765 2908 rdpdr - ok
20:15:11.0812 2908 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
20:15:11.0812 2908 RDPWD - ok
20:15:11.0843 2908 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:15:11.0859 2908 RDSessMgr - ok
20:15:11.0859 2908 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:15:11.0875 2908 redbook - ok
20:15:11.0921 2908 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:15:11.0921 2908 RemoteAccess - ok
20:15:11.0953 2908 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:15:11.0968 2908 RemoteRegistry - ok
20:15:12.0000 2908 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:15:12.0000 2908 RFCOMM - ok
20:15:12.0046 2908 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:15:12.0046 2908 RpcLocator - ok
20:15:12.0093 2908 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:15:12.0093 2908 RpcSs - ok
20:15:12.0125 2908 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:15:12.0125 2908 RSVP - ok
20:15:12.0156 2908 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:15:12.0156 2908 SamSs - ok
20:15:12.0187 2908 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:15:12.0203 2908 SCardSvr - ok
20:15:12.0250 2908 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:15:12.0265 2908 Schedule - ok
20:15:12.0312 2908 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:15:12.0312 2908 sdbus - ok
20:15:12.0343 2908 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:15:12.0343 2908 Secdrv - ok
20:15:12.0359 2908 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:15:12.0359 2908 seclogon - ok
20:15:12.0375 2908 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:15:12.0375 2908 SENS - ok
20:15:12.0390 2908 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:15:12.0390 2908 serenum - ok
20:15:12.0406 2908 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:15:12.0406 2908 Serial - ok
20:15:12.0437 2908 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:15:12.0437 2908 Sfloppy - ok
20:15:12.0453 2908 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:15:12.0468 2908 SharedAccess - ok
20:15:12.0515 2908 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:15:12.0515 2908 ShellHWDetection - ok
20:15:12.0515 2908 Simbad - ok
20:15:12.0765 2908 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:15:12.0859 2908 Skype C2C Service - ok
20:15:13.0046 2908 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Programme\Skype\Updater\Updater.exe
20:15:13.0046 2908 SkypeUpdate - ok
20:15:13.0140 2908 Sparrow - ok
20:15:13.0171 2908 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:15:13.0171 2908 splitter - ok
20:15:13.0218 2908 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:15:13.0218 2908 Spooler - ok
20:15:13.0250 2908 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:15:13.0250 2908 sr - ok
20:15:13.0296 2908 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:15:13.0296 2908 srservice - ok
20:15:13.0343 2908 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:15:13.0359 2908 Srv - ok
20:15:13.0375 2908 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:15:13.0390 2908 SSDPSRV - ok
20:15:13.0437 2908 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:15:13.0468 2908 stisvc - ok
20:15:13.0484 2908 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:15:13.0484 2908 swenum - ok
20:15:13.0500 2908 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:15:13.0500 2908 swmidi - ok
20:15:13.0500 2908 SwPrv - ok
20:15:13.0515 2908 symc810 - ok
20:15:13.0546 2908 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:15:13.0546 2908 symc8xx - ok
20:15:13.0546 2908 sym_hi - ok
20:15:13.0578 2908 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:15:13.0578 2908 sym_u3 - ok
20:15:13.0609 2908 SynTP (8a0081e3de46637a8e53ed7c12542a69) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:15:13.0609 2908 SynTP - ok
20:15:13.0640 2908 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:15:13.0640 2908 sysaudio - ok
20:15:13.0671 2908 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:15:13.0671 2908 SysmonLog - ok
20:15:13.0703 2908 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:15:13.0703 2908 TapiSrv - ok
20:15:13.0750 2908 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:15:13.0765 2908 Tcpip - ok
20:15:13.0796 2908 tcpipBM (dcfeb82ca988598ceb8f83148616038e) C:\WINDOWS\system32\drivers\tcpipBM.sys
20:15:13.0796 2908 tcpipBM - ok
20:15:13.0812 2908 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:15:13.0812 2908 TDPIPE - ok
20:15:13.0828 2908 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:15:13.0828 2908 TDTCP - ok
20:15:13.0828 2908 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:15:13.0843 2908 TermDD - ok
20:15:13.0875 2908 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:15:13.0906 2908 TermService - ok
20:15:13.0937 2908 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:15:13.0937 2908 Themes - ok
20:15:13.0968 2908 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
20:15:13.0984 2908 tifm21 - ok
20:15:14.0093 2908 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:15:14.0093 2908 TlntSvr - ok
20:15:14.0093 2908 TosIde - ok
20:15:14.0125 2908 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:15:14.0140 2908 TrkWks - ok
20:15:14.0156 2908 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:15:14.0156 2908 Udfs - ok
20:15:14.0156 2908 ultra - ok
20:15:14.0203 2908 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:15:14.0218 2908 Update - ok
20:15:14.0265 2908 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:15:14.0265 2908 upnphost - ok
20:15:14.0281 2908 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:15:14.0281 2908 UPS - ok
20:15:14.0328 2908 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:15:14.0328 2908 USBAAPL - ok
20:15:14.0359 2908 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:15:14.0359 2908 usbccgp - ok
20:15:14.0359 2908 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:15:14.0359 2908 usbehci - ok
20:15:14.0390 2908 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:15:14.0390 2908 usbhub - ok
20:15:14.0406 2908 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:15:14.0406 2908 USBSTOR - ok
20:15:14.0421 2908 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:15:14.0421 2908 usbuhci - ok
20:15:14.0437 2908 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:15:14.0437 2908 VgaSave - ok
20:15:14.0468 2908 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:15:14.0468 2908 ViaIde - ok
20:15:14.0546 2908 VMCService (c6e18c3b43378ae3fcecdff0f0bb7be7) C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
20:15:14.0546 2908 VMCService - ok
20:15:14.0562 2908 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:15:14.0562 2908 VolSnap - ok
20:15:14.0578 2908 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:15:14.0609 2908 VSS - ok
20:15:14.0625 2908 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:15:14.0625 2908 W32Time - ok
20:15:14.0734 2908 w39n51 (b9670411c5cfef10fcd484f433fea201) C:\WINDOWS\system32\DRIVERS\w39n51.sys
20:15:14.0781 2908 w39n51 - ok
20:15:14.0937 2908 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:15:14.0937 2908 Wanarp - ok
20:15:14.0937 2908 WDICA - ok
20:15:14.0953 2908 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:15:14.0953 2908 wdmaud - ok
20:15:14.0984 2908 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:15:15.0000 2908 WebClient - ok
20:15:15.0125 2908 winachsf (4c17a05813e1f48e5da30ada62cdf427) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
20:15:15.0171 2908 winachsf - ok
20:15:15.0218 2908 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:15:15.0218 2908 winmgmt - ok
20:15:15.0281 2908 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:15:15.0281 2908 WmdmPmSN - ok
20:15:15.0328 2908 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:15:15.0359 2908 Wmi - ok
20:15:15.0375 2908 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\Windows\system32\wbem\wmiapsrv.exe
20:15:15.0375 2908 WmiApSrv - ok
20:15:15.0531 2908 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:15:15.0593 2908 WMPNetworkSvc - ok
20:15:15.0640 2908 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:15:15.0640 2908 WS2IFSL - ok
20:15:15.0640 2908 WSearch - ok
20:15:15.0703 2908 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:15:15.0703 2908 wuauserv - ok
20:15:15.0734 2908 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:15:15.0734 2908 WudfPf - ok
20:15:15.0750 2908 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:15:15.0750 2908 WudfRd - ok
20:15:15.0765 2908 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:15:15.0765 2908 WudfSvc - ok
20:15:15.0812 2908 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:15:15.0843 2908 WZCSVC - ok
20:15:15.0906 2908 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:15:15.0906 2908 xmlprov - ok
20:15:15.0968 2908 yukonwxp (4322c32ced8c4772e039616dcbf01d3f) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:15:15.0984 2908 yukonwxp - ok
20:15:16.0031 2908 ZTEusbmdm6k (c2215c6ada8b1e9feb507cee9b446661) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
20:15:16.0031 2908 ZTEusbmdm6k - ok
20:15:16.0046 2908 ZTEusbnet (9862f9d2ff50ae748ed42c022e6aac15) C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys
20:15:16.0046 2908 ZTEusbnet - ok
20:15:16.0062 2908 ZTEusbnmea (f16ce3c7690ab7426dc96520d54a737e) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
20:15:16.0062 2908 ZTEusbnmea - ok
20:15:16.0078 2908 ZTEusbser6k (c2215c6ada8b1e9feb507cee9b446661) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
20:15:16.0078 2908 ZTEusbser6k - ok
20:15:16.0093 2908 ZTEusbvoice (f16ce3c7690ab7426dc96520d54a737e) C:\WINDOWS\system32\DRIVERS\ZTEusbvoice.sys
20:15:16.0093 2908 ZTEusbvoice - ok
20:15:16.0125 2908 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:15:16.0484 2908 \Device\Harddisk0\DR0 - ok
20:15:16.0484 2908 Boot (0x1200) (f4f17f58da95014e0fbffe20f3bcf512) \Device\Harddisk0\DR0\Partition0
20:15:16.0500 2908 \Device\Harddisk0\DR0\Partition0 - ok
20:15:16.0500 2908 ============================================================
20:15:16.0500 2908 Scan finished
20:15:16.0500 2908 ============================================================
20:15:16.0500 2808 Detected object count: 0
20:15:16.0500 2808 Actual detected object count: 0
20:15:49.0421 0280 Deinitialize success


Liebe Grüße!

t'john 17.07.2012 19:28
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.


Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

JuleFritzi 17.07.2012 20:24
OTL Logfile:
Code:
OTL logfile created on: 17.07.2012 20:36:42 - Run 2
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Dokumente und EinstellungenEigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,11 Mb Total Physical Memory | 249,18 Mb Available Physical Memory | 24,38% Memory free
2,40 Gb Paging File | 1,79 Gb Available in Paging File | 74,49% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 4,87 Gb Free Space | 6,54% Space Free | Partition Type: NTFS
Drive D: | 7,48 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: ***| User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.17 20:33:01 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\NL44\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.07.03 18:21:32 | 006,510,112 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\Setup\avast.setup
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.05.24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012.01.17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
PRC - [2012.01.17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006.06.01 07:49:38 | 001,196,032 | ---- | M] (Quanta Computer, INC.) -- C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.03 18:21:27 | 000,247,224 | ---- | M] () -- C:\Programme\AVAST Software\Avast\Setup\setiface.dll
MOD - [2012.07.03 09:22:15 | 001,780,224 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12070300\algo.dll
MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\Windows\system32\msdmo.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.07.12 19:21:00 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.06.19 19:47:11 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009.04.20 17:20:30 | 000,009,216 | ---- | M] (Vodafone) [Disabled | Stopped] -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.04.09 13:38:32 | 000,110,592 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2009.04.09 13:38:32 | 000,105,344 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2009.04.09 13:38:32 | 000,105,344 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.04.09 13:38:32 | 000,104,960 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.04.09 13:38:32 | 000,104,960 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008.10.09 13:50:08 | 000,022,528 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008.10.09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007.12.06 09:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006.09.22 05:32:02 | 001,428,224 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006.04.07 02:48:08 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006.04.07 02:46:46 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006.02.28 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006.02.28 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006.01.12 17:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005.05.05 15:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\qmofiltr.sys -- (qmofiltr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 4E 5B D2 F4 F9 CC 01  [binary data]
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2011.08.09 19:44:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.07.17 20:32:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.06.19 19:47:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.07.07 15:32:36 | 000,000,000 | ---D | M]
 
[2012.03.07 15:36:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Mozilla\Extensions
[2012.05.02 08:28:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Mozilla\Firefox\Profiles\2gbyk4tt.default\extensions
[2012.04.23 21:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.24 21:53:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.19 19:47:12 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.06.19 19:47:08 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.19 19:47:08 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.19 19:47:08 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.19 19:47:08 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.19 19:47:08 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.19 19:47:08 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - homepage: hxxp://www.google.com
 
O1 HOSTS File: ([2012.03.07 15:50:09 | 000,441,471 | R--- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 15173 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [Keyboard Manager Utility] C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe (Quanta Computer, INC.)
O4 - HKLM..\Run: [MobileConnect] C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162468014625 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92B96AFA-6A4B-4E4B-8876-47BEA69DD010}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "VMCService"
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 0
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
 
Drivers32: msacm.iac2 - C:\Windows\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.17 20:34:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
[2012.07.17 20:33:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012.07.17 20:33:26 | 000,353,688 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.17 20:33:26 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.17 20:33:23 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.17 20:33:23 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.17 20:33:22 | 000,721,000 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.17 20:33:20 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.17 20:33:20 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.17 20:33:19 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.17 20:33:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.07.17 20:32:23 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.17 20:32:22 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.07.16 22:11:26 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\NL44\Desktop\TDSSKiller.exe
[2012.07.16 15:14:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\ElevatedDiagnostics
[2012.07.16 15:12:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows PowerShell 1.0
[2012.07.16 15:12:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012.07.16 09:51:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Malwarebytes
[2012.07.16 09:51:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.07.13 23:24:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Apple Computer
[2012.07.13 23:24:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Apple Computer
[2012.07.13 23:23:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2012.07.13 23:21:45 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2012.07.13 23:21:32 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2012.07.13 23:21:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer
[2012.07.13 23:21:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.07.13 23:21:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Apple
[2012.07.13 23:20:57 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2012.07.13 23:20:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Apple Computer
[2012.07.13 23:19:56 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2012.07.13 23:19:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Apple
[2012.07.13 23:19:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple
[2012.07.08 15:46:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.07.07 17:49:57 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2012.07.07 17:49:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Google
[2012.07.07 17:48:58 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.07.07 17:48:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.07.06 21:34:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Local Settings
[2012.07.06 20:38:43 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\NL44\Recent
[2012.06.22 15:11:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\NL44\Eigene Dateien\cache
[2012.06.22 15:11:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\webex
[2012.06.21 22:48:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\OpenOffice.org
[2012.06.21 22:43:11 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\OpenOffice.org 3.4
[2012.06.21 22:40:44 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3
[2012.06.21 22:39:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Desktop\OpenOffice.org 3.4 (de) Installation Files
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.17 20:59:13 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{67F66040-30DC-47DD-9DDA-798F527DEF91}.job
[2012.07.17 20:34:40 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012.07.17 20:33:27 | 000,001,653 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.07.17 20:33:21 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.17 20:33:21 | 000,000,304 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.17 20:24:03 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.17 20:20:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.07.17 20:09:45 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.07.17 20:09:42 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.17 20:09:41 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.17 19:27:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.17 19:27:25 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.17 19:26:34 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012.07.17 19:14:13 | 002,117,152 | R--- | M] () -- C:\Dokumente und Einstellungen\NL44\Desktop\tdsskiller.zip
[2012.07.16 22:11:26 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\NL44\Desktop\TDSSKiller.exe
[2012.07.16 15:12:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.07.16 14:57:02 | 000,000,042 | ---- | M] () -- C:\Dokumente und Einstellungen\NL44\default.pls
[2012.07.16 14:53:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.15 16:18:24 | 000,488,168 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.07.15 16:18:24 | 000,444,810 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.15 16:18:24 | 000,095,994 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.07.15 16:18:24 | 000,072,686 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.13 23:23:39 | 000,001,522 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2012.07.12 09:51:41 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.08 16:00:05 | 000,000,212 | RHS- | M] () -- C:\boot.ini
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.03 18:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.06.21 22:43:12 | 000,000,909 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.4.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.17 20:34:40 | 000,001,777 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012.07.17 20:33:27 | 000,001,653 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.07.17 20:33:21 | 000,000,304 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.17 19:14:15 | 002,117,152 | R--- | C] () -- C:\Dokumente und Einstellungen\NL44\Desktop\tdsskiller.zip
[2012.07.16 14:57:02 | 000,000,042 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\default.pls
[2012.07.13 23:23:39 | 000,001,522 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2012.07.13 23:21:00 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Apple Software Update.lnk
[2012.07.12 09:43:20 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.07.07 17:50:06 | 000,001,086 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.07 17:50:05 | 000,001,082 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.21 22:43:12 | 000,000,909 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.4.lnk
[2012.03.20 19:02:12 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2012.03.06 23:18:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.08.09 17:48:36 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009.04.09 13:44:42 | 000,108,066 | R--- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DeviceManager.xml.rc4
[2007.06.13 08:16:07 | 000,046,080 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.21 15:39:08 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{73ce74d3-35db-0d08-8e98-d8a61cd6ccbb}\@
[2007.03.21 15:39:08 | 000,002,048 | -HS- | C] () -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\{73ce74d3-35db-0d08-8e98-d8a61cd6ccbb}\@
 
========== LOP Check ==========
 
[2012.07.17 20:31:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2011.08.09 19:53:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vodafone
[2012.07.13 23:23:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.08.09 19:45:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Bytemobile
[2011.08.09 19:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Vodafone
[2011.08.09 19:48:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Bytemobile
[2012.07.16 15:14:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\ElevatedDiagnostics
[2007.06.10 13:33:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe
[2012.06.21 22:48:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\OpenOffice.org
[2012.05.16 10:48:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Oracle
[2012.03.07 23:54:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\UDC Profiles
[2011.08.09 19:49:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Vodafone
[2012.06.22 15:11:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\webex
[2011.08.09 16:55:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Windows Desktop Search
[2011.11.12 21:02:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Windows Search
[2012.07.17 20:33:21 | 000,000,304 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.07.17 20:59:13 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{67F66040-30DC-47DD-9DDA-798F527DEF91}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.08.09 19:56:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Adobe
[2012.03.08 12:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Ahead
[2012.07.13 23:25:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Apple Computer
[2012.07.16 14:58:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\dvdcss
[2012.07.16 15:14:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\ElevatedDiagnostics
[2011.11.12 22:16:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\FLEXnet
[2007.03.21 15:40:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Identities
[2007.06.10 13:33:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe
[2007.03.29 21:05:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Macromedia
[2012.07.16 09:51:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Malwarebytes
[2012.05.16 14:49:48 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Microsoft
[2012.03.07 15:36:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Mozilla
[2012.06.21 22:48:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\OpenOffice.org
[2012.05.16 10:48:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Oracle
[2012.07.17 20:44:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Skype
[2012.03.07 16:01:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Sun
[2012.03.07 23:54:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\UDC Profiles
[2012.07.16 15:04:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\vlc
[2011.08.09 19:49:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Vodafone
[2012.06.22 15:11:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\webex
[2011.08.09 16:55:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Windows Desktop Search
[2011.11.12 21:02:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Windows Search
 
< %APPDATA%\*.exe /s >
[2005.12.19 22:47:38 | 000,913,408 | ---- | M] (M-Systems) -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe\KeySafe.exe
 
< %SYSTEMDRIVE%\*.exe >
[2008.04.11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2006.02.28 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\Windows\i386\sp2.cab:AGP440.sys
[2011.08.09 18:55:38 | 023,898,261 | ---- | M] () .cab file -- C:\Windows\i386\sp3.cab:AGP440.sys
[2011.08.09 18:55:38 | 023,898,261 | ---- | M] () .cab file -- C:\Windows\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Windows\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\Windows\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2006.02.28 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\Windows\i386\sp2.cab:atapi.sys
[2011.08.09 18:55:38 | 023,898,261 | ---- | M] () .cab file -- C:\Windows\i386\sp3.cab:atapi.sys
[2011.08.09 18:55:38 | 023,898,261 | ---- | M] () .cab file -- C:\Windows\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Windows\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\Windows\system32\drivers\atapi.sys
[2006.02.28 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\Windows\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\Windows\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\Windows\system32\eventlog.dll
[2006.02.28 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\Windows\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\Windows\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\Windows\system32\netlogon.dll
[2006.02.28 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\Windows\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\Windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\Windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\Windows\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\Windows\system32\scecli.dll
[2006.02.28 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\Windows\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\Windows\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\Windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[2006.02.28 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\Windows\$NtUninstallKB890859$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\Windows\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\Windows\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\Windows\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\Windows\system32\userinit.exe
[2006.02.28 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\Windows\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2006.02.28 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\Windows\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\Windows\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\Windows\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.02.28 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\Windows\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.11.02 14:25:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006.11.02 14:25:50 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.11.02 14:25:49 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
<          >

< End of report >
--- --- ---

t'john 17.07.2012 20:43
Kannst du bitte mal

Zitat:
C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe\KeySafe.exe
bei Virustotal hochladen und mir den Ergebnislink hier posten...

JuleFritzi 17.07.2012 20:53
https://www.virustotal.com/file/754e97de0ed2e65fedf1388a9319b80a23527f7635d1c5379ae8eb667ed04d7e/analysis/1342554724/

Was ist das für eine Anwendung ???

t'john 17.07.2012 21:02
Sag dir das vielleicht was?

Produktanfrage an Unitronic
http://www.icc-unitronic.de/M-System.../diskonkey.htm

JuleFritzi 17.07.2012 21:10
Nein, nicht wirklich. Ich habe allerdings den Rechner von meinem Vater übernommen, weil ich mit meinem eigenen Rechner (s. vorheriger thread) nicht mehr ins Netz komme und mir die Zeit fehlte, den neu aufzusetzen. :heilig:

Soll ich die Anwendung löschen?

t'john 17.07.2012 21:18
Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
:OTL
PRC - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SRV - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
O3 - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O32 - HKLM CDRom: AutoRun - 1

[2005.12.19 22:47:38 | 000,913,408 | ---- | M] (M-Systems) -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe\KeySafe.exe
[2012.07.07 17:50:06 | 000,001,086 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.07 17:50:05 | 000,001,082 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2007.03.21 15:39:08 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{73ce74d3-35db-0d08-8e98-d8a61cd6ccbb}\@
[2007.03.21 15:39:08 | 000,002,048 | -HS- | C] () -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\{73ce74d3-35db-0d08-8e98-d8a61cd6ccbb}\@
[2005.12.19 22:47:38 | 000,913,408 | ---- | M] (M-Systems) -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe\KeySafe.exe
:Files
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe\
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!


danach:


Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

JuleFritzi 17.07.2012 21:45
Code:
All processes killed
========== OTL ==========
No active process named c2c_service.exe was found!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_USERS\S-1-5-21-1547880722-3932674666-2371334599-1005\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1547880722-3932674666-2371334599-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-1547880722-3932674666-2371334599-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll not found.
Registry value HKEY_USERS\S-1-5-21-1547880722-3932674666-2371334599-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1547880722-3932674666-2371334599-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe\KeySafe.exe moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Installer\{73ce74d3-35db-0d08-8e98-d8a61cd6ccbb}\@ moved successfully.
C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\{73ce74d3-35db-0d08-8e98-d8a61cd6ccbb}\@ moved successfully.
File C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe\KeySafe.exe not found.
========== FILES ==========
File\Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe not found.
C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\KeySafe folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\NL44\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\NL44\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 32768 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NL44
->Temp folder emptied: 88269391 bytes
->Temporary Internet Files folder emptied: 13199588 bytes
->Java cache emptied: 599759 bytes
->FireFox cache emptied: 341146661 bytes
->Google Chrome cache emptied: 5837168 bytes
->Flash cache emptied: 2268 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8169763 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 436,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Default User
 
User: LocalService
 
User: NetworkService
 
User: NL44
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.54.0 log created on 07172012_222713

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Code:
# AdwCleaner v1.702 - Logfile created 07/17/2012 at 22:44:55
# Updated 13/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : NL44 - HEINER
# Running from : C:\Dokumente und Einstellungen\NL44\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [940 octets] - [17/07/2012 18:57:52]
AdwCleaner[S1].txt - [1006 octets] - [17/07/2012 18:58:39]
AdwCleaner[R2].txt - [663 octets] - [17/07/2012 22:44:55]

########## EOF - C:\AdwCleaner[R2].txt - [790 octets] ##########
So,
da dachte ich doch, ich hätte das Problem so ganz alleine gelöst und dann gab´s ja doch noch eine Menge zu tun :-) Dir einen herzlichen Dank bis hierher, obwohl ich das Gefühl habe, das war noch nicht alles...?

Gut´s Nächtle
Daniela

t'john 18.07.2012 08:30
Sehr gut! :daumenhoc

Wie laeuft der Rechner?

zur Kontrolle kannst Du noch:

Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

JuleFritzi 18.07.2012 09:52
Emsisoft Anti-Malware - Version 6.6
Letztes Update: 18.07.2012 10:42:20

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\
Archiv Scan: An
ADS Scan: An

Scan Beginn: 18.07.2012 10:43:40


Gescannt 472674
Gefunden 0

Scan Ende: 18.07.2012 10:44:37
Scan Zeit: 0:00:57


Das sieht doch gut aus, oder?

Ich lasse in unregelmäßigen Abständen ccleaner und spypot laufen, ist das in Ordnung? Außerdem habe ich zur Zeit avast als Programm installiert. Was hältst du davon?

Liebe Grüße
Daniela

t'john 18.07.2012 09:56
Sehr gut! :daumenhoc

Deinstalliere:
Emsisoft Anti-Malware


Zitat:
Ich lasse in unregelmäßigen Abständen CCleaner und spypot laufen, ist das in Ordnung?
schadet nicht ;)

avast ist in ordnung.

Alle Updates einzuspielen ist viel wichtiger.


Noch irgendwelche Probleme mit dem Rechner?

JuleFritzi 18.07.2012 10:43
:taenzer:

Nein, läuft alles prima, außer dass ich nun babylon habe und es auch nicht weg bekomme :crazy:

t'john 18.07.2012 15:35
Babylon? seit wann?

hast du irgendwas installiert, wo das Beigabe war?

mache mal ein OTL.exe Log.

JuleFritzi 19.07.2012 19:51
Hi,

im Grund habe ich es kurz vor meiner letztzen Nachricht festgestellt. Bewusst habe ich keinen Donwload gemacht und ich habe in den letzten Tagen nichts Zusätzliches heruntergeladen, außer den angegebenen.

Als ich heute morgen kurz den Rechner gestartet habe, hatte ich zudem auf dem Desktop die AUfforderung Active Desktopn wiederherzustellen mit der Meldung: Unerwarteter Fehler. Als Vorsichtmaßnahme wurde Active Desktop deaktiviert. Was muss ich denn damit machen?

OTL:
Code:
OTL logfile created on: 19.07.2012 20:43:38 - Run 3
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Dokumente und Einstellungen\NL44\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,11 Mb Total Physical Memory | 528,80 Mb Available Physical Memory | 51,74% Memory free
2,40 Gb Paging File | 2,00 Gb Available in Paging File | 83,37% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 4,69 Gb Free Space | 6,29% Space Free | Partition Type: NTFS
Drive D: | 7,48 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: HEINER | User Name: NL44 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.18 19:11:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\NL44\Desktop\OTL.exe
PRC - [2012.07.18 14:30:18 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.05.24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2008.04.14 04:22:53 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Programme\Outlook Express\msimn.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.19 09:06:41 | 001,784,320 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12071901\algo.dll
MOD - [2012.07.19 01:58:03 | 001,783,808 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12071900\algo.dll
MOD - [2012.07.18 14:30:16 | 002,003,424 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.07.12 19:20:59 | 009,465,032 | ---- | M] () -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.07.18 14:30:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.12 19:21:00 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009.04.20 17:20:30 | 000,009,216 | ---- | M] (Vodafone) [Disabled | Stopped] -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.04.09 13:38:32 | 000,110,592 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2009.04.09 13:38:32 | 000,105,344 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2009.04.09 13:38:32 | 000,105,344 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.04.09 13:38:32 | 000,104,960 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.04.09 13:38:32 | 000,104,960 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008.10.09 13:50:08 | 000,022,528 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008.10.09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007.12.06 09:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006.09.22 05:32:02 | 001,428,224 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006.04.07 02:48:08 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006.04.07 02:46:46 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006.02.28 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006.02.28 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006.01.12 17:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005.05.05 15:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\qmofiltr.sys -- (qmofiltr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=110819&tt=2912_2&babsrc=HP_ss&mntrId=d8e233ab000000000000b2032ef1b89c
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 4E 5B D2 F4 F9 CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&tt=2912_2&babsrc=SP_ss&mntrId=d8e233ab000000000000b2032ef1b89c
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?affID=110819&tt=2912_2&babsrc=KW_ss&mntrId=d8e233ab000000000000b2032ef1b89c&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2011.08.09 19:44:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.07.17 23:09:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.18 14:30:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.07.07 15:32:36 | 000,000,000 | ---D | M]
 
[2012.03.07 15:36:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Mozilla\Extensions
[2012.07.18 10:56:42 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Mozilla\Firefox\Profiles\2gbyk4tt.default\extensions
[2012.07.18 10:01:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Mozilla\Firefox\Profiles\2gbyk4tt.default\extensions\staged
[2012.04.23 21:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.24 21:53:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.18 14:30:18 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.06.19 19:47:08 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.18 09:54:09 | 000,002,349 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
[2012.06.19 19:47:08 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.19 19:47:08 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.19 19:47:08 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.19 19:47:08 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.19 19:47:08 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.babylon.com/?affID=110819&tt=2912_2&babsrc=HP_ss&mntrId=d8e233ab000000000000b2032ef1b89c
CHR - homepage: hxxp://search.babylon.com/?affID=110819&tt=2912_2&babsrc=HP_ss&mntrId=d8e233ab000000000000b2032ef1b89c
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DealPly = C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\
CHR - Extension: avast! WebRep = C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.03.07 15:50:09 | 000,441,471 | R--- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 15173 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [Keyboard Manager Utility] C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe (Quanta Computer, INC.)
O4 - HKLM..\Run: [MobileConnect] C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162468014625 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92B96AFA-6A4B-4E4B-8876-47BEA69DD010}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.18 19:11:43 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\NL44\Desktop\OTL.exe
[2012.07.18 10:28:40 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.07.18 10:28:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Eigene Dateien\Anti-Malware
[2012.07.18 09:53:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
[2012.07.18 09:53:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Babylon
[2012.07.18 09:53:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012.07.17 23:10:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012.07.17 23:10:33 | 000,353,688 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.17 23:10:33 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.17 23:10:30 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.17 23:10:29 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.17 23:10:28 | 000,721,000 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.17 23:10:27 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.17 23:10:27 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.17 23:10:26 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.17 23:09:35 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.17 23:09:34 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.07.17 20:34:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
[2012.07.16 15:14:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\ElevatedDiagnostics
[2012.07.16 15:12:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows PowerShell 1.0
[2012.07.16 15:12:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012.07.16 09:51:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Malwarebytes
[2012.07.16 09:51:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.07.13 23:24:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Apple Computer
[2012.07.13 23:24:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Apple Computer
[2012.07.13 23:23:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2012.07.13 23:23:31 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2012.07.13 23:21:45 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2012.07.13 23:21:32 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2012.07.13 23:21:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer
[2012.07.13 23:21:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.07.13 23:21:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Apple
[2012.07.13 23:20:57 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2012.07.13 23:20:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Apple Computer
[2012.07.13 23:20:27 | 004,547,944 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2012.07.13 23:19:56 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2012.07.13 23:19:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Apple
[2012.07.13 23:19:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple
[2012.07.08 15:46:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.07.07 17:49:57 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2012.07.07 17:49:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Google
[2012.07.07 17:48:58 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.07.07 17:48:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.07.06 21:34:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Local Settings
[2012.07.06 20:38:43 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\NL44\Recent
[2012.06.22 15:11:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\NL44\Eigene Dateien\cache
[2012.06.22 15:11:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\webex
[2012.06.21 22:48:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\OpenOffice.org
[2012.06.21 22:43:11 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\OpenOffice.org 3.4
[2012.06.21 22:40:44 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3
[2012.06.21 22:39:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Desktop\OpenOffice.org 3.4 (de) Installation Files
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.19 20:42:56 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{67F66040-30DC-47DD-9DDA-798F527DEF91}.job
[2012.07.19 20:40:59 | 000,000,304 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.19 20:40:58 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.07.19 20:40:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.19 20:39:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.19 20:39:49 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.19 09:09:18 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012.07.18 19:20:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.07.18 19:11:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\NL44\Desktop\OTL.exe
[2012.07.18 09:54:51 | 000,000,247 | ---- | M] () -- C:\user.js
[2012.07.17 23:10:34 | 000,001,653 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.07.17 23:10:28 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.17 20:34:40 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012.07.16 15:12:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.07.16 14:57:02 | 000,000,042 | ---- | M] () -- C:\Dokumente und Einstellungen\NL44\default.pls
[2012.07.16 14:53:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.15 16:18:24 | 000,488,168 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.07.15 16:18:24 | 000,444,810 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.15 16:18:24 | 000,095,994 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.07.15 16:18:24 | 000,072,686 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.13 23:23:39 | 000,001,522 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2012.07.12 19:20:59 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.07.12 19:20:59 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.07.12 09:51:41 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.08 16:00:05 | 000,000,212 | RHS- | M] () -- C:\boot.ini
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.03 18:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.06.21 22:43:12 | 000,000,909 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.4.lnk
 
========== Files Created - No Company Name ==========
 
[2012.07.18 09:54:40 | 000,000,247 | ---- | C] () -- C:\user.js
[2012.07.17 23:10:34 | 000,001,653 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.07.17 23:10:28 | 000,000,304 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.17 20:34:40 | 000,001,777 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012.07.16 14:57:02 | 000,000,042 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\default.pls
[2012.07.13 23:23:39 | 000,001,522 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2012.07.13 23:21:00 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Apple Software Update.lnk
[2012.07.12 09:43:20 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.06.21 22:43:12 | 000,000,909 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.4.lnk
[2012.03.20 19:02:12 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2012.03.06 23:18:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.08.09 17:48:36 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009.04.09 13:44:42 | 000,108,066 | R--- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DeviceManager.xml.rc4
[2007.06.13 08:16:07 | 000,046,080 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

< End of report >
Daniela

Ich habe eine Idee. Als ich bei filepony etwas herunterladen wollte, ich glaube, emisisoft, habe ich aus Versehen den Download-Manager angeklickt. Vielleicht kommt es daher?
In der log-Datei tauchen auch seltsame web-Adressen auf...

t'john 19.07.2012 20:49
Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
:OTL
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110819&tt=2912_2&babsrc=HP_ss&mntrId=d8e233ab000000000000b2032ef1b89c
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=2912_2&babsrc=SP_ss&mntrId=d8e233ab000000000000b2032ef1b89c
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=110819&tt=2912_2&babsrc=KW_ss&mntrId=d8e233ab000000000000b2032ef1b89c&q="
CHR - homepage: http://search.babylon.com/?affID=110819&tt=2912_2&babsrc=HP_ss&mntrId=d8e233ab000000000000b2032ef1b89c
O32 - HKLM CDRom: AutoRun - 1

[2012.07.18 09:53:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
[2012.07.18 09:53:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Babylon
[2012.07.18 09:53:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012.07.19 20:42:56 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{67F66040-30DC-47DD-9DDA-798F527DEF91}.job
[2012.07.19 20:40:59 | 000,000,304 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

:Files

C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Babylon
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
C:\WINDOWS\tasks\User_Feed_Synchronization-{67F66040-30DC-47DD-9DDA-798F527DEF91}.job

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

JuleFritzi 19.07.2012 21:19
Hüstel, ich war etwas ungeduldig und habe malewarebytes aktiviert, hier der log:

Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.19.12

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
NL44 :: HEINER [Administrator]

Schutz: Deaktiviert

19.07.2012 21:02:05
mbam-log-2012-07-19 (21-02-05).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 281957
Laufzeit: 1 Stunde(n), 5 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Dokumente und Einstellungen\NL44\Eigene Dateien\Downloads\DownloadManagerSetup.exe (PUP.Adware.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Soll ich trotzdem so verfahren, wie von dir geschrieben?

t'john 19.07.2012 21:21
ja bitte mit OTL-Fix weitermachen.

JuleFritzi 19.07.2012 21:34
:bussi:
Babylon ist weg :-)

Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: "about:home" removed from browser.startup.homepage
Prefs.js: "hxxp://search.babylon.com/?affID=110819&tt=2912_2&babsrc=KW_ss&mntrId=d8e233ab000000000000b2032ef1b89c&q=" removed from keyword.URL
Use Chrome's Settings page to change the HomePage.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\Cache folder moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D} folder moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer folder moved successfully.
C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Babylon folder moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon folder moved successfully.
C:\WINDOWS\tasks\User_Feed_Synchronization-{67F66040-30DC-47DD-9DDA-798F527DEF91}.job moved successfully.
File C:\WINDOWS\tasks\avast! Emergency Update.job not found.
========== FILES ==========
File\Folder C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Babylon not found.
File\Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon not found.
File\Folder C:\WINDOWS\tasks\User_Feed_Synchronization-{67F66040-30DC-47DD-9DDA-798F527DEF91}.job not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\NL44\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\NL44\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NL44
->Temp folder emptied: 66965856 bytes
->Temporary Internet Files folder emptied: 5701974 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 132206907 bytes
->Google Chrome cache emptied: 6869775 bytes
->Flash cache emptied: 1574 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33251 bytes
RecycleBin emptied: 5252807 bytes
 
Total Files Cleaned = 207,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Default User
 
User: LocalService
 
User: NetworkService
 
User: NL44
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.54.0 log created on 07192012_222609

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
oh nein, ist es nicht :-(
Wenn ich ein neues Internetfenster öffne, ist es wieder da ...Babylon Search

t'john 19.07.2012 22:41
Da hast du ein ganzen Nest im PC :)

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

JuleFritzi 20.07.2012 11:35
Code:
# AdwCleaner v1.703 - Logfile created 07/20/2012 at 12:34:19
# Updated 20/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : NL44 - HEINER
# Running from : C:\Dokumente und Einstellungen\NL44\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Programme\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Tarma Installer

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=110819&tt=2912_2&babsrc=NT_ss&mntrId=d8e233ab000000000000b2032ef1b89c

*************************

AdwCleaner[R1].txt - [940 octets] - [17/07/2012 18:57:52]
AdwCleaner[S1].txt - [1006 octets] - [17/07/2012 18:58:39]
AdwCleaner[R2].txt - [790 octets] - [17/07/2012 22:44:55]
AdwCleaner[R3].txt - [1480 octets] - [20/07/2012 12:34:19]

########## EOF - C:\AdwCleaner[R3].txt - [1608 octets] ##########
Und:

Code:
# AdwCleaner v1.703 - Logfile created 07/20/2012 at 20:46:06
# Updated 20/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : NL44 - HEINER
# Running from : C:\Dokumente und Einstellungen\NL44\Eigene Dateien\Downloads\adwcleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Programme\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Deleted : HKCU\Software\Ask.com.tmp
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=110819&tt=2912_2&babsrc=NT_ss&mntrId=d8e233ab000000000000b2032ef1b89c --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [940 octets] - [17/07/2012 18:57:52]
AdwCleaner[S1].txt - [1006 octets] - [17/07/2012 18:58:39]
AdwCleaner[R2].txt - [790 octets] - [17/07/2012 22:44:55]
AdwCleaner[R3].txt - [1609 octets] - [20/07/2012 12:34:19]
AdwCleaner[S2].txt - [301 octets] - [20/07/2012 12:37:00]
AdwCleaner[R4].txt - [1770 octets] - [20/07/2012 20:45:56]
AdwCleaner[S3].txt - [1758 octets] - [20/07/2012 20:46:06]

########## EOF - C:\AdwCleaner[S3].txt - [1886 octets] ##########
TDSSKiller:

20:54:56.0453 2468 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
20:54:56.0578 2468 ============================================================
20:54:56.0578 2468 Current date / time: 2012/07/20 20:54:56.0578
20:54:56.0578 2468 SystemInfo:
20:54:56.0578 2468
20:54:56.0578 2468 OS Version: 5.1.2600 ServicePack: 3.0
20:54:56.0578 2468 Product type: Workstation
20:54:56.0578 2468 ComputerName: HEINER
20:54:56.0578 2468 UserName: NL44
20:54:56.0578 2468 Windows directory: C:\WINDOWS
20:54:56.0578 2468 System windows directory: C:\WINDOWS
20:54:56.0578 2468 Processor architecture: Intel x86
20:54:56.0578 2468 Number of processors: 2
20:54:56.0578 2468 Page size: 0x1000
20:54:56.0578 2468 Boot type: Normal boot
20:54:56.0578 2468 ============================================================
20:54:58.0859 2468 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:54:58.0859 2468 ============================================================
20:54:58.0859 2468 \Device\Harddisk0\DR0:
20:54:58.0859 2468 MBR partitions:
20:54:58.0859 2468 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
20:54:58.0859 2468 ============================================================
20:54:58.0875 2468 C: <-> \Device\Harddisk0\DR0\Partition0
20:54:58.0875 2468 ============================================================
20:54:58.0875 2468 Initialize success
20:54:58.0875 2468 ============================================================
20:55:03.0109 3008 ============================================================
20:55:03.0109 3008 Scan started
20:55:03.0109 3008 Mode: Manual;
20:55:03.0109 3008 ============================================================
20:55:12.0906 3008 Abiosdsk - ok
20:55:12.0906 3008 abp480n5 - ok
20:55:13.0218 3008 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:55:13.0250 3008 ACPI - ok
20:55:13.0250 3008 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:55:13.0281 3008 ACPIEC - ok
20:55:13.0625 3008 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:55:13.0828 3008 AdobeFlashPlayerUpdateSvc - ok
20:55:14.0250 3008 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:55:14.0375 3008 adpu160m - ok
20:55:14.0531 3008 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:55:14.0625 3008 aec - ok
20:55:14.0812 3008 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:55:14.0812 3008 AFD - ok
20:55:14.0812 3008 Aha154x - ok
20:55:14.0859 3008 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:55:14.0875 3008 aic78u2 - ok
20:55:14.0875 3008 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:55:14.0890 3008 aic78xx - ok
20:55:14.0921 3008 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:55:14.0921 3008 Alerter - ok
20:55:14.0937 3008 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:55:14.0937 3008 ALG - ok
20:55:14.0953 3008 AliIde - ok
20:55:14.0953 3008 amsint - ok
20:55:15.0062 3008 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
20:55:15.0062 3008 AntiVirSchedulerService - ok
20:55:15.0109 3008 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:55:15.0109 3008 AntiVirService - ok
20:55:15.0203 3008 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:55:15.0203 3008 Apple Mobile Device - ok
20:55:15.0250 3008 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:55:15.0265 3008 AppMgmt - ok
20:55:15.0296 3008 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:55:15.0312 3008 Arp1394 - ok
20:55:15.0312 3008 asc - ok
20:55:15.0312 3008 asc3350p - ok
20:55:15.0328 3008 asc3550 - ok
20:55:15.0484 3008 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:55:15.0484 3008 aspnet_state - ok
20:55:15.0500 3008 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:55:15.0500 3008 AsyncMac - ok
20:55:15.0531 3008 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:55:15.0531 3008 atapi - ok
20:55:15.0531 3008 Atdisk - ok
20:55:15.0546 3008 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:55:15.0546 3008 Atmarpc - ok
20:55:17.0328 3008 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:55:17.0328 3008 AudioSrv - ok
20:55:17.0625 3008 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:55:17.0656 3008 audstub - ok
20:55:17.0703 3008 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:55:17.0718 3008 avgntflt - ok
20:55:18.0328 3008 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:55:18.0796 3008 avipbb - ok
20:55:18.0859 3008 avkmgr (53e56450da16a1a7f0d002f511113f67) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:55:18.0875 3008 avkmgr - ok
20:55:18.0921 3008 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:55:18.0937 3008 Beep - ok
20:55:19.0031 3008 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:55:19.0093 3008 BITS - ok
20:55:19.0156 3008 BMLoad (d002033c1a37f6af51b5f0ba6d0211bc) C:\WINDOWS\system32\drivers\BMLoad.sys
20:55:19.0171 3008 BMLoad - ok
20:55:19.0265 3008 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
20:55:19.0265 3008 Bonjour Service - ok
20:55:19.0296 3008 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
20:55:19.0312 3008 Bridge - ok
20:55:19.0312 3008 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
20:55:19.0312 3008 BridgeMP - ok
20:55:19.0343 3008 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:55:19.0343 3008 Browser - ok
20:55:19.0359 3008 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:55:19.0375 3008 BthEnum - ok
20:55:19.0406 3008 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:55:19.0406 3008 BthPan - ok
20:55:19.0453 3008 BTHPORT (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
20:55:19.0453 3008 BTHPORT - ok
20:55:19.0515 3008 BthServ (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
20:55:19.0515 3008 BthServ - ok
20:55:19.0578 3008 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:55:19.0578 3008 BTHUSB - ok
20:55:19.0609 3008 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:55:19.0625 3008 cbidf2k - ok
20:55:19.0625 3008 cd20xrnt - ok
20:55:19.0625 3008 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:55:19.0640 3008 Cdaudio - ok
20:55:19.0671 3008 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:55:19.0687 3008 Cdfs - ok
20:55:19.0718 3008 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:55:19.0718 3008 Cdrom - ok
20:55:19.0734 3008 Changer - ok
20:55:19.0750 3008 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:55:19.0750 3008 CiSvc - ok
20:55:19.0765 3008 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:55:19.0765 3008 ClipSrv - ok
20:55:19.0906 3008 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:55:19.0921 3008 clr_optimization_v2.0.50727_32 - ok
20:55:19.0937 3008 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:55:19.0953 3008 CmBatt - ok
20:55:19.0953 3008 CmdIde - ok
20:55:19.0953 3008 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:55:19.0968 3008 Compbatt - ok
20:55:19.0968 3008 COMSysApp - ok
20:55:19.0968 3008 Cpqarray - ok
20:55:20.0000 3008 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:55:20.0000 3008 CryptSvc - ok
20:55:20.0015 3008 dac2w2k - ok
20:55:20.0015 3008 dac960nt - ok
20:55:20.0062 3008 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:55:20.0093 3008 DcomLaunch - ok
20:55:20.0171 3008 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:55:20.0171 3008 Dhcp - ok
20:55:20.0187 3008 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:55:20.0187 3008 Disk - ok
20:55:20.0187 3008 dmadmin - ok
20:55:20.0312 3008 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:55:20.0359 3008 dmboot - ok
20:55:20.0390 3008 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:55:20.0406 3008 dmio - ok
20:55:20.0421 3008 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:55:20.0437 3008 dmload - ok
20:55:20.0468 3008 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:55:20.0468 3008 dmserver - ok
20:55:20.0515 3008 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:55:20.0515 3008 DMusic - ok
20:55:20.0546 3008 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:55:20.0546 3008 Dnscache - ok
20:55:20.0687 3008 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:55:20.0687 3008 Dot3svc - ok
20:55:20.0687 3008 dpti2o - ok
20:55:20.0718 3008 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:55:20.0734 3008 drmkaud - ok
20:55:20.0734 3008 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:55:20.0750 3008 EapHost - ok
20:55:20.0781 3008 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:55:20.0781 3008 ERSvc - ok
20:55:20.0859 3008 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:55:20.0859 3008 Eventlog - ok
20:55:20.0906 3008 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:55:20.0906 3008 EventSystem - ok
20:55:20.0953 3008 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:55:20.0953 3008 Fastfat - ok
20:55:20.0968 3008 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:55:20.0984 3008 FastUserSwitchingCompatibility - ok
20:55:21.0000 3008 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:55:21.0000 3008 Fdc - ok
20:55:21.0015 3008 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:55:21.0062 3008 Fips - ok
20:55:21.0078 3008 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:55:21.0078 3008 Flpydisk - ok
20:55:21.0093 3008 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:55:21.0109 3008 FltMgr - ok
20:55:21.0171 3008 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:55:21.0187 3008 FontCache3.0.0.0 - ok
20:55:21.0218 3008 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:55:21.0218 3008 Fs_Rec - ok
20:55:21.0234 3008 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:55:21.0234 3008 Ftdisk - ok
20:55:21.0296 3008 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:55:21.0312 3008 GEARAspiWDM - ok
20:55:21.0328 3008 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:55:21.0328 3008 Gpc - ok
20:55:21.0390 3008 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
20:55:21.0390 3008 gupdate - ok
20:55:21.0437 3008 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
20:55:21.0437 3008 gupdatem - ok
20:55:21.0484 3008 HdAudAddService (7662b9aaf36c84af4f9029b6b432c2b3) C:\WINDOWS\system32\drivers\CHDAud.sys
20:55:21.0531 3008 HdAudAddService - ok
20:55:21.0562 3008 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:55:21.0562 3008 HDAudBus - ok
20:55:21.0609 3008 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:55:21.0609 3008 helpsvc - ok
20:55:21.0609 3008 HidServ - ok
20:55:21.0640 3008 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:55:21.0656 3008 HidUsb - ok
20:55:21.0703 3008 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:55:21.0703 3008 hkmsvc - ok
20:55:21.0703 3008 hpn - ok
20:55:21.0781 3008 HSF_DPV (09c2f46230034280d7e5f0b437146c45) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
20:55:21.0843 3008 HSF_DPV - ok
20:55:21.0890 3008 HSXHWAZL (83f221ddae2d2353b41f0227e6e411d7) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
20:55:21.0921 3008 HSXHWAZL - ok
20:55:21.0968 3008 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:55:21.0968 3008 HTTP - ok
20:55:21.0984 3008 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:55:22.0000 3008 HTTPFilter - ok
20:55:22.0000 3008 i2omgmt - ok
20:55:22.0000 3008 i2omp - ok
20:55:22.0015 3008 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:55:22.0031 3008 i8042prt - ok
20:55:22.0140 3008 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:55:22.0218 3008 idsvc - ok
20:55:22.0265 3008 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:55:22.0265 3008 Imapi - ok
20:55:22.0312 3008 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:55:22.0312 3008 ImapiService - ok
20:55:22.0328 3008 ini910u - ok
20:55:22.0359 3008 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:55:22.0375 3008 IntelIde - ok
20:55:22.0390 3008 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:55:22.0406 3008 intelppm - ok
20:55:22.0406 3008 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:55:22.0421 3008 Ip6Fw - ok
20:55:22.0453 3008 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:55:22.0453 3008 IpFilterDriver - ok
20:55:22.0468 3008 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:55:22.0484 3008 IpInIp - ok
20:55:22.0500 3008 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:55:22.0500 3008 IpNat - ok
20:55:22.0609 3008 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Programme\iPod\bin\iPodService.exe
20:55:22.0640 3008 iPod Service - ok
20:55:22.0656 3008 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:55:22.0656 3008 IPSec - ok
20:55:22.0671 3008 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:55:22.0671 3008 IRENUM - ok
20:55:22.0671 3008 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:55:22.0687 3008 isapnp - ok
20:55:22.0734 3008 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
20:55:22.0734 3008 JavaQuickStarterService - ok
20:55:22.0750 3008 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:55:22.0750 3008 Kbdclass - ok
20:55:22.0796 3008 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:55:22.0812 3008 kmixer - ok
20:55:22.0843 3008 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:55:22.0843 3008 KSecDD - ok
20:55:22.0875 3008 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:55:22.0875 3008 lanmanserver - ok
20:55:22.0906 3008 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:55:22.0906 3008 lanmanworkstation - ok
20:55:22.0906 3008 lbrtfdc - ok
20:55:22.0937 3008 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:55:22.0937 3008 LmHosts - ok
20:55:23.0000 3008 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
20:55:23.0000 3008 MDM - ok
20:55:23.0031 3008 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:55:23.0031 3008 mdmxsdk - ok
20:55:23.0062 3008 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:55:23.0062 3008 Messenger - ok
20:55:23.0093 3008 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:55:23.0093 3008 mnmdd - ok
20:55:23.0140 3008 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:55:23.0140 3008 mnmsrvc - ok
20:55:23.0156 3008 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:55:23.0156 3008 Modem - ok
20:55:23.0171 3008 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:55:23.0171 3008 Mouclass - ok
20:55:23.0187 3008 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:55:23.0203 3008 MountMgr - ok
20:55:23.0234 3008 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:55:23.0250 3008 MozillaMaintenance - ok
20:55:23.0250 3008 mraid35x - ok
20:55:23.0281 3008 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:55:23.0296 3008 MRxDAV - ok
20:55:23.0359 3008 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:55:23.0359 3008 MRxSmb - ok
20:55:23.0375 3008 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:55:23.0375 3008 MSDTC - ok
20:55:23.0375 3008 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:55:23.0390 3008 Msfs - ok
20:55:23.0390 3008 MSIServer - ok
20:55:23.0406 3008 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:55:23.0406 3008 MSKSSRV - ok
20:55:23.0437 3008 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:55:23.0437 3008 MSPCLOCK - ok
20:55:23.0453 3008 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:55:23.0453 3008 MSPQM - ok
20:55:23.0484 3008 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:55:23.0484 3008 mssmbios - ok
20:55:23.0515 3008 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:55:23.0515 3008 Mup - ok
20:55:23.0593 3008 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:55:23.0625 3008 napagent - ok
20:55:23.0656 3008 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:55:23.0671 3008 NDIS - ok
20:55:23.0703 3008 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:55:23.0703 3008 NdisTapi - ok
20:55:23.0703 3008 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:55:23.0718 3008 Ndisuio - ok
20:55:23.0734 3008 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:55:23.0750 3008 NdisWan - ok
20:55:23.0781 3008 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:55:23.0781 3008 NDProxy - ok
20:55:23.0781 3008 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:55:23.0781 3008 NetBIOS - ok
20:55:23.0812 3008 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:55:23.0812 3008 NetBT - ok
20:55:23.0843 3008 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:55:23.0859 3008 NetDDE - ok
20:55:23.0859 3008 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:55:23.0859 3008 NetDDEdsdm - ok
20:55:23.0890 3008 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:55:23.0890 3008 Netlogon - ok
20:55:23.0921 3008 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:55:23.0921 3008 Netman - ok
20:55:24.0000 3008 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:55:24.0015 3008 NetTcpPortSharing - ok
20:55:24.0031 3008 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:55:24.0031 3008 NIC1394 - ok
20:55:24.0078 3008 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:55:24.0078 3008 Nla - ok
20:55:24.0109 3008 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:55:24.0140 3008 Npfs - ok
20:55:24.0203 3008 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:55:24.0234 3008 Ntfs - ok
20:55:24.0234 3008 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:55:24.0234 3008 NtLmSsp - ok
20:55:24.0265 3008 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:55:24.0296 3008 NtmsSvc - ok
20:55:24.0343 3008 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:55:24.0343 3008 Null - ok
20:55:24.0562 3008 nv (f55138bc8319dc17dc1a2d7d5908ed72) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:55:24.0734 3008 nv - ok
20:55:24.0828 3008 NVSvc (604074b99bce4eda4db010e237eb8f1b) C:\WINDOWS\system32\nvsvc32.exe
20:55:24.0828 3008 NVSvc - ok
20:55:24.0859 3008 NWCWorkstation (c34a6a72dec2c317d67355dc18f87090) C:\WINDOWS\System32\nwwks.dll
20:55:24.0859 3008 NWCWorkstation - ok
20:55:24.0890 3008 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:55:24.0890 3008 NwlnkFlt - ok
20:55:24.0921 3008 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:55:24.0921 3008 NwlnkFwd - ok
20:55:24.0953 3008 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
20:55:24.0953 3008 NwlnkIpx - ok
20:55:24.0968 3008 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
20:55:24.0968 3008 NwlnkNb - ok
20:55:25.0000 3008 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
20:55:25.0000 3008 NwlnkSpx - ok
20:55:25.0015 3008 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
20:55:25.0031 3008 NWRDR - ok
20:55:25.0031 3008 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:55:25.0046 3008 ohci1394 - ok
20:55:25.0078 3008 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:55:25.0093 3008 ose - ok
20:55:25.0109 3008 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:55:25.0125 3008 Parport - ok
20:55:25.0125 3008 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:55:25.0140 3008 PartMgr - ok
20:55:25.0156 3008 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:55:25.0156 3008 ParVdm - ok
20:55:25.0171 3008 PCASp50 - ok
20:55:25.0187 3008 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:55:25.0203 3008 PCI - ok
20:55:25.0203 3008 PCIDump - ok
20:55:25.0203 3008 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:55:25.0218 3008 PCIIde - ok
20:55:25.0234 3008 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:55:25.0250 3008 Pcmcia - ok
20:55:25.0250 3008 PDCOMP - ok
20:55:25.0250 3008 PDFRAME - ok
20:55:25.0265 3008 PDRELI - ok
20:55:25.0265 3008 PDRFRAME - ok
20:55:25.0265 3008 perc2 - ok
20:55:25.0265 3008 perc2hib - ok
20:55:25.0296 3008 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:55:25.0312 3008 PlugPlay - ok
20:55:25.0328 3008 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:55:25.0328 3008 PolicyAgent - ok
20:55:25.0359 3008 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:55:25.0359 3008 PptpMiniport - ok
20:55:25.0359 3008 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:55:25.0359 3008 ProtectedStorage - ok
20:55:25.0375 3008 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:55:25.0375 3008 PSched - ok
20:55:25.0406 3008 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:55:25.0406 3008 Ptilink - ok
20:55:25.0437 3008 qkbfiltr (7dc7aca4e775e9d823f5773a2f47a2ac) C:\WINDOWS\system32\drivers\qkbfiltr.sys
20:55:25.0437 3008 qkbfiltr - ok
20:55:25.0437 3008 ql1080 - ok
20:55:25.0437 3008 Ql10wnt - ok
20:55:25.0437 3008 ql12160 - ok
20:55:25.0453 3008 ql1240 - ok
20:55:25.0453 3008 ql1280 - ok
20:55:25.0468 3008 qmofiltr (8652b9e134c3478be948bf089df8ed5e) C:\WINDOWS\system32\drivers\qmofiltr.sys
20:55:25.0468 3008 qmofiltr - ok
20:55:25.0484 3008 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:55:25.0484 3008 RasAcd - ok
20:55:25.0515 3008 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:55:25.0531 3008 RasAuto - ok
20:55:25.0531 3008 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:55:25.0546 3008 Rasl2tp - ok
20:55:25.0578 3008 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:55:25.0578 3008 RasMan - ok
20:55:25.0593 3008 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:55:25.0593 3008 RasPppoe - ok
20:55:25.0609 3008 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:55:25.0609 3008 Raspti - ok
20:55:25.0625 3008 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:55:25.0656 3008 Rdbss - ok
20:55:25.0656 3008 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:55:25.0671 3008 RDPCDD - ok
20:55:25.0703 3008 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:55:25.0718 3008 rdpdr - ok
20:55:25.0781 3008 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
20:55:25.0781 3008 RDPWD - ok
20:55:25.0796 3008 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:55:25.0812 3008 RDSessMgr - ok
20:55:25.0828 3008 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:55:25.0843 3008 redbook - ok
20:55:25.0890 3008 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:55:25.0890 3008 RemoteAccess - ok
20:55:25.0921 3008 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:55:25.0937 3008 RemoteRegistry - ok
20:55:25.0968 3008 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:55:25.0968 3008 RFCOMM - ok
20:55:26.0015 3008 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:55:26.0015 3008 RpcLocator - ok
20:55:26.0078 3008 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:55:26.0078 3008 RpcSs - ok
20:55:26.0109 3008 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:55:26.0109 3008 RSVP - ok
20:55:26.0125 3008 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:55:26.0125 3008 SamSs - ok
20:55:26.0156 3008 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:55:26.0171 3008 SCardSvr - ok
20:55:26.0218 3008 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:55:26.0234 3008 Schedule - ok
20:55:26.0250 3008 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:55:26.0265 3008 sdbus - ok
20:55:26.0281 3008 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:55:26.0296 3008 Secdrv - ok
20:55:26.0312 3008 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:55:26.0312 3008 seclogon - ok
20:55:26.0328 3008 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:55:26.0328 3008 SENS - ok
20:55:26.0343 3008 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:55:26.0359 3008 serenum - ok
20:55:26.0390 3008 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:55:26.0406 3008 Serial - ok
20:55:26.0406 3008 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:55:26.0421 3008 Sfloppy - ok
20:55:26.0453 3008 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:55:26.0468 3008 SharedAccess - ok
20:55:26.0500 3008 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:55:26.0500 3008 ShellHWDetection - ok
20:55:26.0500 3008 Simbad - ok
20:55:26.0578 3008 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Programme\Skype\Updater\Updater.exe
20:55:26.0578 3008 SkypeUpdate - ok
20:55:26.0578 3008 Sparrow - ok
20:55:26.0593 3008 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:55:26.0593 3008 splitter - ok
20:55:26.0609 3008 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:55:26.0609 3008 Spooler - ok
20:55:26.0625 3008 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:55:26.0640 3008 sr - ok
20:55:26.0687 3008 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:55:26.0687 3008 srservice - ok
20:55:26.0734 3008 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:55:26.0750 3008 Srv - ok
20:55:26.0765 3008 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:55:26.0765 3008 SSDPSRV - ok
20:55:26.0796 3008 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:55:26.0796 3008 ssmdrv - ok
20:55:26.0843 3008 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:55:26.0875 3008 stisvc - ok
20:55:26.0906 3008 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:55:26.0906 3008 swenum - ok
20:55:26.0906 3008 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:55:26.0921 3008 swmidi - ok
20:55:26.0921 3008 SwPrv - ok
20:55:26.0921 3008 symc810 - ok
20:55:26.0953 3008 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:55:26.0968 3008 symc8xx - ok
20:55:26.0968 3008 sym_hi - ok
20:55:26.0968 3008 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:55:26.0984 3008 sym_u3 - ok
20:55:27.0015 3008 SynTP (8a0081e3de46637a8e53ed7c12542a69) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:55:27.0031 3008 SynTP - ok
20:55:27.0046 3008 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:55:27.0046 3008 sysaudio - ok
20:55:27.0078 3008 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:55:27.0109 3008 SysmonLog - ok
20:55:27.0140 3008 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:55:27.0140 3008 TapiSrv - ok
20:55:27.0203 3008 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:55:27.0203 3008 Tcpip - ok
20:55:27.0218 3008 tcpipBM (dcfeb82ca988598ceb8f83148616038e) C:\WINDOWS\system32\drivers\tcpipBM.sys
20:55:27.0234 3008 tcpipBM - ok
20:55:27.0234 3008 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:55:27.0250 3008 TDPIPE - ok
20:55:27.0265 3008 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:55:27.0265 3008 TDTCP - ok
20:55:27.0281 3008 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:55:27.0296 3008 TermDD - ok
20:55:27.0343 3008 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:55:27.0375 3008 TermService - ok
20:55:27.0406 3008 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:55:27.0406 3008 Themes - ok
20:55:27.0453 3008 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
20:55:27.0468 3008 tifm21 - ok
20:55:27.0515 3008 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:55:27.0531 3008 TlntSvr - ok
20:55:27.0531 3008 TosIde - ok
20:55:27.0593 3008 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:55:27.0593 3008 TrkWks - ok
20:55:27.0640 3008 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:55:27.0640 3008 Udfs - ok
20:55:27.0656 3008 ultra - ok
20:55:27.0687 3008 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:55:27.0734 3008 Update - ok
20:55:27.0750 3008 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:55:27.0765 3008 upnphost - ok
20:55:27.0781 3008 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:55:27.0796 3008 UPS - ok
20:55:27.0859 3008 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:55:27.0890 3008 USBAAPL - ok
20:55:27.0921 3008 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:55:27.0921 3008 usbccgp - ok
20:55:27.0937 3008 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:55:27.0953 3008 usbehci - ok
20:55:28.0000 3008 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:55:28.0000 3008 usbhub - ok
20:55:28.0046 3008 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:55:28.0046 3008 USBSTOR - ok
20:55:28.0062 3008 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:55:28.0062 3008 usbuhci - ok
20:55:28.0062 3008 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:55:28.0078 3008 VgaSave - ok
20:55:28.0109 3008 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:55:28.0109 3008 ViaIde - ok
20:55:28.0171 3008 VMCService (c6e18c3b43378ae3fcecdff0f0bb7be7) C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
20:55:28.0187 3008 VMCService - ok
20:55:28.0203 3008 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:55:28.0203 3008 VolSnap - ok
20:55:28.0250 3008 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:55:28.0281 3008 VSS - ok
20:55:28.0296 3008 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:55:28.0312 3008 W32Time - ok
20:55:28.0421 3008 w39n51 (b9670411c5cfef10fcd484f433fea201) C:\WINDOWS\system32\DRIVERS\w39n51.sys
20:55:28.0500 3008 w39n51 - ok
20:55:28.0625 3008 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:55:28.0625 3008 Wanarp - ok
20:55:28.0625 3008 WDICA - ok
20:55:28.0656 3008 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:55:28.0671 3008 wdmaud - ok
20:55:28.0687 3008 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:55:28.0687 3008 WebClient - ok
20:55:28.0750 3008 winachsf (4c17a05813e1f48e5da30ada62cdf427) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
20:55:28.0781 3008 winachsf - ok
20:55:28.0828 3008 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:55:28.0828 3008 winmgmt - ok
20:55:28.0859 3008 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:55:28.0859 3008 WmdmPmSN - ok
20:55:28.0953 3008 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:55:28.0984 3008 Wmi - ok
20:55:29.0000 3008 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\Windows\system32\wbem\wmiapsrv.exe
20:55:29.0000 3008 WmiApSrv - ok
20:55:29.0125 3008 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:55:29.0203 3008 WMPNetworkSvc - ok
20:55:29.0234 3008 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:55:29.0234 3008 WS2IFSL - ok
20:55:29.0250 3008 WSearch - ok
20:55:29.0281 3008 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:55:29.0281 3008 wuauserv - ok
20:55:29.0312 3008 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:55:29.0328 3008 WudfPf - ok
20:55:29.0359 3008 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:55:29.0359 3008 WudfRd - ok
20:55:29.0390 3008 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:55:29.0390 3008 WudfSvc - ok
20:55:29.0453 3008 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:55:29.0468 3008 WZCSVC - ok
20:55:29.0515 3008 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:55:29.0531 3008 xmlprov - ok
20:55:29.0593 3008 yukonwxp (4322c32ced8c4772e039616dcbf01d3f) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:55:29.0609 3008 yukonwxp - ok
20:55:29.0625 3008 ZTEusbmdm6k (c2215c6ada8b1e9feb507cee9b446661) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
20:55:29.0640 3008 ZTEusbmdm6k - ok
20:55:29.0656 3008 ZTEusbnet (9862f9d2ff50ae748ed42c022e6aac15) C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys
20:55:29.0656 3008 ZTEusbnet - ok
20:55:29.0671 3008 ZTEusbnmea (f16ce3c7690ab7426dc96520d54a737e) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
20:55:29.0671 3008 ZTEusbnmea - ok
20:55:29.0703 3008 ZTEusbser6k (c2215c6ada8b1e9feb507cee9b446661) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
20:55:29.0703 3008 ZTEusbser6k - ok
20:55:29.0734 3008 ZTEusbvoice (f16ce3c7690ab7426dc96520d54a737e) C:\WINDOWS\system32\DRIVERS\ZTEusbvoice.sys
20:55:29.0734 3008 ZTEusbvoice - ok
20:55:29.0765 3008 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:55:30.0156 3008 \Device\Harddisk0\DR0 - ok
20:55:30.0156 3008 Boot (0x1200) (f4f17f58da95014e0fbffe20f3bcf512) \Device\Harddisk0\DR0\Partition0
20:55:30.0156 3008 \Device\Harddisk0\DR0\Partition0 - ok
20:55:30.0156 3008 ============================================================
20:55:30.0156 3008 Scan finished
20:55:30.0156 3008 ============================================================
20:55:30.0156 1344 Detected object count: 0
20:55:30.0156 1344 Actual detected object count: 0
20:56:32.0421 0388 ============================================================
20:56:32.0421 0388 Scan started
20:56:32.0421 0388 Mode: Manual;
20:56:32.0421 0388 ============================================================
20:56:32.0656 0388 Abiosdsk - ok
20:56:32.0656 0388 abp480n5 - ok
20:56:32.0703 0388 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:56:32.0718 0388 ACPI - ok
20:56:32.0718 0388 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:56:32.0718 0388 ACPIEC - ok
20:56:32.0781 0388 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:56:32.0781 0388 AdobeFlashPlayerUpdateSvc - ok
20:56:32.0812 0388 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:56:32.0812 0388 adpu160m - ok
20:56:32.0828 0388 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:56:32.0843 0388 aec - ok
20:56:32.0875 0388 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:56:32.0875 0388 AFD - ok
20:56:32.0875 0388 Aha154x - ok
20:56:32.0890 0388 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:56:32.0890 0388 aic78u2 - ok
20:56:32.0890 0388 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:56:32.0890 0388 aic78xx - ok
20:56:32.0921 0388 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:56:32.0921 0388 Alerter - ok
20:56:32.0937 0388 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:56:32.0937 0388 ALG - ok
20:56:32.0937 0388 AliIde - ok
20:56:32.0937 0388 amsint - ok
20:56:33.0046 0388 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
20:56:33.0046 0388 AntiVirSchedulerService - ok
20:56:33.0078 0388 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:56:33.0078 0388 AntiVirService - ok
20:56:33.0140 0388 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:56:33.0140 0388 Apple Mobile Device - ok
20:56:33.0171 0388 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:56:33.0171 0388 AppMgmt - ok
20:56:33.0203 0388 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:56:33.0203 0388 Arp1394 - ok
20:56:33.0218 0388 asc - ok
20:56:33.0218 0388 asc3350p - ok
20:56:33.0218 0388 asc3550 - ok
20:56:33.0312 0388 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:56:33.0312 0388 aspnet_state - ok
20:56:33.0312 0388 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:56:33.0312 0388 AsyncMac - ok
20:56:33.0343 0388 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:56:33.0343 0388 atapi - ok
20:56:33.0343 0388 Atdisk - ok
20:56:33.0359 0388 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:56:33.0359 0388 Atmarpc - ok
20:56:33.0390 0388 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:56:33.0390 0388 AudioSrv - ok
20:56:33.0406 0388 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:56:33.0421 0388 audstub - ok
20:56:33.0437 0388 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:56:33.0437 0388 avgntflt - ok
20:56:33.0468 0388 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:56:33.0468 0388 avipbb - ok
20:56:33.0484 0388 avkmgr (53e56450da16a1a7f0d002f511113f67) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:56:33.0484 0388 avkmgr - ok
20:56:33.0484 0388 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:56:33.0484 0388 Beep - ok
20:56:33.0531 0388 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:56:33.0546 0388 BITS - ok
20:56:33.0562 0388 BMLoad (d002033c1a37f6af51b5f0ba6d0211bc) C:\WINDOWS\system32\drivers\BMLoad.sys
20:56:33.0562 0388 BMLoad - ok
20:56:33.0656 0388 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
20:56:33.0656 0388 Bonjour Service - ok
20:56:33.0687 0388 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
20:56:33.0687 0388 Bridge - ok
20:56:33.0687 0388 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
20:56:33.0687 0388 BridgeMP - ok
20:56:33.0703 0388 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:56:33.0703 0388 Browser - ok
20:56:33.0734 0388 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:56:33.0734 0388 BthEnum - ok
20:56:33.0750 0388 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:56:33.0750 0388 BthPan - ok
20:56:33.0781 0388 BTHPORT (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
20:56:33.0796 0388 BTHPORT - ok
20:56:33.0812 0388 BthServ (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
20:56:33.0812 0388 BthServ - ok
20:56:33.0828 0388 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:56:33.0828 0388 BTHUSB - ok
20:56:33.0859 0388 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:56:33.0859 0388 cbidf2k - ok
20:56:33.0859 0388 cd20xrnt - ok
20:56:33.0875 0388 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:56:33.0875 0388 Cdaudio - ok
20:56:33.0890 0388 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:56:33.0890 0388 Cdfs - ok
20:56:33.0906 0388 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:56:33.0906 0388 Cdrom - ok
20:56:33.0906 0388 Changer - ok
20:56:33.0937 0388 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:56:33.0937 0388 CiSvc - ok
20:56:33.0953 0388 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:56:33.0953 0388 ClipSrv - ok
20:56:34.0046 0388 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:56:34.0046 0388 clr_optimization_v2.0.50727_32 - ok
20:56:34.0078 0388 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:56:34.0078 0388 CmBatt - ok
20:56:34.0078 0388 CmdIde - ok
20:56:34.0093 0388 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:56:34.0093 0388 Compbatt - ok
20:56:34.0093 0388 COMSysApp - ok
20:56:34.0093 0388 Cpqarray - ok
20:56:34.0109 0388 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:56:34.0109 0388 CryptSvc - ok
20:56:34.0109 0388 dac2w2k - ok
20:56:34.0125 0388 dac960nt - ok
20:56:34.0171 0388 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:56:34.0171 0388 DcomLaunch - ok
20:56:34.0234 0388 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:56:34.0234 0388 Dhcp - ok
20:56:34.0234 0388 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:56:34.0234 0388 Disk - ok
20:56:34.0234 0388 dmadmin - ok
20:56:34.0312 0388 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:56:34.0312 0388 dmboot - ok
20:56:34.0328 0388 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:56:34.0328 0388 dmio - ok
20:56:34.0343 0388 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:56:34.0343 0388 dmload - ok
20:56:34.0375 0388 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:56:34.0375 0388 dmserver - ok
20:56:34.0390 0388 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:56:34.0390 0388 DMusic - ok
20:56:34.0421 0388 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:56:34.0421 0388 Dnscache - ok
20:56:34.0468 0388 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:56:34.0468 0388 Dot3svc - ok
20:56:34.0468 0388 dpti2o - ok
20:56:34.0484 0388 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:56:34.0484 0388 drmkaud - ok
20:56:34.0500 0388 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:56:34.0500 0388 EapHost - ok
20:56:34.0531 0388 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:56:34.0531 0388 ERSvc - ok
20:56:34.0562 0388 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:56:34.0562 0388 Eventlog - ok
20:56:34.0593 0388 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:56:34.0593 0388 EventSystem - ok
20:56:34.0609 0388 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:56:34.0609 0388 Fastfat - ok
20:56:34.0640 0388 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:56:34.0640 0388 FastUserSwitchingCompatibility - ok
20:56:34.0656 0388 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:56:34.0656 0388 Fdc - ok
20:56:34.0671 0388 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:56:34.0671 0388 Fips - ok
20:56:34.0687 0388 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:56:34.0687 0388 Flpydisk - ok
20:56:34.0718 0388 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:56:34.0718 0388 FltMgr - ok
20:56:34.0812 0388 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:56:34.0812 0388 FontCache3.0.0.0 - ok
20:56:34.0828 0388 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:56:34.0828 0388 Fs_Rec - ok
20:56:34.0843 0388 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:56:34.0843 0388 Ftdisk - ok
20:56:34.0937 0388 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:56:34.0937 0388 GEARAspiWDM - ok
20:56:34.0937 0388 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:56:34.0937 0388 Gpc - ok
20:56:35.0015 0388 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
20:56:35.0015 0388 gupdate - ok
20:56:35.0015 0388 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
20:56:35.0015 0388 gupdatem - ok
20:56:35.0078 0388 HdAudAddService (7662b9aaf36c84af4f9029b6b432c2b3) C:\WINDOWS\system32\drivers\CHDAud.sys
20:56:35.0078 0388 HdAudAddService - ok
20:56:35.0109 0388 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:56:35.0109 0388 HDAudBus - ok
20:56:35.0140 0388 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:56:35.0140 0388 helpsvc - ok
20:56:35.0140 0388 HidServ - ok
20:56:35.0171 0388 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:56:35.0171 0388 HidUsb - ok
20:56:35.0218 0388 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:56:35.0218 0388 hkmsvc - ok
20:56:35.0218 0388 hpn - ok
20:56:35.0296 0388 HSF_DPV (09c2f46230034280d7e5f0b437146c45) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
20:56:35.0312 0388 HSF_DPV - ok
20:56:35.0328 0388 HSXHWAZL (83f221ddae2d2353b41f0227e6e411d7) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
20:56:35.0328 0388 HSXHWAZL - ok
20:56:35.0375 0388 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:56:35.0375 0388 HTTP - ok
20:56:35.0390 0388 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:56:35.0390 0388 HTTPFilter - ok
20:56:35.0406 0388 i2omgmt - ok
20:56:35.0406 0388 i2omp - ok
20:56:35.0406 0388 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:56:35.0421 0388 i8042prt - ok
20:56:35.0546 0388 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:56:35.0546 0388 idsvc - ok
20:56:35.0578 0388 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:56:35.0578 0388 Imapi - ok
20:56:35.0609 0388 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:56:35.0609 0388 ImapiService - ok
20:56:35.0625 0388 ini910u - ok
20:56:35.0640 0388 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:56:35.0640 0388 IntelIde - ok
20:56:35.0656 0388 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:56:35.0656 0388 intelppm - ok
20:56:35.0671 0388 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:56:35.0671 0388 Ip6Fw - ok
20:56:35.0703 0388 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:56:35.0703 0388 IpFilterDriver - ok
20:56:35.0718 0388 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:56:35.0718 0388 IpInIp - ok
20:56:35.0734 0388 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:56:35.0750 0388 IpNat - ok
20:56:35.0843 0388 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Programme\iPod\bin\iPodService.exe
20:56:35.0843 0388 iPod Service - ok
20:56:35.0875 0388 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:56:35.0875 0388 IPSec - ok
20:56:35.0890 0388 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:56:35.0890 0388 IRENUM - ok
20:56:35.0890 0388 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:56:35.0890 0388 isapnp - ok
20:56:35.0953 0388 JavaQuickStarterService (5472d771c0197355c1d347f20392b982) C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
20:56:35.0953 0388 JavaQuickStarterService - ok
20:56:35.0968 0388 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:56:35.0968 0388 Kbdclass - ok
20:56:36.0000 0388 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:56:36.0000 0388 kmixer - ok
20:56:36.0031 0388 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:56:36.0031 0388 KSecDD - ok
20:56:36.0062 0388 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:56:36.0062 0388 lanmanserver - ok
20:56:36.0093 0388 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:56:36.0093 0388 lanmanworkstation - ok
20:56:36.0093 0388 lbrtfdc - ok
20:56:36.0125 0388 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:56:36.0125 0388 LmHosts - ok
20:56:36.0218 0388 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
20:56:36.0218 0388 MDM - ok
20:56:36.0234 0388 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:56:36.0234 0388 mdmxsdk - ok
20:56:36.0265 0388 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:56:36.0265 0388 Messenger - ok
20:56:36.0296 0388 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:56:36.0296 0388 mnmdd - ok
20:56:36.0328 0388 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:56:36.0328 0388 mnmsrvc - ok
20:56:36.0359 0388 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:56:36.0359 0388 Modem - ok
20:56:36.0375 0388 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:56:36.0375 0388 Mouclass - ok
20:56:36.0375 0388 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:56:36.0375 0388 MountMgr - ok
20:56:36.0421 0388 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:56:36.0421 0388 MozillaMaintenance - ok
20:56:36.0421 0388 mraid35x - ok
20:56:36.0453 0388 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:56:36.0453 0388 MRxDAV - ok
20:56:36.0515 0388 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:56:36.0515 0388 MRxSmb - ok
20:56:36.0515 0388 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:56:36.0531 0388 MSDTC - ok
20:56:36.0531 0388 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:56:36.0531 0388 Msfs - ok
20:56:36.0531 0388 MSIServer - ok
20:56:36.0546 0388 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:56:36.0546 0388 MSKSSRV - ok
20:56:36.0562 0388 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:56:36.0562 0388 MSPCLOCK - ok
20:56:36.0562 0388 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:56:36.0562 0388 MSPQM - ok
20:56:36.0593 0388 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:56:36.0593 0388 mssmbios - ok
20:56:36.0609 0388 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:56:36.0625 0388 Mup - ok
20:56:36.0671 0388 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:56:36.0671 0388 napagent - ok
20:56:36.0703 0388 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:56:36.0703 0388 NDIS - ok
20:56:36.0734 0388 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:56:36.0734 0388 NdisTapi - ok
20:56:36.0734 0388 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:56:36.0734 0388 Ndisuio - ok
20:56:36.0765 0388 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:56:36.0765 0388 NdisWan - ok
20:56:36.0796 0388 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:56:36.0796 0388 NDProxy - ok
20:56:36.0796 0388 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:56:36.0796 0388 NetBIOS - ok
20:56:36.0812 0388 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:56:36.0812 0388 NetBT - ok
20:56:36.0859 0388 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:56:36.0859 0388 NetDDE - ok
20:56:36.0859 0388 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:56:36.0859 0388 NetDDEdsdm - ok
20:56:36.0890 0388 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:56:36.0890 0388 Netlogon - ok
20:56:36.0921 0388 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:56:36.0921 0388 Netman - ok
20:56:37.0000 0388 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:56:37.0000 0388 NetTcpPortSharing - ok
20:56:37.0015 0388 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:56:37.0015 0388 NIC1394 - ok
20:56:37.0046 0388 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:56:37.0046 0388 Nla - ok
20:56:37.0062 0388 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:56:37.0062 0388 Npfs - ok
20:56:37.0109 0388 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:56:37.0109 0388 Ntfs - ok
20:56:37.0109 0388 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:56:37.0125 0388 NtLmSsp - ok
20:56:37.0156 0388 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:56:37.0156 0388 NtmsSvc - ok
20:56:37.0187 0388 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:56:37.0187 0388 Null - ok
20:56:37.0406 0388 nv (f55138bc8319dc17dc1a2d7d5908ed72) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:56:37.0437 0388 nv - ok
20:56:37.0531 0388 NVSvc (604074b99bce4eda4db010e237eb8f1b) C:\WINDOWS\system32\nvsvc32.exe
20:56:37.0546 0388 NVSvc - ok
20:56:37.0562 0388 NWCWorkstation (c34a6a72dec2c317d67355dc18f87090) C:\WINDOWS\System32\nwwks.dll
20:56:37.0562 0388 NWCWorkstation - ok
20:56:37.0593 0388 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:56:37.0593 0388 NwlnkFlt - ok
20:56:37.0609 0388 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:56:37.0609 0388 NwlnkFwd - ok
20:56:37.0640 0388 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
20:56:37.0640 0388 NwlnkIpx - ok
20:56:37.0656 0388 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
20:56:37.0656 0388 NwlnkNb - ok
20:56:37.0671 0388 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
20:56:37.0671 0388 NwlnkSpx - ok
20:56:37.0687 0388 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
20:56:37.0687 0388 NWRDR - ok
20:56:37.0703 0388 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:56:37.0703 0388 ohci1394 - ok
20:56:37.0750 0388 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:56:37.0750 0388 ose - ok
20:56:37.0765 0388 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:56:37.0765 0388 Parport - ok
20:56:37.0765 0388 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:56:37.0765 0388 PartMgr - ok
20:56:37.0781 0388 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:56:37.0781 0388 ParVdm - ok
20:56:37.0781 0388 PCASp50 - ok
20:56:37.0796 0388 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:56:37.0796 0388 PCI - ok
20:56:37.0796 0388 PCIDump - ok
20:56:37.0796 0388 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:56:37.0796 0388 PCIIde - ok
20:56:37.0828 0388 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:56:37.0828 0388 Pcmcia - ok
20:56:37.0828 0388 PDCOMP - ok
20:56:37.0828 0388 PDFRAME - ok
20:56:37.0843 0388 PDRELI - ok
20:56:37.0843 0388 PDRFRAME - ok
20:56:37.0843 0388 perc2 - ok
20:56:37.0843 0388 perc2hib - ok
20:56:37.0890 0388 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:56:37.0890 0388 PlugPlay - ok
20:56:37.0906 0388 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:56:37.0921 0388 PolicyAgent - ok
20:56:37.0937 0388 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:56:37.0937 0388 PptpMiniport - ok
20:56:37.0937 0388 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:56:37.0937 0388 ProtectedStorage - ok
20:56:37.0937 0388 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:56:37.0937 0388 PSched - ok
20:56:37.0968 0388 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:56:37.0968 0388 Ptilink - ok
20:56:37.0984 0388 qkbfiltr (7dc7aca4e775e9d823f5773a2f47a2ac) C:\WINDOWS\system32\drivers\qkbfiltr.sys
20:56:37.0984 0388 qkbfiltr - ok
20:56:37.0984 0388 ql1080 - ok
20:56:37.0984 0388 Ql10wnt - ok
20:56:37.0984 0388 ql12160 - ok
20:56:38.0000 0388 ql1240 - ok
20:56:38.0000 0388 ql1280 - ok
20:56:38.0015 0388 qmofiltr (8652b9e134c3478be948bf089df8ed5e) C:\WINDOWS\system32\drivers\qmofiltr.sys
20:56:38.0015 0388 qmofiltr - ok
20:56:38.0031 0388 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:56:38.0031 0388 RasAcd - ok
20:56:38.0062 0388 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:56:38.0062 0388 RasAuto - ok
20:56:38.0078 0388 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:56:38.0078 0388 Rasl2tp - ok
20:56:38.0125 0388 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:56:38.0125 0388 RasMan - ok
20:56:38.0156 0388 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:56:38.0156 0388 RasPppoe - ok
20:56:38.0156 0388 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:56:38.0156 0388 Raspti - ok
20:56:38.0203 0388 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:56:38.0203 0388 Rdbss - ok
20:56:38.0203 0388 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:56:38.0203 0388 RDPCDD - ok
20:56:38.0234 0388 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:56:38.0234 0388 rdpdr - ok
20:56:38.0281 0388 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
20:56:38.0281 0388 RDPWD - ok
20:56:38.0296 0388 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:56:38.0296 0388 RDSessMgr - ok
20:56:38.0312 0388 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:56:38.0312 0388 redbook - ok
20:56:38.0359 0388 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:56:38.0359 0388 RemoteAccess - ok
20:56:38.0406 0388 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:56:38.0406 0388 RemoteRegistry - ok
20:56:38.0421 0388 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:56:38.0437 0388 RFCOMM - ok
20:56:38.0468 0388 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:56:38.0468 0388 RpcLocator - ok
20:56:38.0515 0388 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:56:38.0515 0388 RpcSs - ok
20:56:38.0562 0388 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:56:38.0562 0388 RSVP - ok
20:56:38.0578 0388 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:56:38.0578 0388 SamSs - ok
20:56:38.0593 0388 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:56:38.0609 0388 SCardSvr - ok
20:56:38.0640 0388 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:56:38.0640 0388 Schedule - ok
20:56:38.0671 0388 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:56:38.0671 0388 sdbus - ok
20:56:38.0687 0388 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:56:38.0703 0388 Secdrv - ok
20:56:38.0718 0388 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:56:38.0718 0388 seclogon - ok
20:56:38.0734 0388 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:56:38.0734 0388 SENS - ok
20:56:38.0750 0388 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:56:38.0750 0388 serenum - ok
20:56:38.0750 0388 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:56:38.0750 0388 Serial - ok
20:56:38.0765 0388 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:56:38.0781 0388 Sfloppy - ok
20:56:38.0796 0388 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:56:38.0796 0388 SharedAccess - ok
20:56:38.0843 0388 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:56:38.0843 0388 ShellHWDetection - ok
20:56:38.0843 0388 Simbad - ok
20:56:38.0937 0388 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Programme\Skype\Updater\Updater.exe
20:56:38.0937 0388 SkypeUpdate - ok
20:56:38.0937 0388 Sparrow - ok
20:56:38.0953 0388 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:56:38.0953 0388 splitter - ok
20:56:38.0968 0388 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:56:38.0984 0388 Spooler - ok
20:56:39.0000 0388 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:56:39.0000 0388 sr - ok
20:56:39.0031 0388 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:56:39.0031 0388 srservice - ok
20:56:39.0062 0388 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:56:39.0078 0388 Srv - ok
20:56:39.0093 0388 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:56:39.0093 0388 SSDPSRV - ok
20:56:39.0125 0388 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:56:39.0125 0388 ssmdrv - ok
20:56:39.0156 0388 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:56:39.0156 0388 stisvc - ok
20:56:39.0203 0388 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:56:39.0203 0388 swenum - ok
20:56:39.0203 0388 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:56:39.0203 0388 swmidi - ok
20:56:39.0218 0388 SwPrv - ok
20:56:39.0218 0388 symc810 - ok
20:56:39.0250 0388 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:56:39.0250 0388 symc8xx - ok
20:56:39.0250 0388 sym_hi - ok
20:56:39.0281 0388 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:56:39.0281 0388 sym_u3 - ok
20:56:39.0312 0388 SynTP (8a0081e3de46637a8e53ed7c12542a69) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:56:39.0312 0388 SynTP - ok
20:56:39.0328 0388 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:56:39.0328 0388 sysaudio - ok
20:56:39.0343 0388 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:56:39.0343 0388 SysmonLog - ok
20:56:39.0375 0388 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:56:39.0390 0388 TapiSrv - ok
20:56:39.0421 0388 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:56:39.0421 0388 Tcpip - ok
20:56:39.0453 0388 tcpipBM (dcfeb82ca988598ceb8f83148616038e) C:\WINDOWS\system32\drivers\tcpipBM.sys
20:56:39.0453 0388 tcpipBM - ok
20:56:39.0468 0388 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:56:39.0468 0388 TDPIPE - ok
20:56:39.0484 0388 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:56:39.0484 0388 TDTCP - ok
20:56:39.0484 0388 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:56:39.0484 0388 TermDD - ok
20:56:39.0515 0388 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:56:39.0515 0388 TermService - ok
20:56:39.0546 0388 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:56:39.0546 0388 Themes - ok
20:56:39.0578 0388 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
20:56:39.0578 0388 tifm21 - ok
20:56:39.0625 0388 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:56:39.0625 0388 TlntSvr - ok
20:56:39.0625 0388 TosIde - ok
20:56:39.0671 0388 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:56:39.0671 0388 TrkWks - ok
20:56:39.0703 0388 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:56:39.0703 0388 Udfs - ok
20:56:39.0703 0388 ultra - ok
20:56:39.0750 0388 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:56:39.0750 0388 Update - ok
20:56:39.0796 0388 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:56:39.0796 0388 upnphost - ok
20:56:39.0812 0388 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:56:39.0812 0388 UPS - ok
20:56:39.0875 0388 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:56:39.0875 0388 USBAAPL - ok
20:56:39.0890 0388 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:56:39.0890 0388 usbccgp - ok
20:56:39.0890 0388 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:56:39.0890 0388 usbehci - ok
20:56:39.0921 0388 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:56:39.0921 0388 usbhub - ok
20:56:39.0921 0388 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:56:39.0921 0388 USBSTOR - ok
20:56:39.0937 0388 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:56:39.0937 0388 usbuhci - ok
20:56:39.0953 0388 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:56:39.0953 0388 VgaSave - ok
20:56:39.0984 0388 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:56:40.0000 0388 ViaIde - ok
20:56:40.0078 0388 VMCService (c6e18c3b43378ae3fcecdff0f0bb7be7) C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
20:56:40.0078 0388 VMCService - ok
20:56:40.0093 0388 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:56:40.0093 0388 VolSnap - ok
20:56:40.0109 0388 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:56:40.0109 0388 VSS - ok
20:56:40.0140 0388 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:56:40.0140 0388 W32Time - ok
20:56:40.0234 0388 w39n51 (b9670411c5cfef10fcd484f433fea201) C:\WINDOWS\system32\DRIVERS\w39n51.sys
20:56:40.0250 0388 w39n51 - ok
20:56:40.0359 0388 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:56:40.0359 0388 Wanarp - ok
20:56:40.0359 0388 WDICA - ok
20:56:40.0390 0388 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:56:40.0390 0388 wdmaud - ok
20:56:40.0421 0388 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:56:40.0421 0388 WebClient - ok
20:56:40.0468 0388 winachsf (4c17a05813e1f48e5da30ada62cdf427) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
20:56:40.0484 0388 winachsf - ok
20:56:40.0546 0388 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:56:40.0546 0388 winmgmt - ok
20:56:40.0578 0388 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:56:40.0578 0388 WmdmPmSN - ok
20:56:40.0625 0388 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:56:40.0640 0388 Wmi - ok
20:56:40.0656 0388 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\Windows\system32\wbem\wmiapsrv.exe
20:56:40.0656 0388 WmiApSrv - ok
20:56:40.0812 0388 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:56:40.0812 0388 WMPNetworkSvc - ok
20:56:40.0859 0388 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:56:40.0859 0388 WS2IFSL - ok
20:56:40.0875 0388 WSearch - ok
20:56:40.0921 0388 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:56:40.0921 0388 wuauserv - ok
20:56:40.0953 0388 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:56:40.0953 0388 WudfPf - ok
20:56:40.0968 0388 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:56:40.0968 0388 WudfRd - ok
20:56:41.0000 0388 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:56:41.0000 0388 WudfSvc - ok
20:56:41.0046 0388 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:56:41.0046 0388 WZCSVC - ok
20:56:41.0093 0388 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:56:41.0093 0388 xmlprov - ok
20:56:41.0156 0388 yukonwxp (4322c32ced8c4772e039616dcbf01d3f) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:56:41.0156 0388 yukonwxp - ok
20:56:41.0171 0388 ZTEusbmdm6k (c2215c6ada8b1e9feb507cee9b446661) C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
20:56:41.0171 0388 ZTEusbmdm6k - ok
20:56:41.0187 0388 ZTEusbnet (9862f9d2ff50ae748ed42c022e6aac15) C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys
20:56:41.0187 0388 ZTEusbnet - ok
20:56:41.0203 0388 ZTEusbnmea (f16ce3c7690ab7426dc96520d54a737e) C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
20:56:41.0203 0388 ZTEusbnmea - ok
20:56:41.0250 0388 ZTEusbser6k (c2215c6ada8b1e9feb507cee9b446661) C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
20:56:41.0250 0388 ZTEusbser6k - ok
20:56:41.0281 0388 ZTEusbvoice (f16ce3c7690ab7426dc96520d54a737e) C:\WINDOWS\system32\DRIVERS\ZTEusbvoice.sys
20:56:41.0281 0388 ZTEusbvoice - ok
20:56:41.0312 0388 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:56:41.0671 0388 \Device\Harddisk0\DR0 - ok
20:56:41.0671 0388 Boot (0x1200) (f4f17f58da95014e0fbffe20f3bcf512) \Device\Harddisk0\DR0\Partition0
20:56:41.0671 0388 \Device\Harddisk0\DR0\Partition0 - ok
20:56:41.0671 0388 ============================================================
20:56:41.0671 0388 Scan finished
20:56:41.0671 0388 ============================================================
20:56:41.0687 0540 Detected object count: 0
20:56:41.0687 0540 Actual detected object count: 0
20:57:03.0156 3388 Deinitialize success

Hi,

ich habe nun Mozilla gelöscht und neu installiert. Damit hat sich das Thema hoffentlich erledigt.
Code:
OTL logfile created on: 20.07.2012 21:37:22 - Run 4
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Dokumente und Einstellungen\NL44\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,11 Mb Total Physical Memory | 457,31 Mb Available Physical Memory | 44,74% Memory free
2,40 Gb Paging File | 1,87 Gb Available in Paging File | 78,08% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 4,50 Gb Free Space | 6,04% Space Free | Partition Type: NTFS
 
Computer Name: ***| User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.18 19:11:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\NL44\Desktop\OTL.exe
PRC - [2012.05.24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012.01.17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006.06.01 07:49:38 | 001,196,032 | ---- | M] (Quanta Computer, INC.) -- C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\Windows\system32\msdmo.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.07.14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.12 19:21:00 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009.04.20 17:20:30 | 000,009,216 | ---- | M] (Vodafone) [Disabled | Stopped] -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.09 13:38:32 | 000,110,592 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2009.04.09 13:38:32 | 000,105,344 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2009.04.09 13:38:32 | 000,105,344 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009.04.09 13:38:32 | 000,104,960 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009.04.09 13:38:32 | 000,104,960 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2008.10.09 13:50:08 | 000,022,528 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008.10.09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007.12.06 09:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006.09.22 05:32:02 | 001,428,224 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006.04.07 02:48:08 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006.04.07 02:46:46 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006.02.28 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006.02.28 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2006.01.12 17:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005.05.05 15:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\qmofiltr.sys -- (qmofiltr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 4E 5B D2 F4 F9 CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.20 21:31:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2012.03.07 15:36:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Mozilla\Extensions
[2012.07.20 21:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.03.07 15:50:09 | 000,441,471 | R--- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 15173 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [Keyboard Manager Utility] C:\Programme\Keyboard Manager\Manager Utility\KeyboardManager.exe (Quanta Computer, INC.)
O4 - HKLM..\Run: [MobileConnect] C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162468014625 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92B96AFA-6A4B-4E4B-8876-47BEA69DD010}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.20 21:35:21 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\NL44\Recent
[2012.07.20 21:33:27 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2012.07.20 21:31:34 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2012.07.20 21:31:29 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.07.20 21:30:46 | 016,660,184 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\NL44\Desktop\Firefox_Setup_14.0.1.exe
[2012.07.20 21:10:05 | 000,000,000 | ---D | C] -- C:\Programme\VS Revo Group
[2012.07.20 17:53:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Avira
[2012.07.20 17:47:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2012.07.20 17:47:19 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.07.20 17:47:14 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.07.20 17:47:14 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.07.20 17:47:14 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.07.20 17:47:13 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2012.07.20 17:47:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.07.19 22:26:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.07.18 19:11:43 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\NL44\Desktop\OTL.exe
[2012.07.18 10:28:40 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.07.18 10:28:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Eigene Dateien\Anti-Malware
[2012.07.16 15:14:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\ElevatedDiagnostics
[2012.07.16 15:12:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows PowerShell 1.0
[2012.07.16 15:12:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2012.07.16 09:51:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Malwarebytes
[2012.07.16 09:51:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.07.13 23:24:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Apple Computer
[2012.07.13 23:24:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\Apple Computer
[2012.07.13 23:23:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2012.07.13 23:23:31 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2012.07.13 23:21:45 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2012.07.13 23:21:32 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2012.07.13 23:21:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer
[2012.07.13 23:21:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.07.13 23:21:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Apple
[2012.07.13 23:20:57 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2012.07.13 23:20:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Apple Computer
[2012.07.13 23:20:27 | 004,547,944 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2012.07.13 23:19:56 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2012.07.13 23:19:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Apple
[2012.07.13 23:19:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple
[2012.07.08 15:46:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.07.07 17:49:57 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2012.07.07 17:49:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\Google
[2012.07.07 17:48:58 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.07.07 17:48:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.07.06 21:34:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Local Settings
[2012.06.22 15:11:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\NL44\Eigene Dateien\cache
[2012.06.22 15:11:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\webex
[2012.06.21 22:48:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Anwendungsdaten\OpenOffice.org
[2012.06.21 22:43:11 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\OpenOffice.org 3.4
[2012.06.21 22:40:44 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3
[2012.06.21 22:39:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NL44\Desktop\OpenOffice.org 3.4 (de) Installation Files
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.20 21:37:07 | 000,042,146 | ---- | M] () -- C:\Dokumente und Einstellungen\NL44\Eigene Dateien\cc_20120720_213701.reg
[2012.07.20 21:33:28 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.07.20 21:31:36 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.07.20 21:31:06 | 016,660,184 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\NL44\Desktop\Firefox_Setup_14.0.1.exe
[2012.07.20 21:20:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.07.20 20:59:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.20 20:58:49 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.07.20 20:58:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.20 20:58:38 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.20 20:57:29 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012.07.20 17:47:37 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.07.19 22:24:15 | 000,002,953 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.18 19:11:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\NL44\Desktop\OTL.exe
[2012.07.18 09:54:51 | 000,000,247 | ---- | M] () -- C:\user.js
[2012.07.16 14:57:02 | 000,000,042 | ---- | M] () -- C:\Dokumente und Einstellungen\NL44\default.pls
[2012.07.16 14:53:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.07.15 16:18:24 | 000,488,168 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.07.15 16:18:24 | 000,444,810 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.07.15 16:18:24 | 000,095,994 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.07.15 16:18:24 | 000,072,686 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.07.13 23:23:39 | 000,001,522 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2012.07.12 19:20:59 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.07.12 19:20:59 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.07.12 09:51:41 | 000,303,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.08 16:00:05 | 000,000,212 | RHS- | M] () -- C:\boot.ini
[2012.06.21 22:43:12 | 000,000,909 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.4.lnk
 
========== Files Created - No Company Name ==========
 
[2012.07.20 21:37:05 | 000,042,146 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\Eigene Dateien\cc_20120720_213701.reg
[2012.07.20 21:33:28 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.07.20 21:31:36 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.07.20 21:31:36 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.07.20 17:47:37 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.07.18 09:54:40 | 000,000,247 | ---- | C] () -- C:\user.js
[2012.07.16 14:57:02 | 000,000,042 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\default.pls
[2012.07.13 23:23:39 | 000,001,522 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2012.07.13 23:21:00 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Apple Software Update.lnk
[2012.06.21 22:43:12 | 000,000,909 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.4.lnk
[2012.03.20 19:02:12 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2012.03.06 23:18:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.08.09 17:48:36 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009.04.09 13:44:42 | 000,108,066 | R--- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DeviceManager.xml.rc4
[2007.06.13 08:16:07 | 000,046,080 | ---- | C] () -- C:\Dokumente und Einstellungen\NL44\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

< End of report >
:-)

t'john 20.07.2012 20:51
Zumindest ist nichts mehr von Babylon zu sehen :)

JuleFritzi 20.07.2012 22:44
:headbang: Ich werde wahnsinnig. Bis Babylon lief der Rechner super, jetzt ist er langsam, es gibt immer noch dieses Problem mit "Active Desktop wiederherstellen" und ich finde keine Lösung. Hast du eine?

t'john 21.07.2012 13:07
versuche mal:

Zitat:
so gehts in der registry:

start -- ausführen -- regedit -- ok

Zitat:
HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer
NoActiveDesktop den wert 0 (null) zuweisen oder löschen

neustart

JuleFritzi 21.07.2012 15:49
da steht ab(Standard) REG_SZ Wert nicht gesetzt - den Wert habe ich auf Null geändert und neu gestartet - keine Wirkung :-(

t'john 21.07.2012 21:28
Kannst du mir mal einen Screenshot von der Meldung machen?

JuleFritzi 21.07.2012 21:49
meinst du das?

t'john 21.07.2012 22:03
Nein, davon:

Zitat:
noch dieses Problem mit "Active Desktop wiederherstellen"

JuleFritzi 21.07.2012 22:25
also das ?

t'john 21.07.2012 22:36
Genau!

Was passiert, wenn du den Button klickst?

JuleFritzi 21.07.2012 22:40
Dann kommt die Meldung und wenn ich das "JA" klicke, passiert nichts

t'john 21.07.2012 22:46
OK,

hast du den Active Desktop vorher genutzt?

Versuche mal ein Hintergrundbild zu setzen.

JuleFritzi 21.07.2012 22:57
:crazy: Na super - das hat natürlich geklappt und die Fischkaravane zieht ihrer Wege. Seufz - ich fahre jetzt trotzdem noch einmal runter und gucke, ob alles so bleibt.

t'john 21.07.2012 23:00
Sehr gut! :daumenhoc

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 5 ) herunter laden.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
  • Klicke erneut OK.

JuleFritzi 21.07.2012 23:29
ok, erledigt. Gibt es noch etwas zu tun?

t'john 21.07.2012 23:47
Sehr gut! :daumenhoc

damit bist Du sauber und entlassen! :)


Tool-Bereinigung mit OTL


Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.


Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html

JuleFritzi 23.07.2012 22:34
Hi,

die Linktipps arbeite ich fleiß ab. Dir vielen, vielen Dank für die kompetente, geduldige und freundliche Hilfe :daumenhoc


Daniela


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:02 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129